Report - fincen.org/

Report Overview

Submitted URL
fincen.org/
IP
93.115.28.104
ASN
#16125 UAB Cherry Servers
Submitted
2023-06-14 07:26:24
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
no-go.kelkoogroup.net	unknown	2017-08-18	2017-10-30	2023-06-13	4.4 kB	2.0 kB	95.211.116.26
www.farmasiet.no	unknown	2019-08-08	2019-10-09	2023-06-10	45 kB	2.1 MB	104.18.31.49
invitejs.trustpilot.com	15284	2007-06-30	2017-11-02	2023-06-13	412 B	10 kB	54.230.111.68
clever-redirect.com	unknown	2021-02-06	2021-02-09	2023-06-13	1.1 kB	1.1 kB	116.203.50.204
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-06-13	680 B	1.9 kB	54.230.80.227
lookandfind.me	35702	2021-03-02	2021-03-08	2023-06-13	1.7 kB	2.2 kB	5.9.110.29
fincen.org	unknown	2004-10-20	2012-07-26	2023-05-24	1.2 kB	1.4 kB	93.115.28.104
ocsp.r2m01.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-06-13	340 B	942 B	54.230.80.227
static.zdassets.com	2154	2013-01-28	2018-06-24	2023-06-13	454 B	25 kB	104.18.70.113
api.yadore.com	591567	2014-09-12	2017-11-28	2023-06-13	821 B	58 kB	88.99.112.2
az416426.vo.msecnd.net	1935	2008-09-29	2014-02-09	2023-06-13	417 B	23 kB	152.199.19.161
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-06-13	879 B	181 kB	142.250.74.40
ekr.zdassets.com	2396	2013-01-28	2018-06-14	2023-06-13	470 B	1.6 kB	104.18.72.113
status.thawte.com	5123	1996-02-10	2017-11-27	2023-06-13	331 B	735 B	192.229.221.95
polyfill.io	102644	2013-03-18	2016-02-12	2023-06-13	824 B	4.1 kB	151.101.129.26
dc.services.visualstudio.com	894	1997-03-18	2014-02-04	2023-06-13	1.1 kB	1.1 kB	13.69.106.89
atala-apw.com	unknown	2023-05-15	2023-05-23	2023-06-13	1.7 kB	3.9 kB	54.235.102.182
farmasiet.no	unknown	2019-08-08	2019-10-24	2023-06-09	574 B	192 B	217.114.85.70
redirects.tradedoubler.com	unknown	1999-10-10	2017-01-30	2023-06-13	1.4 kB	755 B	34.255.115.11
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-06-13	358 B	1.9 kB	104.18.21.226
resept.farmasiet.no	unknown	2019-08-08	2020-08-31	2023-06-10	1.0 kB	1.4 kB	109.247.228.130
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-13	333 B	699 B	142.250.74.131
consentcdn.cookiebot.com	5676	2010-01-21	2018-05-23	2023-06-13	1.0 kB	2.0 kB	104.110.3.72
pdt.tradedoubler.com	777760	1999-10-10	2012-06-22	2023-06-12	2.0 kB	4.3 kB	35.186.231.97
vht.tradedoubler.com	99799	1999-10-10	2014-10-10	2023-06-13	412 B	4.2 kB	54.230.111.48
consent.cookiebot.com	4972	2010-01-21	2014-02-26	2023-06-13	916 B	100 kB	104.84.152.235
api.kelkoogroup.net	468795	2017-08-18	2020-06-09	2023-06-13	1.7 kB	37 kB	54.230.111.57
ui.powerreviews.com	8970	2005-03-12	2015-03-08	2023-06-13	2.6 kB	760 kB	54.230.111.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-14 07:26:03	medium	93.115.28.104	Client IP	ET INFO TLS Handshake Failure
2023-06-14 07:26:03	medium	93.115.28.104	Client IP	ET INFO TLS Handshake Failure
2023-06-14 07:26:03	medium	93.115.28.104	Client IP	ET INFO TLS Handshake Failure

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (67)

	URL	Size	First Seen	Last Seen
	www.farmasiet.no/dist/polyfills.js?v=1.0.29708.0	3.1 kB	2023-06-10	2023-06-14
Pretty URL www.farmasiet.no/dist/polyfills.js?v=1.0.29708.0 IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 05:43:51 Last Seen2023-06-14 09:26:27 Times Seen4 Hash a5ea12f80fbfb7b541e8420c89d5796b 70e81d4ef0c2d2e693bd7595240415e581d82d00 c3c73509dfe8a9591d54d29a30f7fc2af1051b143976e4d5e3a5063d7d339e01 Loading...

	www.farmasiet.no/sandbox%20eval%20code	147 B	2023-04-11	2024-07-27
Pretty URL www.farmasiet.no/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-07-27 04:04:32 Times Seen385008 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	invitejs.trustpilot.com/tp.min.js	9.9 kB	2023-03-08	2024-05-27
Pretty URL invitejs.trustpilot.com/tp.min.js IP 54.230.111.68 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:40 Last Seen2024-05-27 14:31:16 Times Seen1558 Hash c35ba08874f254208f08eb29f4d9b11a f0067ea0e163f92d389fde4e6efa15d1d683ff5b ab9a107dadcf1743abae886825985947f077d19ced7a0a31baf83680f1b36a3b Loading...

	www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	236 B	2023-03-08	2024-04-29
Pretty URL www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:36:39 Last Seen2024-04-29 21:06:32 Times Seen9 Hash daa48f7973fb83793b49608a3e83ff5f 4623f468af14744bda5a7011b33ebd3787257768 f0aefbcff3c04482aeebe9bfceda2dbd4464a7c4b3ca8efda64796ddce627284 Loading...

	www.farmasiet.no/dist/cms.js?v=1.0.29708.0	867 kB	2023-06-10	2023-06-14
Pretty URL www.farmasiet.no/dist/cms.js?v=1.0.29708.0 IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 05:43:51 Last Seen2023-06-14 09:26:26 Times Seen2 Hash efe3fbc911195645a5c3ff1a01a218f3 77867f7197ac591fd64b5b03ce2a694408cf1f50 865f9b09afdb5c71196eb8fd3e748f518e3ca1fea071f27d85efcd8dd4b1c588 Loading...

	polyfill.io/v3/polyfill.min.js?features=Promise%2CPromise.prototype.finally%2CSet%2CMap%2Cfetch%2CSymbol%2CArray.prototype.find%2CArray.prototype.some%2CArray.prototype.every%2CArray.prototype.forEach%2CArray.prototype.findIndex%2CString.prototype.includes%2CString.prototype.startsWith%2CCustomEvent%2Ces7%2CURLSearchParams%2CElement.prototype.inert%2CObject.values%2CObject.entries%2Cfetch%2CString.prototype.endsWith%2CElement.prototype.closest	8.6 kB	2023-03-08	2023-12-01
Pretty URL polyfill.io/v3/polyfill.min.js?features=Promise%2CPromise.prototype.finally%2CSet%2CMap%2Cfetch%2CSymbol%2CArray.prototype.find%2CArray.prototype.some%2CArray.prototype.every%2CArray.prototype.forEach%2CArray.prototype.findIndex%2CString.prototype.includes%2CString.prototype.startsWith%2CCustomEvent%2Ces7%2CURLSearchParams%2CElement.prototype.inert%2CObject.values%2CObject.entries%2Cfetch%2CString.prototype.endsWith%2CElement.prototype.closest IP 151.101.129.26 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:36:39 Last Seen2023-12-01 23:39:55 Times Seen28 Hash bcbdbbd87f34809fa38ce8a09930bb07 d9ab9aa4f66a8eef9afe9b5d569321c75881c5b4 c93f1c0bb328c6fd5ad3edae26288320a3257694746b6ef25e858578d7a62f05 Loading...

	ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/576.js	169 B	2023-06-02	2023-06-18
Pretty URL ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/576.js IP 54.230.111.36 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 17:28:19 Last Seen2023-06-18 03:06:18 Times Seen88 Hash a225652c7c67ac3ec05999b559cb2d73 43195d5bc0e40e0ca39d5891c42faa19b227827c 90ceaab44a342d7b519c5bd6f3bfb2c02ee7bdba9d948636a4366a74934cfd92 Loading...

	www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	469 B	2023-06-14	2023-06-14
Pretty URL www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-14 09:26:26 Last Seen2023-06-14 09:26:26 Times Seen1 Hash e42930b180743368581cc53013f4fdf9 813eaa74a973d1ebdc76bc1b7e215b187a51dc8b 1adae19d451e4cb493f0e66322b2569c4a5e9586a9b40e748c0b423190f4ae5b Loading...

	www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	1.0 kB	2023-03-08	2024-04-29
Pretty URL www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:36:39 Last Seen2024-04-29 21:06:32 Times Seen9 Hash 093be6f6d3b07a51b44b400964c130ef 883b0201e9f84460ea82a0186739f6602a213c92 bc12a8ee61399fef5ab3579ef421d65763df9598319146bb5d793f18cc3e5305 Loading...

	www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	680 B	2023-03-08	2024-04-29
Pretty URL www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:36:39 Last Seen2024-04-29 21:06:32 Times Seen9 Hash 3dc3937e165bf02ee04d688b083b643a bd6a7c8c7eff957d6aea79951c98b6e3839a1fb6 967cc61db501497e89a9bb0c054b5edc09258e64cf9d705f362df60f0bbfc128 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-07-27
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-07-27 04:04:32 Times Seen384357 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.farmasiet.no/dist/runtime.js?v=1.0.29708.0	1.5 kB	2023-03-08	2024-04-29
Pretty URL www.farmasiet.no/dist/runtime.js?v=1.0.29708.0 IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:36:39 Last Seen2024-04-29 21:06:33 Times Seen16 Hash ec15ea201ee7f20af3637f99c6d6a3c9 3fbec55994d906f3daf249083dc85f395585a35f 67a9dda9c6a53aae81d6ae865640a58ebdf9a2c6cbbf92271e40f7de6fc9611b Loading...

	unknown	337 B	2023-05-07	2024-04-29
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-07 11:24:30 Last Seen2024-04-29 21:06:32 Times Seen7 Hash ecb4f1354a6ec0e08162816c38861b5e 346db8aaf7ba30a179fe0453db8170a32fa0baa6 c33735578aa3d8be92c986af4d2e6388fada8624443e608fdbdb19ea3ed11fcf Loading...

	www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	1.1 kB	2023-03-08	2023-12-01
Pretty URL www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:36:39 Last Seen2023-12-01 23:39:55 Times Seen8 Hash 4a1ceb0c230406100649e5a374862b23 e30e524ab86a7c86b97c5faa01ef870b74d450ac 5e19191998e5c6956cfa656957f0631beb4bd67ad6829c8a988a6a6dab2a252e Loading...

	www.farmasiet.no/dist/vendors~libs.js?v=1.0.29708.0	13 kB	2023-06-10	2023-06-14
Pretty URL www.farmasiet.no/dist/vendors~libs.js?v=1.0.29708.0 IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 05:43:51 Last Seen2023-06-14 09:26:27 Times Seen4 Hash 88adf1ff92803817e1aa36d95b5eaecb b751a979cfe6d6d1ae6389390455148b754c812b ecdeba31b283cc1b1fb94d3529e2ae04fb6b0e980b73cc85b8d8bb1394defc76 Loading...

	az416426.vo.msecnd.net/scripts/a/ai.0.js	97 kB	2023-03-07	2024-07-27
Pretty URL az416426.vo.msecnd.net/scripts/a/ai.0.js IP 152.199.19.161 ASN #15133 EDGECAST Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:49 Last Seen2024-07-27 01:02:02 Times Seen4746 Hash 1dd63de72cf1f702324245441844be13 58a8bdcdcb398af7db424357df70df18e7b30e9d 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e Loading...

	www.googletagmanager.com/gtm.js?id=GTM-NGZC2LS	316 kB	2023-06-14	2023-06-14
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-NGZC2LS IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-14 09:26:26 Last Seen2023-06-14 09:26:27 Times Seen2 Hash 390ede1ba6892aef31153559092d3163 c4b5f2b5db1f51de9a764e531e67fc0a7e230303 718f005af069e91a99ca010d9ca7e677cc473907a94b83235f918dfdd91ecd17 Loading...

	www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	636 B	2023-03-08	2024-04-29
Pretty URL www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:36:39 Last Seen2024-04-29 21:06:32 Times Seen9 Hash 130461353706adc6229395c9f165cede c4b34a874afe892cfdd237ceb9a5e3cce683a09f 27ed2ac21e3a53bbdc17060cf1ba950ee05b064c1c2483097ce1228a40bc30ba Loading...

	consent.cookiebot.com/4a7a6781-d980-495f-b657-4733ab69c189/cc.js?renew=false&referer=www.farmasiet.no&dnt=true&init=false	271 kB	2023-06-10	2023-06-14
Pretty URL consent.cookiebot.com/4a7a6781-d980-495f-b657-4733ab69c189/cc.js?renew=false&referer=www.farmasiet.no&dnt=true&init=false IP 104.84.152.235 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 05:43:51 Last Seen2023-06-14 09:26:27 Times Seen3 Hash 7a43e5e5c453fa4f0013251a6ee4a0b5 0646cb81764e2813e01a7b895e640407c199e45f 5887416eb35a3d85c09f472d2767836dc8a91771569515b4f2462830c79ef74c Loading...

	www.farmasiet.no/dist/vendors~adminPortal~checkout~cms~filters~user-profile.js?v=1.0.29708.0	175 kB	2023-06-10	2023-06-14
Pretty URL www.farmasiet.no/dist/vendors~adminPortal~checkout~cms~filters~user-profile.js?v=1.0.29708.0 IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 05:43:51 Last Seen2023-06-14 09:26:26 Times Seen2 Hash 81eadb75e3538d6bd0323747c3913e1d c06ec974b031343a033728c950d34fff12813039 f30fcfcd3a824d72fd3b54b2c3cabbfeb6ed649986702de3229aab363b6321fe Loading...

	www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	1.0 kB	2023-03-08	2024-04-29
Pretty URL www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:36:39 Last Seen2024-04-29 21:06:32 Times Seen9 Hash 0c6b4c173ab1c9664edad62bbac79513 4ecdbb4041e763969531ee7d8d11ed5829aea542 dd840c3647c99806b523ba18b488554a9bd001e4422e6de210774076d8a29c73 Loading...

	www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	1.0 kB	2023-03-08	2024-04-29
Pretty URL www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:36:39 Last Seen2024-04-29 21:06:32 Times Seen9 Hash 48302f8ab9ab89a5644ecd47d2b5d426 0b146a4b40e94e36761198b494ccd7af414189f9 2fa84a83ff5f7d8d2f6d157400a7d5ea1967ea8e58fa4a8a88b4f259be25c9e6 Loading...

	static.zdassets.com/ekr/snippet.js?key=a5e46e07-fec9-4183-9c9d-b98972d79d05	24 kB	2023-05-15	2023-07-10
Pretty URL static.zdassets.com/ekr/snippet.js?key=a5e46e07-fec9-4183-9c9d-b98972d79d05 IP 104.18.70.113 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-15 05:31:54 Last Seen2023-07-10 06:05:33 Times Seen3558 Hash 9ce7e23b1a5cf89ecf9e795e0ccb61b4 d3c8c1151af2925bb8e1a8f1d1b679ae31285189 622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045 Loading...

	www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	644 B	2023-03-08	2024-04-29
Pretty URL www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:36:39 Last Seen2024-04-29 21:06:33 Times Seen9 Hash b35d31a4b2018083b349867354f0ef36 82c835d09597d9113f172f09d7c15ecbb7781b01 40a93501303a142b667e830c77363e7b830591e4b67348e456fac75594e23a2f Loading...

	www.farmasiet.no/dist/libs.js?v=1.0.29708.0	162 B	2023-06-10	2023-06-14
Pretty URL www.farmasiet.no/dist/libs.js?v=1.0.29708.0 IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 05:43:51 Last Seen2023-06-14 09:26:27 Times Seen4 Hash 1ce8a44b1a699f2d64505d18e6af7be3 47deb1b34868f37a75ee099197ff06277b0b6429 477f2c5a0d91ec22dbbd0bfcaed7dad9e957986ad46645a503b38dc0bd13c717 Loading...

	ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/108.js	238 kB	2023-06-02	2023-06-18
Pretty URL ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/108.js IP 54.230.111.36 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 17:28:19 Last Seen2023-06-18 03:06:18 Times Seen59 Hash dd583f7593a759c7ec0944d9256e6d69 185053b574bae668a862a4f98e477c5e2dff7457 7ccde7f123934cd6007ae23ec506dc08f231cf1b6b3eecea7c3c68375c359044 Loading...

	resept.farmasiet.no/inbox/unread-messages-badge.html	1.1 kB	2023-04-08	2024-04-29
Pretty URL resept.farmasiet.no/inbox/unread-messages-badge.html IP 109.247.228.130 ASN #29695 Altibox AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-08 03:35:16 Last Seen2024-04-29 21:06:32 Times Seen8 Hash 6aabd03dde297d7d81c4e42bf85ba07b 682077f162caf8270d11720a099cfb1d1b064f9c 8e67b2c5f44f96ef78e373a6c5c8b775781fb5c3574bedf08e55beb1732faa71 Loading...

	ui.powerreviews.com/stable/4.1/ui.js	42 kB	2023-06-02	2023-06-18
Pretty URL ui.powerreviews.com/stable/4.1/ui.js IP 54.230.111.36 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 17:28:18 Last Seen2023-06-18 03:06:18 Times Seen60 Hash 9b1f12551f83d30e77aafe40f9368cd0 e3edb6c9dbaa85c408409e95d699a804429d8871 7a514953b6356835f5b92708162d51ede77e10e57d772825f88331e76e2299bf Loading...

	ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/engine.js	134 kB	2023-06-02	2023-06-18
Pretty URL ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/engine.js IP 54.230.111.36 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 17:28:19 Last Seen2023-06-18 03:06:19 Times Seen109 Hash ef35221de66f0acde02b1f9a4b22c88b f0a3c494cabfb93ef358a5d07beac3fad4eef55b 7d4f93a1c047a74c9be905eaa850ecee51b527bab7334bd3d9aa71199d39ef70 Loading...

	consent.cookiebot.com/uc.js	110 kB	2023-06-07	2023-06-26
Pretty URL consent.cookiebot.com/uc.js IP 104.84.152.235 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-07 09:50:06 Last Seen2023-06-26 07:52:48 Times Seen494 Hash 1b6db9a09a0525a273106c330843431c c0ab167aab1d305ffa45a550120f91c288671f89 445a40338fb4c488b9b8432ec3014e6fda1e95370e87f33fdc527c06d04dbaa5 Loading...

	unknown	791 B	2023-05-07	2023-06-14
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-07 11:24:30 Last Seen2023-06-14 09:26:26 Times Seen4 Hash 084a4b4b88fb77b06046cf0adfa9dcf5 05c61935a61169a289e27462ec069efdbfb0742c 10a460c3bc855159ac79f0fb0db3f98905d5af16e2c984759ade494843db82de Loading...

	consentcdn.cookiebot.com/sdk/bc-v4.min.html	585 B	2023-04-05	2024-07-27
Pretty URL consentcdn.cookiebot.com/sdk/bc-v4.min.html IP 104.110.3.72 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 07:33:45 Last Seen2024-07-27 02:38:51 Times Seen7682 Hash 019b8aaa9f25d986d68395a8c6277be0 4d07e0b8c06f0a26b5be2caaf5c03d72b7c3d630 9ba37511ff74e293467e2c283d7045d2d63d999a1e700a41467f6bcf845329a2 Loading...

	ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/575.js	169 B	2023-06-02	2023-06-18
Pretty URL ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/575.js IP 54.230.111.36 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-02 17:28:19 Last Seen2023-06-18 03:06:19 Times Seen82 Hash 8ba77ae0b61cc05aaf737876e10951fe be2ebf7a7737b621f11a91175654e7f1fd0f0fe7 479a1bfc8570fcf9b29e9c58b924b9d0cbc83283d8db7dfdb6d9356cea1c14b7 Loading...

	www.googletagmanager.com/gtag/js?id=G-HWHJP6SP9F&l=dataLayer&cx=c	224 kB	2023-06-14	2023-06-14
Pretty URL www.googletagmanager.com/gtag/js?id=G-HWHJP6SP9F&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-14 09:26:27 Last Seen2023-06-14 09:26:27 Times Seen2 Hash 2de95ecc558437476eedc7656e969f5f 82e8a2a18a24c92749fd57e4af0da75b0deccbce b33c8bc387cd69b4aad9ce62592d069a11aa9813f7a90873877610a50811211e Loading...

	www.farmasiet.no/dist/vendors~adminPortal~checkout~cms~filters.js?v=1.0.29708.0	116 kB	2023-06-10	2023-06-14
Pretty URL www.farmasiet.no/dist/vendors~adminPortal~checkout~cms~filters.js?v=1.0.29708.0 IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 05:43:51 Last Seen2023-06-14 09:26:27 Times Seen4 Hash 5e8669075cb6c931fc51704b91884d9a 82fe0e3e833b168219578be7c98c37f78ac919a9 87c238ac5a0305a738ad9e93cd8d2e0b5b36fd2ebb4c0f7befd747e40f0932c1 Loading...

	www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	2.3 kB	2023-03-08	2024-04-29
Pretty URL www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:36:38 Last Seen2024-04-29 21:06:33 Times Seen9 Hash e5a269dc4ee281ccb97452055f6d4cb7 3f94c4d07869332e0e0de4f05d26ce1adef3ad27 75334bbdafd6c33463594f4281a3f58097fafa63ec05c77d69b0fa7188d76dfc Loading...

	www.farmasiet.no/Resources/Translations_no.js?v=1.0.29708.0	59 kB	2023-06-10	2023-06-14
Pretty URL www.farmasiet.no/Resources/Translations_no.js?v=1.0.29708.0 IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 05:43:51 Last Seen2023-06-14 09:26:27 Times Seen2 Hash 7f7974b4bb82b49071531be180768435 69c3bc41c1cc4512927bfe2128338f23dad3d3d6 e619d11c815081af5a0278691e6412d358708054987eb396b9aa6e8f7278369c Loading...

	www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	86 kB	2023-06-14	2023-06-14
Pretty URL www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 104.18.31.49 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-14 09:26:27 Last Seen2023-06-14 09:26:27 Times Seen1 Hash 40e49e962dea303a1e3ae60ed5a1dfa2 ed48e75fc212f99c5ccb92507ef10a2793004836 0c6a518039d344235358210edf8b9730748e6c29a4bd0a2855370ef59ccbd43f Loading...

	consentcdn.cookiebot.com/consentconfig/4a7a6781-d980-495f-b657-4733ab69c189/farmasiet.no/configuration.js	1.8 kB	2023-06-10	2023-06-14
Pretty URL consentcdn.cookiebot.com/consentconfig/4a7a6781-d980-495f-b657-4733ab69c189/farmasiet.no/configuration.js IP 104.110.3.72 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-10 05:43:51 Last Seen2023-06-14 09:26:27 Times Seen3 Hash 31cec6f23f337dc4f5635e62641125c2 91f5fa651673a067300bcb0c6189386bfdde6c4b 41685a9c4ecc5ab3c8ce86e62dc0d0585a92e4c546a84061e63059c3fe460970 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 7d99c2b827c44bd336e6dbbccecdd3fd	17 B	2023-03-07	2024-07-26
Pretty Observations First Seen2023-03-07 01:07:11 Last Seen2024-07-26 22:34:06 Times Seen11816 Hash 7d99c2b827c44bd336e6dbbccecdd3fd 0c442b9b39bde00818aaee29e9f5e321205ab863 512cd32f64ec1e7adec9996902a58e18dcac185384dcc9280b1d4cff5f71aad0 Loading...

	#2 Eval - d131919a6f38e1c01c64d72e1b7f84a0	25 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:05 Last Seen2024-07-27 04:03:03 Times Seen13190 Hash d131919a6f38e1c01c64d72e1b7f84a0 d64e30aba61c17c8d9f1a0ce1e7011f1d15c8ab0 63d0de96ffe6e24d709e64517f883a6e6a72e3629aea379ee43b727541794c64 Loading...

	#3 Eval - eb795b6a158b8e55987e34f200287f57	24 B	2023-03-07	2024-07-19
Pretty Observations First Seen2023-03-07 01:33:24 Last Seen2024-07-19 23:59:50 Times Seen904 Hash eb795b6a158b8e55987e34f200287f57 fce306735f6407b7ff45d2f17fe3b451d6f36f93 3d561ada4bc2a17cbbb45d350ba529b23eba26a7792aca9b77aeaf48b75c1f08 Loading...

	#4 Eval - fa90d94b8ffe44fca63cde803e82aadc	20 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:04 Last Seen2024-07-27 04:03:03 Times Seen12795 Hash fa90d94b8ffe44fca63cde803e82aadc b0ee5410c6f6e0e6e3a70add2d5ad81e10494874 1b0f9a28e673c21b9a668e2973157b075ac420eda7f39fd5727a77bb32b45ffe Loading...

	#5 Eval - 0db30215cd2704e5b00dc2375563eab4	15 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:05 Last Seen2024-07-27 04:03:03 Times Seen24012 Hash 0db30215cd2704e5b00dc2375563eab4 e3d7cdb911d32f5d178ef1d7aaf3c14d945f0920 de7f7b137340e1d218833d7afef73ea711325f139a4428eed317ca0374f67c91 Loading...

	#6 Eval - b5b502d6895b89188abc07f51a583ac3	21 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:05 Last Seen2024-07-27 04:03:03 Times Seen12790 Hash b5b502d6895b89188abc07f51a583ac3 1f623ac9038122b674824f019ad99d9bab9cae02 023250096bcba5a18a624685884b3126896db722289f3281cea8ec5cc63476e7 Loading...

	#7 Eval - e9a8373e9f5934c48272ed9d205d6141	23 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:04 Last Seen2024-07-27 04:03:04 Times Seen12799 Hash e9a8373e9f5934c48272ed9d205d6141 42d5bac6a5502d978d4cafa7327c20cb9b14269a c5d184acbefde172c402f1100cb756d11e8a1c83484977f1d5975bc65a79a7c5 Loading...

	#8 Eval - 9d36b349a005744f355b03bf704df1e6	17 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:04 Last Seen2024-07-27 04:03:03 Times Seen12787 Hash 9d36b349a005744f355b03bf704df1e6 1c303c8090a51ed93c002b1241d5ab262e8250af c03ab22471edc55763f012b82b8d32f981b31ca921a55cc4a663b8bd953b96e7 Loading...

	#9 Eval - a689097727785bb0e94e7a64d6745480	13 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:03 Last Seen2024-07-27 04:03:04 Times Seen23975 Hash a689097727785bb0e94e7a64d6745480 270ab5e5a178a457e9b7ba8c3f4ad4b4014bdceb 56e57af29d4af8b1fb7008dbfdf84a764970a6673f1f19165f1a8498ce903d93 Loading...

	#10 Eval - 22734efcbbd8b16103f6a645f41388f7	84 B	2023-03-07	2024-07-17
Pretty Observations First Seen2023-03-07 01:19:05 Last Seen2024-07-17 01:35:33 Times Seen920 Hash 22734efcbbd8b16103f6a645f41388f7 59ba9178061fca00c1170816e9c48a457dfb1780 b363fddb559a29c54f4cb2a236e7a01c3d4153d995dcbfe3009de3c8660a0daf Loading...

	#11 Eval - 575e6625d3d90514eaeed9fcda4a4ac1	16 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:05 Last Seen2024-07-27 04:03:04 Times Seen12786 Hash 575e6625d3d90514eaeed9fcda4a4ac1 53971c168ba97bcdddd3c818ab875481bf18a5e3 d6b5ca1760fc8b29e007efc9c8d2cf7e8a2395825f6f77dada95483fc3171bdf Loading...

	#12 Eval - 95e9f1cbdece09183c4794acedd4d88e	19 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:05 Last Seen2024-07-27 04:03:03 Times Seen13213 Hash 95e9f1cbdece09183c4794acedd4d88e 20837bbb3c53f0b8421af7f0314820c491b0b12a 9b078b8e24e4655c21a5876570daac97f2ddc241bfdb259644582b6a7a60930b Loading...

	#13 Eval - db2387b454fa37117acebfd67dd00f58	18 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:05 Last Seen2024-07-27 04:03:03 Times Seen13533 Hash db2387b454fa37117acebfd67dd00f58 77737fb669256fdd8c0854d1bf4768bb1720ef3a 318e5db431b7c9515f38ae97da21d7c4e75ec281aea96271c0d0f4e22b35df92 Loading...

	#14 Eval - 73af165641c6bcbba81a9f1ad3f6331f	27 B	2023-03-07	2024-07-19
Pretty Observations First Seen2023-03-07 01:33:24 Last Seen2024-07-19 23:59:51 Times Seen583 Hash 73af165641c6bcbba81a9f1ad3f6331f 4ecf1951d9fc4eb204e605697b0836aa0b7fcaea fa6b78337563233074f15e53bdcdbae480a646eb546aa625d0bcdb46a7800e89 Loading...

	#15 Eval - 440e6ffd74c8d96f2b9b10777c816a35	17 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:03 Last Seen2024-07-27 04:03:03 Times Seen13140 Hash 440e6ffd74c8d96f2b9b10777c816a35 78cafefd4d0ccb330d079ec6e81e5e372ccaf0b8 031688cb60b9631e34bc623cf81a9eeef73de67ca290d15cccfaa65399420932 Loading...

	#16 Eval - 7c5cd2cb6eca2a7940e23c25d44440f2	22 B	2023-03-07	2024-07-19
Pretty Observations First Seen2023-03-07 01:33:24 Last Seen2024-07-19 23:59:51 Times Seen568 Hash 7c5cd2cb6eca2a7940e23c25d44440f2 2a60c618ae4e91f8e33f5cb6d367565b65f02d52 0e77155223e60580c4e3b388b9fbb7758704064b4000b90d97d0f13ec4d35873 Loading...

	#17 Eval - 9213772222622192fc04ffe77aa92277	20 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:04 Last Seen2024-07-27 04:03:03 Times Seen13126 Hash 9213772222622192fc04ffe77aa92277 2b7db24ac1b2337b2f671fb4fefaac45822015b2 6b612f597a0ed972ce30182713c197e510528ac68ff1711b560641d5f47afefa Loading...

	#18 Eval - 8400e05902a35980362b8678710c6652	18 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:05 Last Seen2024-07-27 04:03:03 Times Seen24047 Hash 8400e05902a35980362b8678710c6652 f8b855e4e73f2379f26b0691dc179bdfa4fa9eaa addd231a2f2807fb0b4ebdadd2bc23ae2a1cb93a92b07fa6e20ee9af832a8b47 Loading...

	#19 Eval - 7651b15dc5dfec010ecb97466a0f908a	15 B	2023-03-07	2024-07-19
Pretty Observations First Seen2023-03-07 01:33:24 Last Seen2024-07-19 23:59:51 Times Seen583 Hash 7651b15dc5dfec010ecb97466a0f908a 51ba07dd97df701ac883a92e0fb794c2123a95b1 c5f766beae5e4d0b9caf36bddbe59c0117a8c0aef0bde7ad9ec993cc3802e780 Loading...

	#20 Eval - 3fd7d57a45fa29549c462951c9997843	17 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:04 Last Seen2024-07-27 04:03:03 Times Seen12790 Hash 3fd7d57a45fa29549c462951c9997843 cf146cd90abfb93dd606010630243738dc57a194 13871edf9ac7e58046d0f0d03811464e388c3f2323eebc6b61954c79dc883459 Loading...

	#21 Eval - 3e90605aa2d72099e408cfa3fc2800a8	21 B	2023-03-07	2024-07-19
Pretty Observations First Seen2023-03-07 01:33:24 Last Seen2024-07-19 23:59:51 Times Seen583 Hash 3e90605aa2d72099e408cfa3fc2800a8 a89af529ebc88c436b758d23f6ee8a4c498e8d97 b4887f555ad7da62f55c2ae807f3baafc0a421d134751743dd0336954d5a02ac Loading...

	#22 Eval - 16caa856f664ac5cc1c32d6575b47796	25 B	2023-03-07	2024-07-19
Pretty Observations First Seen2023-03-07 01:33:24 Last Seen2024-07-19 23:59:50 Times Seen1094 Hash 16caa856f664ac5cc1c32d6575b47796 35eea3d04b3e34ace8cb8162d2ee9ef95988ff19 0d104b78124bc9cede335899791af4e0c98eb238bbefa13e7a7738c5f37db74a Loading...

	#23 Eval - b2fb6f5ab73aeb194ca42605937c5b0c	384 B	2023-04-08	2023-06-14
Pretty Observations First Seen2023-04-08 03:35:16 Last Seen2023-06-14 09:26:27 Times Seen5 Hash b2fb6f5ab73aeb194ca42605937c5b0c 85468af98b50165a0032b8bb59064b8361b93e16 ee22c958792721e99f0d1d88ac4014f6940ab03567db720d0820853963605835 Loading...

	#24 Eval - 50a725249f5cffd5838750070d3ffb40	23 B	2023-03-07	2024-07-19
Pretty Observations First Seen2023-03-07 01:33:24 Last Seen2024-07-19 23:59:50 Times Seen582 Hash 50a725249f5cffd5838750070d3ffb40 29c3f47e68255a6f8a5a7a417e608ab2cab9be50 1a9d9f6f27079dbe69941d2ddb78833abca526aabda35d93bfc77c08005b8ec0 Loading...

	#25 Eval - 33fb7f5b7516fa0aa50ea9ce36cd6de6	380 B	2023-04-08	2023-06-14
Pretty Observations First Seen2023-04-08 03:35:16 Last Seen2023-06-14 09:26:27 Times Seen5 Hash 33fb7f5b7516fa0aa50ea9ce36cd6de6 b84691252f844f9bc937d20547f1b2f4ebc95c79 9113d55f6bf784af4a9231902de7d918cca6726c50fb287174fde227e649cc43 Loading...

	#26 Eval - 14d5ed5041bb7fc6577c66372f2aa799	24 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:04 Last Seen2024-07-27 04:03:03 Times Seen13191 Hash 14d5ed5041bb7fc6577c66372f2aa799 c38816db0aebc6ba8ba2bc6076384279b8331515 893fe12669f916947d99616b788aa245f8b45c5b8b34544df4114a6a789217ab Loading...

	#27 Eval - 2ea5bb53235de22ea35d5dc085bd56e6	23 B	2023-03-07	2024-07-19
Pretty Observations First Seen2023-03-07 01:33:24 Last Seen2024-07-19 23:59:51 Times Seen568 Hash 2ea5bb53235de22ea35d5dc085bd56e6 d216db17873ceecf532c8998ac43242ef60e29cd 0760792b4e735e7355617de4c55c95cb45c25144f3fdafdd45b7d6a066248eba Loading...

	#28 Eval - 350052386c44f930fe96151db3383ace	12 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:05 Last Seen2024-07-27 04:03:03 Times Seen23981 Hash 350052386c44f930fe96151db3383ace 9979e0947b58f29a711ad5afed356853b921e9ac bc1a6bd7f4ddbcd78987ea609d4595bdf2422cb1be9e85af5d6c199f62000d6c Loading...

HTTP Transactions (91)

	URL	IP	Response	Size
	fincen.org/	93.115.28.104		471 B
URL fincen.org/ IP 93.115.28.104:0 ASN #16125 UAB Cherry Servers File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (471), with no line terminators Size 471 B (471 bytes) Hash a13ec7d5c91a1c14564f43103670cbb8 e5dc77f17d4bedd4be6506de93bbf2d8ec1e6372 1751c69c783eb1be458caf443692a192ebc41f609ce91ddca0271e64278f771b HTTP Headers `GET / HTTP/1.1 Host: fincen.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile cache-control: max-age=0, private, must-revalidate connection: close content-length: 471 content-type: text/html; charset=utf-8 date: Wed, 14 Jun 2023 07:26:03 GMT server: nginx set-cookie: sid=b86d790a-0a84-11ee-abc0-aeded1442e73; path=/; domain=.fincen.org; expires=Mon, 02 Jul 2091 10:40:11 GMT; max-age=2147483647; HttpOnly`

	fincen.org/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY4NjczNDc2NCwiaWF0IjoxNjg2NzI3NTY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydGs3YmkzY2tvcjFmNTFjbW8wYTIwaTMiLCJuYmYiOjE2ODY3Mjc1NjQsInRzIjoxNjg2NzI3NTY0MTI2OTU1fQ.oEB5XfmxAdTbnLKQBylaSl8ZyPCTMnvOQkAlYteqisU&sid=b86d790a-0a84-11ee-abc0-aeded1442e73	93.115.28.104		11 B
URL fincen.org/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY4NjczNDc2NCwiaWF0IjoxNjg2NzI3NTY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydGs3YmkzY2tvcjFmNTFjbW8wYTIwaTMiLCJuYmYiOjE2ODY3Mjc1NjQsInRzIjoxNjg2NzI3NTY0MTI2OTU1fQ.oEB5XfmxAdTbnLKQBylaSl8ZyPCTMnvOQkAlYteqisU&sid=b86d790a-0a84-11ee-abc0-aeded1442e73 IP 93.115.28.104:0 ASN #16125 UAB Cherry Servers File type ASCII text, with no line terminators Size 11 B (11 bytes) Hash 32682312d17c7cbf18e73594f5570319 60e22121bdd0bc71cdb2bae2a3aa577006b2eae9 e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47 HTTP Headers GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY4NjczNDc2NCwiaWF0IjoxNjg2NzI3NTY0LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydGs3YmkzY2tvcjFmNTFjbW8wYTIwaTMiLCJuYmYiOjE2ODY3Mjc1NjQsInRzIjoxNjg2NzI3NTY0MTI2OTU1fQ.oEB5XfmxAdTbnLKQBylaSl8ZyPCTMnvOQkAlYteqisU&sid=b86d790a-0a84-11ee-abc0-aeded1442e73 HTTP/1.1 Host: fincen.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://fincen.org/ DNT: 1 Connection: keep-alive Cookie: sid=b86d790a-0a84-11ee-abc0-aeded1442e73 Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 302 Found cache-control: max-age=0, private, must-revalidate connection: close content-length: 11 date: Wed, 14 Jun 2023 07:26:04 GMT location: http://atala-apw.com/zcvisitor/b8c36cc6-0a84-11ee-9658-0a33353d5e8b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 server: nginx set-cookie: sid=b86d790a-0a84-11ee-abc0-aeded1442e73; path=/; domain=.fincen.org; expires=Mon, 02 Jul 2091 10:40:12 GMT; max-age=2147483647; HttpOnly`

	ocsp.r2m01.amazontrust.com/	54.230.80.227		471 B
URL ocsp.r2m01.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash ee8775fdc7665c0cf4f6639b97aa0fbf 841dd9a918c8b53d13be3ef1675d739cb622a63a 078cded0ddccccb62309935d64726d5e8516ee7139d3a74c1ecd542c06f887bf HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m01.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=7200 Date: Wed, 14 Jun 2023 07:26:05 GMT Last-Modified: Wed, 14 Jun 2023 06:33:59 GMT Server: ECAcc (nya/789D) X-Cache: Miss from cloudfront Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: iNJE4079L0U8kiPusYfhxvYvSFJSd7eYqmxR7P9JAvn8-CZd40i7ig== Age: 3126`

	atala-apw.com/zcvisitor/b8c36cc6-0a84-11ee-9658-0a33353d5e8b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51	54.235.102.182		1.1 kB
URL atala-apw.com/zcvisitor/b8c36cc6-0a84-11ee-9658-0a33353d5e8b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 IP 54.235.102.182:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 1.1 kB (1098 bytes) Hash 872e217fd60e17c95e11f2473e54e7f1 a59f9507186003caffda1aab6db478599b13f80e 51e724767e7ddf28889364a87c7cdc9735f82106a077cda356e114e21567dd35 HTTP Headers GET /zcvisitor/b8c36cc6-0a84-11ee-9658-0a33353d5e8b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 HTTP/1.1 Host: atala-apw.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://fincen.org/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 Date: Wed, 14 Jun 2023 07:26:05 GMT Content-Type: text/html;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag Server: kTdjcFPd

	atala-apw.com/zcredirect?visitid=b8c36cc6-0a84-11ee-9658-0a33353d5e8b&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false	52.86.6.42		350 B
URL atala-apw.com/zcredirect?visitid=b8c36cc6-0a84-11ee-9658-0a33353d5e8b&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false IP 52.86.6.42:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 350 B (350 bytes) Hash d5c3b9cbe4101629bc7b779972e20217 02b7062e260d40f6c8fc4ae4c7f7d07d4ef5778a 8ce0ff76bac9323330d3ec24eeada8b7a81d34e1404b2e67bbf4da6265f3219d HTTP Headers GET /zcredirect?visitid=b8c36cc6-0a84-11ee-9658-0a33353d5e8b&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false HTTP/1.1 Host: atala-apw.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://atala-apw.com/zcvisitor/b8c36cc6-0a84-11ee-9658-0a33353d5e8b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=4fb4e190-e7f9-11ec-be3c-128084d1ce51 DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 Date: Wed, 14 Jun 2023 07:26:06 GMT Content-Type: text/html;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag redirected: JS Server: QQelkkqm

	atala-apw.com/favicon.ico	52.86.6.42		653 B
URL atala-apw.com/favicon.ico IP 52.86.6.42:0 ASN #14618 AMAZON-AES File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators Size 653 B (653 bytes) Hash ba2732b1b2fa2626ffaa15f62f9e7d66 203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: atala-apw.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://atala-apw.com/zcredirect?visitid=b8c36cc6-0a84-11ee-9658-0a33353d5e8b&type=js&browserWidth=1280&browserHeight=1024&iframeDetected=false&webdriverDetected=false Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 404 Date: Wed, 14 Jun 2023 07:26:06 GMT Content-Type: text/html;charset=utf-8 Content-Length: 653 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline' Content-Language: en Server: VsOkJMgq`

	clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=xray-own-Yd7YrBfU	116.203.50.204		272 B
URL clever-redirect.com/s/r6?s=623619497&s2=badious-buzzard&s3=xray-own-Yd7YrBfU IP 116.203.50.204:0 ASN #24940 Hetzner Online GmbH File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators Size 272 B (272 bytes) Hash 3dbb4b732608e8687c11dfb2a2019705 230ecb638eec407ac6c001db8dc9edc45b755167 8e239915260f101da67a0a82f229980e72b7740b1bfed9106c9540cb5b9e38e8 HTTP Headers GET /s/r6?s=623619497&s2=badious-buzzard&s3=xray-own-Yd7YrBfU HTTP/1.1 Host: clever-redirect.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://atala-apw.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Wed, 14 Jun 2023 07:26:06 GMT Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k Referrer-Policy: no-referrer Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8`

	clever-redirect.com/s/rc?l=fd122ec27d78289fc21570b8eaccab33	116.203.50.204		349 B
URL clever-redirect.com/s/rc?l=fd122ec27d78289fc21570b8eaccab33 IP 116.203.50.204:0 ASN #24940 Hetzner Online GmbH File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (349), with no line terminators Size 349 B (349 bytes) Hash 53d6b4a35007e1a7260f7902c109afd9 21dbf53bd70d8c7723735c9a0e1f71140b4a9ca0 259f49d38a6092094644aea85c475bcd380a48560083bf0a26e22f64e953018c HTTP Headers GET /s/rc?l=fd122ec27d78289fc21570b8eaccab33 HTTP/1.1 Host: clever-redirect.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Wed, 14 Jun 2023 07:26:07 GMT Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k Referrer-Policy: no-referrer Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8`

	lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=farmasiet.no&s1=623619497&s2=badious-buzzard&s3=xray-own-Yd7YrBfU&s5=cf	5.9.110.29		618 B
URL lookandfind.me/s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=farmasiet.no&s1=623619497&s2=badious-buzzard&s3=xray-own-Yd7YrBfU&s5=cf IP 5.9.110.29:0 ASN #24940 Hetzner Online GmbH File type HTML document text\012- HTML document, ASCII text, with very long lines (618), with no line terminators Size 618 B (618 bytes) Hash 4a26aa651fa18af1e8ef5e7a8e3f327b a1694bb56b0b266c5312e38cc6d698dca532c139 68248542031064eec7c412d8c6afac9d153176ae6c12a1df6d53c86d63f83bcd HTTP Headers GET /s/a?t=10&f=1&u=f4bdb01fc36e3f720c2a963a770625c6&m=farmasiet.no&s1=623619497&s2=badious-buzzard&s3=xray-own-Yd7YrBfU&s5=cf HTTP/1.1 Host: lookandfind.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Date: Wed, 14 Jun 2023 07:26:07 GMT Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k X-Powered-By: PHP/8.1.17 Set-Cookie: 70754400394186725c8fd772a32647d3=ecb6c84e269e69d070f5b6972846971592da2896c03b96338dd84837b29e1f1ea%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2270754400394186725c8fd772a32647d3%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D; expires=Thu, 15-Jun-2023 07:26:07 GMT; Max-Age=86400; path=/; HttpOnly Referrer-Policy: strict-origin-when-cross-origin Access-Control-Allow-Origin: https://lookandfind.me Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8

	lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DZFFzYzA3OWpsYlA0Z2phY3F2ZHpZOFlEZ3k1ajhEZ1N4NGJBQkVLZ3VpVVV1WmRMZ1Q0Nk92VzE1UUl4cHJSdDFSZmM5QTRLbEorQzNKc2lVaEY4cEorTC8zOXBWZjM4Y1FpdXZralo2T0NKeEJoTlhZVE5NMUNyZnFXb2JyOUovNG9mUjJ5UEJwdDdBQ3pzTDhOZ0N4WmlsZXVVZkh1ZXE5S2ExeDNIYVkwc3ZUQT0%3D%26i%3DM%2F1weZAMXQxTW8Hi%26placementId%3D043c22a0dbe9372d3ef434bbc6af08be&h=5666ed7e38b2eca3fb3f397c1c4de237	5.9.110.29		544 B
URL lookandfind.me/s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DZFFzYzA3OWpsYlA0Z2phY3F2ZHpZOFlEZ3k1ajhEZ1N4NGJBQkVLZ3VpVVV1WmRMZ1Q0Nk92VzE1UUl4cHJSdDFSZmM5QTRLbEorQzNKc2lVaEY4cEorTC8zOXBWZjM4Y1FpdXZralo2T0NKeEJoTlhZVE5NMUNyZnFXb2JyOUovNG9mUjJ5UEJwdDdBQ3pzTDhOZ0N4WmlsZXVVZkh1ZXE5S2ExeDNIYVkwc3ZUQT0%3D%26i%3DM%2F1weZAMXQxTW8Hi%26placementId%3D043c22a0dbe9372d3ef434bbc6af08be&h=5666ed7e38b2eca3fb3f397c1c4de237 IP 5.9.110.29:0 ASN #24940 Hetzner Online GmbH File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (544), with no line terminators Size 544 B (544 bytes) Hash add2ac61e9ee25f32006e49ff4dc8409 c050381cc0b417cea1b0ef28ab4f8799f875e6ab 1654becea5b8a6a606713f3360dbdcc99d05035000753a803eed36730b7f473f HTTP Headers GET /s/r?u=https%3A%2F%2Fapi.yadore.com%2Fv2%2Fr%2Fdeeplink%3Fe%3DZFFzYzA3OWpsYlA0Z2phY3F2ZHpZOFlEZ3k1ajhEZ1N4NGJBQkVLZ3VpVVV1WmRMZ1Q0Nk92VzE1UUl4cHJSdDFSZmM5QTRLbEorQzNKc2lVaEY4cEorTC8zOXBWZjM4Y1FpdXZralo2T0NKeEJoTlhZVE5NMUNyZnFXb2JyOUovNG9mUjJ5UEJwdDdBQ3pzTDhOZ0N4WmlsZXVVZkh1ZXE5S2ExeDNIYVkwc3ZUQT0%3D%26i%3DM%2F1weZAMXQxTW8Hi%26placementId%3D043c22a0dbe9372d3ef434bbc6af08be&h=5666ed7e38b2eca3fb3f397c1c4de237 HTTP/1.1 Host: lookandfind.me User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Cookie: 70754400394186725c8fd772a32647d3=ecb6c84e269e69d070f5b6972846971592da2896c03b96338dd84837b29e1f1ea%3A2%3A%7Bi%3A0%3Bs%3A32%3A%2270754400394186725c8fd772a32647d3%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Date: Wed, 14 Jun 2023 07:26:07 GMT Server: Apache/2.4.37 (centos) OpenSSL/1.1.1k X-Powered-By: PHP/8.1.17 Referrer-Policy: strict-origin-when-cross-origin Access-Control-Allow-Origin: https://lookandfind.me Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8`

	ocsp.r2m02.amazontrust.com/	54.230.80.227		471 B
URL ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 094f806ce6a3b0d3a47aae09b8f17596 7646a8af3dd707ac1412bb2de219759575289657 ef1f90ab3f75e08c24d9f08f6f608ed39ca0b51d8f4d7acb78fe904ca0e88eb6 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=7200 Date: Wed, 14 Jun 2023 07:26:08 GMT Last-Modified: Wed, 14 Jun 2023 05:51:42 GMT Server: ECAcc (bsa/EAE4) X-Cache: Miss from cloudfront Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: RLf_ciTUDW0nrXfGrb984mhzwva4jiKWiH3zDUgfLTJnojcRwu1Pkg== Age: 5666`

	api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffarmasiet.no%2F&custom1=e4d70e7abb101d4f428cdc383c14db9712314dae77b43284a475ff8d53b8c292&custom2=SRdytlITOR16&custom3=false&originReferer=https%253A%252F%252Flookandfind.me%252F	54.230.111.57		35 kB
URL api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffarmasiet.no%2F&custom1=e4d70e7abb101d4f428cdc383c14db9712314dae77b43284a475ff8d53b8c292&custom2=SRdytlITOR16&custom3=false&originReferer=https%253A%252F%252Flookandfind.me%252F IP 54.230.111.57:0 ASN #16509 AMAZON-02 File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12878) Size 35 kB (35314 bytes) Hash 39d82d5acb6028a13c914f92bd530988 e5234bf41207f73e1c64c8f6f80047f0f6a7039b 706c449b19e9ff42ac8a23ef5a36193e9d289b25ee6627da1acc5b14f1d7a9a2 HTTP Headers GET /publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffarmasiet.no%2F&custom1=e4d70e7abb101d4f428cdc383c14db9712314dae77b43284a475ff8d53b8c292&custom2=SRdytlITOR16&custom3=false&originReferer=https%253A%252F%252Flookandfind.me%252F HTTP/1.1 Host: api.kelkoogroup.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://lookandfind.me/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html; charset=UTF-8 content-length: 35314 leadid: 629D01H2WCRB10FFTM0165STD1Y2W0 clickid: 107698147_1686727568340_1102312 country: no accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory set-cookie: datadome=oW~AV4xe1Q23FYvXR5dOQ9YDLOPBJpXZbOVVQ2g7KEGrkSkHZrB34RHoRrFzU3-mkW48MnM3RIU2_44tYLDjX1EQMZP39O3tUOEwPuJDJPSD3~-OoosYt~upIUI9DQD; Max-Age=31536000; Expires=Thu, 13 Jun 2024 07:26:08 GMT; SameSite=Lax; Path=/; Domain=.kelkoo.net; Secure kelkooID=a4c6293-188b8cc2bd4-3cf86; Max-Age=31536000; Expires=Thu, 13 Jun 2024 07:26:08 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly x-datadome: protected request-time: PT0.080774S x-robots-tag: noindex,nofollow referrer-policy: origin-when-cross-origin x-frame-options: DENY x-xss-protection: 1; mode=block x-content-type-options: nosniff content-security-policy: frame-ancestors 'none' x-permitted-cross-domain-policies: master-only date: Wed, 14 Jun 2023 07:26:08 GMT x-gravitee-transaction-id: c6a46a0a-f33c-4d22-a46a-0af33c7d22af x-gravitee-request-id: c6a46a0a-f33c-4d22-a46a-0af33c7d22af x-cache: Miss from cloudfront via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: Ayaf4bMF8BxwIHaIK5RQW6wbZvPTIDQvhx5w731zxFxyZPjfex1xrg== X-Firefox-Spdy: h2

	status.thawte.com/	192.229.221.95		471 B
URL status.thawte.com/ IP 192.229.221.95:0 ASN #15133 EDGECAST File type data Size 471 B (471 bytes) Hash 6e25d97a0cf6278ff48f65488c4f7908 7d57c868f6b3fd4260daedd3cf16ea141086252a 4fc9011a7c703120cd295c996aaabbdebf94e7a939351058a77aa96b2b1eae28 HTTP Headers `POST / HTTP/1.1 Host: status.thawte.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Accept-Ranges: bytes Age: 6186 Cache-Control: max-age=7200 Content-Type: application/ocsp-response Date: Wed, 14 Jun 2023 07:26:08 GMT Last-Modified: Wed, 14 Jun 2023 05:43:02 GMT Server: ECAcc (ska/F6D2) X-Cache: HIT Content-Length: 471`

	api.yadore.com/v2/r/deeplink?e=ZFFzYzA3OWpsYlA0Z2phY3F2ZHpZOFlEZ3k1ajhEZ1N4NGJBQkVLZ3VpVVV1WmRMZ1Q0Nk92VzE1UUl4cHJSdDFSZmM5QTRLbEorQzNKc2lVaEY4cEorTC8zOXBWZjM4Y1FpdXZralo2T0NKeEJoTlhZVE5NMUNyZnFXb2JyOUovNG9mUjJ5UEJwdDdBQ3pzTDhOZ0N4WmlsZXVVZkh1ZXE5S2ExeDNIYVkwc3ZUQT0=&i=M/1weZAMXQxTW8Hi&placementId=043c22a0dbe9372d3ef434bbc6af08be	88.99.112.2		58 kB
URL api.yadore.com/v2/r/deeplink?e=ZFFzYzA3OWpsYlA0Z2phY3F2ZHpZOFlEZ3k1ajhEZ1N4NGJBQkVLZ3VpVVV1WmRMZ1Q0Nk92VzE1UUl4cHJSdDFSZmM5QTRLbEorQzNKc2lVaEY4cEorTC8zOXBWZjM4Y1FpdXZralo2T0NKeEJoTlhZVE5NMUNyZnFXb2JyOUovNG9mUjJ5UEJwdDdBQ3pzTDhOZ0N4WmlsZXVVZkh1ZXE5S2ExeDNIYVkwc3ZUQT0=&i=M/1weZAMXQxTW8Hi&placementId=043c22a0dbe9372d3ef434bbc6af08be IP 88.99.112.2:0 ASN #24940 Hetzner Online GmbH File type gzip compressed data, from Unix\012- data Size 58 kB (57540 bytes) Hash d22000dc98bdd1da8af36cd2ca026b53 44cd32d62c537de79480f22b43dba700e4df9511 18d6cd44c2ecd0425f5a4ea60b3c4d8a41f9ae686de371809c9f9cbf2e5c3e7e HTTP Headers GET /v2/r/deeplink?e=ZFFzYzA3OWpsYlA0Z2phY3F2ZHpZOFlEZ3k1ajhEZ1N4NGJBQkVLZ3VpVVV1WmRMZ1Q0Nk92VzE1UUl4cHJSdDFSZmM5QTRLbEorQzNKc2lVaEY4cEorTC8zOXBWZjM4Y1FpdXZralo2T0NKeEJoTlhZVE5NMUNyZnFXb2JyOUovNG9mUjJ5UEJwdDdBQ3pzTDhOZ0N4WmlsZXVVZkh1ZXE5S2ExeDNIYVkwc3ZUQT0=&i=M/1weZAMXQxTW8Hi&placementId=043c22a0dbe9372d3ef434bbc6af08be HTTP/1.1 Host: api.yadore.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://lookandfind.me/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 302 Found content-type: text/html; charset=UTF-8 date: Wed, 14 Jun 2023 07:26:08 GMT location: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffarmasiet.no%2F&custom1=e4d70e7abb101d4f428cdc383c14db9712314dae77b43284a475ff8d53b8c292&custom2=SRdytlITOR16&custom3=false&originReferer=https%253A%252F%252Flookandfind.me%252F server: nginx x-powered-by: PHP/8.0.28 X-Firefox-Spdy: h2`

	no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af224d4a7372281fbc88cf51939ce2cde0a54a2f5de6c65f5cc27f02555a1d4194b347c019214ca7dbd733da63ee57172d8865b450bb6d81153ba0de9a5ff33f49a0729d879de02c4ee46831e17f9e2b933b0f6003c5478e07dc506f9ec8f0cd91ebf516591af5400b981811c56e3540ceeadd9680526073db8c0e65b28b9524b2fd58b73d05c4c82ba920ab9fa4fc52732f9eee9104176a14805ce145609cc0dd7f27260e46fe0c40a79e6088ffbf2240c43d32f3eca8457012da222cb4aa818c2693f65bb6c0962a7c47b2dc1e1eb9bcfcd33e9be79aef96ee213ee09bdf459ae839f6f7a8a94e17c458cfb2eaa6ac33857d35f6b60d98459e2f6b0162a5fabff5d42f16b16cbb6adb7c4efceed52cd64217a5a181229ac6cc10c5456f36078f3ff1be2c3b25dda0ddf128c41e015c9e7269759a946011561e48a226de55c5818999a611979d07b76537d40aaabd8673f4c3e526b45afdc272	95.211.116.26		68 B
URL no-go.kelkoogroup.net/assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af224d4a7372281fbc88cf51939ce2cde0a54a2f5de6c65f5cc27f02555a1d4194b347c019214ca7dbd733da63ee57172d8865b450bb6d81153ba0de9a5ff33f49a0729d879de02c4ee46831e17f9e2b933b0f6003c5478e07dc506f9ec8f0cd91ebf516591af5400b981811c56e3540ceeadd9680526073db8c0e65b28b9524b2fd58b73d05c4c82ba920ab9fa4fc52732f9eee9104176a14805ce145609cc0dd7f27260e46fe0c40a79e6088ffbf2240c43d32f3eca8457012da222cb4aa818c2693f65bb6c0962a7c47b2dc1e1eb9bcfcd33e9be79aef96ee213ee09bdf459ae839f6f7a8a94e17c458cfb2eaa6ac33857d35f6b60d98459e2f6b0162a5fabff5d42f16b16cbb6adb7c4efceed52cd64217a5a181229ac6cc10c5456f36078f3ff1be2c3b25dda0ddf128c41e015c9e7269759a946011561e48a226de55c5818999a611979d07b76537d40aaabd8673f4c3e526b45afdc272 IP 95.211.116.26:0 ASN #60781 LeaseWeb Netherlands B.V. File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data Size 68 B (68 bytes) Hash 91e42db1c66c0b276abf6234dc50b2eb c1986af3c26609b8b7d8933f99c51c1a89e9ea6b 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058 HTTP Headers GET /assets/images/p.png?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af224d4a7372281fbc88cf51939ce2cde0a54a2f5de6c65f5cc27f02555a1d4194b347c019214ca7dbd733da63ee57172d8865b450bb6d81153ba0de9a5ff33f49a0729d879de02c4ee46831e17f9e2b933b0f6003c5478e07dc506f9ec8f0cd91ebf516591af5400b981811c56e3540ceeadd9680526073db8c0e65b28b9524b2fd58b73d05c4c82ba920ab9fa4fc52732f9eee9104176a14805ce145609cc0dd7f27260e46fe0c40a79e6088ffbf2240c43d32f3eca8457012da222cb4aa818c2693f65bb6c0962a7c47b2dc1e1eb9bcfcd33e9be79aef96ee213ee09bdf459ae839f6f7a8a94e17c458cfb2eaa6ac33857d35f6b60d98459e2f6b0162a5fabff5d42f16b16cbb6adb7c4efceed52cd64217a5a181229ac6cc10c5456f36078f3ff1be2c3b25dda0ddf128c41e015c9e7269759a946011561e48a226de55c5818999a611979d07b76537d40aaabd8673f4c3e526b45afdc272 HTTP/1.1 Host: no-go.kelkoogroup.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://api.kelkoogroup.net/ DNT: 1 Connection: keep-alive Cookie: kelkooID=a4c6293-188b8cc2bd4-3cf86 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK leadId: 629D01H2WCRB10FFTM0165STD1Y2W0 clickId: 107698147_1686727568340_1102312 country: no Request-Time: PT0.00167S X-Robots-Tag: noindex,nofollow Cache-Control: private, must-revalidate Referrer-Policy: origin-when-cross-origin X-Frame-Options: ALLOWALL X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: master-only Date: Wed, 14 Jun 2023 07:26:08 GMT Content-Type: image/png Content-Length: 68`

	no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af224d4a7372281fbc88cf51939ce2cde0a54a2f5de6c65f5cc27f02555a1d4194b347c019214ca7dbd733da63ee57172d8865b450bb6d81153ba0de9a5ff33f49a0729d879de02c4ee46831e17f9e2b933b0f6003c5478e07dc506f9ec8f0cd91ebf516591af5400b981811c56e3540ceeadd9680526073db8c0e65b28b9524b2fd58b73d05c4c82ba920ab9fa4fc52732f9eee9104176a14805ce145609cc0dd7f27260e46fe0c40a79e6088ffbf2240c43d32f3eca8457012da222cb4aa818c2693f65bb6c0962a7c47b2dc1e1eb9bcfcd33e9be79aef96ee213ee09bdf459ae839f6f7a8a94e17c458cfb2eaa6ac33857d35f6b60d98459e2f6b0162a5fabff5d42f16b16cbb6adb7c4efceed52cd64217a5a181229ac6cc10c5456f36078f3ff1be2c3b25dda0ddf128c41e015c9e7269759a946011561e48a226de55c5818999a611979d07b76537d40aaabd8673f4c3e526b45afdc272	95.211.116.26		0 B
URL no-go.kelkoogroup.net/fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af224d4a7372281fbc88cf51939ce2cde0a54a2f5de6c65f5cc27f02555a1d4194b347c019214ca7dbd733da63ee57172d8865b450bb6d81153ba0de9a5ff33f49a0729d879de02c4ee46831e17f9e2b933b0f6003c5478e07dc506f9ec8f0cd91ebf516591af5400b981811c56e3540ceeadd9680526073db8c0e65b28b9524b2fd58b73d05c4c82ba920ab9fa4fc52732f9eee9104176a14805ce145609cc0dd7f27260e46fe0c40a79e6088ffbf2240c43d32f3eca8457012da222cb4aa818c2693f65bb6c0962a7c47b2dc1e1eb9bcfcd33e9be79aef96ee213ee09bdf459ae839f6f7a8a94e17c458cfb2eaa6ac33857d35f6b60d98459e2f6b0162a5fabff5d42f16b16cbb6adb7c4efceed52cd64217a5a181229ac6cc10c5456f36078f3ff1be2c3b25dda0ddf128c41e015c9e7269759a946011561e48a226de55c5818999a611979d07b76537d40aaabd8673f4c3e526b45afdc272 IP 95.211.116.26:0 ASN #60781 LeaseWeb Netherlands B.V. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers POST /fp?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af224d4a7372281fbc88cf51939ce2cde0a54a2f5de6c65f5cc27f02555a1d4194b347c019214ca7dbd733da63ee57172d8865b450bb6d81153ba0de9a5ff33f49a0729d879de02c4ee46831e17f9e2b933b0f6003c5478e07dc506f9ec8f0cd91ebf516591af5400b981811c56e3540ceeadd9680526073db8c0e65b28b9524b2fd58b73d05c4c82ba920ab9fa4fc52732f9eee9104176a14805ce145609cc0dd7f27260e46fe0c40a79e6088ffbf2240c43d32f3eca8457012da222cb4aa818c2693f65bb6c0962a7c47b2dc1e1eb9bcfcd33e9be79aef96ee213ee09bdf459ae839f6f7a8a94e17c458cfb2eaa6ac33857d35f6b60d98459e2f6b0162a5fabff5d42f16b16cbb6adb7c4efceed52cd64217a5a181229ac6cc10c5456f36078f3ff1be2c3b25dda0ddf128c41e015c9e7269759a946011561e48a226de55c5818999a611979d07b76537d40aaabd8673f4c3e526b45afdc272 HTTP/1.1 Host: no-go.kelkoogroup.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://api.kelkoogroup.net/ Content-Type: text/plain;charset=utf-8 Content-Length: 524 Origin: https://api.kelkoogroup.net DNT: 1 Connection: keep-alive Cookie: kelkooID=a4c6293-188b8cc2bd4-3cf86; _ga=GA1.2.1131376255.1686727567; _gid=GA1.2.1221396806.1686727567 Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site `HTTP/1.1 200 OK leadId: 629D01H2WCRB10FFTM0165STD1Y2W0 clickId: 107698147_1686727568340_1102312 country: no Request-Time: PT0.003647S X-Robots-Tag: noindex,nofollow Referrer-Policy: origin-when-cross-origin X-Frame-Options: ALLOWALL X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: master-only Date: Wed, 14 Jun 2023 07:26:08 GMT Content-Type: text/plain; charset=UTF-8 Content-Length: 0`

