GET api.yadore.com/v2/d?url=https%3A%2F%2Fwww.farmasiet.no&market=no&projectId=Sde46opRHJDX&placementId=7IS7nEXFiVAi
302 Found 180 kB URL User Request GET api.yadore.com/v2/d?url=https%3A%2F%2Fwww.farmasiet.no&market=no&projectId=Sde46opRHJDX&placementId=7IS7nEXFiVAi
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectyadore.com
Fingerprint34:12:9F:8C:15:06:29:A3:3E:0E:BB:48:95:EE:B1:CE:72:5A:BE:21
ValiditySun, 08 Jun 2025 08:46:26 GMT - Sat, 06 Sep 2025 08:46:25 GMT
Size 180 kB (180259 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v2/d?url=https%3A%2F%2Fwww.farmasiet.no&market=no&projectId=Sde46opRHJDX&placementId=7IS7nEXFiVAi HTTP/1.1
Host: api.yadore.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://storesearch.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Accept, API-Key
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
date: Wed, 16 Jul 2025 18:45:00 GMT
location: https://no-go.kelkoogroup.net/permanentLinkGo?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.farmasiet.no&custom1=abce8dafbd0327a66fabb86a7dc293a4203ae6e5ba14ceebad0f235f917188a3&publisherSubId=Sde46opRHJDX&publisherTrafficType=publishernetwork&originReferer=https%253A%252F%252Fwww.yadore.com
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/8.3.23
X-Firefox-Spdy: h2
GET static.captcha-delivery.com/common/fonts/roboto/font-face.css
200 OK 519 B URL GET static.captcha-delivery.com/common/fonts/roboto/font-face.css
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg==&cid=C8qjpPS0DrLHqtdAuRiueElbdDHAdBC_X4ZLUMteGKpaudy1nIK4ifYM0DGzPxaaBLIbopgX2HukTnzDh1jg7slxHnT2yJ7QeA3uV91S27hTVDN~FietW7lDAa9XUm8F&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=26f2746d28486146da305022e48ac09091b55bdc86603d60a899382c782c977d&ir=36%2C20%2C676&dm=dc_ir
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
Hash e4f77074c0ffbfab377011e19283eb13
9160259165ca1ef84209d4dd675c3ed367babff1
66599c34190f7a6a402b38664a30a9b564fc22510f51fa3c5f027fb91e7a0e51
GET /common/fonts/roboto/font-face.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-length: 519
last-modified: Fri, 19 Jul 2024 12:42:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 16 Jul 2025 00:58:02 GMT
etag: "e4f77074c0ffbfab377011e19283eb13"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cBgZ5gLBlSP83_Ga6TIePn-HMOvZFAtvCVcj822jwYUnR1LBzkx7xg==
age: 64023
X-Firefox-Spdy: h2
GET www.bing.com/alink/link?url=https://ecphvac.com/&source=serp-local&h=9ucHBjDhYv32rh6JNw4Dho1ROACrXIS8490xwXOJdak=&p=lw_gb&ig=2F0A9EE2E6FB46BFAC651BD9F734BBAD&ypid=YN172x3186534
302 Found 473 B URL User Request GET www.bing.com/alink/link?url=https://ecphvac.com/&source=serp-local&h=9ucHBjDhYv32rh6JNw4Dho1ROACrXIS8490xwXOJdak=&p=lw_gb&ig=2F0A9EE2E6FB46BFAC651BD9F734BBAD&ypid=YN172x3186534
IP
ASN #20940 Akamai International B.V.
Certificate IssuerMicrosoft Corporation
Subjectr.bing.com
Fingerprint41:F8:20:69:7B:75:9F:FA:19:C3:17:66:AF:68:CF:72:6E:E8:E0:C6
ValidityWed, 23 Apr 2025 16:55:40 GMT - Sat, 18 Apr 2026 16:55:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /alink/link?url=https://ecphvac.com/&source=serp-local&h=9ucHBjDhYv32rh6JNw4Dho1ROACrXIS8490xwXOJdak=&p=lw_gb&ig=2F0A9EE2E6FB46BFAC651BD9F734BBAD&ypid=YN172x3186534 HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: BCP=AD=0&AL=0&SM=0
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: no-store, must-revalidate, no-cache, max-age=0
content-length: 1
content-type: text/html
content-encoding: br
location: https://ecphvac.com/
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
x-eventid: 6877f326d2e549c09919931689afd0ec
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
content-security-policy: script-src https: 'strict-dynamic' 'report-sample' 'wasm-unsafe-eval' 'nonce-loI9Aw4VdwcdodwUhWUqX6rxOlxQe9XH1U6LblT9sxA='; base-uri 'self';
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 58D2A579AAAD4941A2745618C2F1F0D4 Ref B: OSL30EDGE0407 Ref C: 2025-07-16T18:44:54Z
date: Wed, 16 Jul 2025 18:44:54 GMT
set-cookie: MUID=001E361C04F56FBC0448203705A26E34; domain=.bing.com; expires=Mon, 10-Aug-2026 18:44:54 GMT; path=/; secure; SameSite=None
MUIDB=001E361C04F56FBC0448203705A26E34; expires=Mon, 10-Aug-2026 18:44:54 GMT; path=/; HttpOnly
_EDGE_S=F=1&SID=2BE0FD010756643B39A5EB2A060165CD; domain=.bing.com; path=/; HttpOnly
_EDGE_V=1; domain=.bing.com; expires=Mon, 10-Aug-2026 18:44:54 GMT; path=/; HttpOnly
SRCHD=AF=NOFORM; domain=.bing.com; expires=Mon, 10-Aug-2026 18:44:54 GMT; path=/; secure; SameSite=None
SRCHUID=V=2&GUID=09E8A9C7158B4D6C98E14DFA9AEAB91D&dmnchg=1; domain=.bing.com; expires=Mon, 10-Aug-2026 18:44:54 GMT; path=/; secure; SameSite=None
SRCHUSR=DOB=20250716; domain=.bing.com; expires=Mon, 10-Aug-2026 18:44:54 GMT; path=/; secure; SameSite=None
SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Mon, 10-Aug-2026 18:44:54 GMT; path=/; secure; SameSite=None
_SS=SID=2BE0FD010756643B39A5EB2A060165CD; domain=.bing.com; path=/; secure; SameSite=None
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.ec4d2417.1752691494.183d175
X-Firefox-Spdy: h2
GET adalh-zcq.com/favicon.ico
404 82 B URL GET adalh-zcq.com/favicon.ico
IP
Requested by http://adalh-zcq.com/zclkvisitor/f7d1b711-6274-11f0-9b8f-12efab991d35/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
Hash 8f1811fb91943d1fddb2f0e1cdfd2eb8
a7f1731fd06d72f7809a82adfb078e1657aaa21b
86410f5bf7594da438de48a39bc7e16bc4f173ac02336010c094f776a1499844
GET /favicon.ico HTTP/1.1
Host: adalh-zcq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://adalh-zcq.com/zclkvisitor/f7d1b711-6274-11f0-9b8f-12efab991d35/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404
Date: Wed, 16 Jul 2025 18:44:58 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
GET arveaoy.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3N0b3Jlc2VhcmNoLm5ldC9saW5rcz9pZHc9MzM5MjlcdTAwMjZzdWJpZD03SVM3bkVYRmlWQWlcdTAwMjZ2YXI2PSIsIlJlZGlyZWN0V29yZGluZyI6IiAiLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiICIsIkluc3RhbGxJZCI6MjAwMX0=
200 OK 754 B URL User Request GET arveaoy.com/double?t=2&d=eyJVUkwiOiJodHRwczovL3N0b3Jlc2VhcmNoLm5ldC9saW5rcz9pZHc9MzM5MjlcdTAwMjZzdWJpZD03SVM3bkVYRmlWQWlcdTAwMjZ2YXI2PSIsIlJlZGlyZWN0V29yZGluZyI6IiAiLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiICIsIkluc3RhbGxJZCI6MjAwMX0=
IP
File type HTML document, ASCII text
Hash 540070e18c80679dfd6fa22a9183a36d
37297fdd35f92ac8dd749b36f442ebe23196fbbb
d8aec7c4f4c0845d318bf15ee5f2d086cbdba0f5cf765174f126447660202027
GET /double?t=2&d=eyJVUkwiOiJodHRwczovL3N0b3Jlc2VhcmNoLm5ldC9saW5rcz9pZHc9MzM5MjlcdTAwMjZzdWJpZD03SVM3bkVYRmlWQWlcdTAwMjZ2YXI2PSIsIlJlZGlyZWN0V29yZGluZyI6IiAiLCJSZWRpcmVjdFRpdGxlIjoiUmVkaXJlY3Rpb24uLi4iLCJSZWRpcmVjdExpbmtUZXh0IjoiICIsIkluc3RhbGxJZCI6MjAwMX0= HTTP/1.1
Host: arveaoy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ClickDataNG=H4sIAAAAAAAA_7RUXW_bNhT9K8Z92gBFJvVlk4VRpO46FGiSAenHHvZCkVc2EYZ0SUqx3fa_D5SU1MD22hfTvOfgfhyeq28woA_aWeBAc5ITyCCeDgicZBD69uPzf-nsgD6iAt4JEzADabR8eK-Aw-r9_cr-8fc7_flaQwZKRAROV3XRMFoxloEUjwehdzaxq6ouaAY6bP-6fsnlXRRRu5FAm7pkGfjeYLqSDDwq7VHGG4x7p4DXGQTXezniZZmBEVZpu5vp8-2TN8ABMnBdhz5hRVHSMoPWCyv3M3kEJ-o-xkPgy2WIzmNA4eU-txiXRtuH8Fqrp01ZsoL90xNSNKFvtdpcTj7FB-GbDSS9QgROckLqNMCAtp-EPIiT6-PP2tvee7TyBBw-3b-FDHqvL5oRfkDhTrl0j8tR8dfRD1ptRhmnkniMWm3Ovlsp2q4obYpVRWlHWLvuaIGdaBmjqqxL2iBbr5msi6bqGFm3JZK2aktBka5pS1hRsqoQa9nUktSMNlP-NMpmnIQQMoWi8DutNsIc9uIqinhFLfn6hJ6YZ3nk-bBphdKuD1dtfz4LryADfbhWymMIwIHRnJG8KnJaV5dQM71aH9Bf79BG4HDjztoYsaxzsvjti7bKPYXF7ccFJTl5tfiibVO9WhzTjx84Lauc_L74E-WDWxaEEkIJXbzTHjt3XI4opCfp0KMHDkIJs786y69J42RfHLTEF-O71OtcM5kpfP65MClR691TGBPNJV5SvPHCqmmYKXDjFJrLwK14xOkup3qwFa3B5dv7D0mRcAAOb4w-Lu6d6dN-hNFZvY0--eX2bhxkN3Vze_f9-10wbrFNhFNi6ni6ACCZz6ON2-SjeTe83mn74XARil7YIOS0jgG47Y3JQPYhukfg32Znw7MhIAM8RvRWmPFj8Ct8CBkMZOpuoOnJ_sd3CStmTgkc_mu-oZrhej5npw2r-VzPJ0vnjx__BgAA__9DOYAyHAUAAA==; ClickDataNgFall=H4sIAAAAAAAA_7RUXW_bNhT9K8Z92gBFJvVlk4VRpO46FGiSAenHHvZCkVc2EYZ0SUqx3fa_D5SU1MD22hfTvOfgfhyeq28woA_aWeBAc5ITyCCeDgicZBD69uPzf-nsgD6iAt4JEzADabR8eK-Aw-r9_cr-8fc7_flaQwZKRAROV3XRMFoxloEUjwehdzaxq6ouaAY6bP-6fsnlXRRRu5FAm7pkGfjeYLqSDDwq7VHGG4x7p4DXGQTXezniZZmBEVZpu5vp8-2TN8ABMnBdhz5hRVHSMoPWCyv3M3kEJ-o-xkPgy2WIzmNA4eU-txiXRtuH8Fqrp01ZsoL90xNSNKFvtdpcTj7FB-GbDSS9QgROckLqNMCAtp-EPIiT6-PP2tvee7TyBBw-3b-FDHqvL5oRfkDhTrl0j8tR8dfRD1ptRhmnkniMWm3Ovlsp2q4obYpVRWlHWLvuaIGdaBmjqqxL2iBbr5msi6bqGFm3JZK2aktBka5pS1hRsqoQa9nUktSMNlP-NMpmnIQQMoWi8DutNsIc9uIqinhFLfn6hJ6YZ3nk-bBphdKuD1dtfz4LryADfbhWymMIwIHRnJG8KnJaV5dQM71aH9Bf79BG4HDjztoYsaxzsvjti7bKPYXF7ccFJTl5tfiibVO9WhzTjx84Lauc_L74E-WDWxaEEkIJXbzTHjt3XI4opCfp0KMHDkIJs786y69J42RfHLTEF-O71OtcM5kpfP65MClR691TGBPNJV5SvPHCqmmYKXDjFJrLwK14xOkup3qwFa3B5dv7D0mRcAAOb4w-Lu6d6dN-hNFZvY0--eX2bhxkN3Vze_f9-10wbrFNhFNi6ni6ACCZz6ON2-SjeTe83mn74XARil7YIOS0jgG47Y3JQPYhukfg32Znw7MhIAM8RvRWmPFj8Ct8CBkMZOpuoOnJ_sd3CStmTgkc_mu-oZrhej5npw2r-VzPJ0vnjx__BgAA__9DOYAyHAUAAA==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 16 Jul 2025 18:45:00 GMT
content-type: text/html; charset=utf-8
content-length: 754
cache-control: no-store, no-cache, must-revalidate
content-security-policy: referrer-policy no-referrer
expires: Thu, 01 Jan 1970 00:00:00 UTC
permissions-policy: referrer=()
pragma: no-cache
referrer-policy: no-referrer
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
GET geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=C8qjpPS0DrLHqtdAuRiue76dF3H8Vom~PyNZW4RBIYmMbFZXDedJEILPZqibOIhlWWwfHEge5WjyVgzJr~UtTM1Eb3UoKDOzCTfU9TrGM8QWBfUGJ6V92pQpSa8lhmj5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=395&dm=cd
200 OK 562 kB URL GET geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=C8qjpPS0DrLHqtdAuRiue76dF3H8Vom~PyNZW4RBIYmMbFZXDedJEILPZqibOIhlWWwfHEge5WjyVgzJr~UtTM1Eb3UoKDOzCTfU9TrGM8QWBfUGJ6V92pQpSa8lhmj5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=395&dm=cd
IP
Requested by https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01K0A8VSVW4KGC5W7HE1FJAVG8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
Certificate IssuerAmazon
Subject*.captcha-delivery.com
FingerprintF2:9E:7E:72:25:57:E3:AF:B6:87:61:A0:0D:B1:85:B4:85:82:E6:96
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (61857)
Size 562 kB (562217 bytes)
Hash b0a77de2afdb4c9817f68533b97ebe12
a14486c6e9a385541700a64e8b4983c67a536977
6ff74d23c294c3b2217a070a56337ab7a3ff4299f82e1a84941b72c91a9a3d7d
GET /interstitial/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=C8qjpPS0DrLHqtdAuRiue76dF3H8Vom~PyNZW4RBIYmMbFZXDedJEILPZqibOIhlWWwfHEge5WjyVgzJr~UtTM1Eb3UoKDOzCTfU9TrGM8QWBfUGJ6V92pQpSa8lhmj5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=395&dm=cd HTTP/1.1