	api.kelkoogroup.net/favicon.ico	54.230.111.57		40 B
URL api.kelkoogroup.net/favicon.ico IP 54.230.111.57:0 ASN #16509 AMAZON-02 File type ASCII text, with no line terminators Size 40 B (40 bytes) Hash 93eb2a33fca1bed122be55e52dbcb18b f75a657d84bec6cc3f180ac194af3d21da9fe7bf d08874f7931c8d35c1ca54fcc0de50c9a267a0036c61626bc420610186bbacfa HTTP Headers GET /favicon.ico HTTP/1.1 Host: api.kelkoogroup.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://api.kelkoogroup.net/publisher/shopping/v2/link-monetizer/link?country=no&id=e4ef5dec-03eb-11eb-bf21-ba5ec25d7100&merchantUrl=https%3A%2F%2Ffarmasiet.no%2F&custom1=e4d70e7abb101d4f428cdc383c14db9712314dae77b43284a475ff8d53b8c292&custom2=SRdytlITOR16&custom3=false&originReferer=https%253A%252F%252Flookandfind.me%252F DNT: 1 Connection: keep-alive Cookie: kelkooID=a4c6293-188b8cc2bd4-3cf86; _ga=GA1.2.1131376255.1686727567; _gid=GA1.2.1221396806.1686727567 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 404 Not Found content-type: text/plain content-length: 40 date: Wed, 14 Jun 2023 07:26:09 GMT x-cnection: close x-cache: Error from cloudfront via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: PgSa5HZf5e57h0TnhbfwTiycfFwhAqBimvJg7q9o1xdmWxQln4ahUg== X-Firefox-Spdy: h2`

	no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af224d4a7372281fbc88cf51939ce2cde0a54a2f5de6c65f5cc27f02555a1d4194b347c019214ca7dbd733da63ee57172d8865b450bb6d81153ba0de9a5ff33f49a0729d879de02c4ee46831e17f9e2b933b0f6003c5478e07dc506f9ec8f0cd91ebf516591af5400b981811c56e3540ceeadd9680526073db8c0e65b28b9524b2fd58b73d05c4c82ba920ab9fa4fc52732f9eee9104176a14805ce145609cc0dd7f27260e46fe0c40a79e6088ffbf2240c43d32f3eca8457012da222cb4aa818c2693f65bb6c0962a7c47b2dc1e1eb9bcfcd33e9be79aef96ee213ee09bdf459ae839f6f7a8a94e17c458cfb2eaa6ac33857d35f6b60d98459e2f6b0162a5fabff5d42f16b16cbb6adb7c4efceed52cd64217a5a181229ac6cc10c5456f36078f3ff1be2c3b25dda0ddf128c41e015c9e7269759a946011561e48a226de55c5818999a611979d07b76537d40aaabd8673f4c3e526b45afdc272&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01H2WCRB10FFTM0165STD1Y2W0%26url%3Dhttps%253A%252F%252Ffarmasiet.no%252F	95.211.116.26		0 B
URL no-go.kelkoogroup.net/redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af224d4a7372281fbc88cf51939ce2cde0a54a2f5de6c65f5cc27f02555a1d4194b347c019214ca7dbd733da63ee57172d8865b450bb6d81153ba0de9a5ff33f49a0729d879de02c4ee46831e17f9e2b933b0f6003c5478e07dc506f9ec8f0cd91ebf516591af5400b981811c56e3540ceeadd9680526073db8c0e65b28b9524b2fd58b73d05c4c82ba920ab9fa4fc52732f9eee9104176a14805ce145609cc0dd7f27260e46fe0c40a79e6088ffbf2240c43d32f3eca8457012da222cb4aa818c2693f65bb6c0962a7c47b2dc1e1eb9bcfcd33e9be79aef96ee213ee09bdf459ae839f6f7a8a94e17c458cfb2eaa6ac33857d35f6b60d98459e2f6b0162a5fabff5d42f16b16cbb6adb7c4efceed52cd64217a5a181229ac6cc10c5456f36078f3ff1be2c3b25dda0ddf128c41e015c9e7269759a946011561e48a226de55c5818999a611979d07b76537d40aaabd8673f4c3e526b45afdc272&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01H2WCRB10FFTM0165STD1Y2W0%26url%3Dhttps%253A%252F%252Ffarmasiet.no%252F IP 95.211.116.26:0 ASN #60781 LeaseWeb Netherlands B.V. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /redirect?country=no&k=612f7a9541cd6ea61eb554c0e4cff43751c4e6ff4b34703f59267ef246260421ffe940a20aebd8854c374c9166d3f94caa8844910c81593b5cf37a8b6c51689154f9f9be5469b66c3942661dfe69af224d4a7372281fbc88cf51939ce2cde0a54a2f5de6c65f5cc27f02555a1d4194b347c019214ca7dbd733da63ee57172d8865b450bb6d81153ba0de9a5ff33f49a0729d879de02c4ee46831e17f9e2b933b0f6003c5478e07dc506f9ec8f0cd91ebf516591af5400b981811c56e3540ceeadd9680526073db8c0e65b28b9524b2fd58b73d05c4c82ba920ab9fa4fc52732f9eee9104176a14805ce145609cc0dd7f27260e46fe0c40a79e6088ffbf2240c43d32f3eca8457012da222cb4aa818c2693f65bb6c0962a7c47b2dc1e1eb9bcfcd33e9be79aef96ee213ee09bdf459ae839f6f7a8a94e17c458cfb2eaa6ac33857d35f6b60d98459e2f6b0162a5fabff5d42f16b16cbb6adb7c4efceed52cd64217a5a181229ac6cc10c5456f36078f3ff1be2c3b25dda0ddf128c41e015c9e7269759a946011561e48a226de55c5818999a611979d07b76537d40aaabd8673f4c3e526b45afdc272&url=https%3A%2F%2Fpdt.tradedoubler.com%2Fclick%3Fa%3D332280%26p%3D302669%26epi%3D629D01H2WCRB10FFTM0165STD1Y2W0%26url%3Dhttps%253A%252F%252Ffarmasiet.no%252F HTTP/1.1 Host: no-go.kelkoogroup.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://api.kelkoogroup.net/ DNT: 1 Connection: keep-alive Cookie: kelkooID=a4c6293-188b8cc2bd4-3cf86; _ga=GA1.2.1131376255.1686727567; _gid=GA1.2.1221396806.1686727567 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 303 See Other leadId: 629D01H2WCRB10FFTM0165STD1Y2W0 clickId: 107698147_1686727568340_1102312 country: no Location: https://pdt.tradedoubler.com/click?a=332280&p=302669&epi=629D01H2WCRB10FFTM0165STD1Y2W0&url=https%3A%2F%2Ffarmasiet.no%2F Accept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory Set-Cookie: datadome=2Kg-RdDGUNcBw-BwqgN7Hn2YM-g5-88wz53hKapvxYNzoZHMlxnbY8Gtn13uPBIQBmNsYYaaMVBGyJYAsW~lp1uus1oYs~mulX9rhJajKzzzAp3NZORBrNH0Ltn_jM6z; Max-Age=31536000; Expires=Thu, 13 Jun 2024 07:26:09 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure X-DataDome: protected Request-Time: PT0.011096S X-Robots-Tag: noindex,nofollow Referrer-Policy: origin-when-cross-origin X-Frame-Options: ALLOWALL X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: master-only Date: Wed, 14 Jun 2023 07:26:09 GMT Content-Length: 0

	pdt.tradedoubler.com/click?a=332280&p=302669&epi=629D01H2WCRB10FFTM0165STD1Y2W0&url=https%3A%2F%2Ffarmasiet.no%2F	35.186.231.97	302 Found	1.0 kB
URL User Request POST HTTP/3 pdt.tradedoubler.com/click?a=332280&p=302669&epi=629D01H2WCRB10FFTM0165STD1Y2W0&url=https%3A%2F%2Ffarmasiet.no%2F IP 35.186.231.97:443 ASN #15169 GOOGLE Certificate IssuerLet's Encrypt Subject.tradedoubler.com Fingerprint26:2D:49:FB:62:82:F6:12:37:19:C4:1A:2D:AF:69:65:22:60:EE:67 ValidityThu, 11 May 2023 02:27:44 GMT - Wed, 09 Aug 2023 02:27:43 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (405) Size 1.0 kB (1023 bytes) Hash 50b1120830bc91f3003a1f3e4f46902e 0ae8fb89a915b774955e68a56754b4643badb7a4 733c38f1c0950834918dc18aee7b5847831a23a4785323dbdf2cdbe35def912f HTTP Headers GET /click?a=332280&p=302669&epi=629D01H2WCRB10FFTM0165STD1Y2W0&url=https%3A%2F%2Ffarmasiet.no%2F HTTP/1.1 Host: pdt.tradedoubler.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://api.kelkoogroup.net/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK content-type: text/html; charset=ISO-8859-1 server: TXServerHttp access-control-allow-origin: cache-control: private, max-age=0 pragma: no-cache p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR" referrer-policy: origin date: Wed, 14 Jun 2023 07:26:08 GMT content-length: 1023 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	vht.tradedoubler.com/fp/prefs.js	54.230.111.48		3.6 kB
URL vht.tradedoubler.com/fp/prefs.js IP 54.230.111.48:0 ASN #16509 AMAZON-02 File type ASCII text, with very long lines (563) Size 3.6 kB (3598 bytes) Hash 1df1e33a4afce463352eb73cb33b8994 1146c4f43ccda5c07cbb21ff958a1ff84545ddd1 e88544a0b333b266c598a72cdef1ffb8cefbc24df90efef83c8f046df08967ce HTTP Headers `GET /fp/prefs.js HTTP/1.1 Host: vht.tradedoubler.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pdt.tradedoubler.com/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: application/javascript Content-Length: 3598 Connection: keep-alive Server: Apache Strict-Transport-Security: max-age=31536000 Last-Modified: Thu, 01 Jun 2023 10:47:07 GMT Accept-Ranges: bytes Content-Encoding: gzip Date: Thu, 08 Jun 2023 10:48:54 GMT Vary: Accept-Encoding X-Cache: Hit from cloudfront Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: S3xg2wtkKubRqkDKOok0T7IMwTZvRIk3eLJwiSIYc8Cy9tqQadYOWA== Age: 506235 X-XSS-Protection: 1; mode=block Referrer-Policy: strict-origin-when-cross-origin X-Content-Type-Options: nosniff

	pdt.tradedoubler.com/click?a=332280&p=302669&epi=629D01H2WCRB10FFTM0165STD1Y2W0&url=https%3A%2F%2Ffarmasiet.no%2F	35.186.231.97	302 Found	854 B
URL User Request POST HTTP/3 pdt.tradedoubler.com/click?a=332280&p=302669&epi=629D01H2WCRB10FFTM0165STD1Y2W0&url=https%3A%2F%2Ffarmasiet.no%2F IP 35.186.231.97:443 ASN #15169 GOOGLE Certificate IssuerLet's Encrypt Subject.tradedoubler.com Fingerprint26:2D:49:FB:62:82:F6:12:37:19:C4:1A:2D:AF:69:65:22:60:EE:67 ValidityThu, 11 May 2023 02:27:44 GMT - Wed, 09 Aug 2023 02:27:43 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (854), with no line terminators Size 854 B (854 bytes) Hash 888486cec3c7fbc9f9cc4e01411300b8 4cf7cf6a12c0788c9b63730c63bada39ab1a07d9 38ccfda882e6416e34ac4b569b08b3cd9e6ba446274cbb85dbe0e8ef8d7f1a37 HTTP Headers POST /click?a=332280&p=302669&epi=629D01H2WCRB10FFTM0165STD1Y2W0&url=https%3A%2F%2Ffarmasiet.no%2F HTTP/1.1 Host: pdt.tradedoubler.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pdt.tradedoubler.com/ Content-Type: application/x-www-form-urlencoded Content-Length: 369 Origin: https://pdt.tradedoubler.com DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 302 Found location: https://redirects.tradedoubler.com/projectr/?utm_source=Tradedoubler_td_KEEP_NEWEST&utm_medium=Affiliate_td_KEEP_NEWEST&utm_campaign=Kelkoo_td_ifelse=preprod.td_stringhttps://farmasiet.no/td_true&_td_url=https://preprod.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&_td_deeplink=https://farmasiet.no/td_false_td_ifelse=int.farmasiettd_stringhttps://farmasiet.no/td_true&_td_url=https://int.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&_td_deeplink=https://farmasiet.no/td_false&_td_url=https://www.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&_td_deeplink=https://farmasiet.no/ set-cookie: EH_0=1z11z1z11Yz1I4XuDz1O4TyaFmhtxdyF0wCKtnFg.B7u4GLbAxgGJFm9TUMsd6YPhbJ.nvmOPFIPne_g7HNZSMmDPYNo.lDX7KV.4I1QYhDBURS6uAbHdCfLbaGNoSqu_;expires=Thu, 13-Jun-2024 07:26:09 GMT;path=/;domain=.tradedoubler.com GUID=1z11zz11YzalDsQz3446258a1b709c718c056e842090ff8f;expires=Thu, 13-Jun-2024 07:26:09 GMT;path=/;domain=.tradedoubler.com TradeDoublerGUID=3446258a1b709c718c056e842090ff8f;expires=Thu, 13-Jun-2024 07:26:09 GMT;path=/;domain=.tradedoubler.com server: TXServerHttp access-control-allow-origin: cache-control: private, max-age=0 pragma: no-cache p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR" referrer-policy: origin date: Wed, 14 Jun 2023 07:26:09 GMT content-length: 854 content-type: text/html; charset=ISO-8859-1 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	pdt.tradedoubler.com/favicon.ico	35.186.231.97		193 B
URL pdt.tradedoubler.com/favicon.ico IP 35.186.231.97:0 ASN #15169 GOOGLE Certificate IssuerLet's Encrypt Subject.tradedoubler.com Fingerprint26:2D:49:FB:62:82:F6:12:37:19:C4:1A:2D:AF:69:65:22:60:EE:67 ValidityThu, 11 May 2023 02:27:44 GMT - Wed, 09 Aug 2023 02:27:43 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators Size 193 B (193 bytes) Hash 523cbcb278f348bbe64563fe4cc9f435 5a436481b66ccb6dff53c5e1a14c08ef0b4a8e4b 37b6ca25983f4126bd10c135684bc8f421c8b48a5bdb75b5ad69c849035a84f4 HTTP Headers GET /favicon.ico HTTP/1.1 Host: pdt.tradedoubler.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pdt.tradedoubler.com/ DNT: 1 Connection: keep-alive Cookie: EH_0=1z11z1z11Yz1I4XuDz1O4TyaFmhtxdyF0wCKtnFg.B7u4GLbAxgGJFm9TUMsd6YPhbJ.nvmOPFIPne_g7HNZSMmDPYNo.lDX7KV.4I1QYhDBURS6uAbHdCfLbaGNoSqu_; GUID=1z11zz11YzalDsQz3446258a1b709c718c056e842090ff8f; TradeDoublerGUID=3446258a1b709c718c056e842090ff8f Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/3 404 Not Found date: Wed, 14 Jun 2023 07:26:09 GMT content-length: 193 content-type: text/html; charset=ISO-8859-1 via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000`

	ocsp.r2m02.amazontrust.com/	54.230.80.227		471 B
URL ocsp.r2m02.amazontrust.com/ IP 54.230.80.227:0 ASN #16509 AMAZON-02 File type data Size 471 B (471 bytes) Hash 94912e07166df79a1cffc6c105b7619e abd49e253a91c21d41ba334b15d442bb660f6845 60604ebee4be081705f7c439cf680e8521389ad696031f7042c6ad9888fcd4a1 HTTP Headers `POST / HTTP/1.1 Host: ocsp.r2m02.amazontrust.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Content-Length: 471 Connection: keep-alive Accept-Ranges: bytes Cache-Control: max-age=7200 Date: Wed, 14 Jun 2023 07:26:09 GMT Last-Modified: Wed, 14 Jun 2023 05:38:29 GMT Server: ECAcc (nya/796A) X-Cache: Miss from cloudfront Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) X-Amz-Cf-Pop: OSL50-P1 X-Amz-Cf-Id: 2dPhjiqFy-zGr5tuK5zW1KAjhutmyHoleR5j8hYekqWh3Wlx7ijpVQ== Age: 6460`

	redirects.tradedoubler.com/projectr/?utm_source=Tradedoubler_td_KEEP_NEWEST&utm_medium=Affiliate_td_KEEP_NEWEST&utm_campaign=Kelkoo_td_ifelse=preprod.td_stringhttps://farmasiet.no/td_true&_td_url=https://preprod.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&_td_deeplink=https://farmasiet.no/td_false_td_ifelse=int.farmasiettd_stringhttps://farmasiet.no/td_true&_td_url=https://int.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&_td_deeplink=https://farmasiet.no/td_false&_td_url=https://www.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&_td_deeplink=https://farmasiet.no/	34.255.115.11	302 Found	1 B
URL User Request GET HTTP/1.1 redirects.tradedoubler.com/projectr/?utm_source=Tradedoubler_td_KEEP_NEWEST&utm_medium=Affiliate_td_KEEP_NEWEST&utm_campaign=Kelkoo_td_ifelse=preprod.td_stringhttps://farmasiet.no/td_true&_td_url=https://preprod.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&_td_deeplink=https://farmasiet.no/td_false_td_ifelse=int.farmasiettd_stringhttps://farmasiet.no/td_true&_td_url=https://int.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&_td_deeplink=https://farmasiet.no/td_false&_td_url=https://www.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&_td_deeplink=https://farmasiet.no/ IP 34.255.115.11:443 ASN #16509 AMAZON-02 Certificate IssuerAmazon Subject.tradedoubler.com Fingerprint47:8C:25:D8:BA:91:57:D5:D7:EB:D3:48:88:27:A0:7C:DB:2E:D4:C3 ValidityThu, 09 Feb 2023 00:00:00 GMT - Fri, 06 Oct 2023 23:59:59 GMT File type very short file (no magic) Size 1 B (1 bytes) Hash 7215ee9c7d9dc229d2921a40e899ec5f b858cb282617fb0956d960215c8e84d1ccf909c6 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 HTTP Headers GET /projectr/?utm_source=Tradedoubler_td_KEEP_NEWEST&utm_medium=Affiliate_td_KEEP_NEWEST&utm_campaign=Kelkoo_td_ifelse=preprod.td_stringhttps://farmasiet.no/td_true&_td_url=https://preprod.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&_td_deeplink=https://farmasiet.no/td_false_td_ifelse=int.farmasiettd_stringhttps://farmasiet.no/td_true&_td_url=https://int.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&_td_deeplink=https://farmasiet.no/td_false&_td_url=https://www.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&_td_deeplink=https://farmasiet.no/ HTTP/1.1 Host: redirects.tradedoubler.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pdt.tradedoubler.com/ DNT: 1 Connection: keep-alive Cookie: EH_0=1z11z1z11Yz1I4XuDz1O4TyaFmhtxdyF0wCKtnFg.B7u4GLbAxgGJFm9TUMsd6YPhbJ.nvmOPFIPne_g7HNZSMmDPYNo.lDX7KV.4I1QYhDBURS6uAbHdCfLbaGNoSqu_; GUID=1z11zz11YzalDsQz3446258a1b709c718c056e842090ff8f; TradeDoublerGUID=3446258a1b709c718c056e842090ff8f Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache HTTP/1.1 302 Found Cache-control: no-cache="set-cookie" Content-Type: text/html; charset=UTF-8 Date: Wed, 14 Jun 2023 07:26:09 GMT Location: https://www.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&url=https://farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Server: Apache/2.4.56 (Ubuntu) Set-Cookie: AWSELB=FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C9290BEFD088C175CF1515E1B2535CA43E06284783DD3A44B4296A014025AD53248C1BA03E231E71D15DBA2CF9A7C59ACA2;PATH=/;MAX-AGE=30 AWSELBCORS=FF1BFB8F1C42D3E6A4BF4A0B044EDED4042A192C9290BEFD088C175CF1515E1B2535CA43E06284783DD3A44B4296A014025AD53248C1BA03E231E71D15DBA2CF9A7C59ACA2;PATH=/;MAX-AGE=30;SECURE;SAMESITE=None Content-Length: 1 Connection: keep-alive