Host: geo.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 16 Jul 2025 18:45:01 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
GET geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg==&cid=C8qjpPS0DrLHqtdAuRiueElbdDHAdBC_X4ZLUMteGKpaudy1nIK4ifYM0DGzPxaaBLIbopgX2HukTnzDh1jg7slxHnT2yJ7QeA3uV91S27hTVDN~FietW7lDAa9XUm8F&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=26f2746d28486146da305022e48ac09091b55bdc86603d60a899382c782c977d&ir=36%2C20%2C676&dm=dc_ir
200 OK 770 kB URL GET geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg==&cid=C8qjpPS0DrLHqtdAuRiueElbdDHAdBC_X4ZLUMteGKpaudy1nIK4ifYM0DGzPxaaBLIbopgX2HukTnzDh1jg7slxHnT2yJ7QeA3uV91S27hTVDN~FietW7lDAa9XUm8F&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=26f2746d28486146da305022e48ac09091b55bdc86603d60a899382c782c977d&ir=36%2C20%2C676&dm=dc_ir
IP
Requested by https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01K0A8VSVW4KGC5W7HE1FJAVG8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
Certificate IssuerAmazon
Subject*.captcha-delivery.com
FingerprintF2:9E:7E:72:25:57:E3:AF:B6:87:61:A0:0D:B1:85:B4:85:82:E6:96
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (40801)
Size 770 kB (770546 bytes)
Hash 50fe7b3c9d5d94ff848c91d0704ab035
20a09f0ef253fd77eecebd7c70dd086fcc4d8431
f0c0f096f7586d5b0bf010f8794d782a99d0d5a7b2cf53da104fcf360a3005d1
GET /captcha/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg==&cid=C8qjpPS0DrLHqtdAuRiueElbdDHAdBC_X4ZLUMteGKpaudy1nIK4ifYM0DGzPxaaBLIbopgX2HukTnzDh1jg7slxHnT2yJ7QeA3uV91S27hTVDN~FietW7lDAa9XUm8F&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=26f2746d28486146da305022e48ac09091b55bdc86603d60a899382c782c977d&ir=36%2C20%2C676&dm=dc_ir HTTP/1.1
Host: geo.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=C8qjpPS0DrLHqtdAuRiue76dF3H8Vom~PyNZW4RBIYmMbFZXDedJEILPZqibOIhlWWwfHEge5WjyVgzJr~UtTM1Eb3UoKDOzCTfU9TrGM8QWBfUGJ6V92pQpSa8lhmj5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=395&dm=cd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 16 Jul 2025 18:45:04 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Encoding: gzip
GET dd.prod.captcha-delivery.com/image/2025-07-16/68fd577eec228d78b8317e2c3747b61c.frag.png
200 OK 6.8 kB URL GET dd.prod.captcha-delivery.com/image/2025-07-16/68fd577eec228d78b8317e2c3747b61c.frag.png
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg==&cid=C8qjpPS0DrLHqtdAuRiueElbdDHAdBC_X4ZLUMteGKpaudy1nIK4ifYM0DGzPxaaBLIbopgX2HukTnzDh1jg7slxHnT2yJ7QeA3uV91S27hTVDN~FietW7lDAa9XUm8F&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=26f2746d28486146da305022e48ac09091b55bdc86603d60a899382c782c977d&ir=36%2C20%2C676&dm=dc_ir
Certificate IssuerAmazon
Subjectdd.prod.captcha-delivery.com
Fingerprint78:DE:FA:F7:3D:63:84:2A:F7:68:BE:5E:19:5C:02:C6:7A:A4:A2:DA
ValidityMon, 27 Jan 2025 00:00:00 GMT - Wed, 25 Feb 2026 23:59:59 GMT
File type PNG image data, 63 x 155, 8-bit/color RGBA, non-interlaced
Hash 00329abd36dae2cd3638ea7c6a3e0d6d
119a78541b8dcd9fdd693e82753b1faac60db9fa
34c23f650c539f150367de1ce01acfc85047c59841541d8188b1c7a707329525
GET /image/2025-07-16/68fd577eec228d78b8317e2c3747b61c.frag.png HTTP/1.1
Host: dd.prod.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 6836
date: Wed, 16 Jul 2025 00:01:07 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
last-modified: Sat, 12 Jul 2025 05:07:25 GMT
x-amz-expiration: expiry-date="Sun, 20 Jul 2025 00:00:00 GMT", rule-id="auto-clean old captchas image (7 days)"
etag: "00329abd36dae2cd3638ea7c6a3e0d6d"
x-amz-server-side-encryption: AES256
x-amz-version-id: K2s11X1OJs9O_8NDoA.sjob9DWHAKa3z
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gzjAq1f5Qi2wioVnElEdoqCmHIRmL5Lq2maFQK_7wqCCk88Tw98xUw==
age: 67438
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
200 OK 16 kB URL GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg==&cid=C8qjpPS0DrLHqtdAuRiueElbdDHAdBC_X4ZLUMteGKpaudy1nIK4ifYM0DGzPxaaBLIbopgX2HukTnzDh1jg7slxHnT2yJ7QeA3uV91S27hTVDN~FietW7lDAa9XUm8F&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=26f2746d28486146da305022e48ac09091b55bdc86603d60a899382c782c977d&ir=36%2C20%2C676&dm=dc_ir
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /common/fonts/roboto/roboto.woff2 HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://static.captcha-delivery.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 15688
access-control-allow-origin: https://geo.captcha-delivery.com
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Fri, 06 May 2022 16:47:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 16 Jul 2025 01:11:48 GMT
etag: "aa23b7b4bcf2b8f0e876106bb3de69c6"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JJMUEA0AppwI-f58oGHSITtUeo81LEVCcUlPYLEI7AQc3H6P604EMg==
age: 63199
X-Firefox-Spdy: h2
GET adalh-zcq.com/zclkredirect?visitid=f7d1b711-6274-11f0-9b8f-12efab991d35&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=Mesa%3B%20llvmpipe&timezone=UTC%2B00%3A00&timezoneName=UTC
302 1.1 kB URL User Request GET adalh-zcq.com/zclkredirect?visitid=f7d1b711-6274-11f0-9b8f-12efab991d35&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=Mesa%3B%20llvmpipe&timezone=UTC%2B00%3A00&timezoneName=UTC
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zclkredirect?visitid=f7d1b711-6274-11f0-9b8f-12efab991d35&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=Mesa%3B%20llvmpipe&timezone=UTC%2B00%3A00&timezoneName=UTC HTTP/1.1
Host: adalh-zcq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://adalh-zcq.com/zclkvisitor/f7d1b711-6274-11f0-9b8f-12efab991d35/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
GET dd.prod.captcha-delivery.com/image/2025-07-16/68fd577eec228d78b8317e2c3747b61c.jpg
200 OK 16 kB URL GET dd.prod.captcha-delivery.com/image/2025-07-16/68fd577eec228d78b8317e2c3747b61c.jpg
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg==&cid=C8qjpPS0DrLHqtdAuRiueElbdDHAdBC_X4ZLUMteGKpaudy1nIK4ifYM0DGzPxaaBLIbopgX2HukTnzDh1jg7slxHnT2yJ7QeA3uV91S27hTVDN~FietW7lDAa9XUm8F&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=26f2746d28486146da305022e48ac09091b55bdc86603d60a899382c782c977d&ir=36%2C20%2C676&dm=dc_ir
Certificate IssuerAmazon
Subjectdd.prod.captcha-delivery.com
Fingerprint78:DE:FA:F7:3D:63:84:2A:F7:68:BE:5E:19:5C:02:C6:7A:A4:A2:DA
ValidityMon, 27 Jan 2025 00:00:00 GMT - Wed, 25 Feb 2026 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 280x155, components 3
Hash 2d1abeea33e7a814469a0cc82fef3372
765e84d17d856586074c627858cc3c3b372d4f36
34fd3c59a3646cefa7b4d6cca91afd73003371ad5cc985d05610d14c7ac32b29
GET /image/2025-07-16/68fd577eec228d78b8317e2c3747b61c.jpg HTTP/1.1
Host: dd.prod.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 15753
date: Wed, 16 Jul 2025 00:01:07 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3600
last-modified: Sat, 12 Jul 2025 05:07:25 GMT
x-amz-expiration: expiry-date="Sun, 20 Jul 2025 00:00:00 GMT", rule-id="auto-clean old captchas image (7 days)"
etag: "2d1abeea33e7a814469a0cc82fef3372"
x-amz-server-side-encryption: AES256
x-amz-version-id: Sz0_j9g_A1TNRfOo0BMGurfEXmBqShcF
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VjtEAkXwMH7ILAAzHjT6NKKLdZTzNlnnk6-SNcIrNcVA_-_YvLj9Xw==
age: 67438
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
GET ecphvac.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc1MjY5ODY5NSwiaWF0IjoxNzUyNjkxNDk1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMTljdjg4aTY5Zm82azhubDAwYWhxZTciLCJuYmYiOjE3NTI2OTE0OTUsInRzIjoxNzUyNjkxNDk1NzAyNDY2fQ.T3DgBUwb4wTWian0BD4OCyfJSAjM6ODWS1GBKKpCyW0&sid=f786af53-6274-11f0-b561-e8f62721b530
302 Found 0 B URL User Request GET ecphvac.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc1MjY5ODY5NSwiaWF0IjoxNzUyNjkxNDk1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMTljdjg4aTY5Zm82azhubDAwYWhxZTciLCJuYmYiOjE3NTI2OTE0OTUsInRzIjoxNzUyNjkxNDk1NzAyNDY2fQ.T3DgBUwb4wTWian0BD4OCyfJSAjM6ODWS1GBKKpCyW0&sid=f786af53-6274-11f0-b561-e8f62721b530
IP
ASN #46475 LIMESTONENETWORKS
Certificate IssuerLet's Encrypt
Subjectecphvac.com
Fingerprint4F:57:06:A3:BC:37:72:D6:D2:B7:04:4C:90:DA:78:2D:FE:22:BC:9C
ValiditySun, 11 May 2025 06:39:11 GMT - Sat, 09 Aug 2025 06:39:10 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc1MjY5ODY5NSwiaWF0IjoxNzUyNjkxNDk1LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMTljdjg4aTY5Zm82azhubDAwYWhxZTciLCJuYmYiOjE3NTI2OTE0OTUsInRzIjoxNzUyNjkxNDk1NzAyNDY2fQ.T3DgBUwb4wTWian0BD4OCyfJSAjM6ODWS1GBKKpCyW0&sid=f786af53-6274-11f0-b561-e8f62721b530 HTTP/1.1
Host: ecphvac.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ecphvac.com/
Cookie: sid=f786af53-6274-11f0-b561-e8f62721b530
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 11
date: Wed, 16 Jul 2025 18:44:57 GMT
location: http://adalh-zcq.com/zclkvisitor/f7d1b711-6274-11f0-9b8f-12efab991d35/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
server: Cowboy
set-cookie: sid=f786af53-6274-11f0-b561-e8f62721b530; path=/; domain=.ecphvac.com; expires=Mon, 03 Aug 2093 21:59:04 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
GET adalh-zcq.com/zclkvisitor/f7d1b711-6274-11f0-9b8f-12efab991d35/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
200 3.1 kB URL User Request GET adalh-zcq.com/zclkvisitor/f7d1b711-6274-11f0-9b8f-12efab991d35/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
IP
File type HTML document, ASCII text, with very long lines (408)
Hash 843e73bbcf1945e58ad4dbb0faf34213
e5bda6dca6e6b6f6a9a4a70d5ddb0b9f53c0e26c
43c41de2c020ca0754d2d0201f3671b044a81d3e3ce2f191a8033de22ed122a7
GET /zclkvisitor/f7d1b711-6274-11f0-9b8f-12efab991d35/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381 HTTP/1.1
Host: adalh-zcq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Wed, 16 Jul 2025 18:44:57 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 3086
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type
GET static.captcha-delivery.com/common/fonts/roboto/font-face.css
200 OK 519 B URL GET static.captcha-delivery.com/common/fonts/roboto/font-face.css
IP
Requested by https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=C8qjpPS0DrLHqtdAuRiue76dF3H8Vom~PyNZW4RBIYmMbFZXDedJEILPZqibOIhlWWwfHEge5WjyVgzJr~UtTM1Eb3UoKDOzCTfU9TrGM8QWBfUGJ6V92pQpSa8lhmj5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=395&dm=cd
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
Hash e4f77074c0ffbfab377011e19283eb13
9160259165ca1ef84209d4dd675c3ed367babff1
66599c34190f7a6a402b38664a30a9b564fc22510f51fa3c5f027fb91e7a0e51
GET /common/fonts/roboto/font-face.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
content-length: 519
last-modified: Fri, 19 Jul 2024 12:42:09 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 16 Jul 2025 00:58:02 GMT
etag: "e4f77074c0ffbfab377011e19283eb13"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NDYbIJjlWy4pLF9TY4v3F6XCY9qPGwP69N6SjtIKqL75ijAtv648Lg==
age: 64021
X-Firefox-Spdy: h2
GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
200 OK 16 kB URL GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
IP
Requested by https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=C8qjpPS0DrLHqtdAuRiue76dF3H8Vom~PyNZW4RBIYmMbFZXDedJEILPZqibOIhlWWwfHEge5WjyVgzJr~UtTM1Eb3UoKDOzCTfU9TrGM8QWBfUGJ6V92pQpSa8lhmj5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=395&dm=cd
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /common/fonts/roboto/roboto.woff2 HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://static.captcha-delivery.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 15688
access-control-allow-origin: https://geo.captcha-delivery.com
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Fri, 06 May 2022 16:47:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 16 Jul 2025 01:11:48 GMT
etag: "aa23b7b4bcf2b8f0e876106bb3de69c6"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S0mTpp0G5Mz_h0jFTkWOqxRye4qOuWBrdtng2MUc4gTlViBch4JWjQ==
age: 63195
X-Firefox-Spdy: h2
GET ecphvac.com/favicon.ico
404 Not Found 9 B IP
ASN #46475 LIMESTONENETWORKS
Certificate IssuerLet's Encrypt
Subjectecphvac.com
Fingerprint4F:57:06:A3:BC:37:72:D6:D2:B7:04:4C:90:DA:78:2D:FE:22:BC:9C
ValiditySun, 11 May 2025 06:39:11 GMT - Sat, 09 Aug 2025 06:39:10 GMT
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: ecphvac.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ecphvac.com/
Cookie: sid=f786af53-6274-11f0-b561-e8f62721b530
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Wed, 16 Jul 2025 18:44:56 GMT
server: Cowboy
X-Firefox-Spdy: h2
POST geo.captcha-delivery.com/interstitial/
200 OK 1.8 kB URL POST geo.captcha-delivery.com/interstitial/
IP
Requested by https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=C8qjpPS0DrLHqtdAuRiue76dF3H8Vom~PyNZW4RBIYmMbFZXDedJEILPZqibOIhlWWwfHEge5WjyVgzJr~UtTM1Eb3UoKDOzCTfU9TrGM8QWBfUGJ6V92pQpSa8lhmj5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=395&dm=cd
Certificate IssuerAmazon
Subject*.captcha-delivery.com
FingerprintF2:9E:7E:72:25:57:E3:AF:B6:87:61:A0:0D:B1:85:B4:85:82:E6:96
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
Hash eabec60a3c8c316c90318fa2a25c8321
927d239d19d0b477d64e25d1f84b31e42b3aab14
6c1d2ce5d6312808de3ccc7e940f086197769373daf2fdefe736b7bc5c3e9738
POST /interstitial/ HTTP/1.1
Host: geo.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 7715
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=C8qjpPS0DrLHqtdAuRiue76dF3H8Vom~PyNZW4RBIYmMbFZXDedJEILPZqibOIhlWWwfHEge5WjyVgzJr~UtTM1Eb3UoKDOzCTfU9TrGM8QWBfUGJ6V92pQpSa8lhmj5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=395&dm=cd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 16 Jul 2025 18:45:04 GMT
Content-Type: application/json;charset=utf-8
Content-Length: 1797
Connection: keep-alive
GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
200 OK 16 kB URL GET static.captcha-delivery.com/common/fonts/roboto/roboto.woff2
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg==&cid=C8qjpPS0DrLHqtdAuRiueElbdDHAdBC_X4ZLUMteGKpaudy1nIK4ifYM0DGzPxaaBLIbopgX2HukTnzDh1jg7slxHnT2yJ7QeA3uV91S27hTVDN~FietW7lDAa9XUm8F&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=26f2746d28486146da305022e48ac09091b55bdc86603d60a899382c782c977d&ir=36%2C20%2C676&dm=dc_ir
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 15688, version 1.0
Hash aa23b7b4bcf2b8f0e876106bb3de69c6
106ac454ba4e503e0a1cd15e1275130918049182
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
GET /common/fonts/roboto/roboto.woff2 HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geo.captcha-delivery.com
DNT: 1
Connection: keep-alive
Referer: https://static.captcha-delivery.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: font/woff2
content-length: 15688
access-control-allow-origin: https://geo.captcha-delivery.com
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
access-control-allow-credentials: true
last-modified: Fri, 06 May 2022 16:47:07 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 16 Jul 2025 01:11:48 GMT
etag: "aa23b7b4bcf2b8f0e876106bb3de69c6"
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JGfIOgoo6DNxiRyPoTSikDGcGTYFX0oqujOZsSzN8k5FLwCdEzWbdw==
age: 63197
X-Firefox-Spdy: h2
200 OK 473 B IP
ASN #46475 LIMESTONENETWORKS
Certificate IssuerLet's Encrypt
Subjectecphvac.com
Fingerprint4F:57:06:A3:BC:37:72:D6:D2:B7:04:4C:90:DA:78:2D:FE:22:BC:9C
ValiditySun, 11 May 2025 06:39:11 GMT - Sat, 09 Aug 2025 06:39:10 GMT
File type HTML document, ASCII text, with very long lines (473), with no line terminators
Hash 024c2e273e2fd0bf212629fa49eafa9c
ea795a6573072d435a7704ffb92e58662d86002e
e1c65388b14e5aa87b2d562bb35c23761d58a50bca45f10a38063136b64da830
GET / HTTP/1.1
Host: ecphvac.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
content-length: 473
content-type: text/html; charset=utf-8
date: Wed, 16 Jul 2025 18:44:55 GMT
server: Cowboy
set-cookie: sid=f786af53-6274-11f0-b561-e8f62721b530; path=/; domain=.ecphvac.com; expires=Mon, 03 Aug 2093 21:59:02 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
GET adalh-zcq.com/zclkredirect?visitid=f7d1b711-6274-11f0-9b8f-12efab991d35&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=Mesa%3B%20llvmpipe&timezone=UTC%2B00%3A00&timezoneName=UTC
0 B URL User Request GET adalh-zcq.com/zclkredirect?visitid=f7d1b711-6274-11f0-9b8f-12efab991d35&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=Mesa%3B%20llvmpipe&timezone=UTC%2B00%3A00&timezoneName=UTC
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zclkredirect?visitid=f7d1b711-6274-11f0-9b8f-12efab991d35&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false&gpu=Mesa%3B%20llvmpipe&timezone=UTC%2B00%3A00&timezoneName=UTC HTTP/1.1
Host: adalh-zcq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://adalh-zcq.com/zclkvisitor/f7d1b711-6274-11f0-9b8f-12efab991d35/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET storesearch.net/farmasiet-no?q=https%3A%2F%2Ffarmasiet.no
200 OK 626 B URL User Request GET storesearch.net/farmasiet-no?q=https%3A%2F%2Ffarmasiet.no
IP
Certificate IssuerGoogle Trust Services
Subjectstoresearch.net
FingerprintAD:40:6B:81:53:72:BF:89:07:A6:8C:3D:7F:52:3B:5F:3C:B3:B4:A8
ValiditySat, 28 Jun 2025 14:45:55 GMT - Fri, 26 Sep 2025 15:45:47 GMT
File type HTML document, ASCII text
Hash b9437d1731343fd387d1b2a05e292a4c
877760b94b7fb02eb0264a1ccb3a636185edf6df
961f2d6dea37b28b7d5cfa7c8a0cd8cb3035501fdad1c78890b268138c94cf1d
GET /farmasiet-no?q=https%3A%2F%2Ffarmasiet.no HTTP/1.1
Host: storesearch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InBvYzlrRGI2WkUvZ0tPRmRuaWJqeWc9PSIsInZhbHVlIjoiVkw0S1ZMUXNXR2ZuTkdRclB0bVdXbGtabXh5SlEzdlVrR3ZxK3RoNnNSbTVpVnpwOVBnMnBNVXRrd3VVdGZ3dzNUY2h5eEczc3k5aEFlaEloR283ejBiUUZXbk9mdktvTm9sU3QyMDJtUGxFY2ZFT1Y4Q0tzcmJuRDhTS1dhSnYiLCJtYWMiOiIzZDY4NWNiZWVhZjNlNzFkNTdkOWFkYjA3ZTJiNzZjMjk5YzEwOWQ4MzIwN2IwMjdmNTBmZTU2NjhkOWU1Y2MwIn0%3D; vipesearches_session=eyJpdiI6ImZKcHAwRFVLSHc4ZmRxMk9QekVnZFE9PSIsInZhbHVlIjoibC93Mk92VGJCcGpzdC9tcUJoNUhTc0FEZEFBOFMxWVF3RndRb09URldOWmFhRjV4cUczeXRrOTV0S3dNYTE2WFV1K0s3dmNXMmtPYTF1b2tLWEdydUJqalZRbUFOWmdQeXFFbnZRbmZvaGxYc0lKUjUvMC9UcUNPSjU5VVhnOU0iLCJtYWMiOiIxYjE2ZWNlZTUxY2EwOGIzNGE5ZDU5YzYxNzg3MzQ1MzE2NTBhOTE1OWFjM2M1YzQ3MzY2ZmYwMGFkMzExN2QxIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 16 Jul 2025 18:45:00 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Q7SEBu26SvBH7P1yKxeCFjVY1hQ52aLvMmt2kyo9TbuX8aY%2F%2FU5YlqY1FfYt95aZ9Q%2Ff2q8grZd%2FQr0OqZaqbXIJSNyJWrKiNNtsesY%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: XSRF-TOKEN=eyJpdiI6IlhDSjdFQVVxc3o4YXJHQm9pVnpIVmc9PSIsInZhbHVlIjoiQ3R5d1B4aVlJVDNYdlJNTi84QVhjK09oNkNSUVlpVVIxZTZrcnpGYThIamN5ajhlUzgzL0tYb1duazMreXBLRmRCYlZBNkFVTmZ0VEF6VFhXbHRFelhwWm41dUJJa2p0NmFQb1h4YW5WRjVVQmMwOUpoWmRGbzBEdnNsajN4anQiLCJtYWMiOiIyMzhlYjkwOTdiYWJhMzUzNjM1YzU1YjU3YmY5M2Q3MzNhNTJiZTM2NTkxMjhlMWE1OTdjZGExM2Q1NTFiNzIyIn0%3D; SameSite=Lax; Path=/; Max-Age=7200; Expires=Wed, 16 Jul 2025 20:45:00 GMT
vipesearches_session=eyJpdiI6ImVtOUVDZjM2dkV2bjlmYjRjUW1yOVE9PSIsInZhbHVlIjoieENxVUZQQnFQanc0NWlkbUxKQVUwV1RGYmcrNmZlRE1FY2xVM3p3cWkvcXNkQ2xZcThIZGdDRFlxVXdrVEUvSE1odVdoSGVuZnZ4T2htMUJPTWVBVEdyV293aGRRNWZlMG9RcWZkSDFzc1BySnB5K2lCZUFCSjExOG0rSERDMDYiLCJtYWMiOiJkOTQ1NTM2OTk3NzEyNzQzNzJhYjE0MmM0Y2NmODA1MWNhMDU4ODVlMDI1M2E2YjA0NDJhODhjY2E3NGU5OTA0In0%3D; HttpOnly; SameSite=Lax; Path=/; Max-Age=7200; Expires=Wed, 16 Jul 2025 20:45:00 GMT
cf-ray: 9603a77629a35699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET no-go.kelkoogroup.net/favicon.ico
404 Not Found 1.1 kB URL GET no-go.kelkoogroup.net/favicon.ico
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01K0A8VSVW4KGC5W7HE1FJAVG8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
Certificate IssuerDigiCert Inc
Subject*.kelkoogroup.net
FingerprintAB:7F:31:B1:66:46:76:99:39:20:8C:5B:A4:03:6B:DE:E6:6B:F4:17
ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 10 Oct 2025 23:59:59 GMT
File type HTML document, ASCII text
Hash 8560de521c4990c7c870121fc9643508
0cacf7a6b96cceeb6ceae74d5f14dc87406a6f39
73a434285c3a752bc8c44aebd50e10f1a766853cbc7184e78d5c934c7b52b620
GET /favicon.ico HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01K0A8VSVW4KGC5W7HE1FJAVG8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
DNT: 1
Connection: keep-alive
Cookie: datadome=C8qjpPS0DrLHqtdAuRiue76dF3H8Vom~PyNZW4RBIYmMbFZXDedJEILPZqibOIhlWWwfHEge5WjyVgzJr~UtTM1Eb3UoKDOzCTfU9TrGM8QWBfUGJ6V92pQpSa8lhmj5; kelkooID=a4c6293-198148de771-fe39
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Request-Time: PT0.000285406S
X-Robots-Tag: noindex,nofollow
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'none'
X-Permitted-Cross-Domain-Policies: master-only
Date: Wed, 16 Jul 2025 18:45:00 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1144
GET storesearch.net/links?idw=33929&subid=7IS7nEXFiVAi&var6=
200 OK 608 B URL User Request GET storesearch.net/links?idw=33929&subid=7IS7nEXFiVAi&var6=
IP
Certificate IssuerGoogle Trust Services
Subjectstoresearch.net
FingerprintAD:40:6B:81:53:72:BF:89:07:A6:8C:3D:7F:52:3B:5F:3C:B3:B4:A8
ValiditySat, 28 Jun 2025 14:45:55 GMT - Fri, 26 Sep 2025 15:45:47 GMT
File type HTML document, ASCII text
Hash ff57e2308064048508baa80f224d5aa9
8e4be6d9742e1009ee5dd9dd95c415b35a1690cc
cb615185e90558f118233cfbdc3f67d7517f25dfcdf5c6c4b50553baa9af7a22
GET /links?idw=33929&subid=7IS7nEXFiVAi&var6= HTTP/1.1
Host: storesearch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 16 Jul 2025 18:45:00 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: no-cache, private
vary: accept-encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=GfRuAugzL31PLBq0IsQrlSQoF0QcQjqWkxsB%2BOwjWmClIJeWWOzMnk1jAgbjIpf5AU8MeCdK7oh2%2B%2Fmlsoqzy7OUoAIRNm3r559qy5E%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: XSRF-TOKEN=eyJpdiI6InBvYzlrRGI2WkUvZ0tPRmRuaWJqeWc9PSIsInZhbHVlIjoiVkw0S1ZMUXNXR2ZuTkdRclB0bVdXbGtabXh5SlEzdlVrR3ZxK3RoNnNSbTVpVnpwOVBnMnBNVXRrd3VVdGZ3dzNUY2h5eEczc3k5aEFlaEloR283ejBiUUZXbk9mdktvTm9sU3QyMDJtUGxFY2ZFT1Y4Q0tzcmJuRDhTS1dhSnYiLCJtYWMiOiIzZDY4NWNiZWVhZjNlNzFkNTdkOWFkYjA3ZTJiNzZjMjk5YzEwOWQ4MzIwN2IwMjdmNTBmZTU2NjhkOWU1Y2MwIn0%3D; SameSite=Lax; Path=/; Max-Age=7200; Expires=Wed, 16 Jul 2025 20:45:00 GMT
vipesearches_session=eyJpdiI6ImZKcHAwRFVLSHc4ZmRxMk9QekVnZFE9PSIsInZhbHVlIjoibC93Mk92VGJCcGpzdC9tcUJoNUhTc0FEZEFBOFMxWVF3RndRb09URldOWmFhRjV4cUczeXRrOTV0S3dNYTE2WFV1K0s3dmNXMmtPYTF1b2tLWEdydUJqalZRbUFOWmdQeXFFbnZRbmZvaGxYc0lKUjUvMC9UcUNPSjU5VVhnOU0iLCJtYWMiOiIxYjE2ZWNlZTUxY2EwOGIzNGE5ZDU5YzYxNzg3MzQ1MzE2NTBhOTE1OWFjM2M1YzQ3MzY2ZmYwMGFkMzExN2QxIn0%3D; HttpOnly; SameSite=Lax; Path=/; Max-Age=7200; Expires=Wed, 16 Jul 2025 20:45:00 GMT
cf-ray: 9603a7747ee05699-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01K0A8VSVW4KGC5W7HE1FJAVG8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
403 Forbidden 742 B URL User Request GET no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01K0A8VSVW4KGC5W7HE1FJAVG8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
IP
ASN #60781 LeaseWeb Netherlands B.V.
Certificate IssuerDigiCert Inc
Subject*.kelkoogroup.net
FingerprintAB:7F:31:B1:66:46:76:99:39:20:8C:5B:A4:03:6B:DE:E6:6B:F4:17
ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 10 Oct 2025 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (742), with no line terminators
Hash d1f0c5cee9a7c0115498aba438694a5a
ca64b41ce9e0db4e30ee9805a9938af7c358dcce
2e8edad1b0580dab3c1957baa8854f6c3b6ab1ea39512b5ee6cfe963b9d69bfd
GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01K0A8VSVW4KGC5W7HE1FJAVG8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/permanentLinkGo?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.farmasiet.no&custom1=abce8dafbd0327a66fabb86a7dc293a4203ae6e5ba14ceebad0f235f917188a3&publisherSubId=Sde46opRHJDX&publisherTrafficType=publishernetwork&originReferer=https%253A%252F%252Fwww.yadore.com
DNT: 1
Connection: keep-alive
Cookie: datadome=YfHC9JLeiOFEgFH0AyXMlw6kiZyCf3t9FjAOUo4ELeg7j76PdRBPNKeFMaX3J0YF7qHulBx7O~OdHyz7S0rSfnaPRpnFgKvU81AU6aOc~yRkC4jwBHjcp7IJvF9eKYsR; kelkooID=a4c6293-198148de771-fe39
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Pragma: no-cache
X-DD-B: 3
Charset: utf-8
Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
Set-Cookie: datadome=C8qjpPS0DrLHqtdAuRiue76dF3H8Vom~PyNZW4RBIYmMbFZXDedJEILPZqibOIhlWWwfHEge5WjyVgzJr~UtTM1Eb3UoKDOzCTfU9TrGM8QWBfUGJ6V92pQpSa8lhmj5; Max-Age=31104000; Expires=Sat, 11 Jul 2026 18:45:01 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure
X-DataDome: protected
Request-Time: PT0.016407104S
Cache-Control: max-age=0, private, no-cache, no-store, must-revalidate
X-DataDome-CID: AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg==
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Wed, 16 Jul 2025 18:45:00 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 742
GET ct.captcha-delivery.com/i.js
200 OK 14 kB URL GET ct.captcha-delivery.com/i.js
IP
Requested by https://no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01K0A8VSVW4KGC5W7HE1FJAVG8%26url%3Dhttps%253A%252F%252Fwww.farmasiet.no&dc=false
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text
Hash 4d8b19e144663a4b0a34e2030e9d1cc8
5b9eaf949689ac7820c221a5911f4fff98c5ab02
d5c4c11916c7bd5f5ad25bb4647f735d4a0704aa63f59835017ff625f82363dd
GET /i.js HTTP/1.1
Host: ct.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://no-go.kelkoogroup.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-length: 13786
last-modified: Wed, 25 Jun 2025 12:23:22 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Wed, 16 Jul 2025 12:24:31 GMT
etag: "4d8b19e144663a4b0a34e2030e9d1cc8"
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HZoElTue281KdmLZrWJkqlbQ3REQJimkJIo0XNz095NpXfuQWUOsQQ==
age: 22831
X-Firefox-Spdy: h2
GET adalh-zcq.com/zclkvisitor/f7d1b711-6274-11f0-9b8f-12efab991d35/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
0 B URL User Request GET adalh-zcq.com/zclkvisitor/f7d1b711-6274-11f0-9b8f-12efab991d35/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zclkvisitor/f7d1b711-6274-11f0-9b8f-12efab991d35/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=1f221ad0-16c2-11ef-994a-12832fc4c381 HTTP/1.1
Host: adalh-zcq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST no-go.kelkoogroup.net/ddfp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad
0 B URL POST no-go.kelkoogroup.net/ddfp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad
IP
Requested by https://no-go.kelkoogroup.net/permanentLinkGo?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.farmasiet.no&custom1=abce8dafbd0327a66fabb86a7dc293a4203ae6e5ba14ceebad0f235f917188a3&publisherSubId=Sde46opRHJDX&publisherTrafficType=publishernetwork&originReferer=https%253A%252F%252Fwww.yadore.com
Certificate IssuerDigiCert Inc
Subject*.kelkoogroup.net
FingerprintAB:7F:31:B1:66:46:76:99:39:20:8C:5B:A4:03:6B:DE:E6:6B:F4:17
ValidityThu, 26 Sep 2024 00:00:00 GMT - Fri, 10 Oct 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ddfp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad HTTP/1.1
Host: no-go.kelkoogroup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://no-go.kelkoogroup.net/permanentLinkGo?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Fwww.farmasiet.no&custom1=abce8dafbd0327a66fabb86a7dc293a4203ae6e5ba14ceebad0f235f917188a3&publisherSubId=Sde46opRHJDX&publisherTrafficType=publishernetwork&originReferer=https%253A%252F%252Fwww.yadore.com
Content-type: application/x-www-form-urlencoded
Content-Length: 4948
Origin: https://no-go.kelkoogroup.net
DNT: 1
Connection: keep-alive
Cookie: datadome=C8qjpPS0DrLHqtdAuRiue76dF3H8Vom~PyNZW4RBIYmMbFZXDedJEILPZqibOIhlWWwfHEge5WjyVgzJr~UtTM1Eb3UoKDOzCTfU9TrGM8QWBfUGJ6V92pQpSa8lhmj5; kelkooID=a4c6293-198148de771-fe39
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
GET static.captcha-delivery.com/captcha/assets/tpl/device-check/index.css
200 OK 3.7 kB URL GET static.captcha-delivery.com/captcha/assets/tpl/device-check/index.css
IP
Requested by https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg%3D%3D&hash=5954443B90DC91C1E924DE9BFBEAA5&cid=C8qjpPS0DrLHqtdAuRiue76dF3H8Vom~PyNZW4RBIYmMbFZXDedJEILPZqibOIhlWWwfHEge5WjyVgzJr~UtTM1Eb3UoKDOzCTfU9TrGM8QWBfUGJ6V92pQpSa8lhmj5&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&s=35103&b=395&dm=cd
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
Hash d24f433ae1916185b0e4e20ed76cb64b
e0c8d4c58b7d0983f9b4042bea94c014cd5ec668
f40a7b02a8a2d420aa9d4cb5b0b26a92468828984fdc4b0d1202de4e24f59859
GET /captcha/assets/tpl/device-check/index.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 08 Feb 2024 08:41:29 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
date: Wed, 16 Jul 2025 01:11:05 GMT
etag: W/"d24f433ae1916185b0e4e20ed76cb64b"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0GOEZbXbdhJXNy4uDPjnCws39NpL--A-j-haYDb2qJNCR8a_rAK_Dw==
age: 63238
X-Firefox-Spdy: h2
GET static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css
200 OK 6.2 kB URL GET static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css
IP
Requested by https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAkkjcGzFjKtsAW1oqmg==&cid=C8qjpPS0DrLHqtdAuRiueElbdDHAdBC_X4ZLUMteGKpaudy1nIK4ifYM0DGzPxaaBLIbopgX2HukTnzDh1jg7slxHnT2yJ7QeA3uV91S27hTVDN~FietW7lDAa9XUm8F&referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af2236371dd3b47deeb233f2772a6336cf67ba3c53947193b387f19a7f7a44c60977eb9eb62b43d4c27b483b226dfa22c03381ad761c66035954b121353cc12bb16c78c93d079637f4103564a00db1adbfa920620b78106370f9c512b6029224e44f5c3af3581d4bb58f444f33c5293a3263b276257dcd797128bea346d761d220ce08fbd6b07579e0f37aaf8d5c12914548a5e8f3464c89ffd6d64bcb28c8d4fba00e3ca70b7638713524561665343711faa168d48482860e03d513c8a2913feb95c2a8000ba30f2044bc46766b2b9447cb38873738ab6ec0a3aad8cb09f3b30b9db6b6a71345567051f5742d7b7ee1e1ceb515580ac2425692530339e81a293025d9c058e98de9350c99036d909eea62703d32ae4d6341ffcc11af55d957098a169bde45cff5f552d8429f7695fc73946824aa2eb8625042aa0794fc07754aab7a07213fdfa9b67295ed8cecb4ada5a6e2a49e324b43a03f91f2433da4f6cb59b3d2b2093b72980203027c9ea77d5c6aad%26url%3Dhttps%253A%252F%252Fpdt.tradedoubler.com%252Fclick%253Fa%253D332280%2526p%253D302669%2526epi%253D629D01K0A8VSVW4KGC5W7HE1FJAVG8%2526url%253Dhttps%25253A%25252F%25252Fwww.farmasiet.no%26dc%3Dfalse&hash=5954443B90DC91C1E924DE9BFBEAA5&t=fe&s=35103&e=26f2746d28486146da305022e48ac09091b55bdc86603d60a899382c782c977d&ir=36%2C20%2C676&dm=dc_ir
Certificate IssuerAmazon
Subject*.captcha-delivery.com
Fingerprint08:34:DB:37:CB:02:09:ED:82:0C:B3:27:9F:BA:AF:45:DA:77:DD:3D
ValidityThu, 13 Feb 2025 00:00:00 GMT - Sat, 14 Mar 2026 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 1f113f0b6d6855568c684e354bb853d1
2a2fbd27d5408fa3e53c74f04b7790ab1aea9b2c
d49fce4d3745c6d9f755f6be625eb218238baec337cfdb30be0e87d8c0ff6653
GET /captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css HTTP/1.1
Host: static.captcha-delivery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://geo.captcha-delivery.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 11 Apr 2024 08:21:58 GMT
content-encoding: gzip
x-amz-server-side-encryption: AES256
x-amz-version-id: null
server: AmazonS3
date: Wed, 16 Jul 2025 01:16:34 GMT
etag: W/"1f113f0b6d6855568c684e354bb853d1"
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6VcgRApu8WFceuCKV1_ZWZq5m9qZoOHlUfB7TkjJnrMqSvO7TjeyKA==
age: 62911
X-Firefox-Spdy: h2
23.36.77.232
54.240.174.83
104.21.32.1
88.99.112.6
95.211.116.26
13.50.216.15
0.0.0.0