	www.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&url=https://farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	104.18.31.49	302 Found	1.3 kB
URL User Request GET HTTP/2 www.farmasiet.no/td_redirect?tduid=3446258a1b709c718c056e842090ff8f&url=https://farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1123), with CRLF line terminators Size 1.3 kB (1282 bytes) Hash aedb881fdebba7af8d0c459f1e9fde76 a9af83c96460c78f47406641d463fa8572982600 1466b4bbb3dfbc580ce9e1382552739d11d8c1678ec23dddfae0d2069e36e254 HTTP Headers GET /td_redirect?tduid=3446258a1b709c718c056e842090ff8f&url=https://farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pdt.tradedoubler.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found date: Wed, 14 Jun 2023 07:26:10 GMT content-type: text/html; charset=utf-8 content-length: 1282 location: https://farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo access-control-expose-headers: Request-Context cache-control: no-cache, no-store, must-revalidate expires: -1 pragma: no-cache set-cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; expires=Tue, 22-Aug-2023 18:06:09 GMT; path=/; HttpOnly TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; expires=Thu, 13-Jun-2024 07:26:10 GMT; path=/ ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815;Path=/;HttpOnly;Secure;Domain=www.farmasiet.no ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815;Path=/;HttpOnly;SameSite=None;Secure;Domain=www.farmasiet.no request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 x-frame-options: SAMEORIGIN strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d70d7f03e13b50c-OSL X-Firefox-Spdy: h2

	farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	217.114.85.70	301 Moved Permanently	0 B
URL User Request GET HTTP/1.0 farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 217.114.85.70:443 ASN #30811 EPiServer AB Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo HTTP/1.1 Host: farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pdt.tradedoubler.com/ DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.0 301 Moved Permanently Location: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Server: BigIP Connection: Keep-Alive Content-Length: 0`

	www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo	104.18.31.49	200 OK	48 kB
URL User Request GET HTTP/2 www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39635), with CRLF, LF line terminators Size 48 kB (48108 bytes) Hash b5ee464e4fc75667ce0114034ca67869 aec76802542e8a0c4e4d37dabea50e11c4cbac73 fe02fc760f6ff3e392ff5cc6ee115ac116a98cb4849ae0a67e5bb2359d2a1c8c HTTP Headers GET /?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://pdt.tradedoubler.com/ DNT: 1 Connection: keep-alive Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: text/html; charset=utf-8 content-length: 48108 access-control-expose-headers: Request-Context cache-control: no-cache, no-store content-encoding: gzip expires: -1 pragma: no-cache vary: Accept-Encoding request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 x-frame-options: SAMEORIGIN strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d70d7f14f8eb50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/dist/runtime.js?v=1.0.29708.0	104.18.31.49	200 OK	974 B
URL GET HTTP/2 www.farmasiet.no/dist/runtime.js?v=1.0.29708.0 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type ASCII text, with very long lines (1497) Size 974 B (974 bytes) Hash ec15ea201ee7f20af3637f99c6d6a3c9 3fbec55994d906f3daf249083dc85f395585a35f 67a9dda9c6a53aae81d6ae865640a58ebdf9a2c6cbbf92271e40f7de6fc9611b HTTP Headers GET /dist/runtime.js?v=1.0.29708.0 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: application/x-javascript content-length: 974 access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 content-encoding: gzip etag: "0a7903a7e98d91:0" last-modified: Tue, 06 Jun 2023 13:53:10 GMT vary: Accept-Encoding request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 641895 expires: Mon, 11 Dec 2023 07:26:10 GMT accept-ranges: bytes server: cloudflare cf-ray: 7d70d7f62efbb50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/dist/polyfills.js?v=1.0.29708.0	104.18.31.49	200 OK	1.7 kB
URL GET HTTP/2 www.farmasiet.no/dist/polyfills.js?v=1.0.29708.0 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type ASCII text, with very long lines (3110) Size 1.7 kB (1660 bytes) Hash a5ea12f80fbfb7b541e8420c89d5796b 70e81d4ef0c2d2e693bd7595240415e581d82d00 c3c73509dfe8a9591d54d29a30f7fc2af1051b143976e4d5e3a5063d7d339e01 HTTP Headers GET /dist/polyfills.js?v=1.0.29708.0 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: application/x-javascript content-length: 1660 access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 content-encoding: gzip etag: "09c62274b95d91:0" last-modified: Fri, 02 Jun 2023 12:10:00 GMT vary: Accept-Encoding request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 641895 expires: Mon, 11 Dec 2023 07:26:10 GMT accept-ranges: bytes server: cloudflare cf-ray: 7d70d7f63f08b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/dist/libs.js?v=1.0.29708.0	104.18.31.49	200 OK	259 B
URL GET HTTP/2 www.farmasiet.no/dist/libs.js?v=1.0.29708.0 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type ASCII text Size 259 B (259 bytes) Hash 1ce8a44b1a699f2d64505d18e6af7be3 47deb1b34868f37a75ee099197ff06277b0b6429 477f2c5a0d91ec22dbbd0bfcaed7dad9e957986ad46645a503b38dc0bd13c717 HTTP Headers GET /dist/libs.js?v=1.0.29708.0 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: application/x-javascript content-length: 259 access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 content-encoding: gzip etag: "09c62274b95d91:0" last-modified: Fri, 02 Jun 2023 12:10:00 GMT vary: Accept-Encoding request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 641895 expires: Mon, 11 Dec 2023 07:26:10 GMT accept-ranges: bytes server: cloudflare cf-ray: 7d70d7f63f16b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/dist/vendors~adminPortal~checkout~cms~filters.js?v=1.0.29708.0	104.18.31.49	200 OK	43 kB
URL GET HTTP/2 www.farmasiet.no/dist/vendors~adminPortal~checkout~cms~filters.js?v=1.0.29708.0 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 43 kB (43047 bytes) Hash 5e8669075cb6c931fc51704b91884d9a 82fe0e3e833b168219578be7c98c37f78ac919a9 87c238ac5a0305a738ad9e93cd8d2e0b5b36fd2ebb4c0f7befd747e40f0932c1 HTTP Headers GET /dist/vendors~adminPortal~checkout~cms~filters.js?v=1.0.29708.0 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: application/x-javascript content-length: 43047 access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 content-encoding: gzip etag: "09c62274b95d91:0" last-modified: Fri, 02 Jun 2023 12:10:00 GMT vary: Accept-Encoding request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 641895 expires: Mon, 11 Dec 2023 07:26:10 GMT accept-ranges: bytes server: cloudflare cf-ray: 7d70d7f63f0cb50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/dist/vendors~libs.js?v=1.0.29708.0	104.18.31.49	200 OK	6.1 kB
URL GET HTTP/2 www.farmasiet.no/dist/vendors~libs.js?v=1.0.29708.0 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type ASCII text, with very long lines (12518) Size 6.1 kB (6108 bytes) Hash 88adf1ff92803817e1aa36d95b5eaecb b751a979cfe6d6d1ae6389390455148b754c812b ecdeba31b283cc1b1fb94d3529e2ae04fb6b0e980b73cc85b8d8bb1394defc76 HTTP Headers GET /dist/vendors~libs.js?v=1.0.29708.0 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: application/x-javascript content-length: 6108 access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 content-encoding: gzip etag: "0a7903a7e98d91:0" last-modified: Tue, 06 Jun 2023 13:53:10 GMT vary: Accept-Encoding request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 641895 expires: Mon, 11 Dec 2023 07:26:10 GMT accept-ranges: bytes server: cloudflare cf-ray: 7d70d7f64f2eb50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/Resources/Translations_no.js?v=1.0.29708.0	104.18.31.49	200 OK	18 kB
URL GET HTTP/2 www.farmasiet.no/Resources/Translations_no.js?v=1.0.29708.0 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type Unicode text, UTF-8 text, with very long lines (331), with CRLF line terminators Size 18 kB (18510 bytes) Hash 7b1866bae0e3c153436e17ddcd4d4935 7e7c2f75fd12f09dfcfd3adb6b842c8a65d48546 c019724a465542de9b7a36334925504b1226e3f6724ee88fcbfd94f117f18a59 HTTP Headers GET /Resources/Translations_no.js?v=1.0.29708.0 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: application/x-javascript content-length: 18510 access-control-expose-headers: Request-Context cache-control: public, max-age=86400 content-encoding: gzip etag: "0948a7c98d91:0" last-modified: Tue, 06 Jun 2023 13:37:30 GMT vary: Accept-Encoding request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 x-frame-options: SAMEORIGIN strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 37088 expires: Thu, 15 Jun 2023 07:26:10 GMT accept-ranges: bytes server: cloudflare cf-ray: 7d70d7f65f3bb50c-OSL X-Firefox-Spdy: h2

	polyfill.io/v3/polyfill.min.js?features=Promise%2CPromise.prototype.finally%2CSet%2CMap%2Cfetch%2CSymbol%2CArray.prototype.find%2CArray.prototype.some%2CArray.prototype.every%2CArray.prototype.forEach%2CArray.prototype.findIndex%2CString.prototype.includes%2CString.prototype.startsWith%2CCustomEvent%2Ces7%2CURLSearchParams%2CElement.prototype.inert%2CObject.values%2CObject.entries%2Cfetch%2CString.prototype.endsWith%2CElement.prototype.closest	151.101.129.26	200 OK	3.2 kB
URL GET HTTP/2 polyfill.io/v3/polyfill.min.js?features=Promise%2CPromise.prototype.finally%2CSet%2CMap%2Cfetch%2CSymbol%2CArray.prototype.find%2CArray.prototype.some%2CArray.prototype.every%2CArray.prototype.forEach%2CArray.prototype.findIndex%2CString.prototype.includes%2CString.prototype.startsWith%2CCustomEvent%2Ces7%2CURLSearchParams%2CElement.prototype.inert%2CObject.values%2CObject.entries%2Cfetch%2CString.prototype.endsWith%2CElement.prototype.closest IP 151.101.129.26:443 ASN #54113 FASTLY Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subjectpolyfill.io FingerprintCC:EC:67:62:0C:35:B1:49:2F:28:55:33:F4:F0:49:CD:3F:88:CC:3B ValiditySat, 10 Dec 2022 19:50:06 GMT - Thu, 11 Jan 2024 19:50:05 GMT File type ASCII text, with very long lines (8469) Size 3.2 kB (3185 bytes) Hash bcbdbbd87f34809fa38ce8a09930bb07 d9ab9aa4f66a8eef9afe9b5d569321c75881c5b4 c93f1c0bb328c6fd5ad3edae26288320a3257694746b6ef25e858578d7a62f05 HTTP Headers GET /v3/polyfill.min.js?features=Promise%2CPromise.prototype.finally%2CSet%2CMap%2Cfetch%2CSymbol%2CArray.prototype.find%2CArray.prototype.some%2CArray.prototype.every%2CArray.prototype.forEach%2CArray.prototype.findIndex%2CString.prototype.includes%2CString.prototype.startsWith%2CCustomEvent%2Ces7%2CURLSearchParams%2CElement.prototype.inert%2CObject.values%2CObject.entries%2Cfetch%2CString.prototype.endsWith%2CElement.prototype.closest HTTP/1.1 Host: polyfill.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK fastly_service_version: 195 access-control-allow-origin: * access-control-allow-methods: GET,HEAD,OPTIONS cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 content-type: text/javascript; charset=UTF-8 last-modified: Wed, 03 May 2023 00:17:37 GMT useragent_normaliser: firefox/111.0.0 content-encoding: gzip x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubdomains; preload referrer-policy: origin-when-cross-origin timing-allow-origin: * normalized-user-agent: firefox/111.0.0 detected-user-agent: Firefox/111.0. accept-ranges: bytes date: Wed, 14 Jun 2023 07:26:10 GMT age: 358962 vary: User-Agent, Accept-Encoding server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=2 alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 3185 X-Firefox-Spdy: h2

	ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4	104.18.21.226		1.5 kB
URL ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP 104.18.21.226:0 ASN #13335 CLOUDFLARENET File type data Size 1.5 kB (1462 bytes) Hash b9ef69d6872a535536181db076bdb6a0 05181c944e27acd9bc663652f85cc2a2b7e9a471 b24b762553480837764782100c5d303a7cb8b6144c89d89ffe472a539a016ca6 HTTP Headers `POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Date: Wed, 14 Jun 2023 07:26:11 GMT Content-Type: application/ocsp-response Transfer-Encoding: chunked Connection: keep-alive Etag: "FEDC183DE1C364CEA37DEEAFAF9794283F192F28" Expires: Wed, 14 Jun 2023 18:00:00 GMT Last-Modified: Wed, 14 Jun 2023 06:00:00 UTC Cache-Control: s-maxage=3600, public, no-transform, must-revalidate CF-Cache-Status: HIT Age: 841 Vary: Accept-Encoding Server: cloudflare CF-RAY: 7d70d7f7ccba0b61-OSL`

	resept.farmasiet.no/inbox/unread-messages-badge.html	109.247.228.130	200 OK	821 B
URL GET HTTP/1.1 resept.farmasiet.no/inbox/unread-messages-badge.html IP 109.247.228.130:443 ASN #29695 Altibox AS Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1489), with no line terminators Size 821 B (821 bytes) Hash c6516ad67fb8ee60355cf77a2b6b42fb fb20dedb1969499c00d7cb018cb7575cd7d7fc9e b40edc309e55b06a488c1e2ae873396ec6e28f2feb40a35eff68491b91c2526f HTTP Headers GET /inbox/unread-messages-badge.html HTTP/1.1 Host: resept.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 200 OK Content-Type: text/html Last-Modified: Mon, 11 Jul 2022 07:04:12 GMT Accept-Ranges: bytes ETag: "07e756cf494d81:0" Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Date: Wed, 14 Jun 2023 07:26:11 GMT Content-Length: 821 Vary: User-Agent, Accept-Encoding Content-Encoding: gzip`

	resept.farmasiet.no/inbox/config/config.json?v=1686727570787	109.247.228.130	200 OK	47 B
URL GET HTTP/1.1 resept.farmasiet.no/inbox/config/config.json?v=1686727570787 IP 109.247.228.130:443 ASN #29695 Altibox AS Requested by https://resept.farmasiet.no/inbox/unread-messages-badge.html Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type JSON data\012- , ASCII text, with CRLF line terminators Size 47 B (47 bytes) Hash 343a57f516de50451282a140170844a4 948729ba6711078ba5106997bf265838c9a08247 f62cce30b4f801b7e446a878713f8d7de05f16aa094f7fd8af10cca2b3e828e7 HTTP Headers `GET /inbox/config/config.json?v=1686727570787 HTTP/1.1 Host: resept.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://resept.farmasiet.no/inbox/unread-messages-badge.html DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/json Last-Modified: Mon, 11 Jul 2022 06:57:44 GMT Accept-Ranges: bytes ETag: "0643185f394d81:0" Server: Microsoft-IIS/10.0 X-Powered-By: ASP.NET Date: Wed, 14 Jun 2023 07:26:11 GMT Content-Length: 47`

	www.farmasiet.no/dist/assets/images/favicon-16x16.png?v=1.0.29708.0	104.18.31.49	200 OK	78 B
URL GET HTTP/2 www.farmasiet.no/dist/assets/images/favicon-16x16.png?v=1.0.29708.0 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image\012- data Size 78 B (78 bytes) Hash 0d9fa6e5a904f16ebc68380ee66860f2 6d443467dc5feb79b96c1d3dd6298e4d266142a5 f5298cd21c467d2b074d1a496985c8073ed7788da7d3fead70b07af08d6508df HTTP Headers GET /dist/assets/images/favicon-16x16.png?v=1.0.29708.0 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:11 GMT content-type: image/webp content-length: 78 access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=430 content-disposition: inline; filename="favicon-16x16.webp" etag: "0a7903a7e98d91:0" last-modified: Tue, 06 Jun 2023 13:53:10 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff cf-cache-status: HIT age: 641884 expires: Mon, 11 Dec 2023 07:26:11 GMT accept-ranges: bytes server: cloudflare cf-ray: 7d70d7fb7829b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/brands/l/livostin/livostin-logo.jpg?w=112&quality=100&format=png	104.18.31.49	200 OK	1.2 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/brands/l/livostin/livostin-logo.jpg?w=112&quality=100&format=png IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image\012- data Size 1.2 kB (1156 bytes) Hash d80d970671fc12301df90510eea8f5c3 5732207b347599f590ad02ecde80a7c0411ee223 29bae30a34140894f58a74f55fbb0b2762ae86e680638f72d29e75a3f54c7e45 HTTP Headers GET /globalassets/brands/l/livostin/livostin-logo.jpg?w=112&quality=100&format=png HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865435 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=2545 content-disposition: inline; filename="livostin-logo.webp" expires: Wed, 05 Jun 2024 13:10:05 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:05 GMT cf-cache-status: HIT age: 657866 server: cloudflare cf-ray: 7d70d7f62ef2b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/brand-logos-_-bw/aco.jpg?w=112&quality=100&format=png	104.18.31.49	200 OK	1.7 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/brand-logos-_-bw/aco.jpg?w=112&quality=100&format=png IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image\012- data Size 1.7 kB (1707 bytes) Hash 63a85d4cdbfdbb1d42341e56845594dc 634ee3224a81d359e04df47c83b4a7cc19370b8d 205a25c8ed202d688419be720ddb4fcbe13d0947630ef9b6ce96ef8cab66d81f HTTP Headers GET /globalassets/brand-logos-_-bw/aco.jpg?w=112&quality=100&format=png HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865435 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=3388 content-disposition: inline; filename="aco.webp" expires: Wed, 05 Jun 2024 13:10:05 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:05 GMT cf-cache-status: HIT age: 393641 server: cloudflare cf-ray: 7d70d7f61ed1b50c-OSL X-Firefox-Spdy: h2

	ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/575.js	54.230.111.36	200 OK	169 B
URL GET HTTP/2 ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/575.js IP 54.230.111.36:443 ASN #16509 AMAZON-02 Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerAmazon Subject.powerreviews.com Fingerprint7A:D7:78:27:B8:E6:63:0D:39:65:73:B5:77:C3:2B:3A:E7:8A:FE:0F ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 24 Jan 2024 23:59:59 GMT File type ASCII text Size 169 B (169 bytes) Hash 8ba77ae0b61cc05aaf737876e10951fe be2ebf7a7737b621f11a91175654e7f1fd0f0fe7 479a1bfc8570fcf9b29e9c58b924b9d0cbc83283d8db7dfdb6d9356cea1c14b7 HTTP Headers `GET /tag-builds/10436/4.1/js/chunks/575.js HTTP/1.1 Host: ui.powerreviews.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-type: application/javascript content-length: 169 date: Wed, 31 May 2023 21:04:48 GMT access-control-allow-origin: * access-control-allow-methods: GET, PUT, POST, DELETE, HEAD access-control-expose-headers: x-amz-meta-unpublished-reviews last-modified: Wed, 31 May 2023 21:04:25 GMT etag: "8ba77ae0b61cc05aaf737876e10951fe" x-amz-server-side-encryption: AES256 cache-control: max-age=31536000 accept-ranges: bytes server: PowerReviews vary: Access-Control-Request-Headers,Access-Control-Request-Method x-cache: Hit from cloudfront via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: IjIGOJwOyA_q7rJPXh_W-gaAdo2ER0QMi4DKe5fb3p-gtaBULZ8Nhw== age: 1160484 X-Firefox-Spdy: h2

	www.farmasiet.no/api/cart?v=	104.18.31.49	200 OK	540 B
URL GET HTTP/2 www.farmasiet.no/api/cart?v= IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject*.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type JSON data\012- , ASCII text, with very long lines (823), with no line terminators Size 540 B (540 bytes) Hash b3610eed11b0eaf67ddd3d4717fccbbf 68de72ec66e4c59f996e2caf698c211f6915e829 0e3866b80b534961acd4f4060a9295f05cd3716f29e7ae363e8f6dfca94e7194 HTTP Headers GET /api/cart?v= HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo X-Requested-With: XMLHttpRequest __RequestVerificationToken: experimentation-path: / experimentation-userdata: {"device":"Laptop"} DNT: 1 Connection: keep-alive Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:11 GMT content-type: application/json; charset=utf-8 content-length: 540 access-control-expose-headers: Request-Context cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: -1 pragma: no-cache vary: Accept-Encoding request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 x-frame-options: SAMEORIGIN strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d70d7fbf8e9b50c-OSL X-Firefox-Spdy: h2

	az416426.vo.msecnd.net/scripts/a/ai.0.js	152.199.19.161	200 OK	22 kB
URL GET HTTP/2 az416426.vo.msecnd.net/scripts/a/ai.0.js IP 152.199.19.161:443 ASN #15133 EDGECAST Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerDigiCert Inc Subject.vo.msecnd.net Fingerprint0E:7D:A8:CD:FE:61:1E:46:97:A3:57:99:70:DA:E0:59:1D:34:04:80 ValidityFri, 05 May 2023 00:00:00 GMT - Sun, 28 Apr 2024 23:59:59 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 22 kB (22495 bytes) Hash 1dd63de72cf1f702324245441844be13 58a8bdcdcb398af7db424357df70df18e7b30e9d 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e HTTP Headers `GET /scripts/a/ai.0.js HTTP/1.1 Host: az416426.vo.msecnd.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-encoding: gzip access-control-allow-origin: * access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding age: 1313 cache-control: public, max-age=1800 content-md5: HdY95yzx9wIyQkVEGES+Ew== content-type: application/x-javascript date: Wed, 14 Jun 2023 07:26:11 GMT etag: 0x8D8E461DA1A5889 expires: Wed, 14 Jun 2023 07:56:11 GMT last-modified: Thu, 11 Mar 2021 07:46:59 GMT server: ECAcc (ska/F773) vary: Accept-Encoding x-cache: HIT x-ms-blob-type: BlockBlob x-ms-lease-status: unlocked x-ms-meta-lastmodified: 2020-10-01 19:31:04 x-ms-request-id: 5556c975-e01e-00a8-418e-9e06fc000000 x-ms-version: 2009-09-19 content-length: 22495 X-Firefox-Spdy: h2

	ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/engine.js	54.230.111.36	200 OK	40 kB
URL GET HTTP/2 ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/engine.js IP 54.230.111.36:443 ASN #16509 AMAZON-02 Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerAmazon Subject.powerreviews.com Fingerprint7A:D7:78:27:B8:E6:63:0D:39:65:73:B5:77:C3:2B:3A:E7:8A:FE:0F ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 24 Jan 2024 23:59:59 GMT File type ASCII text, with very long lines (40120) Size 40 kB (39688 bytes) Hash 5aef227c48c7759a940f31bf6c64ce39 fdf782192953420046f0ac6849a21886d948249f d4fe1939520bcbaeebb752ba1ccee4e9c2c14bfd13d63e19b137977eb386fc35 HTTP Headers `GET /tag-builds/10436/4.1/js/chunks/engine.js HTTP/1.1 Host: ui.powerreviews.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 200 OK content-type: application/javascript date: Wed, 31 May 2023 21:04:48 GMT access-control-allow-origin: * access-control-allow-methods: GET, PUT, POST, DELETE, HEAD access-control-expose-headers: x-amz-meta-unpublished-reviews last-modified: Wed, 31 May 2023 21:04:25 GMT etag: W/"ef35221de66f0acde02b1f9a4b22c88b" x-amz-server-side-encryption: AES256 cache-control: max-age=31536000 server: PowerReviews content-encoding: gzip vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-cache: Hit from cloudfront via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 3O5ivUIx7VsbgVTdIJ-7P2d6gSzIJzwndmZVdvQmk2wekjgo2ge-rA== age: 1160484 X-Firefox-Spdy: h2

	www.farmasiet.no/api/products/recommendations	104.18.31.49	200 OK	5.7 kB
URL POST HTTP/2 www.farmasiet.no/api/products/recommendations IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject*.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (31243), with no line terminators Size 5.7 kB (5684 bytes) Hash e312981c0f7189afc16db5fb6a653313 8f703f810a6f9cd1a5edcdc655b49ea6c014f679 bfd5770930be06dbc1b4c5f5d43cf8de206bf8b2f51085a124cd1057dcb54077 HTTP Headers POST /api/products/recommendations HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo X-Requested-With: XMLHttpRequest __RequestVerificationToken: Content-Type: application/json experimentation-path: / experimentation-userdata: {"device":"Laptop"} Content-Length: 1119 Origin: https://www.farmasiet.no DNT: 1 Connection: keep-alive Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; ai_user=N5vh1\|2023-06-14T07:26:11.523Z Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:12 GMT content-type: application/json; charset=utf-8 content-length: 5684 access-control-expose-headers: Request-Context cache-control: no-cache, no-store, must-revalidate content-encoding: gzip expires: -1 pragma: no-cache set-cookie: EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; Max-Age=1800; Path=/ vary: Accept-Encoding request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 x-frame-options: SAMEORIGIN strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d70d7fe9d90b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/homepage/carousel_main-banners/2023/y23_w23-24_cosrx_1600x900_main_banner.png?w=800&h=450&mode=Crop&quality=90&crop=0,0,1600,900&format=jpg	104.18.31.49	200 OK	20 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/homepage/carousel_main-banners/2023/y23_w23-24_cosrx_1600x900_main_banner.png?w=800&h=450&mode=Crop&quality=90&crop=0,0,1600,900&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 20 kB (20074 bytes) Hash 0652695edb9d5aa49fe4dd9c88e3d355 aa91921ef8889ce8565cab812c2b490721f6b578 46f0e011bc046b5f3f8c8cd16cccad2e5c3285df5ba3bcc1388138efd454ca6b HTTP Headers GET /globalassets/homepage/carousel_main-banners/2023/y23_w23-24_cosrx_1600x900_main_banner.png?w=800&h=450&mode=Crop&quality=90&crop=0,0,1600,900&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; ai_user=N5vh1\|2023-06-14T07:26:11.523Z Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:12 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865434 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=38558 content-disposition: inline; filename="y23_w23-24_cosrx_1600x900_main_banner.webp" expires: Wed, 05 Jun 2024 13:10:06 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:06 GMT cf-cache-status: HIT age: 390307 server: cloudflare cf-ray: 7d70d7febdb7b50c-OSL X-Firefox-Spdy: h2

	dc.services.visualstudio.com/v2/track	13.69.106.89	200 OK	96 B
URL POST HTTP/2 dc.services.visualstudio.com/v2/track IP 13.69.106.89:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerMicrosoft Corporation Subjectin.applicationinsights.azure.com Fingerprint40:55:A4:D3:76:DB:48:99:F6:7A:43:E2:1E:47:F1:EE:35:90:20:DF ValidityThu, 20 Apr 2023 21:06:44 GMT - Sun, 14 Apr 2024 21:06:44 GMT File type JSON data\012- , ASCII text, with no line terminators Size 96 B (96 bytes) Hash 5982adeb8ab2234dae2b851b0ed31181 bff9bc13d1b8048581c3bcf72244ab5c146ea56b a54179bc944c47ec017fa85c20afe80d3e5fb8bbb6354a05684906ee8cfa1d00 HTTP Headers POST /v2/track HTTP/1.1 Host: dc.services.visualstudio.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/json Sdk-Context: appId Content-Length: 1475 Origin: https://www.farmasiet.no DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK content-type: application/json; charset=utf-8 x-ms-session-id: 9C3026DB-B3BC-40E2-A4B2-E3F4BE34603F strict-transport-security: max-age=31536000 access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context access-control-allow-origin: * access-control-max-age: 3600 x-content-type-options: nosniff date: Wed, 14 Jun 2023 07:26:12 GMT content-length: 96 X-Firefox-Spdy: h2`

	consent.cookiebot.com/uc.js	104.84.152.235	200 OK	34 kB
URL GET HTTP/2 consent.cookiebot.com/uc.js IP 104.84.152.235:443 ASN #20940 Akamai International B.V. Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerDigiCert Inc Subjectconsent.cookiebot.com Fingerprint56:33:CA:77:EA:BC:73:51:03:77:3B:70:7C:00:AF:45:02:85:85:98 ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65499) Size 34 kB (33583 bytes) Hash 1b6db9a09a0525a273106c330843431c c0ab167aab1d305ffa45a550120f91c288671f89 445a40338fb4c488b9b8432ec3014e6fda1e95370e87f33fdc527c06d04dbaa5 HTTP Headers `GET /uc.js HTTP/1.1 Host: consent.cookiebot.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/javascript content-encoding: gzip last-modified: Wed, 07 Jun 2023 06:53:11 GMT accept-ranges: bytes etag: "ed3f55b9c99d91:0" vary: Accept-Encoding request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef access-control-expose-headers: Request-Context content-length: 33583 cache-control: public, max-age=650 expires: Wed, 14 Jun 2023 07:37:06 GMT date: Wed, 14 Jun 2023 07:26:16 GMT cross-origin-resource-policy: cross-origin X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.131		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.131:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 82a58e7f700af74b092d4a35c3d352e7 beb0520bdc258c40be48ee85fda5b2d336affe8a 909543112917e743ab8db7149a311966cd2b1015f68361e5457feea977e0b776 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 14 Jun 2023 07:26:16 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.googletagmanager.com/gtm.js?id=GTM-NGZC2LS	142.250.74.40	200 OK	100 kB
URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NGZC2LS IP 142.250.74.40:443 ASN #15169 GOOGLE Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT File type ASCII text, with very long lines (40549) Size 100 kB (100093 bytes) Hash 390ede1ba6892aef31153559092d3163 c4b5f2b5db1f51de9a764e531e67fc0a7e230303 718f005af069e91a99ca010d9ca7e677cc473907a94b83235f918dfdd91ecd17 HTTP Headers `GET /gtm.js?id=GTM-NGZC2LS HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Wed, 14 Jun 2023 07:26:17 GMT expires: Wed, 14 Jun 2023 07:26:17 GMT cache-control: private, max-age=900 last-modified: Wed, 14 Jun 2023 06:00:00 GMT strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 100093 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/homepage/carousel_main-banners/2023/y23_w23-24_smectago_1600x900_main_banner.png?w=800&h=450&mode=Crop&quality=90&crop=0,0,1600,900&format=jpg	104.18.31.49	200 OK	27 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/homepage/carousel_main-banners/2023/y23_w23-24_smectago_1600x900_main_banner.png?w=800&h=450&mode=Crop&quality=90&crop=0,0,1600,900&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 27 kB (26605 bytes) Hash 33fb750d22511e6d42e4e8e6fd6aa216 8a270be89b1c540528577c4a5d4aab483040e1f5 27c45744a68f9049596019452b70e30a252738fef127f65a688cd01fa2b4da24 HTTP Headers GET /globalassets/homepage/carousel_main-banners/2023/y23_w23-24_smectago_1600x900_main_banner.png?w=800&h=450&mode=Crop&quality=90&crop=0,0,1600,900&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; ai_user=N5vh1\|2023-06-14T07:26:11.523Z; ai_session=w3w8p\|1686727571631\|1686727571631 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:16 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865430 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=39142 content-disposition: inline; filename="y23_w23-24_smectago_1600x900_main_banner.webp" expires: Wed, 05 Jun 2024 13:10:06 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:06 GMT cf-cache-status: HIT age: 659856 server: cloudflare cf-ray: 7d70d8164a53b50c-OSL X-Firefox-Spdy: h2

	consentcdn.cookiebot.com/consentconfig/4a7a6781-d980-495f-b657-4733ab69c189/farmasiet.no/configuration.js	104.110.3.72	200 OK	388 B
URL GET HTTP/2 consentcdn.cookiebot.com/consentconfig/4a7a6781-d980-495f-b657-4733ab69c189/farmasiet.no/configuration.js IP 104.110.3.72:443 ASN #16625 AKAMAI-AS Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerDigiCert Inc Subject.cookiebot.com Fingerprint88:F1:D8:EB:8E:DD:6F:53:9A:31:C3:FE:59:0E:68:FE:24:2F:84:EB ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT File type ASCII text, with very long lines (1773), with no line terminators Size 388 B (388 bytes) Hash 31cec6f23f337dc4f5635e62641125c2 91f5fa651673a067300bcb0c6189386bfdde6c4b 41685a9c4ecc5ab3c8ce86e62dc0d0585a92e4c546a84061e63059c3fe460970 HTTP Headers `GET /consentconfig/4a7a6781-d980-495f-b657-4733ab69c189/farmasiet.no/configuration.js HTTP/1.1 Host: consentcdn.cookiebot.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-type: application/x-javascript etag: "31cec6f23f337dc4f5635e62641125c2:1684977147.16127" last-modified: Thu, 25 May 2023 01:12:27 GMT server: AkamaiNetStorage vary: Accept-Encoding content-encoding: gzip cache-control: max-age=60863 expires: Thu, 15 Jun 2023 00:20:40 GMT date: Wed, 14 Jun 2023 07:26:17 GMT content-length: 388 server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468535_388255644_131433328_20_667_2_0_-";dur=1 cross-origin-resource-policy: cross-origin X-Firefox-Spdy: h2

	consentcdn.cookiebot.com/sdk/bc-v4.min.html	104.110.3.72	200 OK	392 B
URL GET HTTP/2 consentcdn.cookiebot.com/sdk/bc-v4.min.html IP 104.110.3.72:443 ASN #16625 AKAMAI-AS Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerDigiCert Inc Subject.cookiebot.com Fingerprint88:F1:D8:EB:8E:DD:6F:53:9A:31:C3:FE:59:0E:68:FE:24:2F:84:EB ValidityMon, 17 Apr 2023 00:00:00 GMT - Wed, 17 Apr 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (627), with no line terminators Size 392 B (392 bytes) Hash 3d08665fa4c7bcf9fa2dcbbc7efe1d0f ba57ecee011a4b99d4bb56707325c8e4d0fb8a2b 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104 HTTP Headers GET /sdk/bc-v4.min.html HTTP/1.1 Host: consentcdn.cookiebot.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes content-type: text/html etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163" last-modified: Mon, 04 Apr 2022 07:23:49 GMT server: AkamaiNetStorage x-akamai-transformed: 9 - 0 pmb=mRUM,1 vary: Accept-Encoding content-encoding: gzip cache-control: max-age=30266053 expires: Wed, 29 May 2024 14:40:30 GMT date: Wed, 14 Jun 2023 07:26:17 GMT content-length: 392 server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468535_388255644_131433329_14_641_2_0_-";dur=1 cross-origin-embedder-policy: require-corp cross-origin-resource-policy: cross-origin X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=G-HWHJP6SP9F&l=dataLayer&cx=c	142.250.74.40	200 OK	80 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-HWHJP6SP9F&l=dataLayer&cx=c IP 142.250.74.40:443 ASN #15169 GOOGLE Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT File type ASCII text, with very long lines (3472) Size 80 kB (79960 bytes) Hash 2de95ecc558437476eedc7656e969f5f 82e8a2a18a24c92749fd57e4af0da75b0deccbce b33c8bc387cd69b4aad9ce62592d069a11aa9813f7a90873877610a50811211e HTTP Headers `GET /gtag/js?id=G-HWHJP6SP9F&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Wed, 14 Jun 2023 07:26:17 GMT expires: Wed, 14 Jun 2023 07:26:17 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 79960 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	consent.cookiebot.com/4a7a6781-d980-495f-b657-4733ab69c189/cc.js?renew=false&referer=www.farmasiet.no&dnt=true&init=false	104.84.152.235	200 OK	65 kB
URL GET HTTP/2 consent.cookiebot.com/4a7a6781-d980-495f-b657-4733ab69c189/cc.js?renew=false&referer=www.farmasiet.no&dnt=true&init=false IP 104.84.152.235:443 ASN #20940 Akamai International B.V. Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerDigiCert Inc Subjectconsent.cookiebot.com Fingerprint56:33:CA:77:EA:BC:73:51:03:77:3B:70:7C:00:AF:45:02:85:85:98 ValidityThu, 06 Apr 2023 00:00:00 GMT - Sat, 06 Apr 2024 23:59:59 GMT File type ASCII text, with very long lines (65499) Size 65 kB (65144 bytes) Hash 7a43e5e5c453fa4f0013251a6ee4a0b5 0646cb81764e2813e01a7b895e640407c199e45f 5887416eb35a3d85c09f472d2767836dc8a91771569515b4f2462830c79ef74c HTTP Headers `GET /4a7a6781-d980-495f-b657-4733ab69c189/cc.js?renew=false&referer=www.farmasiet.no&dnt=true&init=false HTTP/1.1 Host: consent.cookiebot.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK cache-control: private, max-age=1200 content-type: application/x-javascript; charset=utf-8 content-encoding: gzip last-modified: Wed, 14 Jun 2023 07:26:17 GMT vary: Accept-Encoding request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef access-control-expose-headers: Request-Context content-length: 65144 date: Wed, 14 Jun 2023 07:26:17 GMT cross-origin-resource-policy: cross-origin X-Firefox-Spdy: h2`

	dc.services.visualstudio.com/v2/track	13.69.106.89	200 OK	96 B
URL POST HTTP/2 dc.services.visualstudio.com/v2/track IP 13.69.106.89:443 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerMicrosoft Corporation Subjectin.applicationinsights.azure.com Fingerprint40:55:A4:D3:76:DB:48:99:F6:7A:43:E2:1E:47:F1:EE:35:90:20:DF ValidityThu, 20 Apr 2023 21:06:44 GMT - Sun, 14 Apr 2024 21:06:44 GMT File type JSON data\012- , ASCII text, with no line terminators Size 96 B (96 bytes) Hash f5955a2983d5048a1c77eea1dbb84881 df14dde8f39254f7f9e9647bfed003267862bc39 145e2b24bf84855a431163eb4a269c8342c72f50aefc667db2f6b25c74651f0e HTTP Headers POST /v2/track HTTP/1.1 Host: dc.services.visualstudio.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-type: application/json Sdk-Context: appId Content-Length: 731 Origin: https://www.farmasiet.no DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK content-type: application/json; charset=utf-8 x-ms-session-id: 348E5E26-081E-485E-8760-6092D4DACD24 strict-transport-security: max-age=31536000 access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context access-control-allow-origin: * access-control-max-age: 3600 x-content-type-options: nosniff date: Wed, 14 Jun 2023 07:26:20 GMT content-length: 96 X-Firefox-Spdy: h2`

	invitejs.trustpilot.com/tp.min.js	54.230.111.68	200 OK	9.9 kB
URL GET HTTP/2 invitejs.trustpilot.com/tp.min.js IP 54.230.111.68:443 ASN #16509 AMAZON-02 Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerAmazon Subject.trustpilot.com FingerprintED:01:2E:50:4C:98:9B:F1:34:D7:8C:1E:93:45:E6:05:00:3C:47:86 ValidityThu, 02 Feb 2023 00:00:00 GMT - Sat, 02 Mar 2024 23:59:59 GMT File type ASCII text, with very long lines (10129), with no line terminators Size 9.9 kB (9851 bytes) Hash 3274ca485fe341a2a9ca08030176fa19 6bc2e4cb1fae00581ea35ee08c824d16f8ec27e1 b0f0949af3c0be83c7c951142a0cf90909180005ea758868ed617e386512e286 HTTP Headers `GET /tp.min.js HTTP/1.1 Host: invitejs.trustpilot.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 last-modified: Mon, 28 Nov 2022 07:41:17 GMT content-encoding: gzip date: Wed, 14 Jun 2023 00:50:57 GMT cache-control: public, max-age=86400 vary: Accept-Encoding x-cache: Hit from cloudfront via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: y96_fPIoK1z4g8nmxV7Uy4fqT4ZTfrUKF7HJshA-hLQtSUehHmv5KQ== age: 23719 X-Firefox-Spdy: h2`

	www.farmasiet.no/globalassets/brand-logos-_-bw/natusan.jpg?w=112&quality=100&format=png	104.18.31.49	200 OK	2.2 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/brand-logos-_-bw/natusan.jpg?w=112&quality=100&format=png IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image\012- data Size 2.2 kB (2240 bytes) Hash 3578c87d1a3e9d17693b51906fac29c1 cb15ec2ff78388ab8d445b3024bf4fb6d3602319 374851c811103d3edd26398b16857a4718538aebee233b6f2100a393d098de09 HTTP Headers GET /globalassets/brand-logos-_-bw/natusan.jpg?w=112&quality=100&format=png HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865435 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=4601 content-disposition: inline; filename="natusan.webp" expires: Wed, 05 Jun 2024 13:10:05 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:05 GMT cf-cache-status: HIT age: 662610 server: cloudflare cf-ray: 7d70d7f61ed3b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/images/cosrx-cosrxcosrx-solkrem-aloe-soothing-sun-cream-spf50-pa,3859_1172104.jpg?w=202&h=202&mode=Max&quality=100&crop=1432,100,2567,2899&format=jpg	104.18.31.49	200 OK	2.2 kB
URL GET HTTP/2 www.farmasiet.no/images/cosrx-cosrxcosrx-solkrem-aloe-soothing-sun-cream-spf50-pa,3859_1172104.jpg?w=202&h=202&mode=Max&quality=100&crop=1432,100,2567,2899&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 82x202, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 2.2 kB (2212 bytes) Hash c4b747331c96a938c0fce941eec80d66 6514cbc8e013df71e53358bb01bc670146d35252 073ea3a50ac1f34dbe9d89d8594a9263c029d90e6b9702565e6008ec09e7d160 HTTP Headers GET /images/cosrx-cosrxcosrx-solkrem-aloe-soothing-sun-cream-spf50-pa,3859_1172104.jpg?w=202&h=202&mode=Max&quality=100&crop=1432,100,2567,2899&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; ai_user=N5vh1\|2023-06-14T07:26:11.523Z; ai_session=w3w8p\|1686727571631\|1686727571631 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:12 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865717 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=10385 content-disposition: inline; filename="cosrx-cosrxcosrx-solkrem-aloe-soothing-sun-cream-spf50-pa,3859_1172104.webp" expires: Wed, 05 Jun 2024 13:14:49 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:14:49 GMT cf-cache-status: HIT age: 448278 server: cloudflare cf-ray: 7d70d800f979b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/dist/assets/images/logo.svg?v=1.0.29708.0	104.18.31.49	200 OK	5.1 kB
URL GET HTTP/2 www.farmasiet.no/dist/assets/images/logo.svg?v=1.0.29708.0 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (5303), with no line terminators Size 5.1 kB (5149 bytes) Hash 93be10c28e78d88644988a0ba51f045f a0ff2ff94b5c3fb8bbf35d62dad9b15ee5640dc2 bfb77421dee4d7edc94d8361ed86581e2971b10e66b53d206c8fbb159577b9bc HTTP Headers GET /dist/assets/images/logo.svg?v=1.0.29708.0 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: image/svg+xml access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 etag: W/"0a7903a7e98d91:0" last-modified: Tue, 06 Jun 2023 13:53:10 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 641895 expires: Mon, 11 Dec 2023 07:26:10 GMT vary: Accept-Encoding server: cloudflare cf-ray: 7d70d7f5ee70b50c-OSL content-encoding: gzip X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/homepage/simple-image-banners/2023/y23_w23-24_cosrx_1470x1060_image_banner.png?w=282&h=204&mode=Crop&quality=90&crop=2,0,1467,1060&format=jpg	104.18.31.49	200 OK	6.4 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/homepage/simple-image-banners/2023/y23_w23-24_cosrx_1470x1060_image_banner.png?w=282&h=204&mode=Crop&quality=90&crop=2,0,1467,1060&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 282x204, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 6.4 kB (6362 bytes) Hash cd50880877303b9d4d8a479445afb381 a2b8573ba99056bcca0eb1ee3e1c1ab3ca34207d 0d3f424c5b2f174d7b004b1fdc77df2757af5da2a04f5388e6a2753f2994b8af HTTP Headers GET /globalassets/homepage/simple-image-banners/2023/y23_w23-24_cosrx_1470x1060_image_banner.png?w=282&h=204&mode=Crop&quality=90&crop=2,0,1467,1060&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; ai_user=N5vh1\|2023-06-14T07:26:11.523Z Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:12 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865384 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=11096 content-disposition: inline; filename="y23_w23-24_cosrx_1470x1060_image_banner.webp" expires: Wed, 05 Jun 2024 13:09:16 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:09:16 GMT cf-cache-status: HIT age: 662611 server: cloudflare cf-ray: 7d70d7fecdbfb50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/images/ibux-tab-400mg-20,32219_860029.jpg?w=202&h=202&mode=Max&quality=100&crop=328,477,2071,1321&format=jpg	104.18.31.49	200 OK	5.5 kB
URL GET HTTP/2 www.farmasiet.no/images/ibux-tab-400mg-20,32219_860029.jpg?w=202&h=202&mode=Max&quality=100&crop=328,477,2071,1321&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 202x98, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 5.5 kB (5484 bytes) Hash 5969f738edef3f3d0b4d4430752ef43b e486c7effa88b8ca86f0c26de359a86df0e04ee1 f83ba0a296dfe208d10177362c66c1f827dd0a97df194e647e322cc5b8172f59 HTTP Headers GET /images/ibux-tab-400mg-20,32219_860029.jpg?w=202&h=202&mode=Max&quality=100&crop=328,477,2071,1321&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; ai_user=N5vh1\|2023-06-14T07:26:11.523Z; ai_session=w3w8p\|1686727571631\|1686727571631 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:12 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865435 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=21041 content-disposition: inline; filename="ibux-tab-400mg-20,32219_860029.webp" expires: Wed, 05 Jun 2024 13:10:07 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:07 GMT cf-cache-status: HIT age: 658138 server: cloudflare cf-ray: 7d70d800e96db50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/dist/assets/fonts/TTCommons-DemiBold.woff2	104.18.31.49	200 OK	62 kB
URL GET HTTP/2 www.farmasiet.no/dist/assets/fonts/TTCommons-DemiBold.woff2 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type Web Open Font Format (Version 2), TrueType, length 61804, version 0.0\012- data Size 62 kB (61804 bytes) Hash 4eef8e04161c3d41608244fd28db0d45 49d7b0cb86f23f5293907cb7f8d7bfc6ef44d99f 1bf3e0a3b117298281e6ad18c3e3b5f64693151fe2735d43a46335fb90320dae HTTP Headers GET /dist/assets/fonts/TTCommons-DemiBold.woff2 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo DNT: 1 Connection: keep-alive Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: application/font-woff access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 etag: W/"09c62274b95d91:0" last-modified: Fri, 02 Jun 2023 12:10:00 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 670692 expires: Mon, 11 Dec 2023 07:26:10 GMT vary: Accept-Encoding server: cloudflare cf-ray: 7d70d7f5de4db50c-OSL content-encoding: gzip X-Firefox-Spdy: h2

	static.zdassets.com/ekr/snippet.js?key=a5e46e07-fec9-4183-9c9d-b98972d79d05	104.18.70.113	200 OK	24 kB
URL GET HTTP/2 static.zdassets.com/ekr/snippet.js?key=a5e46e07-fec9-4183-9c9d-b98972d79d05 IP 104.18.70.113:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerCloudflare, Inc. Subjectzdassets.com Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28 ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT File type ASCII text, with very long lines (24203), with no line terminators Size 24 kB (24203 bytes) Hash 9ce7e23b1a5cf89ecf9e795e0ccb61b4 d3c8c1151af2925bb8e1a8f1d1b679ae31285189 622be2eb8ef5825d74867a56c04c9274812a7276da1f7bd218401deb24fdc045 HTTP Headers `GET /ekr/snippet.js?key=a5e46e07-fec9-4183-9c9d-b98972d79d05 HTTP/1.1 Host: static.zdassets.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:16 GMT content-type: application/javascript x-amz-id-2: RG8/vyNn41W5q8TS7d+jGqDdpbT5EpyCGVx/2FwdphVP2lcqjX892H+hN6D0nfZ/vkUNEfBmmFw= x-amz-request-id: EH7FC72Q3HKHEZZK x-amz-replication-status: COMPLETED last-modified: Sun, 14 May 2023 23:22:32 GMT etag: W/"9ce7e23b1a5cf89ecf9e795e0ccb61b4" x-amz-server-side-encryption: AES256 cache-control: public, max-age=3600, s-maxage=60 x-amz-version-id: h_C7R95D6YonGiyqdlKE7XDlNtmjvPl8 cf-cache-status: HIT age: 54 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHe3NBR2k37foO8R9HGv%2Fhw6kbQ%2Bhknd%2FS1b8kgNlzfztteITGgX56kTzctIh%2F1ula6GosXGe50R8eAsbT3GFpPM1ie%2FevpB6zsOWUH7Qp3QYreYcR0fIBfENbObHyGj31BGxc0%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding strict-transport-security: max-age=0 server: cloudflare cf-ray: 7d70d81bbc41b518-OSL content-encoding: br X-Firefox-Spdy: h2

	www.farmasiet.no/dist/assets/images/apple-touch-icon.png?v=1.0.29708.0	104.18.31.49	200 OK	110 B
URL GET HTTP/2 www.farmasiet.no/dist/assets/images/apple-touch-icon.png?v=1.0.29708.0 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image\012- data Size 110 B (110 bytes) Hash 564b7055d9ec9a5307091e5674afa005 d82569c564540f23c4e987c525e3a83bc3c4d050 26627641a815c38eed0d34102995db288c5084917ad132724c3630f7b51d8e38 HTTP Headers GET /dist/assets/images/apple-touch-icon.png?v=1.0.29708.0 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:11 GMT content-type: image/webp content-length: 110 access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=474 content-disposition: inline; filename="apple-touch-icon.webp" etag: "09c62274b95d91:0" last-modified: Fri, 02 Jun 2023 12:10:00 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff cf-cache-status: HIT age: 530379 expires: Mon, 11 Dec 2023 07:26:11 GMT accept-ranges: bytes server: cloudflare cf-ray: 7d70d7fb7826b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/contentassets/960010ad02704b02b2bd3281d1f72cbd/leading-banner-10-newsletter.png?w=350&quality=100&format=jpg	104.18.31.49	200 OK	11 kB
URL GET HTTP/2 www.farmasiet.no/contentassets/960010ad02704b02b2bd3281d1f72cbd/leading-banner-10-newsletter.png?w=350&quality=100&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 350x642, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 11 kB (10714 bytes) Hash 244b2953c3449cc5da41afd74dbf43de 5e53d668e9b0fe422189b11c9141b86aa25198c7 6331794ad72d77668d9f374fcff9e0d949d2f9d58cb5d34cfe592f9b5dfd1974 HTTP Headers GET /contentassets/960010ad02704b02b2bd3281d1f72cbd/leading-banner-10-newsletter.png?w=350&quality=100&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865471 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=48937 content-disposition: inline; filename="leading-banner-10-newsletter.webp" expires: Wed, 05 Jun 2024 13:10:41 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:41 GMT cf-cache-status: HIT age: 660483 server: cloudflare cf-ray: 7d70d7f62ef8b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/homepage/simple-image-banners/2023/y23_w23-24_smectago_1470x1060_image_banner.png?w=282&h=204&mode=Crop&quality=90&crop=2,0,1467,1060&format=jpg	104.18.31.49	200 OK	6.6 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/homepage/simple-image-banners/2023/y23_w23-24_smectago_1470x1060_image_banner.png?w=282&h=204&mode=Crop&quality=90&crop=2,0,1467,1060&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 282x204, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 6.6 kB (6620 bytes) Hash 11bf5fcec90e7425de91dab5b367ae35 152f82a7015dbfcc8aecb3d9ac81c3a9d9a47615 8f98f895389cd19ecfefba0e7a93985e41d3ba0473d65fd3d88e86f7501c516e HTTP Headers GET /globalassets/homepage/simple-image-banners/2023/y23_w23-24_smectago_1470x1060_image_banner.png?w=282&h=204&mode=Crop&quality=90&crop=2,0,1467,1060&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; ai_user=N5vh1\|2023-06-14T07:26:11.523Z; ai_session=w3w8p\|1686727571631\|1686727571631 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:12 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865384 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=10558 content-disposition: inline; filename="y23_w23-24_smectago_1470x1060_image_banner.webp" expires: Wed, 05 Jun 2024 13:09:16 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:09:16 GMT cf-cache-status: HIT age: 656289 server: cloudflare cf-ray: 7d70d7fecdd9b50c-OSL X-Firefox-Spdy: h2

	ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/108.js	54.230.111.36	200 OK	238 kB
URL GET HTTP/2 ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/108.js IP 54.230.111.36:443 ASN #16509 AMAZON-02 Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerAmazon Subject.powerreviews.com Fingerprint7A:D7:78:27:B8:E6:63:0D:39:65:73:B5:77:C3:2B:3A:E7:8A:FE:0F ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 24 Jan 2024 23:59:59 GMT File type Size 238 kB (238274 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /tag-builds/10436/4.1/js/chunks/108.js HTTP/1.1 Host: ui.powerreviews.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript date: Wed, 31 May 2023 21:04:48 GMT access-control-allow-origin: * access-control-allow-methods: GET, PUT, POST, DELETE, HEAD access-control-expose-headers: x-amz-meta-unpublished-reviews last-modified: Wed, 31 May 2023 21:04:24 GMT etag: W/"dd583f7593a759c7ec0944d9256e6d69" x-amz-server-side-encryption: AES256 cache-control: max-age=31536000 server: PowerReviews content-encoding: gzip vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-cache: Hit from cloudfront via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: 26aCcLky-gJxAdaY7DCxeGaVmCzVrDU09hbHtTvjyiElXNnJcmob8A== age: 1160484 X-Firefox-Spdy: h2

	www.farmasiet.no/dist/assets/fonts/TTCommons-Regular.woff2	104.18.31.49	200 OK	62 kB
URL GET HTTP/2 www.farmasiet.no/dist/assets/fonts/TTCommons-Regular.woff2 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type Web Open Font Format (Version 2), TrueType, length 62464, version 0.0\012- data Size 62 kB (62464 bytes) Hash 1017e3e64949bf3d9c1de82c2829b431 4a9ae031b75785040ea8942d0d01fb1d70953fd9 ec3576c0d824e00a419d5983217a7198d848c98bddf139baed861b3a2f813d36 HTTP Headers GET /dist/assets/fonts/TTCommons-Regular.woff2 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo DNT: 1 Connection: keep-alive Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: application/font-woff access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 etag: W/"09c62274b95d91:0" last-modified: Fri, 02 Jun 2023 12:10:00 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 670692 expires: Mon, 11 Dec 2023 07:26:10 GMT vary: Accept-Encoding server: cloudflare cf-ray: 7d70d7f5de59b50c-OSL content-encoding: gzip X-Firefox-Spdy: h2

	www.farmasiet.no/dist/vendors~adminPortal~checkout~cms~filters~user-profile.js?v=1.0.29708.0	104.18.31.49	200 OK	176 kB
URL GET HTTP/2 www.farmasiet.no/dist/vendors~adminPortal~checkout~cms~filters~user-profile.js?v=1.0.29708.0 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type Size 176 kB (176065 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /dist/vendors~adminPortal~checkout~cms~filters~user-profile.js?v=1.0.29708.0 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: application/x-javascript access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 content-encoding: gzip etag: "09c62274b95d91:0" last-modified: Fri, 02 Jun 2023 12:10:00 GMT vary: Accept-Encoding request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 641895 expires: Mon, 11 Dec 2023 07:26:10 GMT server: cloudflare cf-ray: 7d70d7f63f0ab50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/brand-logos-_-bw/weleda.jpg?w=112&quality=100&format=png	104.18.31.49	200 OK	1.5 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/brand-logos-_-bw/weleda.jpg?w=112&quality=100&format=png IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image\012- data Size 1.5 kB (1454 bytes) Hash ec4ee7c17f2b4917d5c74d47baa1fdf2 957434f4254a666e6dc12486c36e5dd4cfba06df d43b14aa85bace2876546e3f431907867cea6e0a77a0436fc532b3ff54eaf716 HTTP Headers GET /globalassets/brand-logos-_-bw/weleda.jpg?w=112&quality=100&format=png HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865435 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=3219 content-disposition: inline; filename="weleda.webp" expires: Wed, 05 Jun 2024 13:10:05 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:05 GMT cf-cache-status: HIT age: 656257 server: cloudflare cf-ray: 7d70d7f61ee1b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/homepage/simple-image-banners/2023/y23_w23-24_flux_1470x1060_image_banner.png?w=282&h=204&mode=Crop&quality=90&crop=2,0,1467,1060&format=jpg	104.18.31.49	200 OK	7.5 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/homepage/simple-image-banners/2023/y23_w23-24_flux_1470x1060_image_banner.png?w=282&h=204&mode=Crop&quality=90&crop=2,0,1467,1060&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 282x204, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 7.5 kB (7468 bytes) Hash 58bfcfd15952df473f05d8c93cf87e17 3c1ef484b71b93ff81dcd5f268b0d5fcded0a684 6b67615d14e7dddac36ff88e10275a4bc4ae7869928e40b1dd8c8e967ba9c579 HTTP Headers GET /globalassets/homepage/simple-image-banners/2023/y23_w23-24_flux_1470x1060_image_banner.png?w=282&h=204&mode=Crop&quality=90&crop=2,0,1467,1060&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; ai_user=N5vh1\|2023-06-14T07:26:11.523Z; ai_session=w3w8p\|1686727571631\|1686727571631 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:12 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865384 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=12299 content-disposition: inline; filename="y23_w23-24_flux_1470x1060_image_banner.webp" expires: Wed, 05 Jun 2024 13:09:16 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:09:16 GMT cf-cache-status: HIT age: 660429 server: cloudflare cf-ray: 7d70d7fecdd6b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/homepage/carousel_main-banners/2023/y23_w23-24_piz-buin_1600x900_main_banner.png?w=800&h=450&mode=Crop&quality=90&crop=0,0,1600,900&format=jpg	104.18.31.49	200 OK	23 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/homepage/carousel_main-banners/2023/y23_w23-24_piz-buin_1600x900_main_banner.png?w=800&h=450&mode=Crop&quality=90&crop=0,0,1600,900&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 23 kB (22928 bytes) Hash 888112ed0f2fe4f01110bb9c390d7fab bc0a1381db2521aefedd11880c9e0bcf17c3fcbe 6ca0c2d170719fe541adf7cb1fabce3a0d8335c806cb0e48f460c81e24063517 HTTP Headers GET /globalassets/homepage/carousel_main-banners/2023/y23_w23-24_piz-buin_1600x900_main_banner.png?w=800&h=450&mode=Crop&quality=90&crop=0,0,1600,900&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; ai_user=N5vh1\|2023-06-14T07:26:11.523Z; ai_session=w3w8p\|1686727571631\|1686727571631 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:16 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865470 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=42821 content-disposition: inline; filename="y23_w23-24_piz-buin_1600x900_main_banner.webp" expires: Wed, 05 Jun 2024 13:10:46 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:46 GMT cf-cache-status: HIT age: 662955 server: cloudflare cf-ray: 7d70d81bbad5b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/dist/5.css?v=1.0.29708.0	104.18.31.49	200 OK	497 kB
URL GET HTTP/2 www.farmasiet.no/dist/5.css?v=1.0.29708.0 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type ASCII text, with very long lines (65536), with no line terminators Size 497 kB (496823 bytes) Hash 90d6ac09ec464395cf4089822de6742e 58f7ba97fc71e5c9fa06cd0652b2485beff3c21d 4944578d9e58ca3640c582c04b25f01c538884662cc4d4eab7d8ad36102435fa HTTP Headers GET /dist/5.css?v=1.0.29708.0 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: text/css access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 content-encoding: gzip etag: "09c62274b95d91:0" last-modified: Fri, 02 Jun 2023 12:10:00 GMT vary: Accept-Encoding request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 641895 expires: Mon, 11 Dec 2023 07:26:10 GMT server: cloudflare cf-ray: 7d70d7f5de5cb50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/dist/cms.js?v=1.0.29708.0	104.18.31.49	200 OK	867 kB
URL GET HTTP/2 www.farmasiet.no/dist/cms.js?v=1.0.29708.0 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type Size 867 kB (866767 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /dist/cms.js?v=1.0.29708.0 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: application/x-javascript access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 content-encoding: gzip etag: "09c62274b95d91:0" last-modified: Fri, 02 Jun 2023 12:10:00 GMT vary: Accept-Encoding request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 641895 expires: Mon, 11 Dec 2023 07:26:10 GMT server: cloudflare cf-ray: 7d70d7f63f0db50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/images/otrivin-nesespr-1mgml-10,32138_860311.jpg?w=202&h=202&mode=Max&quality=100&crop=1186,53,2753,2928&format=jpg	104.18.31.49	200 OK	6.1 kB
URL GET HTTP/2 www.farmasiet.no/images/otrivin-nesespr-1mgml-10,32138_860311.jpg?w=202&h=202&mode=Max&quality=100&crop=1186,53,2753,2928&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 110x202, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 6.1 kB (6140 bytes) Hash cfec1fab1e91414434aea8687a22eb55 5d6dc1849d4bcd33879b9c627daad52b8a768e97 26bdb526f30b47b1d9741ba6301241aa74b9d6f6f1951ed9912113c2b34a64aa HTTP Headers GET /images/otrivin-nesespr-1mgml-10,32138_860311.jpg?w=202&h=202&mode=Max&quality=100&crop=1186,53,2753,2928&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; ai_user=N5vh1\|2023-06-14T07:26:11.523Z; ai_session=w3w8p\|1686727571631\|1686727571631 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:12 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865435 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=23500 content-disposition: inline; filename="otrivin-nesespr-1mgml-10,32138_860311.webp" expires: Wed, 05 Jun 2024 13:10:07 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:07 GMT cf-cache-status: HIT age: 660962 server: cloudflare cf-ray: 7d70d800f974b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/images/la-roche-posay-la-roche-posayla-roche-posay-anthelios-anthelios-uvmune-ultralight-cream-spf50,3846_1172018.jpg?w=202&h=202&mode=Max&quality=100&crop=1378,100,2622,2899&format=jpg	104.18.31.49	200 OK	3.2 kB
URL GET HTTP/2 www.farmasiet.no/images/la-roche-posay-la-roche-posayla-roche-posay-anthelios-anthelios-uvmune-ultralight-cream-spf50,3846_1172018.jpg?w=202&h=202&mode=Max&quality=100&crop=1378,100,2622,2899&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 90x202, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 3.2 kB (3216 bytes) Hash efc616ff732a208c3643bfbd26fa8946 00f316f6b667412434cce126d9a97caf040cd3db fa7c0ce377b4651615230042b1f4d6db50b5adf58b2c08f57e106d7ed6c92777 HTTP Headers GET /images/la-roche-posay-la-roche-posayla-roche-posay-anthelios-anthelios-uvmune-ultralight-cream-spf50,3846_1172018.jpg?w=202&h=202&mode=Max&quality=100&crop=1378,100,2622,2899&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; ai_user=N5vh1\|2023-06-14T07:26:11.523Z; ai_session=w3w8p\|1686727571631\|1686727571631 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:12 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865435 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=13761 content-disposition: inline; filename="la-roche-posay-la-roche-posayla-roche-posay-anthelios-anthelios-uvmune-ultralight-cream-spf50,3846_1172018.webp" expires: Wed, 05 Jun 2024 13:10:07 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:07 GMT cf-cache-status: HIT age: 658886 server: cloudflare cf-ray: 7d70d800f972b50c-OSL X-Firefox-Spdy: h2

	ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/576.js	54.230.111.36	200 OK	169 B
URL GET HTTP/2 ui.powerreviews.com/tag-builds/10436/4.1/js/chunks/576.js IP 54.230.111.36:443 ASN #16509 AMAZON-02 Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerAmazon Subject.powerreviews.com Fingerprint7A:D7:78:27:B8:E6:63:0D:39:65:73:B5:77:C3:2B:3A:E7:8A:FE:0F ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 24 Jan 2024 23:59:59 GMT File type ASCII text, with no line terminators Size 169 B (169 bytes) Hash 641414fd650a074e2378db8491fded7e 3a63be88d2fa851768b621824368332cd5acffc1 969cc109ed4a8bd036b99087b98d9772d3685bdc15621ed4c73049df1c30f4b5 HTTP Headers `GET /tag-builds/10436/4.1/js/chunks/576.js HTTP/1.1 Host: ui.powerreviews.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript content-length: 169 date: Wed, 31 May 2023 21:04:48 GMT access-control-allow-origin: * access-control-allow-methods: GET, PUT, POST, DELETE, HEAD access-control-expose-headers: x-amz-meta-unpublished-reviews last-modified: Wed, 31 May 2023 21:04:25 GMT etag: "a225652c7c67ac3ec05999b559cb2d73" x-amz-server-side-encryption: AES256 cache-control: max-age=31536000 accept-ranges: bytes server: PowerReviews vary: Access-Control-Request-Headers,Access-Control-Request-Method x-cache: Hit from cloudfront via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: f6prJJiHtEogp6tDqd-gayTJuuHkxI6z4LRARsMsCliD45cAmgiq_w== age: 1160484 X-Firefox-Spdy: h2

	ekr.zdassets.com/compose/a5e46e07-fec9-4183-9c9d-b98972d79d05	104.18.72.113	200 OK	387 B
URL GET HTTP/2 ekr.zdassets.com/compose/a5e46e07-fec9-4183-9c9d-b98972d79d05 IP 104.18.72.113:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerCloudflare, Inc. Subjectzdassets.com Fingerprint8A:25:1A:C6:2D:0B:57:20:0E:AC:67:73:C0:21:62:12:0D:EA:56:28 ValidityThu, 10 Nov 2022 00:00:00 GMT - Thu, 09 Nov 2023 23:59:59 GMT File type troff or preprocessor input, ASCII text, with very long lines (416), with no line terminators Size 387 B (387 bytes) Hash 02ecf7cc4543aa67314017b36e6f9157 d013856fcfc6e1fd626834eb3a2543843dbb9b4f 7b2b4069100cc9b628b9494e4dd66fa07b316b8ab2a22bf9c6f6b25cfd0c7c23 HTTP Headers `GET /compose/a5e46e07-fec9-4183-9c9d-b98972d79d05 HTTP/1.1 Host: ekr.zdassets.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.farmasiet.no DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:17 GMT content-type: application/json; charset=utf-8 status: 200 OK access-control-allow-origin: * access-control-allow-methods: GET, POST, OPTIONS access-control-expose-headers: access-control-max-age: 7200 x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff x-download-options: noopen x-permitted-cross-domain-policies: none referrer-policy: strict-origin-when-cross-origin cdn-cache-control: max-age=60 vary: Accept, Origin, Accept-Encoding cache-control: max-age=600, public, stale-while-revalidate=600, stale-if-error=21600 etag: W/"e3c1493c789fe54f034b4afb117a4b5e" x-request-id: 7d38b358cdc20b61-SEA, 7d38b358cdc20b61-SEA x-runtime: 0.013637 x-zendesk-zorg: yes cf-cache-status: HIT age: 35 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdnXrSLdutk%2BzZ3r6pyAwOCVY7rfD0uJrF5jGtnHYQAiGWRES%2BJCESb5fGqlPDD8jl%2F4xgnoYajI45xXgutp9n4Kr1J20QJK2utRmMnMpzKJHaUOdwlLpfwEcMz1tdY7PM4%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} strict-transport-security: max-age=0 server: cloudflare cf-ray: 7d70d81cdc000b45-OSL content-encoding: br X-Firefox-Spdy: h2

	www.farmasiet.no/images/paracet-tab--500mg-20,32117_860321.jpg?w=202&h=202&mode=Max&quality=100&crop=920,997,3118,2023&format=jpg	104.18.31.49	200 OK	4.7 kB
URL GET HTTP/2 www.farmasiet.no/images/paracet-tab--500mg-20,32117_860321.jpg?w=202&h=202&mode=Max&quality=100&crop=920,997,3118,2023&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 202x94, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 4.7 kB (4674 bytes) Hash ffe8a369d674d9d18f6de43f7793f007 209d0bc4a843d03aab8224bff507963419d25f32 658f827f4768f125d2d982f583a0171917cc2f311b2f0a42794c396a93a49faa HTTP Headers GET /images/paracet-tab--500mg-20,32117_860321.jpg?w=202&h=202&mode=Max&quality=100&crop=920,997,3118,2023&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; ai_user=N5vh1\|2023-06-14T07:26:11.523Z; ai_session=w3w8p\|1686727571631\|1686727571631 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:12 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865435 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=17235 content-disposition: inline; filename="paracet-tab--500mg-20,32117_860321.webp" expires: Wed, 05 Jun 2024 13:10:07 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:07 GMT cf-cache-status: HIT age: 657863 server: cloudflare cf-ray: 7d70d800c93db50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/brand-logos-_-bw/leukoplast.jpg?w=112&quality=100&format=png	104.18.31.49	200 OK	1.4 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/brand-logos-_-bw/leukoplast.jpg?w=112&quality=100&format=png IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image\012- data Size 1.4 kB (1396 bytes) Hash da875872365e960d3c75537ac9b58830 36bc5278e8e8f863a05d960275e066f9200457fd b6f29fa47fea7556d7f96493beb4534eff1de738f53b0e9ae8dac2561c615dc5 HTTP Headers GET /globalassets/brand-logos-_-bw/leukoplast.jpg?w=112&quality=100&format=png HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865435 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=3027 content-disposition: inline; filename="leukoplast.webp" expires: Wed, 05 Jun 2024 13:10:05 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:05 GMT cf-cache-status: HIT age: 660955 server: cloudflare cf-ray: 7d70d7f62ef1b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/brand-logos-_-bw/dymista.jpg?w=112&quality=100&format=png	104.18.31.49	200 OK	1.8 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/brand-logos-_-bw/dymista.jpg?w=112&quality=100&format=png IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image\012- data Size 1.8 kB (1776 bytes) Hash baf42a8e262a20296ccc5aeb12a37e2a 6d0853ad162962c7ba588034123d43510b435e22 8507a88840d75ae8c5b433f861443353671afd2e00822da8bcba6699a78bc5d1 HTTP Headers GET /globalassets/brand-logos-_-bw/dymista.jpg?w=112&quality=100&format=png HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865435 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=3789 content-disposition: inline; filename="dymista.webp" expires: Wed, 05 Jun 2024 13:10:05 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:05 GMT cf-cache-status: HIT age: 656287 server: cloudflare cf-ray: 7d70d7f61ecfb50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/brand-logos-_-bw/mollers-logo.jpg?w=112&quality=100&format=png	104.18.31.49	200 OK	1.7 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/brand-logos-_-bw/mollers-logo.jpg?w=112&quality=100&format=png IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image\012- data Size 1.7 kB (1730 bytes) Hash d44b808fe6a6d0aad689547fca664849 880d79a3974bc6d07910715ab295371a26fcecf2 6f3ec8dea85149551cc27f19215f3e80908ca25ba1eb2f4a1400cf3988639882 HTTP Headers GET /globalassets/brand-logos-_-bw/mollers-logo.jpg?w=112&quality=100&format=png HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865435 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=3674 content-disposition: inline; filename="mollers-logo.webp" expires: Wed, 05 Jun 2024 13:10:05 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:05 GMT cf-cache-status: HIT age: 657515 server: cloudflare cf-ray: 7d70d7f62ef3b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/dist/assets/fonts/TTCommons-Bold.woff2	104.18.31.49	200 OK	62 kB
URL GET HTTP/2 www.farmasiet.no/dist/assets/fonts/TTCommons-Bold.woff2 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type Web Open Font Format (Version 2), TrueType, length 62432, version 0.0\012- data Size 62 kB (62432 bytes) Hash e90cafd23c7a0cb2389fc5ec1caa1556 d3dab2a6f7f16518e45e1819662e3cdeebe48b0b 75b8e3b58e64362d37adab6a21ac864d5ec8f330d56b31b2d78227189eacd8c2 HTTP Headers GET /dist/assets/fonts/TTCommons-Bold.woff2 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo DNT: 1 Connection: keep-alive Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: application/font-woff access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 etag: W/"09c62274b95d91:0" last-modified: Fri, 02 Jun 2023 12:10:00 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 670692 expires: Mon, 11 Dec 2023 07:26:10 GMT vary: Accept-Encoding server: cloudflare cf-ray: 7d70d7f5de4ab50c-OSL content-encoding: gzip X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/homepage/carousel_main-banners/2023/y23_w23-24_sol_1600x900_main_banner.png?w=800&h=450&mode=Crop&quality=90&crop=0,0,1600,900&format=jpg	104.18.31.49	200 OK	24 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/homepage/carousel_main-banners/2023/y23_w23-24_sol_1600x900_main_banner.png?w=800&h=450&mode=Crop&quality=90&crop=0,0,1600,900&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 800x450, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 24 kB (23462 bytes) Hash 2f8b6b64a01c45d72adbb00d76f501d6 a45ec386041b6dcc5f1cf2bc6359c537184a7000 3fec351a7161794183c42a03039646e9ea253df3657a885f031992a74531a5de HTTP Headers GET /globalassets/homepage/carousel_main-banners/2023/y23_w23-24_sol_1600x900_main_banner.png?w=800&h=450&mode=Crop&quality=90&crop=0,0,1600,900&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=31411349 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=41305 content-disposition: inline; filename="y23_w23-24_sol_1600x900_main_banner.webp" expires: Tue, 11 Jun 2024 20:48:39 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Mon, 12 Jun 2023 20:48:45 GMT cf-cache-status: HIT age: 124131 server: cloudflare cf-ray: 7d70d7f5ee74b50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/dist/assets/fonts/TTCommons-Medium.woff2	104.18.31.49	200 OK	62 kB
URL GET HTTP/2 www.farmasiet.no/dist/assets/fonts/TTCommons-Medium.woff2 IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type Web Open Font Format (Version 2), TrueType, length 62404, version 0.0\012- data Size 62 kB (62404 bytes) Hash e9a2ea77d189d00c4f14067d9204db6e 6105e5d9ec50b5005f4e6b2347b59408b1b835db 57733c2a54e5adb8568ccd4e14eae5010625db61020645a3a977b143ae1fc45c HTTP Headers GET /dist/assets/fonts/TTCommons-Medium.woff2 HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo DNT: 1 Connection: keep-alive Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: application/font-woff access-control-expose-headers: Request-Context cache-control: public, max-age=15552000 etag: W/"09c62274b95d91:0" last-modified: Fri, 02 Jun 2023 12:10:00 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: HIT age: 670692 expires: Mon, 11 Dec 2023 07:26:10 GMT vary: Accept-Encoding server: cloudflare cf-ray: 7d70d7f5de57b50c-OSL content-encoding: gzip X-Firefox-Spdy: h2

	ui.powerreviews.com/stable/4.1/ui.js	54.230.111.36	200 OK	42 kB
URL GET HTTP/2 ui.powerreviews.com/stable/4.1/ui.js IP 54.230.111.36:443 ASN #16509 AMAZON-02 Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerAmazon Subject.powerreviews.com Fingerprint7A:D7:78:27:B8:E6:63:0D:39:65:73:B5:77:C3:2B:3A:E7:8A:FE:0F ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 24 Jan 2024 23:59:59 GMT File type Size 42 kB (41827 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /stable/4.1/ui.js HTTP/1.1 Host: ui.powerreviews.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript date: Wed, 31 May 2023 21:04:47 GMT access-control-allow-origin: * access-control-allow-methods: GET, PUT, POST, DELETE, HEAD access-control-expose-headers: x-amz-meta-unpublished-reviews last-modified: Wed, 31 May 2023 21:04:32 GMT etag: W/"9b1f12551f83d30e77aafe40f9368cd0" x-amz-server-side-encryption: AES256 cache-control: max-age=1800,s-maxage=1209600 server: PowerReviews content-encoding: gzip vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-cache: Hit from cloudfront via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: kt_NJul_1XWP1hDblRGas0sT0UsnAf-rJ0nC0HwGPRWgrZBpIKyeLA== age: 1160484 X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/homepage/simple-image-banners/2023/y23_w23-24_piz-buin_1470x1060_image_banner.png?w=282&h=204&mode=Crop&quality=90&crop=2,0,1467,1060&format=jpg	104.18.31.49	200 OK	6.8 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/homepage/simple-image-banners/2023/y23_w23-24_piz-buin_1470x1060_image_banner.png?w=282&h=204&mode=Crop&quality=90&crop=2,0,1467,1060&format=jpg IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image, VP8 encoding, 282x204, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Size 6.8 kB (6750 bytes) Hash 712c06012712676425bcdc4603e38c15 523fc4737bbfa6934627cfab06950832fd3c4ea4 63ccd57289e338ab761d88b83101b602c5956f3d066f1f2ec263212c2b08c65b HTTP Headers GET /globalassets/homepage/simple-image-banners/2023/y23_w23-24_piz-buin_1470x1060_image_banner.png?w=282&h=204&mode=Crop&quality=90&crop=2,0,1467,1060&format=jpg HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; ai_user=N5vh1\|2023-06-14T07:26:11.523Z Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:12 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865384 cf-bgj: imgq:85,h2pri cf-polished: qual=85, origFmt=jpeg, origSize=11441 content-disposition: inline; filename="y23_w23-24_piz-buin_1470x1060_image_banner.webp" expires: Wed, 05 Jun 2024 13:09:16 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:09:16 GMT cf-cache-status: HIT age: 125508 server: cloudflare cf-ray: 7d70d7fecdcdb50c-OSL X-Firefox-Spdy: h2

	www.farmasiet.no/globalassets/brand-logos-_-bw/nailner.jpg?w=112&quality=100&format=png	104.18.31.49	200 OK	1.3 kB
URL GET HTTP/2 www.farmasiet.no/globalassets/brand-logos-_-bw/nailner.jpg?w=112&quality=100&format=png IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type RIFF (little-endian) data, Web/P image\012- data Size 1.3 kB (1276 bytes) Hash 228905959a325afc279987febf073633 303e0799ed30bc978ae2887b29b151312739f7ba 7f09e466f61632d22563b919166bf06a9113bc7221568a6675697e305f2c513e HTTP Headers GET /globalassets/brand-logos-_-bw/nailner.jpg?w=112&quality=100&format=png HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:10 GMT content-type: image/webp access-control-expose-headers: Request-Context cache-control: public, max-age=30865435 cf-bgj: imgq:85,h2pri cf-polished: origFmt=png, origSize=2867 content-disposition: inline; filename="nailner.webp" expires: Wed, 05 Jun 2024 13:10:05 GMT request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 strict-transport-security: max-age=31536000; preload vary: Accept x-content-type-options: nosniff last-modified: Tue, 06 Jun 2023 13:10:05 GMT cf-cache-status: HIT age: 658503 server: cloudflare cf-ray: 7d70d7f62eefb50c-OSL X-Firefox-Spdy: h2

	ui.powerreviews.com/tag-builds/10436/4.1/css/styles.css	54.230.111.36	200 OK	436 kB
URL GET HTTP/2 ui.powerreviews.com/tag-builds/10436/4.1/css/styles.css IP 54.230.111.36:443 ASN #16509 AMAZON-02 Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerAmazon Subject.powerreviews.com Fingerprint7A:D7:78:27:B8:E6:63:0D:39:65:73:B5:77:C3:2B:3A:E7:8A:FE:0F ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 24 Jan 2024 23:59:59 GMT File type Size 436 kB (435606 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /tag-builds/10436/4.1/css/styles.css HTTP/1.1 Host: ui.powerreviews.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: text/css date: Wed, 31 May 2023 21:04:48 GMT access-control-allow-origin: access-control-allow-methods: GET, PUT, POST, DELETE, HEAD access-control-expose-headers: x-amz-meta-unpublished-reviews last-modified: Wed, 31 May 2023 21:04:24 GMT etag: W/"883f63acd541d0c1864a8baa3e9eac99" x-amz-server-side-encryption: AES256 cache-control: max-age=31536000 server: PowerReviews content-encoding: gzip vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-cache: Hit from cloudfront via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-P1 x-amz-cf-id: SGi-mo_cygQ4YOGAqjgN0MfWtqmFmgpzHF4xybUcGGWkfpANHBc8LQ== age: 1160484 X-Firefox-Spdy: h2

	www.farmasiet.no/api/visitorIntelligence/track/custom	104.18.31.49	200 OK	1.0 kB
URL POST HTTP/2 www.farmasiet.no/api/visitorIntelligence/track/custom IP 104.18.31.49:443 ASN #13335 CLOUDFLARENET Requested by https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Certificate IssuerGlobalSign nv-sa Subject.farmasiet.no Fingerprint5D:66:38:CD:52:49:E0:83:38:12:39:16:09:DF:A0:7D:07:8A:8A:14 ValidityMon, 09 Jan 2023 09:29:27 GMT - Sat, 10 Feb 2024 09:29:26 GMT File type troff or preprocessor input, ASCII text, with very long lines (1179), with no line terminators Size 1.0 kB (1023 bytes) Hash bb9c2118b161c0084a6f8c251dd63b35 dc5b7b2e85ff4dfe502e0cf0b0c2f0e32f7b73ca 39cdecf04c7ed613507194212280c65423d47e9ad46ea6a50e986ef73b7614a1 HTTP Headers POST /api/visitorIntelligence/track/custom HTTP/1.1 Host: www.farmasiet.no User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json; charset=UTF-8 Content-Length: 263 Origin: https://www.farmasiet.no DNT: 1 Connection: keep-alive Referer: https://www.farmasiet.no/?utm_source=Tradedoubler&utm_medium=Affiliate&utm_campaign=Kelkoo Cookie: .ASPXANONYMOUS=xnwyl52-QnYwW_OUbl2CN7POJ6YEbTL2ErHkfmKE4XuejagrA4tuVPnsm7RA8UtUkiv1IIXGTVDt2uQctDioBiJiDn4JVpFoIupmVRsWd2W9A2iG1g6IypHisux9QVhWTpYK3g2; TRADEDOUBLER=3446258a1b709c718c056e842090ff8f; ARRAffinity=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815; ARRAffinitySameSite=8963d3a040250f0a77cc3ce87c268aa8c38d5b42ab3dd390ba421a6714ea8815 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK date: Wed, 14 Jun 2023 07:26:12 GMT content-type: application/json; charset=utf-8 content-length: 544 access-control-expose-headers: Request-Context cache-control: no-cache content-encoding: gzip expires: -1 pragma: no-cache set-cookie: EPiSessionId=5f1fd5ac-76b9-443f-8fde-d8df1fb42f7a; Max-Age=1800; Path=/ _madid=16d99f03-2acf-4827-8a12-2ad4c3104b69; expires=Thu, 13-Jun-2024 07:26:11 GMT; path=/ epi_RecommendationsTrackingUserId=cuid=104095475661\|VAmO9z1qYRcvRio1ZdOmXshy7sbH6mNkDqPiEueRjcI&h=; expires=Thu, 13-Jun-2024 07:26:12 GMT; path=/ epi_RecommendationsTrackingSessionId=131500206861\|5lCmxTHKCJGqR9uILsCWhflt5vw6Dp9kLYSPDMr1Rco; expires=Wed, 14-Jun-2023 11:26:12 GMT; path=/ vary: Accept-Encoding request-context: appId=cid-v1:8bace5e3-7b1f-424a-b5b6-51a220a090c2 x-frame-options: SAMEORIGIN strict-transport-security: max-age=31536000; preload x-content-type-options: nosniff cf-cache-status: DYNAMIC server: cloudflare cf-ray: 7d70d7fcaa0bb50c-OSL X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (67)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML