{"report_id":"b8236038-2995-46ae-9c64-04f6c1b8df98","version":6,"status":"done","tags":[],"date":"2026-04-11T18:55:37Z","url":{"schema":"http","addr":"yotube.com/","fqdn":"yotube.com","domain":"yotube.com","tld":"com"},"ip":{"addr":"173.224.126.58","port":0,"asn":30083,"as":"AS-30083-GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"no-go.kelkoogroup.net/redirect?country=no\u0026k=612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f\u0026url=https%3A%2F%2Fwww.med24.no%3Fkk%3Da4c6295-19d7de5f660-1b2704%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%26utm_source_platform%3DKelkooGroup\u0026initiator=timeout\u0026dc=false","fqdn":"no-go.kelkoogroup.net","domain":"kelkoogroup.net","tld":"net"},"title":"kelkoogroup.net","dom":{"size":43,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"d1ba9189c22d8e6e667d05677ffb7e27","sha1":"8ec08fdf85be2b610631ad1b6e03efbd67366151","sha256":"f8dac000ac22aa5f27170a9c0b03e3f8503ed983328a2492d6e06fee67cb8b1b","sha512":"a9986e5f0dd743eb67083fbc7b37fc4be7bc97d3a38d4daae41a6801c16eec5bf88ca2c71ca4fed5b479457b11120415e679a941c408f2bba912cc820ffd906d","ssdeep":"","tlshash":"c19004fdf15140055c3435c00cc333450d14435c30034d0035c03474c404115cd175c4","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"yotube.com/","fqdn":"yotube.com","domain":"yotube.com","tld":"com"},"ip":{"addr":"173.224.126.58","port":0,"asn":30083,"as":"AS-30083-GO-DADDY-COM-LLC","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-16T18:55:37Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"sarai-tid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"yotube.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"yotube.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"trck.shopli.city","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"sarai-tid.com","ip":{"addr":"107.21.95.73","port":80,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2026-03-19","domain_rank":0,"first_seen":"2026-03-21T12:47:16.399698Z","last_seen":"2026-04-06T00:01:34.236764Z","alert_count":5,"request_count":5,"received_data":5751,"sent_data":3260,"comment":"","tags":null,"fingerprints":null},{"fqdn":"no-go.kelkoogroup.net","ip":{"addr":"95.211.116.26","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2017-08-18","domain_rank":0,"first_seen":"2017-10-30T14:27:38Z","last_seen":"2026-04-08T10:50:44.524602Z","alert_count":0,"request_count":4,"received_data":179034,"sent_data":5347,"comment":"","tags":null,"fingerprints":[{"name":"DataDome","description":"DataDome is a cybersecurity platform that specialises in bot protection and mitigation, offering advanced solutions to safeguard websites and mobile applications against malicious bot traffic, credential stuffing, scraping, and other automated threats.","website":"https://datadome.co","common_platform_enumeration":"","icon":"DataDome.svg","categories":["Security"]}]},{"fqdn":"yotube.com","ip":{"addr":"78.41.207.12","port":443,"asn":62370,"as":"Snel.com B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2005-08-14","domain_rank":557164,"first_seen":"2012-05-26T01:13:08Z","last_seen":"2026-03-06T23:02:08.040751Z","alert_count":6,"request_count":3,"received_data":1589,"sent_data":1837,"comment":"","tags":null,"fingerprints":[{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]},{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]}]},{"fqdn":"trck.shopli.city","ip":{"addr":"207.154.244.157","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"domain_registered":"2025-05-08","domain_rank":0,"first_seen":"2026-03-13T11:23:25.543078Z","last_seen":"2026-04-06T09:50:03.209854Z","alert_count":1,"request_count":1,"received_data":1392,"sent_data":1341,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"shopli.city","ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2025-05-08","domain_rank":4291532,"first_seen":"2025-06-25T19:57:23.896347Z","last_seen":"2026-04-06T22:01:07.167585Z","alert_count":0,"request_count":2,"received_data":2506,"sent_data":2076,"comment":"","tags":null,"fingerprints":[{"name":"gunicorn","description":"","website":"https://gunicorn.org","common_platform_enumeration":"","icon":"gunicorn.png","categories":["Web servers"]},{"name":"Python","description":"Python is an interpreted and general-purpose programming language.","website":"https://python.org","common_platform_enumeration":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","icon":"Python.png","categories":["Programming languages"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"geo.captcha-delivery.com","ip":{"addr":"13.50.6.43","port":443,"asn":16509,"as":"AMAZON-02","country":"Sweden","country_code":"SE"},"domain_registered":"2019-12-23","domain_rank":76095,"first_seen":"2020-03-18T08:06:49Z","last_seen":"2026-04-09T10:52:21.278649Z","alert_count":0,"request_count":3,"received_data":922017,"sent_data":6875,"comment":"","tags":null,"fingerprints":null},{"fqdn":"static.captcha-delivery.com","ip":{"addr":"52.84.50.118","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2019-12-23","domain_rank":167473,"first_seen":"2020-05-12T12:33:44Z","last_seen":"2026-04-09T10:52:22.542451Z","alert_count":0,"request_count":7,"received_data":62234,"sent_data":3602,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"ct.captcha-delivery.com","ip":{"addr":"52.84.50.60","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2019-12-23","domain_rank":125224,"first_seen":"2020-02-05T05:26:26Z","last_seen":"2026-04-09T20:47:05.982803Z","alert_count":0,"request_count":1,"received_data":16211,"sent_data":422,"comment":"","tags":null,"fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"http","addr":"sarai-tid.com/zclkvisitor/f8b37fb2-35d7-11f1-b40e-0afffcfc985b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=46f7c840-2b5e-11f1-b333-12fc2ef5ed09","fqdn":"sarai-tid.com","domain":"sarai-tid.com","tld":"com"},"ip":{"addr":"107.21.95.73","port":80,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"aae1a82d69f4313aa6ce0f0065adc1c5","sha1":"657b5548983e3155a75d1cb132deb0be701cbb09","sha256":"6650696151db96b368455d48b0f5242c38b4e971768c61e7f5b2c85a7ac99e28","sha512":"041a7a16ce09aefa312552236caf6d5c75b6bc41138032eb91832d185bbc2edb091fee073dd4bb5209e8ee7f1c2a1d7a556663fc23ef38cd956e848fef46e5fd","ssdeep":"","tlshash":"19511c745a7224706d2f240db73ad20a727a4233291be441bcae99180fb0e97715abe9","size":2818,"data":"","first_seen":"2026-04-11T18:55:40.68175Z","last_seen":"2026-04-11T18:55:40.68175Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"no-go.kelkoogroup.net/permanentLinkGo?country=no\u0026id=47692679-139a-4232-9170-574f76601827\u0026merchantUrl=https%3A%2F%2Fwww.med24.no\u0026publisherSubId=shoplicity\u0026publisherClickId=1sjos4f.2.832g","fqdn":"no-go.kelkoogroup.net","domain":"kelkoogroup.net","tld":"net"},"ip":{"addr":"95.211.116.26","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"15be9cb1bb6e7738a4de428571690ab3","sha1":"a4397dd795a394c1b8ab610575ed36dd35caf819","sha256":"d65f221c0ec7bfe11fd721390e4ecb0609edbdeb474caebb4afa3ad804ae091b","sha512":"664c94f896a256abdee1c10fa5c534b91ea600f2b68f70767443352ebf248ced60a43d8d4301fa8b8713ca85de77d99068863e49d84c705ac72d2df2388ec25d","ssdeep":"1536:eOfIzHy01c4E9xlpBHrewlwg0W+YTd9jwf0IiJDxetx0CeQZzmqdYm//aKkUaD9/:4WxRHHvmYZef0IiNkZ6qcUk9/","tlshash":"a3f3089e71807c2c06e7767163af3187f0e72e39bd4c50d1ad61e8f069a498f94aac74","size":162211,"data":"","first_seen":"2026-04-11T18:55:40.682757Z","last_seen":"2026-04-11T18:55:40.682757Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ct.captcha-delivery.com/i.js","fqdn":"ct.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"52.84.50.60","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"14867fc17e7a0d59f653596d425b2feb","sha1":"2c12b362f630bc3058da912580cb4382c73888d3","sha256":"b2086fb19988cbf9d2caa696692c0711145ee92124319146e0d1352d8eb5797d","sha512":"30999e7314d56ead316c3bb0591b2c4bc158f1841e17a107a46587622d81cdda24fd5a9a3ee921f389a6716e9fb00a40250fa1c3ecf6c05cd48ce8ef2be1a18b","ssdeep":"192:Rc6NViX29WR+ctayDQ7/p3GyxLq3ffZ0CVcF6rNUOuSeK3+nX8hOUO40252JCIo9:RFyrSDK173Us5MCkC","tlshash":"476295ad68f345680763603d1bbf6218b1715113349ecc50bc5ca6117f90e67da7abec","size":15685,"data":"","first_seen":"2025-12-09T15:18:57.63761Z","last_seen":"2026-04-11T18:55:40.680604Z","times_seen":815,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg%3D%3D\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026cid=XcYqImuuXseKL7X117evHsDxJbaR0zTe1XBMbPdQVGqpDYSx2KpwqnP8VGe~bTRAkXv8_aJh_tC0lKqUJOlSzwVpeT3_s8D7jU1ulWenuSW_~HhApcyg0OKPA1_1Rs6R\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026s=35103\u0026e=cab8c92f61773a0a2de957e275c6ff5408fde3205ddf1a09162a0be64b2c85d4f66252b132257ddd28a351ca8fcc86d1\u0026b=1441348\u0026dm=cd","fqdn":"geo.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"13.50.6.43","port":443,"asn":16509,"as":"AMAZON-02","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"7887397f810b3988b0b647bfe210c5e1","sha1":"32f7ee4221bfb438a9dcc427255c9b7627cd5e2a","sha256":"ac4cd4eb79f81540a135b6f83f9ed1b272067055761fab5df138ce0911fdb48a","sha512":"924ddee8b2d1cf788b62616b5148bdbdceda6e861dfc9fbbd0bec218be0f6524632cd8d3b97a5c378e0817652f9102f2f09dc50c972307240e345f4af51acff0","ssdeep":"6144:sgTPpuZefodijEOJiq9QdzlCKz9gDyCVqtk48Y4V9ZcA:sgk30tJicQdzltbv58Y4iA","tlshash":"d3941a21674d9e5ea2f93f22e3ce10c670db996b69386a58797c8473e3d109d49cecc0","size":410210,"data":"","first_seen":"2026-04-11T18:55:40.683974Z","last_seen":"2026-04-11T18:55:40.683974Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg==\u0026cid=NvBjXwVQDzbCzuiBsozMGEdFHe8ZA20g106KyzxXOgVUaC6LNQDEK9FgT2k_7C9vnAWF~onPSP56EgKKdXFh7Q~R89vXNIINA9Gia_S1O2LNuOoSSAMI52K2~OXh_61J\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026t=fe\u0026s=35103\u0026e=211c91962c1d554c1ad6175ccc41017b55e2f52cf7489c58b28d651c2e1f15bb1f5183c01ff51f3ebc67ef5d62c3a57f\u0026ir=482766%2C20\u0026dm=dc_ir\u0026b=1441348","fqdn":"geo.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"13.50.6.43","port":443,"asn":16509,"as":"AMAZON-02","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"47b8506a4ac25f92973f189954915447","sha1":"bea4d8dd92b6ffdfd0aa3aafd11501e7c3efa652","sha256":"035a238af5477cc3aa02a2072cf41d49327acaca6f1f83d2d504fc9636dc76d4","sha512":"38475b76184444a6b242eb44e48914c6ce3db607533c059d4a5150c0163b2d676c73e716b5dfe6c3546a0f5e06bc1c05811c9bf79c2607c9a0d45d407260af51","ssdeep":"6144:gNkwQ5Df7Bre+2alpv/ey98+ZLhnDRTZegFWhBILpXLFQrnA:g1Q5TV6+L/H9RfnHegF+aburnA","tlshash":"fcb45be332a93d7c406b56b9074b36c7606e6d76bd04efcdbc38c4a18bf01a99469c61","size":497032,"data":"","first_seen":"2026-04-11T18:55:40.685027Z","last_seen":"2026-04-11T18:55:40.685027Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"no-go.kelkoogroup.net/permanentLinkGo?country=no\u0026id=47692679-139a-4232-9170-574f76601827\u0026merchantUrl=https%3A%2F%2Fwww.med24.no\u0026publisherSubId=shoplicity\u0026publisherClickId=1sjos4f.2.832g","fqdn":"no-go.kelkoogroup.net","domain":"kelkoogroup.net","tld":"net"},"ip":{"addr":"95.211.116.26","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"721a9c67f3da49ea87ac115fd5930130","sha1":"fb79b62a117dfc30fc8ab5db2dd5eb4f516dcc5a","sha256":"e9fcac14042e219c8d9a2fcef8ac4a6e5c592c99da6b62bfff8710445d7500aa","sha512":"ff333ee1f563c10db8e4c000742ea865e9a22b584f6d43511a06b244062bab322f4065029409bb920c02c9006c98b502ea6b09fbfa824e0176579ad430f3590f","ssdeep":"96:fsz6VKu42seKu4UvE9E7gu4RcsHESlcykCjdyV0hv5pUKChSzcIm9wvbJ6NNbtVP:kzy+ML2EtiHESQQdyV0DPvzc/6+lbJV","tlshash":"ce02d94c9e7ad413d08c2767cb6b45a6edbf4cb47a84cf80b6a598a7bd2017ec510f18","size":8453,"data":"","first_seen":"2026-04-11T18:55:40.686278Z","last_seen":"2026-04-11T18:55:40.686278Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"no-go.kelkoogroup.net/permanentLinkGo?country=no\u0026id=47692679-139a-4232-9170-574f76601827\u0026merchantUrl=https%3A%2F%2Fwww.med24.no\u0026publisherSubId=shoplicity\u0026publisherClickId=1sjos4f.2.832g","fqdn":"no-go.kelkoogroup.net","domain":"kelkoogroup.net","tld":"net"},"ip":{"addr":"95.211.116.26","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"12921a807296c62f787b8e235e269c6d","sha1":"0cdd6c134a142066d742a3c7922b126b2984abf2","sha256":"c14afac60fb47523a92befe743a2fb1dcf19a23fc396fba7a769866ab3efe4f9","sha512":"7fbc8ee39bc88ebec3127dc84d700911aa68b7a9c6eec93daa26010ed0b90793a9d544f76421f25c05d6742f83be26f7280877b679b750387338c117af1fb396","ssdeep":"","tlshash":"5f21830e23950be783c093d65231048bd597ba2af4e2909b376f8304340c3cda352f2e","size":1348,"data":"","first_seen":"2026-04-11T18:55:40.687226Z","last_seen":"2026-04-11T18:55:40.687226Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"no-go.kelkoogroup.net/redirect?country=no\u0026k=612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f\u0026url=https%3A%2F%2Fwww.med24.no%3Fkk%3Da4c6295-19d7de5f660-1b2704%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%26utm_source_platform%3DKelkooGroup\u0026initiator=timeout\u0026dc=false","fqdn":"no-go.kelkoogroup.net","domain":"kelkoogroup.net","tld":"net"},"ip":{"addr":"95.211.116.26","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"437a3f9c47cd4ad9828914b857323cb6","sha1":"365b688ba1ddad5c00004bcf050a4f8c1de83f70","sha256":"95495b6e0e7d2219d3f8cecb2074177a4a1dd6d7803df9af4c0752f001469b2c","sha512":"c21527e0b27972b6e7ef680372dc065e49cbc6e0e69e810369f05fa1e8797d1ea442a4886e563689f3e26f7d33c788e8485f426bf363459e70eafaf4a9f934f7","ssdeep":"","tlshash":"d3e0fa7f7c49716f97ee1c115511303c75e45113d5c965d490615d15435f3c13821fb0","size":404,"data":"","first_seen":"2026-04-11T18:55:40.688247Z","last_seen":"2026-04-11T18:55:40.688247Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg%3D%3D\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026cid=XcYqImuuXseKL7X117evHsDxJbaR0zTe1XBMbPdQVGqpDYSx2KpwqnP8VGe~bTRAkXv8_aJh_tC0lKqUJOlSzwVpeT3_s8D7jU1ulWenuSW_~HhApcyg0OKPA1_1Rs6R\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026s=35103\u0026e=cab8c92f61773a0a2de957e275c6ff5408fde3205ddf1a09162a0be64b2c85d4f66252b132257ddd28a351ca8fcc86d1\u0026b=1441348\u0026dm=cd","fqdn":"geo.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"13.50.6.43","port":443,"asn":16509,"as":"AMAZON-02","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://no-go.kelkoogroup.net/redirect?country=no\u0026k=612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f\u0026url=https%3A%2F%2Fwww.med24.no%3Fkk%3Da4c6295-19d7de5f660-1b2704%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%26utm_source_platform%3DKelkooGroup\u0026initiator=timeout\u0026dc=false","date":"2026-04-11T18:55:16.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.captcha-delivery.com","organization":""},"issuer":{"commonName":"Amazon ECDSA 256 M04","organization":"Amazon"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Fri, 12 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"84:99:02:55:0D:B0:27:3F:D5:3B:80:B1:A2:7D:3A:75:FE:D0:C5:02","sha256":"D6:0B:84:02:F5:B9:16:0C:CD:48:04:A9:19:11:ED:BF:38:3A:95:FC:FE:51:04:A6:38:F7:D9:7C:8D:28:B2:1D"}}},"request":{"raw":"GET /interstitial/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg%3D%3D\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026cid=XcYqImuuXseKL7X117evHsDxJbaR0zTe1XBMbPdQVGqpDYSx2KpwqnP8VGe~bTRAkXv8_aJh_tC0lKqUJOlSzwVpeT3_s8D7jU1ulWenuSW_~HhApcyg0OKPA1_1Rs6R\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026s=35103\u0026e=cab8c92f61773a0a2de957e275c6ff5408fde3205ddf1a09162a0be64b2c85d4f66252b132257ddd28a351ca8fcc86d1\u0026b=1441348\u0026dm=cd HTTP/1.1\r\nHost: geo.captcha-delivery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://no-go.kelkoogroup.net/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 11 Apr 2026 18:55:17 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":413091,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (61729)","md5":"18259781fc4535f43f268f9e0b341c8a","sha1":"c605a8f9a01f3892a09e8a8520561ec62921779a","sha256":"25afb481f7f91de782768aec2afa21a60d3374e335480477add87031379e441b","sha512":"47de0b9e95268cf9b2a8843b0beeebe6e954902664f0d88aba0222c481c9228f159c04562ec76f224450cf9e6b2bf6e91939c33438135b6cebbf09fbf42b9db0","ssdeep":"6144:hgTPpuZefodijEOJiq9QdzlCKz9gDyCVqtk48Y4V9Zch:hgk30tJicQdzltbv58Y4ih","tlshash":"57941a21674d5e5ea2f93f22e3cd10c670db9a6b6a386a58797c8473e3d109d49cecc0","first_seen":"2026-04-11T18:55:40.662967Z","last_seen":"2026-04-11T18:55:40.662967Z","times_seen":1,"resource_available":false,"data":null}},"time_used":360,"timings":{"blocked":155,"dns":83,"connect":11,"send":0,"wait":14,"receive":36,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.captcha-delivery.com/captcha/assets/tpl/device-check/index.css","fqdn":"static.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"52.84.50.118","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg%3D%3D\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026cid=XcYqImuuXseKL7X117evHsDxJbaR0zTe1XBMbPdQVGqpDYSx2KpwqnP8VGe~bTRAkXv8_aJh_tC0lKqUJOlSzwVpeT3_s8D7jU1ulWenuSW_~HhApcyg0OKPA1_1Rs6R\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026s=35103\u0026e=cab8c92f61773a0a2de957e275c6ff5408fde3205ddf1a09162a0be64b2c85d4f66252b132257ddd28a351ca8fcc86d1\u0026b=1441348\u0026dm=cd","date":"2026-04-11T18:55:17.133Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.captcha-delivery.com","organization":""},"issuer":{"commonName":"Amazon ECDSA 256 M01","organization":"Amazon"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Fri, 12 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"4B:F8:91:06:E4:2C:48:D9:73:19:0B:2F:00:40:4B:06:4D:09:7D:0B","sha256":"68:6B:3C:E2:9D:5A:C8:78:F5:26:BA:B6:2B:AD:7D:91:43:EC:24:F5:BB:80:E0:55:B0:37:E6:C3:ED:2D:CB:44"}}},"request":{"raw":"GET /captcha/assets/tpl/device-check/index.css HTTP/1.1\r\nHost: static.captcha-delivery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://geo.captcha-delivery.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nlast-modified: Thu, 06 Nov 2025 15:00:36 GMT\r\nserver: AmazonS3\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: null\r\ncontent-encoding: gzip\r\ndate: Sat, 11 Apr 2026 02:30:02 GMT\r\netag: W/\"0baa3b5c210de640a4fdb0b9d3e01c96\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: XGQ_QnBlyjXP4m6Vt7FhQWfeHe0NtE80iz4cNOc60ZNL68Qp_87Q0Q==\r\nage: 59116\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":3829,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"0baa3b5c210de640a4fdb0b9d3e01c96","sha1":"9fe628f121f856b0bbe7e8990cbb65452765d7b9","sha256":"4306a5efb86516c2beda2fffc2864c2e8c9f41e13c8675b0ae4559735fb28cf7","sha512":"3a8938a3fa4d2239173c05d6849e3f8100af1dd24165dfff80e978ba7f2db0b65bc5080a2df58a58b09291bc2a64b3a5c52f35ea5f4551900f5da076d228eb34","ssdeep":"","tlshash":"c981e135ae6319e7880fc2694faa8504220b89832b2fcfd57bdc64454f4c5596ba37cc","first_seen":"2025-11-07T00:29:13.008944Z","last_seen":"2026-04-11T18:55:40.664128Z","times_seen":1005,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":82,"dns":61,"connect":3,"send":0,"wait":1,"receive":0,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sarai-tid.com/zclkvisitor/f8b37fb2-35d7-11f1-b40e-0afffcfc985b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=46f7c840-2b5e-11f1-b333-12fc2ef5ed09","fqdn":"sarai-tid.com","domain":"sarai-tid.com","tld":"com"},"ip":{"addr":"107.21.95.73","port":80,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-11T18:55:14.000Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /zclkvisitor/f8b37fb2-35d7-11f1-b40e-0afffcfc985b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=46f7c840-2b5e-11f1-b333-12fc2ef5ed09 HTTP/1.1\r\nHost: sarai-tid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 \r\nDate: Sat, 11 Apr 2026 18:55:14 GMT\r\nContent-Type: text/html;charset=UTF-8\r\nContent-Length: 3086\r\nConnection: keep-alive\r\nCache-Control: no-store, no-cache, pre-check=0, post-check=0\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET,POST,OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,Content-Type\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":null,"data":{"size":3086,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (408)","md5":"8c4e418268ea4cbd6206311eb5b08b05","sha1":"ec8f23586b7c5da6488d59c46a36f8e7fe2c6f49","sha256":"ed69c91fe6576916aaf729eeae530c1adbccef664b9b42d7e21abc8004194cb7","sha512":"a382a6fcfa2f0d6f6ade4c55ad2bd45eb51f435d3b7261f54bc41040adf2f387fc6617d8f265523c0931de35bec4827c688e2fe0d7109b2852154c3493f5ac8b","ssdeep":"","tlshash":"045142745a7224306d2f240db73ad209737b4233291bd441bc9e99140fb0e93755b7ed","first_seen":"2026-04-11T18:55:40.664756Z","last_seen":"2026-04-11T18:55:40.664756Z","times_seen":1,"resource_available":true,"data":null}},"time_used":286,"timings":{"blocked":94,"dns":1,"connect":94,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"sarai-tid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"no-go.kelkoogroup.net/permanentLinkGo?country=no\u0026id=47692679-139a-4232-9170-574f76601827\u0026merchantUrl=https%3A%2F%2Fwww.med24.no\u0026publisherSubId=shoplicity\u0026publisherClickId=1sjos4f.2.832g","fqdn":"no-go.kelkoogroup.net","domain":"kelkoogroup.net","tld":"net"},"ip":{"addr":"95.211.116.26","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-11T18:55:15.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kelkoogroup.net","organization":"Kelkoo SAS"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 09 Sep 2025 00:00:00 GMT","end":"Sat, 10 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"9B:4D:66:74:64:33:8E:71:A6:45:6A:39:AA:C0:FC:41:09:E3:29:29","sha256":"64:3D:E1:6E:0D:29:EE:D8:EB:09:2B:95:0A:3B:90:94:2A:61:E5:E6:24:AF:B0:4A:4B:C6:38:D7:5D:90:CF:25"}}},"request":{"raw":"GET /permanentLinkGo?country=no\u0026id=47692679-139a-4232-9170-574f76601827\u0026merchantUrl=https%3A%2F%2Fwww.med24.no\u0026publisherSubId=shoplicity\u0026publisherClickId=1sjos4f.2.832g HTTP/1.1\r\nHost: no-go.kelkoogroup.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nleadId: 629D01KNYYBXM6S4TMBPFZFP1B3PEJ\r\nPragma: no-cache\r\nX-DD-B: 3\r\nCharset: utf-8\r\nclickId: 107698149_1775933716063_14862446\r\ncountry: no\r\nAccept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory\r\nSet-Cookie: datadome=9Av8pCCgsFKB2Hh3wLsqYBphheS4a61_7b0embWiXZYJCWbJcSoBg9~zGqfiGSPUfHEBqT207BdSef5g0~ktaecVl58mzaE7xa_K9OIdr3Byb6qHbOZGB7f6JICLD~He; Max-Age=31104000; Expires=Tue, 06 Apr 2027 18:55:16 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure\nkelkooID=a4c6295-19d7de5f660-1b2704; Max-Age=31536000; Expires=Sun, 11 Apr 2027 18:55:16 GMT; SameSite=None; Path=/; Domain=kelkoogroup.net; Secure; HTTPOnly\r\nX-DataDome: protected\r\nRequest-Time: PT0.04665839S\r\nX-Robots-Tag: noindex,nofollow\r\nCache-Control: max-age=0, private, no-cache, no-store, must-revalidate\r\nX-DataDome-CID: AHrlqAAAAAMAwZvwcpPvj20AW1oqmg==\r\nReferrer-Policy: origin-when-cross-origin\r\nX-Frame-Options: DENY\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: frame-ancestors 'none'\r\nX-Permitted-Cross-Domain-Policies: master-only\r\nDate: Sat, 11 Apr 2026 18:55:15 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 173919\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DataDome","description":"DataDome is a cybersecurity platform that specialises in bot protection and mitigation, offering advanced solutions to safeguard websites and mobile applications against malicious bot traffic, credential stuffing, scraping, and other automated threats.","website":"https://datadome.co","common_platform_enumeration":"","icon":"DataDome.svg","categories":["Security"]}],"data":{"size":173919,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (33459)","md5":"b4a3acbfbc706ab6d1804a4cba968876","sha1":"ea17f4b7a1dd182ccaf63020123f2d02b0148c0c","sha256":"d7693b9f0d26ac1a70d8c0bf2025e1eea38e53b2addce588fcd733ba10d46761","sha512":"451ae62f555e816993e74e2f4e928cd7aa8993e3bb83abbde73800063a81229c47c2da52b471416861d2de7bccb42cabe6794ed59c4d5b160dd0ed11c62d21cb","ssdeep":"1536:BOfIzHy01c4E9xlpBHrewlwg0W+YTd9jwf0IiJDxetx0CeQZzmqdYm//aKkUaD9I:DWxRHHvmYZef0IiNkZ6qcUk9X2EYp","tlshash":"5b04198d7280e81d46ea7673636f3183f0eb2e347d4c55c0ad61e8f169a098fd4aad74","first_seen":"2026-04-11T18:55:40.665994Z","last_seen":"2026-04-11T18:55:40.665994Z","times_seen":1,"resource_available":true,"data":null}},"time_used":613,"timings":{"blocked":183,"dns":85,"connect":22,"send":0,"wait":93,"receive":154,"ssl":73},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"no-go.kelkoogroup.net/redirect?country=no\u0026k=612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f\u0026url=https%3A%2F%2Fwww.med24.no%3Fkk%3Da4c6295-19d7de5f660-1b2704%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%26utm_source_platform%3DKelkooGroup\u0026initiator=timeout\u0026dc=false","fqdn":"no-go.kelkoogroup.net","domain":"kelkoogroup.net","tld":"net"},"ip":{"addr":"95.211.116.26","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-11T18:55:16.692Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kelkoogroup.net","organization":"Kelkoo SAS"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 09 Sep 2025 00:00:00 GMT","end":"Sat, 10 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"9B:4D:66:74:64:33:8E:71:A6:45:6A:39:AA:C0:FC:41:09:E3:29:29","sha256":"64:3D:E1:6E:0D:29:EE:D8:EB:09:2B:95:0A:3B:90:94:2A:61:E5:E6:24:AF:B0:4A:4B:C6:38:D7:5D:90:CF:25"}}},"request":{"raw":"GET /redirect?country=no\u0026k=612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f\u0026url=https%3A%2F%2Fwww.med24.no%3Fkk%3Da4c6295-19d7de5f660-1b2704%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%26utm_source_platform%3DKelkooGroup\u0026initiator=timeout\u0026dc=false HTTP/1.1\r\nHost: no-go.kelkoogroup.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://no-go.kelkoogroup.net/permanentLinkGo?country=no\u0026id=47692679-139a-4232-9170-574f76601827\u0026merchantUrl=https%3A%2F%2Fwww.med24.no\u0026publisherSubId=shoplicity\u0026publisherClickId=1sjos4f.2.832g\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: datadome=9Av8pCCgsFKB2Hh3wLsqYBphheS4a61_7b0embWiXZYJCWbJcSoBg9~zGqfiGSPUfHEBqT207BdSef5g0~ktaecVl58mzaE7xa_K9OIdr3Byb6qHbOZGB7f6JICLD~He; kelkooID=a4c6295-19d7de5f660-1b2704\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nPragma: no-cache\r\nX-DD-B: 3\r\nCharset: utf-8\r\nAccept-CH: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory\r\nSet-Cookie: datadome=XcYqImuuXseKL7X117evHsDxJbaR0zTe1XBMbPdQVGqpDYSx2KpwqnP8VGe~bTRAkXv8_aJh_tC0lKqUJOlSzwVpeT3_s8D7jU1ulWenuSW_~HhApcyg0OKPA1_1Rs6R; Max-Age=31104000; Expires=Tue, 06 Apr 2027 18:55:16 GMT; SameSite=Lax; Path=/; Domain=.kelkoogroup.net; Secure\r\nX-DataDome: protected\r\nRequest-Time: PT0.021146067S\r\nCache-Control: max-age=0, private, no-cache, no-store, must-revalidate\r\nX-DataDome-CID: AHrlqAAAAAMAwZvwcpPvj20AW1oqmg==\r\nReferrer-Policy: origin-when-cross-origin\r\nX-Frame-Options: DENY\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nX-Permitted-Cross-Domain-Policies: master-only\r\nDate: Sat, 11 Apr 2026 18:55:15 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 778\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"DataDome","description":"DataDome is a cybersecurity platform that specialises in bot protection and mitigation, offering advanced solutions to safeguard websites and mobile applications against malicious bot traffic, credential stuffing, scraping, and other automated threats.","website":"https://datadome.co","common_platform_enumeration":"","icon":"DataDome.svg","categories":["Security"]}],"data":{"size":778,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (778), with no line terminators","md5":"d30a26ad68ad0c1981210f6652fa6084","sha1":"f66ac1e8f286c6a6f929f67f314719ce4a14b084","sha256":"020d27aa82563d20ef96eea7afe713cf0c96540d6cbff97fcc4cc123a266f050","sha512":"bea77e0d55c89cf4a8fc7b54fac99c78fa49f8d781615c8e21b4b004e17e533790e9d59ddf73e43d3d508cb717e6c067bd554563708d40ee3030458170894543","ssdeep":"","tlshash":"d80175bf9c56715fcaee1c90a8b0f17c18555046f9c0aed1b0a09d28a70e2d12d00d90","first_seen":"2026-04-11T18:55:40.666976Z","last_seen":"2026-04-11T18:55:40.666976Z","times_seen":1,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg==\u0026cid=NvBjXwVQDzbCzuiBsozMGEdFHe8ZA20g106KyzxXOgVUaC6LNQDEK9FgT2k_7C9vnAWF~onPSP56EgKKdXFh7Q~R89vXNIINA9Gia_S1O2LNuOoSSAMI52K2~OXh_61J\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026t=fe\u0026s=35103\u0026e=211c91962c1d554c1ad6175ccc41017b55e2f52cf7489c58b28d651c2e1f15bb1f5183c01ff51f3ebc67ef5d62c3a57f\u0026ir=482766%2C20\u0026dm=dc_ir\u0026b=1441348","fqdn":"geo.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"13.50.6.43","port":443,"asn":16509,"as":"AMAZON-02","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://no-go.kelkoogroup.net/redirect?country=no\u0026k=612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f\u0026url=https%3A%2F%2Fwww.med24.no%3Fkk%3Da4c6295-19d7de5f660-1b2704%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%26utm_source_platform%3DKelkooGroup\u0026initiator=timeout\u0026dc=false","date":"2026-04-11T18:55:19.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.captcha-delivery.com","organization":""},"issuer":{"commonName":"Amazon ECDSA 256 M04","organization":"Amazon"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Fri, 12 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"84:99:02:55:0D:B0:27:3F:D5:3B:80:B1:A2:7D:3A:75:FE:D0:C5:02","sha256":"D6:0B:84:02:F5:B9:16:0C:CD:48:04:A9:19:11:ED:BF:38:3A:95:FC:FE:51:04:A6:38:F7:D9:7C:8D:28:B2:1D"}}},"request":{"raw":"GET /captcha/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg==\u0026cid=NvBjXwVQDzbCzuiBsozMGEdFHe8ZA20g106KyzxXOgVUaC6LNQDEK9FgT2k_7C9vnAWF~onPSP56EgKKdXFh7Q~R89vXNIINA9Gia_S1O2LNuOoSSAMI52K2~OXh_61J\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026t=fe\u0026s=35103\u0026e=211c91962c1d554c1ad6175ccc41017b55e2f52cf7489c58b28d651c2e1f15bb1f5183c01ff51f3ebc67ef5d62c3a57f\u0026ir=482766%2C20\u0026dm=dc_ir\u0026b=1441348 HTTP/1.1\r\nHost: geo.captcha-delivery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg%3D%3D\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026cid=XcYqImuuXseKL7X117evHsDxJbaR0zTe1XBMbPdQVGqpDYSx2KpwqnP8VGe~bTRAkXv8_aJh_tC0lKqUJOlSzwVpeT3_s8D7jU1ulWenuSW_~HhApcyg0OKPA1_1Rs6R\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026s=35103\u0026e=cab8c92f61773a0a2de957e275c6ff5408fde3205ddf1a09162a0be64b2c85d4f66252b132257ddd28a351ca8fcc86d1\u0026b=1441348\u0026dm=cd\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 11 Apr 2026 18:55:19 GMT\r\nContent-Type: text/html;charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":506821,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (41304)","md5":"8250ab5f5845906224fc50b29a399d2a","sha1":"377d604a11ee7a6d7d6211b1d4656f4d6043f62f","sha256":"709ab39cd3bfcc5507fa15bf69bab95819b360bc0edae7c3dd4e9869c5b899d9","sha512":"6dd599d6fd3c83522cd35c99eb669ff1141262a39a4aaba884c123cc4f2c30e7daf14571ea2c4ac9720f1765462f9274f80fd48c7f633494043b4436a8db55a8","ssdeep":"6144:aNkwQ5Df7Bre+2alpv/ey98+ZLhnDRTZegFWhBILpXLFQrnl:a1Q5TV6+L/H9RfnHegF+aburnl","tlshash":"b8b46ba332a83d7c406756b9078b36c7706e6d76bd04efcdbc38c4a18bf05a99469c61","first_seen":"2026-04-11T18:55:40.66796Z","last_seen":"2026-04-11T18:55:40.66796Z","times_seen":1,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.captcha-delivery.com/common/fonts/roboto/font-face.css","fqdn":"static.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"52.84.50.118","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg==\u0026cid=NvBjXwVQDzbCzuiBsozMGEdFHe8ZA20g106KyzxXOgVUaC6LNQDEK9FgT2k_7C9vnAWF~onPSP56EgKKdXFh7Q~R89vXNIINA9Gia_S1O2LNuOoSSAMI52K2~OXh_61J\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026t=fe\u0026s=35103\u0026e=211c91962c1d554c1ad6175ccc41017b55e2f52cf7489c58b28d651c2e1f15bb1f5183c01ff51f3ebc67ef5d62c3a57f\u0026ir=482766%2C20\u0026dm=dc_ir\u0026b=1441348","date":"2026-04-11T18:55:19.357Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.captcha-delivery.com","organization":""},"issuer":{"commonName":"Amazon ECDSA 256 M01","organization":"Amazon"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Fri, 12 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"4B:F8:91:06:E4:2C:48:D9:73:19:0B:2F:00:40:4B:06:4D:09:7D:0B","sha256":"68:6B:3C:E2:9D:5A:C8:78:F5:26:BA:B6:2B:AD:7D:91:43:EC:24:F5:BB:80:E0:55:B0:37:E6:C3:ED:2D:CB:44"}}},"request":{"raw":"GET /common/fonts/roboto/font-face.css HTTP/1.1\r\nHost: static.captcha-delivery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://geo.captcha-delivery.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 519\r\nlast-modified: Fri, 19 Jul 2024 12:42:09 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: null\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sat, 11 Apr 2026 07:12:06 GMT\r\netag: \"e4f77074c0ffbfab377011e19283eb13\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: YXqh9BeFW6F0kaPpKc-EF62C9FZXJy5NlJyaul_itbpl7eL3iqI-Sw==\r\nage: 42196\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":519,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e4f77074c0ffbfab377011e19283eb13","sha1":"9160259165ca1ef84209d4dd675c3ed367babff1","sha256":"66599c34190f7a6a402b38664a30a9b564fc22510f51fa3c5f027fb91e7a0e51","sha512":"6ebf2429055be6a945d7e3b84af00b3a68247c8c85c6874c6a670985cf400b2ba06267601c5526b97bfc0d9678b63a33fc38726128e2e05cdc9ec04e450d2794","ssdeep":"","tlshash":"bdf0e9520c86704667020e5d775b651cbc5d640b2809d856f6ee388a9fd7a3f8294f4e","first_seen":"2024-07-20T08:22:48Z","last_seen":"2026-04-11T19:38:54.35356Z","times_seen":10665,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yotube.com/favicon.ico","fqdn":"yotube.com","domain":"yotube.com","tld":"com"},"ip":{"addr":"78.41.207.12","port":443,"asn":62370,"as":"Snel.com B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://yotube.com/","date":"2026-04-11T18:55:13.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yotube.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:37:10 GMT","end":"Sun, 21 Jun 2026 13:37:09 GMT"},"fingerprint":{"sha1":"4E:2A:9A:C9:B9:BB:43:F9:F9:BE:55:2D:F2:39:C6:59:00:7B:07:D7","sha256":"F0:A6:13:1F:A2:36:34:02:42:F2:77:B7:2A:11:00:EF:94:CC:24:37:79:C1:86:6C:D8:E0:CC:FE:3C:A4:48:D0"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: yotube.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yotube.com/\r\nCookie: sid=f88c6953-35d7-11f1-b6d8-8bf80c435bb1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncache-control: max-age=0, private, must-revalidate\r\ncontent-length: 9\r\ndate: Sat, 11 Apr 2026 18:55:12 GMT\r\nserver: Cowboy\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]},{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]}],"data":{"size":9,"size_decoded":0,"mime_type":"image/x-icon","magic":"ASCII text, with no line terminators","md5":"d8f4a1993546cc4b850cde3599e27aec","sha1":"094b763b4cfcc0b05e5d040581cd513c3ca08067","sha256":"907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9","sha512":"7c696247f98aa6fe4e1df001fd6029abbbccf45b122d65dfdede8f8a400cda775387c657f96bd1e4e52da7409187892b1f0786c54d835d2e44227b2e1335eaf6","ssdeep":"","tlshash":"4a50000c0003030c0000003000c00030000c03000c0000300000c00c00000000c000cc","first_seen":"2023-03-08T07:11:06Z","last_seen":"2026-04-11T21:11:26.849971Z","times_seen":19040,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":34,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"yotube.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"yotube.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"trck.shopli.city/9Xq9dSMh?external_id=zrf8b37fb235d711f1b40e0afffcfc985b55779a06f7224f09aa32dd131a0218f1098850f628fe2611d8\u0026cost=0.009600\u0026sub_id_4=DOMAIN\u0026sub_id_9=romeo-tea-TChUPZG7\u0026keyword=yotube%2Cyotube.com%2Cyoutube%2Cyoutube.com%2Cwatch+video%2Conline+video%2Cwatch+movies\u0026sub_id_12=Blend-KL-NO\u0026sub_id_11=2755283\u0026sub_id_7=badious-buzzard\u0026sub_id_5=romeo-tea-TChUPZG7\u0026sub_id_6=Blend-NO-WL\u0026ctrl_fetch_dest=document\u0026ctrl_ab=ckud","fqdn":"trck.shopli.city","domain":"shopli.city","tld":"city"},"ip":{"addr":"207.154.244.157","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-11T18:55:15.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"trck.shopli.city","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 08 Mar 2026 07:40:19 GMT","end":"Sat, 06 Jun 2026 07:40:18 GMT"},"fingerprint":{"sha1":"7D:C0:C6:39:E5:DC:E8:6B:3E:A3:CA:32:61:2D:48:EE:C4:B9:84:59","sha256":"19:6C:71:93:F4:2D:21:23:04:F3:D0:55:FF:8D:69:A7:F8:D4:79:26:70:D2:48:C5:2E:48:87:45:A3:BF:3E:31"}}},"request":{"raw":"GET /9Xq9dSMh?external_id=zrf8b37fb235d711f1b40e0afffcfc985b55779a06f7224f09aa32dd131a0218f1098850f628fe2611d8\u0026cost=0.009600\u0026sub_id_4=DOMAIN\u0026sub_id_9=romeo-tea-TChUPZG7\u0026keyword=yotube%2Cyotube.com%2Cyoutube%2Cyoutube.com%2Cwatch+video%2Conline+video%2Cwatch+movies\u0026sub_id_12=Blend-KL-NO\u0026sub_id_11=2755283\u0026sub_id_7=badious-buzzard\u0026sub_id_5=romeo-tea-TChUPZG7\u0026sub_id_6=Blend-NO-WL\u0026ctrl_fetch_dest=document\u0026ctrl_ab=ckud HTTP/1.1\r\nHost: trck.shopli.city\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://shopli.city/raini?rain=https%3A%2F%2Ftrck.shopli.city/9Xq9dSMh?external_id=zrf8b37fb235d711f1b40e0afffcfc985b55779a06f7224f09aa32dd131a0218f1098850f628fe2611d8\u0026cost=0.009600\u0026sub_id_4=DOMAIN\u0026sub_id_9=romeo-tea-TChUPZG7\u0026keyword=yotube%2Cyotube.com%2Cyoutube%2Cyoutube.com%2Cwatch+video%2Conline+video%2Cwatch+movies\u0026sub_id_12=Blend-KL-NO\u0026sub_id_11=2755283\u0026sub_id_7=badious-buzzard\u0026sub_id_5=romeo-tea-TChUPZG7\u0026sub_id_6=Blend-NO-WL\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sat, 11 Apr 2026 18:55:15 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 0\r\nlocation: https://shopli.city/rainotest?rain=https://no-go.kelkoogroup.net/permanentLinkGo?country=no\u0026id=47692679-139a-4232-9170-574f76601827\u0026merchantUrl=https%3A%2F%2Fwww.med24.no\u0026publisherSubId=shoplicity\u0026ctrl_ab={var10}\u0026publisherClickId=1sjos4f.2.832g\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Sat, 11 Apr 2026 18:55:15 GMT\r\nset-cookie: e3b0c4_2=3klgscm2q3kutf; expires=Sun, 12 Apr 2026 09:03:03 GMT; path=/; domain=trck.shopli.city; secure; httponly; samesite=none\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":719,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T21:55:53.359181Z","times_seen":13637190,"resource_available":true,"data":null}},"time_used":350,"timings":{"blocked":99,"dns":20,"connect":33,"send":0,"wait":151,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"trck.shopli.city","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.captcha-delivery.com/common/fonts/roboto/roboto.woff2","fqdn":"static.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"52.84.50.118","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg==\u0026cid=NvBjXwVQDzbCzuiBsozMGEdFHe8ZA20g106KyzxXOgVUaC6LNQDEK9FgT2k_7C9vnAWF~onPSP56EgKKdXFh7Q~R89vXNIINA9Gia_S1O2LNuOoSSAMI52K2~OXh_61J\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026t=fe\u0026s=35103\u0026e=211c91962c1d554c1ad6175ccc41017b55e2f52cf7489c58b28d651c2e1f15bb1f5183c01ff51f3ebc67ef5d62c3a57f\u0026ir=482766%2C20\u0026dm=dc_ir\u0026b=1441348","date":"2026-04-11T18:55:20.588Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.captcha-delivery.com","organization":""},"issuer":{"commonName":"Amazon ECDSA 256 M01","organization":"Amazon"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Fri, 12 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"4B:F8:91:06:E4:2C:48:D9:73:19:0B:2F:00:40:4B:06:4D:09:7D:0B","sha256":"68:6B:3C:E2:9D:5A:C8:78:F5:26:BA:B6:2B:AD:7D:91:43:EC:24:F5:BB:80:E0:55:B0:37:E6:C3:ED:2D:CB:44"}}},"request":{"raw":"GET /common/fonts/roboto/roboto.woff2 HTTP/1.1\r\nHost: static.captcha-delivery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://geo.captcha-delivery.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.captcha-delivery.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 15688\r\naccess-control-allow-origin: https://geo.captcha-delivery.com\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-max-age: 3000\r\naccess-control-allow-credentials: true\r\nlast-modified: Fri, 06 May 2022 16:47:07 GMT\r\nx-amz-version-id: null\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sat, 11 Apr 2026 01:17:29 GMT\r\netag: \"aa23b7b4bcf2b8f0e876106bb3de69c6\"\r\nvary: Origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: YG1iV5s3shqvpWOm2QT_CiTr3Nw1YK2RPuXjju7rks3X9YZmZpcqsQ==\r\nage: 64096\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":15688,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15688, version 1.0","md5":"aa23b7b4bcf2b8f0e876106bb3de69c6","sha1":"106ac454ba4e503e0a1cd15e1275130918049182","sha256":"cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca","sha512":"4b46d59ba6c76e5f30c89a5bb3f96f7a72bd7d60cfcad7d48638059d60ec61a317a40df70bb1cd2f2a477de1bb0c2399c671880c2981779df6af99043043b46c","ssdeep":"384:8dYfjMKhQeGWnVBs+whGU7J1eNaUgFS7WWPtl2jLMgS4:8hteGIKadgFSn4l","tlshash":"9162d04c9b1901fce30d2efa445bf6bf58c6051c2140af80bde599944ed9d27878fd56","first_seen":"2023-04-09T23:24:15Z","last_seen":"2026-04-11T19:57:46.195093Z","times_seen":14345,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.captcha-delivery.com/common/fonts/roboto/roboto.woff2","fqdn":"static.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"52.84.50.118","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg%3D%3D\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026cid=XcYqImuuXseKL7X117evHsDxJbaR0zTe1XBMbPdQVGqpDYSx2KpwqnP8VGe~bTRAkXv8_aJh_tC0lKqUJOlSzwVpeT3_s8D7jU1ulWenuSW_~HhApcyg0OKPA1_1Rs6R\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026s=35103\u0026e=cab8c92f61773a0a2de957e275c6ff5408fde3205ddf1a09162a0be64b2c85d4f66252b132257ddd28a351ca8fcc86d1\u0026b=1441348\u0026dm=cd","date":"2026-04-11T18:55:17.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.captcha-delivery.com","organization":""},"issuer":{"commonName":"Amazon ECDSA 256 M01","organization":"Amazon"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Fri, 12 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"4B:F8:91:06:E4:2C:48:D9:73:19:0B:2F:00:40:4B:06:4D:09:7D:0B","sha256":"68:6B:3C:E2:9D:5A:C8:78:F5:26:BA:B6:2B:AD:7D:91:43:EC:24:F5:BB:80:E0:55:B0:37:E6:C3:ED:2D:CB:44"}}},"request":{"raw":"GET /common/fonts/roboto/roboto.woff2 HTTP/1.1\r\nHost: static.captcha-delivery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://geo.captcha-delivery.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.captcha-delivery.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 15688\r\naccess-control-allow-origin: https://geo.captcha-delivery.com\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-max-age: 3000\r\naccess-control-allow-credentials: true\r\nlast-modified: Fri, 06 May 2022 16:47:07 GMT\r\nx-amz-version-id: null\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sat, 11 Apr 2026 01:17:29 GMT\r\netag: \"aa23b7b4bcf2b8f0e876106bb3de69c6\"\r\nvary: Origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: sGoTCR312dBBRVLW5a_2Q_T-jnGqw_nsMS-YO7nSulyjwKGGIHzqfQ==\r\nage: 64093\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":15688,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15688, version 1.0","md5":"aa23b7b4bcf2b8f0e876106bb3de69c6","sha1":"106ac454ba4e503e0a1cd15e1275130918049182","sha256":"cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca","sha512":"4b46d59ba6c76e5f30c89a5bb3f96f7a72bd7d60cfcad7d48638059d60ec61a317a40df70bb1cd2f2a477de1bb0c2399c671880c2981779df6af99043043b46c","ssdeep":"384:8dYfjMKhQeGWnVBs+whGU7J1eNaUgFS7WWPtl2jLMgS4:8hteGIKadgFSn4l","tlshash":"9162d04c9b1901fce30d2efa445bf6bf58c6051c2140af80bde599944ed9d27878fd56","first_seen":"2023-04-09T23:24:15Z","last_seen":"2026-04-11T19:57:46.195093Z","times_seen":14345,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sarai-tid.com/favicon.ico","fqdn":"sarai-tid.com","domain":"sarai-tid.com","tld":"com"},"ip":{"addr":"107.21.95.73","port":80,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"http://sarai-tid.com/zclkvisitor/f8b37fb2-35d7-11f1-b40e-0afffcfc985b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=46f7c840-2b5e-11f1-b333-12fc2ef5ed09","date":"2026-04-11T18:55:14.268Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: sarai-tid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: http://sarai-tid.com/zclkvisitor/f8b37fb2-35d7-11f1-b40e-0afffcfc985b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=46f7c840-2b5e-11f1-b333-12fc2ef5ed09\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 \r\nDate: Sat, 11 Apr 2026 18:55:14 GMT\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"","fingerprints":null,"data":{"size":82,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"4cac0af764649ddb1ac8f232c88992c0","sha1":"e198cd9707a3ce6b172620963ee9c77e9e36a3a8","sha256":"ec5f90ab1aa8dbc86ea26241cdeaa4231cab185a6698c898d9d7e99b6f3aef00","sha512":"dc40719673599911777116b713c567dc97b31feca43afc2ada2eb541c775a57a26af40b18565961ea045f7d2e1a68dae9ae68a0d4aae3ab496a00812d491f3b8","ssdeep":"","tlshash":"10a022020e8a808eaf22c2b800c80e20c300cac00c3c0cc820eeca30e820c0fa82c800","first_seen":"2026-04-11T18:55:40.671528Z","last_seen":"2026-04-11T18:55:40.671528Z","times_seen":1,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"sarai-tid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"shopli.city/raini?rain=https%3A%2F%2Ftrck.shopli.city/9Xq9dSMh?external_id=zrf8b37fb235d711f1b40e0afffcfc985b55779a06f7224f09aa32dd131a0218f1098850f628fe2611d8\u0026cost=0.009600\u0026sub_id_4=DOMAIN\u0026sub_id_9=romeo-tea-TChUPZG7\u0026keyword=yotube%2Cyotube.com%2Cyoutube%2Cyoutube.com%2Cwatch+video%2Conline+video%2Cwatch+movies\u0026sub_id_12=Blend-KL-NO\u0026sub_id_11=2755283\u0026sub_id_7=badious-buzzard\u0026sub_id_5=romeo-tea-TChUPZG7\u0026sub_id_6=Blend-NO-WL","fqdn":"shopli.city","domain":"shopli.city","tld":"city"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-11T18:55:14.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shopli.city","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Feb 2026 10:34:24 GMT","end":"Sun, 17 May 2026 10:34:23 GMT"},"fingerprint":{"sha1":"43:AF:4A:DF:5F:9B:16:F4:27:E6:E1:84:3B:82:45:2A:0E:2F:14:51","sha256":"79:7D:32:29:95:BB:34:B0:A0:AE:EA:B4:CC:54:E9:7C:8F:7C:E6:C6:DA:DC:BB:6A:4B:35:0F:1A:6A:E6:1B:61"}}},"request":{"raw":"GET /raini?rain=https%3A%2F%2Ftrck.shopli.city/9Xq9dSMh?external_id=zrf8b37fb235d711f1b40e0afffcfc985b55779a06f7224f09aa32dd131a0218f1098850f628fe2611d8\u0026cost=0.009600\u0026sub_id_4=DOMAIN\u0026sub_id_9=romeo-tea-TChUPZG7\u0026keyword=yotube%2Cyotube.com%2Cyoutube%2Cyoutube.com%2Cwatch+video%2Conline+video%2Cwatch+movies\u0026sub_id_12=Blend-KL-NO\u0026sub_id_11=2755283\u0026sub_id_7=badious-buzzard\u0026sub_id_5=romeo-tea-TChUPZG7\u0026sub_id_6=Blend-NO-WL HTTP/1.1\r\nHost: shopli.city\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://sarai-tid.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 1196\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sat, 11 Apr 2026 18:55:15 GMT\r\nserver: gunicorn\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Cookie\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"gunicorn","description":"","website":"https://gunicorn.org","common_platform_enumeration":"","icon":"gunicorn.png","categories":["Web servers"]},{"name":"Python","description":"Python is an interpreted and general-purpose programming language.","website":"https://python.org","common_platform_enumeration":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","icon":"Python.png","categories":["Programming languages"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1196,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (485)","md5":"5d633bd23653105d27de9f8c7d7b12d2","sha1":"a6161d7346748619a3c96c0785bfd1d88a7cd727","sha256":"bcd92d5782cb4e28f096829730787f291b2bb6dd6a01b7c835e2e553dc75cc53","sha512":"2ba2b0f60b91fbe81ef8f4faae13e74ae07e8919d6e8d4c09bf05cb43de3a459072963b37d3c80a34754b11362cb1d904dc2663655b716b4e982d491644a3f75","ssdeep":"","tlshash":"3421b1d61fbd8a434c5051bc2da0f3381c43831dd496eca5d35aa7a626e9b8b58cb34d","first_seen":"2026-04-11T18:55:40.67247Z","last_seen":"2026-04-11T18:55:40.67247Z","times_seen":1,"resource_available":true,"data":null}},"time_used":574,"timings":{"blocked":79,"dns":22,"connect":12,"send":0,"wait":414,"receive":1,"ssl":40},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"shopli.city/rainotest?rain=https://no-go.kelkoogroup.net/permanentLinkGo?country=no\u0026id=47692679-139a-4232-9170-574f76601827\u0026merchantUrl=https%3A%2F%2Fwww.med24.no\u0026publisherSubId=shoplicity\u0026ctrl_ab={var10}\u0026publisherClickId=1sjos4f.2.832g","fqdn":"shopli.city","domain":"shopli.city","tld":"city"},"ip":{"addr":"34.111.179.208","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-11T18:55:15.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"shopli.city","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 16 Feb 2026 10:34:24 GMT","end":"Sun, 17 May 2026 10:34:23 GMT"},"fingerprint":{"sha1":"43:AF:4A:DF:5F:9B:16:F4:27:E6:E1:84:3B:82:45:2A:0E:2F:14:51","sha256":"79:7D:32:29:95:BB:34:B0:A0:AE:EA:B4:CC:54:E9:7C:8F:7C:E6:C6:DA:DC:BB:6A:4B:35:0F:1A:6A:E6:1B:61"}}},"request":{"raw":"GET /rainotest?rain=https://no-go.kelkoogroup.net/permanentLinkGo?country=no\u0026id=47692679-139a-4232-9170-574f76601827\u0026merchantUrl=https%3A%2F%2Fwww.med24.no\u0026publisherSubId=shoplicity\u0026ctrl_ab={var10}\u0026publisherClickId=1sjos4f.2.832g HTTP/1.1\r\nHost: shopli.city\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://shopli.city/raini?rain=https%3A%2F%2Ftrck.shopli.city/9Xq9dSMh?external_id=zrf8b37fb235d711f1b40e0afffcfc985b55779a06f7224f09aa32dd131a0218f1098850f628fe2611d8\u0026cost=0.009600\u0026sub_id_4=DOMAIN\u0026sub_id_9=romeo-tea-TChUPZG7\u0026keyword=yotube%2Cyotube.com%2Cyoutube%2Cyoutube.com%2Cwatch+video%2Conline+video%2Cwatch+movies\u0026sub_id_12=Blend-KL-NO\u0026sub_id_11=2755283\u0026sub_id_7=badious-buzzard\u0026sub_id_5=romeo-tea-TChUPZG7\u0026sub_id_6=Blend-NO-WL\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-length: 719\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sat, 11 Apr 2026 18:55:15 GMT\r\nserver: gunicorn\r\nstrict-transport-security: max-age=63072000; includeSubDomains\r\nvary: Cookie\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"gunicorn","description":"","website":"https://gunicorn.org","common_platform_enumeration":"","icon":"gunicorn.png","categories":["Web servers"]},{"name":"Python","description":"Python is an interpreted and general-purpose programming language.","website":"https://python.org","common_platform_enumeration":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","icon":"Python.png","categories":["Programming languages"]}],"data":{"size":719,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"ee5d780dcecbda964a2c9c5fe487d7e1","sha1":"eb6c7412994dfaa2c37772c272af5c0ffdbb4d4c","sha256":"35798bef180ee43f8033ee4931a901aab9a8230ef3480b9355526f2d0ee05bdb","sha512":"8d3339a3b84563f9e2f312ae9bef5b57eecb9e668f843143ecf2976218eaa5501044758a8820aae28c60e5270465fa5ddd936e1941a3f81947cae8cdae535215","ssdeep":"","tlshash":"15011bc3ae82d28e9ba1c2e52cf0f21c42e3f44e6a2cc8154dc4c20c0d24b86c0c3a4a","first_seen":"2026-04-11T18:55:40.673338Z","last_seen":"2026-04-11T18:55:40.673338Z","times_seen":1,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":175,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.captcha-delivery.com/common/fonts/roboto/roboto.woff2","fqdn":"static.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"52.84.50.118","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg==\u0026cid=NvBjXwVQDzbCzuiBsozMGEdFHe8ZA20g106KyzxXOgVUaC6LNQDEK9FgT2k_7C9vnAWF~onPSP56EgKKdXFh7Q~R89vXNIINA9Gia_S1O2LNuOoSSAMI52K2~OXh_61J\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026t=fe\u0026s=35103\u0026e=211c91962c1d554c1ad6175ccc41017b55e2f52cf7489c58b28d651c2e1f15bb1f5183c01ff51f3ebc67ef5d62c3a57f\u0026ir=482766%2C20\u0026dm=dc_ir\u0026b=1441348","date":"2026-04-11T18:55:19.535Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.captcha-delivery.com","organization":""},"issuer":{"commonName":"Amazon ECDSA 256 M01","organization":"Amazon"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Fri, 12 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"4B:F8:91:06:E4:2C:48:D9:73:19:0B:2F:00:40:4B:06:4D:09:7D:0B","sha256":"68:6B:3C:E2:9D:5A:C8:78:F5:26:BA:B6:2B:AD:7D:91:43:EC:24:F5:BB:80:E0:55:B0:37:E6:C3:ED:2D:CB:44"}}},"request":{"raw":"GET /common/fonts/roboto/roboto.woff2 HTTP/1.1\r\nHost: static.captcha-delivery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://geo.captcha-delivery.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.captcha-delivery.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: font/woff2\r\ncontent-length: 15688\r\naccess-control-allow-origin: https://geo.captcha-delivery.com\r\naccess-control-allow-methods: GET, HEAD\r\naccess-control-max-age: 3000\r\naccess-control-allow-credentials: true\r\nlast-modified: Fri, 06 May 2022 16:47:07 GMT\r\nx-amz-version-id: null\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sat, 11 Apr 2026 01:17:29 GMT\r\netag: \"aa23b7b4bcf2b8f0e876106bb3de69c6\"\r\nvary: Origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: rJ-A8kzPrmcRucVkJCOnNiUHSa0rifJ5P2dSHkMkGgCyovyRIBrTOw==\r\nage: 64095\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":15688,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15688, version 1.0","md5":"aa23b7b4bcf2b8f0e876106bb3de69c6","sha1":"106ac454ba4e503e0a1cd15e1275130918049182","sha256":"cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca","sha512":"4b46d59ba6c76e5f30c89a5bb3f96f7a72bd7d60cfcad7d48638059d60ec61a317a40df70bb1cd2f2a477de1bb0c2399c671880c2981779df6af99043043b46c","ssdeep":"384:8dYfjMKhQeGWnVBs+whGU7J1eNaUgFS7WWPtl2jLMgS4:8hteGIKadgFSn4l","tlshash":"9162d04c9b1901fce30d2efa445bf6bf58c6051c2140af80bde599944ed9d27878fd56","first_seen":"2023-04-09T23:24:15Z","last_seen":"2026-04-11T19:57:46.195093Z","times_seen":14345,"resource_available":false,"data":null}},"time_used":3,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yotube.com/?ch=1\u0026js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc3NTk0MDkxMiwiaWF0IjoxNzc1OTMzNzEyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMmltNGpib2VtYnVhZ2xzNHMwNGdmcWciLCJuYmYiOjE3NzU5MzM3MTIsInRzIjoxNzc1OTMzNzEyOTQwNDQ5fQ.d2kQtRJRiZyk7x2IIuImU7-vMDAsGCPHKooav7WoGsY\u0026sid=f88c6953-35d7-11f1-b6d8-8bf80c435bb1","fqdn":"yotube.com","domain":"yotube.com","tld":"com"},"ip":{"addr":"78.41.207.12","port":443,"asn":62370,"as":"Snel.com B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-11T18:55:13.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yotube.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:37:10 GMT","end":"Sun, 21 Jun 2026 13:37:09 GMT"},"fingerprint":{"sha1":"4E:2A:9A:C9:B9:BB:43:F9:F9:BE:55:2D:F2:39:C6:59:00:7B:07:D7","sha256":"F0:A6:13:1F:A2:36:34:02:42:F2:77:B7:2A:11:00:EF:94:CC:24:37:79:C1:86:6C:D8:E0:CC:FE:3C:A4:48:D0"}}},"request":{"raw":"GET /?ch=1\u0026js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTc3NTk0MDkxMiwiaWF0IjoxNzc1OTMzNzEyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIzMmltNGpib2VtYnVhZ2xzNHMwNGdmcWciLCJuYmYiOjE3NzU5MzM3MTIsInRzIjoxNzc1OTMzNzEyOTQwNDQ5fQ.d2kQtRJRiZyk7x2IIuImU7-vMDAsGCPHKooav7WoGsY\u0026sid=f88c6953-35d7-11f1-b6d8-8bf80c435bb1 HTTP/1.1\r\nHost: yotube.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://yotube.com/\r\nCookie: sid=f88c6953-35d7-11f1-b6d8-8bf80c435bb1\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncache-control: max-age=0, private, must-revalidate\r\ncontent-length: 11\r\ndate: Sat, 11 Apr 2026 18:55:12 GMT\r\nlocation: http://sarai-tid.com/zclkvisitor/f8b37fb2-35d7-11f1-b40e-0afffcfc985b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=46f7c840-2b5e-11f1-b333-12fc2ef5ed09\r\nserver: Cowboy\r\nset-cookie: sid=f88c6953-35d7-11f1-b6d8-8bf80c435bb1; path=/; domain=.yotube.com; expires=Thu, 29 Apr 2094 22:09:20 GMT; max-age=2147483647; secure; HttpOnly\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]},{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T21:55:53.359181Z","times_seen":13637190,"resource_available":true,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":231,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"yotube.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"yotube.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"no-go.kelkoogroup.net/assets/images/p.png?country=no\u0026k=612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f","fqdn":"no-go.kelkoogroup.net","domain":"kelkoogroup.net","tld":"net"},"ip":{"addr":"95.211.116.26","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://no-go.kelkoogroup.net/permanentLinkGo?country=no\u0026id=47692679-139a-4232-9170-574f76601827\u0026merchantUrl=https%3A%2F%2Fwww.med24.no\u0026publisherSubId=shoplicity\u0026publisherClickId=1sjos4f.2.832g","date":"2026-04-11T18:55:16.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kelkoogroup.net","organization":"Kelkoo SAS"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 09 Sep 2025 00:00:00 GMT","end":"Sat, 10 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"9B:4D:66:74:64:33:8E:71:A6:45:6A:39:AA:C0:FC:41:09:E3:29:29","sha256":"64:3D:E1:6E:0D:29:EE:D8:EB:09:2B:95:0A:3B:90:94:2A:61:E5:E6:24:AF:B0:4A:4B:C6:38:D7:5D:90:CF:25"}}},"request":{"raw":"GET /assets/images/p.png?country=no\u0026k=612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f HTTP/1.1\r\nHost: no-go.kelkoogroup.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://no-go.kelkoogroup.net/permanentLinkGo?country=no\u0026id=47692679-139a-4232-9170-574f76601827\u0026merchantUrl=https%3A%2F%2Fwww.med24.no\u0026publisherSubId=shoplicity\u0026publisherClickId=1sjos4f.2.832g\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: datadome=9Av8pCCgsFKB2Hh3wLsqYBphheS4a61_7b0embWiXZYJCWbJcSoBg9~zGqfiGSPUfHEBqT207BdSef5g0~ktaecVl58mzaE7xa_K9OIdr3Byb6qHbOZGB7f6JICLD~He; kelkooID=a4c6295-19d7de5f660-1b2704\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nleadId: 629D01KNYYBXM6S4TMBPFZFP1B3PEJ\r\nclickId: 107698149_1775933716063_14862446\r\ncountry: no\r\nRequest-Time: PT0.002431346S\r\nX-Robots-Tag: noindex,nofollow\r\nCache-Control: private, must-revalidate\r\nReferrer-Policy: origin-when-cross-origin\r\nX-Frame-Options: DENY\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: frame-ancestors 'none'\r\nX-Permitted-Cross-Domain-Policies: master-only\r\nDate: Sat, 11 Apr 2026 18:55:15 GMT\r\nContent-Type: image/png\r\nContent-Length: 68\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":68,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced","md5":"91e42db1c66c0b276abf6234dc50b2eb","sha1":"c1986af3c26609b8b7d8933f99c51c1a89e9ea6b","sha256":"63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058","sha512":"0b77019542fdb02f72c8407a379579bde36e2fe3af81b1c74553f1b5df2590373bf7e6ff3fefcbdaf0b9a2fcf9b1e57b30d24e29810f0cfaf9d51153415c89ce","ssdeep":"","tlshash":"bea022c223e0ec3cc38c8233c0000230f83000ab08000028202be0202e822e0088c2a2","first_seen":"2023-04-05T22:54:48Z","last_seen":"2026-04-11T21:32:25.020192Z","times_seen":30733,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":36,"dns":0,"connect":0,"send":0,"wait":27,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.captcha-delivery.com/common/fonts/roboto/font-face.css","fqdn":"static.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"52.84.50.118","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg%3D%3D\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026cid=XcYqImuuXseKL7X117evHsDxJbaR0zTe1XBMbPdQVGqpDYSx2KpwqnP8VGe~bTRAkXv8_aJh_tC0lKqUJOlSzwVpeT3_s8D7jU1ulWenuSW_~HhApcyg0OKPA1_1Rs6R\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026s=35103\u0026e=cab8c92f61773a0a2de957e275c6ff5408fde3205ddf1a09162a0be64b2c85d4f66252b132257ddd28a351ca8fcc86d1\u0026b=1441348\u0026dm=cd","date":"2026-04-11T18:55:17.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.captcha-delivery.com","organization":""},"issuer":{"commonName":"Amazon ECDSA 256 M01","organization":"Amazon"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Fri, 12 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"4B:F8:91:06:E4:2C:48:D9:73:19:0B:2F:00:40:4B:06:4D:09:7D:0B","sha256":"68:6B:3C:E2:9D:5A:C8:78:F5:26:BA:B6:2B:AD:7D:91:43:EC:24:F5:BB:80:E0:55:B0:37:E6:C3:ED:2D:CB:44"}}},"request":{"raw":"GET /common/fonts/roboto/font-face.css HTTP/1.1\r\nHost: static.captcha-delivery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://geo.captcha-delivery.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\ncontent-length: 519\r\nlast-modified: Fri, 19 Jul 2024 12:42:09 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: null\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sat, 11 Apr 2026 07:12:06 GMT\r\netag: \"e4f77074c0ffbfab377011e19283eb13\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: 8CN5V9FQODian7bM-rttodyBiMacWk4JR2EuQkofLW-AZTAGoNlKbA==\r\nage: 42194\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":519,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"e4f77074c0ffbfab377011e19283eb13","sha1":"9160259165ca1ef84209d4dd675c3ed367babff1","sha256":"66599c34190f7a6a402b38664a30a9b564fc22510f51fa3c5f027fb91e7a0e51","sha512":"6ebf2429055be6a945d7e3b84af00b3a68247c8c85c6874c6a670985cf400b2ba06267601c5526b97bfc0d9678b63a33fc38726128e2e05cdc9ec04e450d2794","ssdeep":"","tlshash":"bdf0e9520c86704667020e5d775b651cbc5d640b2809d856f6ee388a9fd7a3f8294f4e","first_seen":"2024-07-20T08:22:48Z","last_seen":"2026-04-11T19:38:54.35356Z","times_seen":10665,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":81,"dns":63,"connect":1,"send":0,"wait":1,"receive":1,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"geo.captcha-delivery.com/interstitial/","fqdn":"geo.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"13.50.6.43","port":443,"asn":16509,"as":"AMAZON-02","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg%3D%3D\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026cid=XcYqImuuXseKL7X117evHsDxJbaR0zTe1XBMbPdQVGqpDYSx2KpwqnP8VGe~bTRAkXv8_aJh_tC0lKqUJOlSzwVpeT3_s8D7jU1ulWenuSW_~HhApcyg0OKPA1_1Rs6R\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026s=35103\u0026e=cab8c92f61773a0a2de957e275c6ff5408fde3205ddf1a09162a0be64b2c85d4f66252b132257ddd28a351ca8fcc86d1\u0026b=1441348\u0026dm=cd","date":"2026-04-11T18:55:18.795Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.captcha-delivery.com","organization":""},"issuer":{"commonName":"Amazon ECDSA 256 M04","organization":"Amazon"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Fri, 12 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"84:99:02:55:0D:B0:27:3F:D5:3B:80:B1:A2:7D:3A:75:FE:D0:C5:02","sha256":"D6:0B:84:02:F5:B9:16:0C:CD:48:04:A9:19:11:ED:BF:38:3A:95:FC:FE:51:04:A6:38:F7:D9:7C:8D:28:B2:1D"}}},"request":{"raw":"POST /interstitial/ HTTP/1.1\r\nHost: geo.captcha-delivery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nContent-Length: 8348\r\nOrigin: https://geo.captcha-delivery.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://geo.captcha-delivery.com/interstitial/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg%3D%3D\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026cid=XcYqImuuXseKL7X117evHsDxJbaR0zTe1XBMbPdQVGqpDYSx2KpwqnP8VGe~bTRAkXv8_aJh_tC0lKqUJOlSzwVpeT3_s8D7jU1ulWenuSW_~HhApcyg0OKPA1_1Rs6R\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026s=35103\u0026e=cab8c92f61773a0a2de957e275c6ff5408fde3205ddf1a09162a0be64b2c85d4f66252b132257ddd28a351ca8fcc86d1\u0026b=1441348\u0026dm=cd\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":8348,"data":"cid=XcYqImuuXseKL7X117evHsDxJbaR0zTe1XBMbPdQVGqpDYSx2KpwqnP8VGe~bTRAkXv8_aJh_tC0lKqUJOlSzwVpeT3_s8D7jU1ulWenuSW_~HhApcyg0OKPA1_1Rs6R\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026url=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026s=35103\u0026e=cab8c92f61773a0a2de957e275c6ff5408fde3205ddf1a09162a0be64b2c85d4f66252b132257ddd28a351ca8fcc86d1\u0026env=bf51fba5424fc15e7c41aa08b378ba58c60c8ef2ce0c285f3ac115704832b1ddc4df3e962046868c65a110a8e0d38d3a\u0026userEnv=9a15c2992a75e5115c106330cfb6ee4233a534b4228060fb6c2534748c81615abc3c5fb726adda6eb07a5e41a440f790\u0026seed=d1df9cc9-8571-837f-4487-11ea5fba5988\u0026b=1441348\u0026dm=cd\u0026ddMessageFormat=\u0026payload=25EUdUyu4xoH4zCr6YQ-Z7wXRB5sO26O6r8s_ZTH5VAKxueZ_xFD2nqQAsoMnV2Vc8pQkEMyfpTNFvUEpYefzPmbO2fHcn1iir7yewt4SY5UU8fkVAqx5h9Q-mnQCZcCTfpwvn2vXXC3sbeL2LisdzlV_yCOQ50gY2sYFY5ccpVrv1IjW5X-mdAMjSMkgJfczDvUP9GB1HsSKUFNQBGsldI7fkNVUaF9aJfWUMaHncqCt_IYOVBCbV7NZFxKLTdJz5Zc_ggx4u-11kKxYFgfrOHjwnauxpP6xXltXr9COMTRAjtClWynzjs9pTO-9Xk4aNaoQo_pWKnwdrMdRM6XfL5fVLniz7PsStdZJOjjDAR9ueWV_SgzKk5EcDATnObce7-2k97Bf1KkZK0C19mi7ctwKV-fRhl1xfQm3bCVIwEEKuOkbzfPwUvOtA-TzOUkEqmII4PvG7CMi0FPzOwP-yPF5xvDhno9cFxvh-IoXd_zxRLROjDigw8-hWkDCNXzj7s8nuOGcGLKb0jSKy7kbHLNBVA6rBRZd6wzrhg3uagTOpUtXX_7bkKPu_JmRa-grkwrOfnhXssekMRXpVGJ_qDJfV4hEvqLz_Mw4sZs9353c-cxqoTLdstZMCZcdxWlj2QoEEnOrwfeKVK_yXt9Oiys07Uv9Iibhm0MNjICmuvk5NPI_yKJZAbOK8Zb-bKM82b5HGvBp0xZEyNzx53yHhizstTb7O_eKB6MmWFS5lOPn8jqR4schspgf2r4Ga2xEFOx36w7RRE2k8o42Q-FjxvxCipGhxxQSHQmMyqeVQYzcRWenVf_s5GgrCmy8pIhPlFhj69Adplk3CwezU5XEcw6-vCIojwsgzbmUVO8GEW-UWt0I2LRpiGOvwu_H3yAfNjNoMfk3f7lxcC1JYPeXZfXEjD69lzHVEvBdg9L-vAGpKll6XnwivDx2oDyN0B66Jvpv6oZebj8RMgebKswEftd1j7OK_aaB-N4eu__P4QLQggmUQXyM7jFauVSxHJkdyCr3z_tZ7rcXOjwRZNdrJnxW4Bo8d7U63A-HoePNca6B8LvWqKCbsLcS7aaKm0xiepI2ek_2p-Xjvk4gU1LdgpaaAVGBwyhv_ymvr-zRxtXn0nMv5ugoOrb9rRTCux4N8-ahqpjL3mcWVL4-muiQKjFWDLdCef0pT47nVH_cS4tkcgYqmS9sdu1r9Gr1Pj90DVdCHLLPfvS2qknIWF0h4_mrxmrygEQR3DqnK5MnBhffcT-vkIOi4l6TIJHwRgS7UJFmvEHo_BVCLJQ6txBQGCNPPyvV3-_LTR6uK5gUYYql5UmHFGIl9SkiR6nUXY-djX5Nz7iMfittCHZ4XTTo-5spgzT1BAnYQv7rODqMtRii4fy2NbYVjPCSU1DFIah3AFd5tNwY3--0PYICtEPWAA6mMwYrPzUAFNtZ9R0_NoOhMI7eGz1SYGs7vY4Wzo48c55FP5Hrg9N59aVr1ljvE_cy7HYNXp07ZeKa-yBr5ALOi5G9L1I7gyM1tY2dWBkoKAXurlluXIoKSXVgVo8sG2WPQunNvVejX0Oqtws_URaWZYId8uUPWsyOtw0BCDXzoZZkZX6nYwVdhRxIeRS9SB3iZ6zAvKjmTLRd-CYhnZ8v_KW-knqL1Jq9LNGy3EdTZ_tgI7WSeK4EolDToWcfOk1cKMvGfmSO38_zgaOdsftjVUDYMZfb27NezGyirHGA_CfTrVQHFKaP5bQeIiWA2e1MrVMAODH_2EoHfRdniRkTHALf0ZILDG4KolxrC0T9h4mgLK-Xctv4wGWwVcWJDvfzNvZqxGHAbDyfJnbA0KQT_n1Fti4Qpjbe8LTG4EF3-p4Aqo-ltjfggV7x0hUWpxuLYW_wprFBo5eSiqmO_QCJToFl-NEaAC6s8li2id8sMtVZll0G2kjiGqkeIFT7wCyEqpujOy4vrVsF5gMN-aiuJWn_U2P4Y6bMxUXKJz0LAGYtL1HmH7zkSO3uT_paPEX3OO7z75NInUYnDdoyGmM411Pu_rPAhmAEgL7JxsCUr0mjehBysVAfae_yp8KAN6GdOxL0zpSS4-DEto0QKYsQ7UFacvRVfyT-8KbuPwWrdHn_OK7uAc7FNC0iVdmAKIguA_pGY_JqzVKuC2kvbtGzDbTfjcQVONBcWEri6WzYQRItONYWnHbIK-qBVt6atf_urQkAXSm7rCpn8d_CtXJo3lp50iWhuZIIufw-jzTwMjGVg4zKm4-b8Mku50wLZLSjJyLqqGCrLL_aNDySh0ONuirVO1fGOnlqguZOoRPh7Uk0Wf165opLxSrt_bWVPDOJsk9ek4WjOYyYUT-rlUHOTs-TgJhXhd1Y0bPJVIXOuQJBBm_9kdOORf_kdrCHXe07xOt5EL8kM4UTJuLhYcGjjPONWYyOK6KQdTr0aXIta_OCYqJNE1L1NJeu4rEqDHUjvJipCiIQBMxikmPqxTg7uCOTrDEvbom_I_UmZlsfvml3PInztkY6tWRt9F74zSL-WYcxejqZpgvaVV38RNbixEqb21rtGRM4wUkAtO7H5Spso3uVlQrQLjGC7VMxfhcU3dpLOEhHPsbNjaamNrLOkQOff9b-XZ7JiNpPpsLJR6ldVeVH3K5QdF6CslwcdkLb5IO04u8nU9Os287WVQyW71tmqkUkBAoJnAmuLfJS-cMqwdY2DfkTf8dfargW5eCNHc3WO-QYRNjakqRDBshA4IDZleCff64jj13ut3mMbGMN3TJUKfz90CWQP4OYIcBdvmQVuf8xaBRKR95kJxRVg19KVmRaGBTcFS6rq1xYO3GeU-fmehkuVE4Ma7gsAsRvf639EfsubL6oYbSEwWXW8_Vil4uU4be6AUApjNDmbnHcRM6691s75847dL1ynHeWXAhqWqiZHZPbf3rsVDVziaG5-P50TH-IhfdDpnj5FoupVXBBb2ujFGiRee59bEitXCA8M8RMzM35IYE27tRNXvi8UNUklYoA5guzjxx8IV3eMClSj-VZCfWW-zb_ct7rYCCjPyBFUsXqWdtjC59DVjFyPcgS3hrvVqAjnYJw1WqA-snXIRDVGzXpySvnTm5iyJAQ_GMQPNcrbK7yvBD5eD1YmHtu8BGpl3YM5a0sUqfO8i0O9xchoX-rFn-QHjl8atyDAHqmrhGxFYTEehwwW2Mc-XDhBB38EKlNHJMxBgVOtoxlyxHWDoFFQsgwKChXU_ablq0ummUTQUXxB5A7jYN0x7pSy92dvF5W4D4ck6vEEABEgrjzOmI8qaCQCrUzB9vuaK0SsyxoNt4sm-6mpRz3lxf_gFu8HLbuAb3gRNrgMQSFf6YcHpmbTZpaA6cXRKhl10DVhAghU_yi5TVN4ES9vBq3_fKmlqJaHK9GVBNc9YtFL_6y2MXTU7JmQrJAjjzUOSrWW3Iu3AYJ10ahe4mOCa7Hx3yDHg-jsSfCIObwCRfpK-0BoG9pSblZo7-ur8QLIqVB51tQAN_ztOqcER2ZU1dLUTSguWIMl3YOUeLoO7IivovlNfEE0-ICW46t6ivEvf9kNGE-5gP1QynmbYFBDp5R8YDPP-aduBrCK5XQT_16z4t9liCg-5TQpJD3HXVXdc6e1Ar7t5yGRQPjPcmFHACGSpJ_7xSsU8KDDURJf3gCQrrViJs0F4j6U5ISDTl-EVdJZ28WIACwtVx3tw8edytIUxPyxSDEiC65qzEK3_Nbvs976MaB7RFzH87AkWF0kMSChflRLWdjzOpJgFfwnL-MElK3D1VzefYFplkvGFIpL2DIJh66GII6pPr7SwDqiCD_lNAF7rDqAzqmvHCgCFGUiNuSJ0_3LWeA54LBUkGZs3FjXLu9XwdpNiKScbgFwf0j1dG1FTzgbzWHdgDkZU-qFRyqINVdn2DEzYExRbeWe3l-_ZLe1lrfGnMIZLdIOFVLI1DmCDr6WaWmALRVbaPYjuWQkSJX0QsyQS8_na13kKJd6-R48tLOsVmk0cZ5XCCknie9ELijObh7v-zySOe2AXqajNiVf74_dfRzZkmpjsIn37ViUsyaKlRgp0h2e6I_dC1afp91kn1DtFEuCOkhM5km_qdeg3LMk3m9gozzNiYbRnYfRiUmL3ia2Nq8ENwZeqNIVDd0vVj5iy9gRjuulLzMca4vSegkewylSsjKmscgnXffJjQsK62ZqY-2y6cd10B1a6D4hx0oJcXxBBxTzZmN4OChWerUIDxFeBId61baNFcogJLB6_avaJQ7MbxGOCtA7CopY1z8y2DVj9e98nPF7MGABC5v8OwqmukC2Z_dbV4DH4ZQ1GjxdazVhc8HodZR8TVXDm3L4XMl4Esodv2uPsfH7U2VOAep6o866dE-gexgE_vRU6NDkCA5z8IOd-9brlT2lg5YlaYfQV3J-guLF8AwagOw0XM_h_k6RCEf2ItUlmGr7G1vrZk1ke9b8ORTm4XsRuVFnQx5yqq_QcqLyWwiZ2QQ-5PUceTqv2fsoh16ak8pYmosAAqSOWWcDKKYO2j9PeOGGfN_eIc1AAWrLHmXPbXoIQmSHk7W-2fqMJZJIPgbO9oPmIcXssNCE88E3tYIQNap1k8-HShn6UIqpjoqHRXgtBEW51lKYrM38qKVX_a-i__CIPWm2Tf2aE6VA1XJfKFbdqkqz9X2tWHF0LP1wVNNYRMNWnOj5K4DVyGVp4KLpdxmgHEM0nlLwW1s8wMVdX_IhyT1Sh6pSoeYYZzX_MhfvcSzpWvs1A_iO99v5JQvpcUw8NljnoMt9NSXqM-CV8gRM05MmH4uVbl-rT2goEqcZ7_uCAFhMLcbZ42GpfGzBSA8bs7MTF7zOW1hRc3KObJxH8jwyE6_natiWaGaZshbHpZ0eyO33EYtUX8u8dFZ7Nh6g63unVw5tOol1PZneizNA2ir_wQbBhQ9zNelpx85wDO9CzPseq72-C2gsxqspf_odsp0J0NrY7W50hqefjQYoKLHlueGzGy2awGq-hjsWcJORqfZ8SRu5MNx1kuJJpt31XcdpC64yz718JwzktkMo1VHlIhvIv-V0FIfBDmFofSVE5kEhumNK3_HMjNmACsaeAftXVlgyV1bWnfkm0kU3qnOptzOvFetWgTaaH6RaxGLgb_morQoX5za2xaD4pAjGAsh16Ezoi9rJLKj-w6qEHxH3ZldgGzzrEyr95CSFgneemkpyyqPKe_a2ACUZzXmHnJyUxLCSSYhdSXkOPSbYsmFLZSKSNGFdR0SV9fuuqwPrTToWD2aN843jvzZ2QI2toPdwsFKsE0MEp0qzF1Ek-h-sejbXxBPpItkIMOBixMQ4G9wNk9eRfmrE2GM3_4o5kDyPVj9ze_oSb_sR2S0kIvyqZuOMl_3QEeiaHC4l71CcCL5WZeEA-c9d202Fli-gTXPUa22k-bgMHESF4RNiUjw4Z6_xDHW717HGoqtB1BOfyhPncMe6g2GyGFEEvf7xAH65qHiE2wxMJ25oFeCMYOYS5p81n24mjLDLsIMNUpJLP2LHJYGnlAO94dKNARePU0ycokQMmwrnDnNgt5ftlW0ewiWkD-uGyVuXdDzBz3D_0Utz3Wbkt4n0do0Nuz_yWt_cMkq9a9HnMMTAvlYo4RRF3OgRc1vUr4nlOuTAqS2XsviujerbNvqbKvUjd1lBB9Aol\u0026plv3=50jI9UVaftKrEQ1n6V6INBMqwPdxz7mrMu3w_9SbDfNHXwjFOs8hzFtMhdFXpMFYz5IT6543wOPL7kgmJ177-iNzrFOoZNwl-H63ONyUR58t-DyfMF7S29RVnSTgj-QkSRzy4TJcdtSWcXEo7m8OcZcgHfpXdinjCtu_5XYhW1tCDLir9RAJq2c6MgnAspcdSZh9ofEa-NnxXGRB"}},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 11 Apr 2026 18:55:18 GMT\r\nContent-Type: application/json;charset=utf-8\r\nContent-Length: 1615\r\nConnection: keep-alive\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1615,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a9665420befa37dd312daa1e874f57ff","sha1":"d9c70f831b0c3b95469faa6804a2719d99488bd0","sha256":"641f7698396c21c8769d74163c7d7c59d61374c61c97cec7c5ab7a665489747c","sha512":"9a5a6f9b12a485d947f3111b18fa4bb3a8f6c5f91bb7f891d322d096f154b038866da9d28c9d1c1a7891ee03164175082f7b4b44d294e05425b8ef94b3773a1c","ssdeep":"","tlshash":"8731f6624e72317984c44e9bb8be6fee53004181689788dda02d67338eac6c23850a89","first_seen":"2026-04-11T18:55:40.677995Z","last_seen":"2026-04-11T18:55:40.677995Z","times_seen":1,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yotube.com/","fqdn":"yotube.com","domain":"yotube.com","tld":"com"},"ip":{"addr":"78.41.207.12","port":443,"asn":62370,"as":"Snel.com B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-11T18:55:12.847Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"yotube.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 23 Mar 2026 13:37:10 GMT","end":"Sun, 21 Jun 2026 13:37:09 GMT"},"fingerprint":{"sha1":"4E:2A:9A:C9:B9:BB:43:F9:F9:BE:55:2D:F2:39:C6:59:00:7B:07:D7","sha256":"F0:A6:13:1F:A2:36:34:02:42:F2:77:B7:2A:11:00:EF:94:CC:24:37:79:C1:86:6C:D8:E0:CC:FE:3C:A4:48:D0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: yotube.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile\r\ncache-control: max-age=0, private, must-revalidate\r\ncontent-length: 472\r\ncontent-type: text/html; charset=utf-8\r\ndate: Sat, 11 Apr 2026 18:55:11 GMT\r\nserver: Cowboy\r\nset-cookie: sid=f88c6953-35d7-11f1-b6d8-8bf80c435bb1; path=/; domain=.yotube.com; expires=Thu, 29 Apr 2094 22:09:19 GMT; max-age=2147483647; secure; HttpOnly\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cowboy","description":"Cowboy is a small, fast, modular HTTP server written in Erlang.","website":"https://github.com/ninenines/cowboy","common_platform_enumeration":"","icon":"Cowboy.png","categories":["Web servers"]},{"name":"Erlang","description":"Erlang is a general-purpose, concurrent, functional programming language, and a garbage-collected runtime system.","website":"https://www.erlang.org","common_platform_enumeration":"cpe:2.3:a:erlang:erlang%2fotp:*:*:*:*:*:*:*:*","icon":"Erlang.png","categories":["Programming languages"]}],"data":{"size":472,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (472), with no line terminators","md5":"192a2ca31423d30f2053e0c9020e47bc","sha1":"8444617fea4e3a6a27da80c8069b7adf27c76bc3","sha256":"bc0a42a6f08266cae0193028848917cb137d000c24dd1dcd4f4bfb0b0853a9e2","sha512":"ed7af324ae2fa64f9b53d8b6ee949deb8be0cdb3224435948729e722c0935910c66505d1d1de5cece0a79dfb0b0162e8d49a7c90c3d54a63b9bfa5983cf6f5e7","ssdeep":"","tlshash":"07f0d4fb1ccdcc4cb5802840ce86f15406c483b21959943901d41894f93438fad29115","first_seen":"2026-04-11T18:55:40.679241Z","last_seen":"2026-04-11T18:55:40.679241Z","times_seen":1,"resource_available":true,"data":null}},"time_used":176,"timings":{"blocked":71,"dns":0,"connect":28,"send":0,"wait":34,"receive":0,"ssl":40},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"yotube.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"yotube.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sarai-tid.com/zclkvisitor/f8b37fb2-35d7-11f1-b40e-0afffcfc985b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=46f7c840-2b5e-11f1-b333-12fc2ef5ed09","fqdn":"sarai-tid.com","domain":"sarai-tid.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-11T18:55:13.346Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /zclkvisitor/f8b37fb2-35d7-11f1-b40e-0afffcfc985b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=46f7c840-2b5e-11f1-b333-12fc2ef5ed09 HTTP/1.1\r\nHost: sarai-tid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T21:55:53.359181Z","times_seen":13637190,"resource_available":true,"data":null}},"time_used":431,"timings":{"blocked":431,"dns":0,"connect":94,"send":0,"wait":0,"receive":0,"ssl":111},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"sarai-tid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sarai-tid.com/zclkredirect?visitid=f8b37fb2-35d7-11f1-b40e-0afffcfc985b\u0026type=js\u0026browserWidth=1280\u0026browserHeight=1024\u0026iframeDetected=false\u0026webdriverDetected=false\u0026gpu=Mesa%3B%20llvmpipe\u0026timezone=UTC%2B00%3A00\u0026timezoneName=UTC","fqdn":"sarai-tid.com","domain":"sarai-tid.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-11T18:55:14.433Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /zclkredirect?visitid=f8b37fb2-35d7-11f1-b40e-0afffcfc985b\u0026type=js\u0026browserWidth=1280\u0026browserHeight=1024\u0026iframeDetected=false\u0026webdriverDetected=false\u0026gpu=Mesa%3B%20llvmpipe\u0026timezone=UTC%2B00%3A00\u0026timezoneName=UTC HTTP/1.1\r\nHost: sarai-tid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: http://sarai-tid.com/zclkvisitor/f8b37fb2-35d7-11f1-b40e-0afffcfc985b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=46f7c840-2b5e-11f1-b333-12fc2ef5ed09\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T21:55:53.359181Z","times_seen":13637190,"resource_available":true,"data":null}},"time_used":201,"timings":{"blocked":0,"dns":1,"connect":94,"send":0,"wait":0,"receive":0,"ssl":103},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"sarai-tid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"no-go.kelkoogroup.net/favicon.ico","fqdn":"no-go.kelkoogroup.net","domain":"kelkoogroup.net","tld":"net"},"ip":{"addr":"95.211.116.26","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://no-go.kelkoogroup.net/redirect?country=no\u0026k=612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f\u0026url=https%3A%2F%2Fwww.med24.no%3Fkk%3Da4c6295-19d7de5f660-1b2704%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%26utm_source_platform%3DKelkooGroup\u0026initiator=timeout\u0026dc=false","date":"2026-04-11T18:55:16.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.kelkoogroup.net","organization":"Kelkoo SAS"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Tue, 09 Sep 2025 00:00:00 GMT","end":"Sat, 10 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"9B:4D:66:74:64:33:8E:71:A6:45:6A:39:AA:C0:FC:41:09:E3:29:29","sha256":"64:3D:E1:6E:0D:29:EE:D8:EB:09:2B:95:0A:3B:90:94:2A:61:E5:E6:24:AF:B0:4A:4B:C6:38:D7:5D:90:CF:25"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: no-go.kelkoogroup.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://no-go.kelkoogroup.net/redirect?country=no\u0026k=612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f\u0026url=https%3A%2F%2Fwww.med24.no%3Fkk%3Da4c6295-19d7de5f660-1b2704%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%26utm_source_platform%3DKelkooGroup\u0026initiator=timeout\u0026dc=false\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: datadome=XcYqImuuXseKL7X117evHsDxJbaR0zTe1XBMbPdQVGqpDYSx2KpwqnP8VGe~bTRAkXv8_aJh_tC0lKqUJOlSzwVpeT3_s8D7jU1ulWenuSW_~HhApcyg0OKPA1_1Rs6R; kelkooID=a4c6295-19d7de5f660-1b2704\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 404 Not Found\r\nRequest-Time: PT0.000361384S\r\nX-Robots-Tag: noindex,nofollow\r\nReferrer-Policy: origin-when-cross-origin\r\nX-Frame-Options: DENY\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: frame-ancestors 'none'\r\nX-Permitted-Cross-Domain-Policies: master-only\r\nDate: Sat, 11 Apr 2026 18:55:15 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 1144\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":1144,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"8560de521c4990c7c870121fc9643508","sha1":"0cacf7a6b96cceeb6ceae74d5f14dc87406a6f39","sha256":"73a434285c3a752bc8c44aebd50e10f1a766853cbc7184e78d5c934c7b52b620","sha512":"aafb16d81fe8ac491cf7b738e32f127bcaff894e1ed33ad47fa1bd5150badbf9ed76a30dacc1ce50f8277eb7be099cb11789aa651f9a89bbc305eb0fa7affd34","ssdeep":"","tlshash":"3121fda6a6e70846b51a9130a3a3b7813356820be24bcd383f6e63249f402b5c4d3b0c","first_seen":"2023-04-08T17:23:22Z","last_seen":"2026-04-11T18:55:40.680136Z","times_seen":7753,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":24,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"sarai-tid.com/zclkredirect?visitid=f8b37fb2-35d7-11f1-b40e-0afffcfc985b\u0026type=js\u0026browserWidth=1280\u0026browserHeight=1024\u0026iframeDetected=false\u0026webdriverDetected=false\u0026gpu=Mesa%3B%20llvmpipe\u0026timezone=UTC%2B00%3A00\u0026timezoneName=UTC","fqdn":"sarai-tid.com","domain":"sarai-tid.com","tld":"com"},"ip":{"addr":"107.21.95.73","port":80,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-11T18:55:14.653Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /zclkredirect?visitid=f8b37fb2-35d7-11f1-b40e-0afffcfc985b\u0026type=js\u0026browserWidth=1280\u0026browserHeight=1024\u0026iframeDetected=false\u0026webdriverDetected=false\u0026gpu=Mesa%3B%20llvmpipe\u0026timezone=UTC%2B00%3A00\u0026timezoneName=UTC HTTP/1.1\r\nHost: sarai-tid.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nReferer: http://sarai-tid.com/zclkvisitor/f8b37fb2-35d7-11f1-b40e-0afffcfc985b/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=46f7c840-2b5e-11f1-b333-12fc2ef5ed09\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 \r\nDate: Sat, 11 Apr 2026 18:55:14 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nCache-Control: no-store, no-cache, pre-check=0, post-check=0\r\ncontent-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET,POST,OPTIONS\r\nAccess-Control-Allow-Headers: X-Requested-With,Content-Type\r\nLocation: https://shopli.city/raini?rain=https%3A%2F%2Ftrck.shopli.city/9Xq9dSMh?external_id=zrf8b37fb235d711f1b40e0afffcfc985b55779a06f7224f09aa32dd131a0218f1098850f628fe2611d8\u0026cost=0.009600\u0026sub_id_4=DOMAIN\u0026sub_id_9=romeo-tea-TChUPZG7\u0026keyword=yotube%2Cyotube.com%2Cyoutube%2Cyoutube.com%2Cwatch+video%2Conline+video%2Cwatch+movies\u0026sub_id_12=Blend-KL-NO\u0026sub_id_11=2755283\u0026sub_id_7=badious-buzzard\u0026sub_id_5=romeo-tea-TChUPZG7\u0026sub_id_6=Blend-NO-WL\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"","fingerprints":null,"data":{"size":1196,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-11T21:55:53.359181Z","times_seen":13637190,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-11","alert":"Sinkholed","trigger":"sarai-tid.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ct.captcha-delivery.com/i.js","fqdn":"ct.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"52.84.50.60","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://no-go.kelkoogroup.net/redirect?country=no\u0026k=612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f\u0026url=https%3A%2F%2Fwww.med24.no%3Fkk%3Da4c6295-19d7de5f660-1b2704%26utm_campaign%3Dkelkooclick%26utm_medium%3Dcpc%26utm_source%3Dkelkoono%26utm_source_platform%3DKelkooGroup\u0026initiator=timeout\u0026dc=false","date":"2026-04-11T18:55:16.778Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.captcha-delivery.com","organization":""},"issuer":{"commonName":"Amazon ECDSA 256 M01","organization":"Amazon"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Fri, 12 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"4B:F8:91:06:E4:2C:48:D9:73:19:0B:2F:00:40:4B:06:4D:09:7D:0B","sha256":"68:6B:3C:E2:9D:5A:C8:78:F5:26:BA:B6:2B:AD:7D:91:43:EC:24:F5:BB:80:E0:55:B0:37:E6:C3:ED:2D:CB:44"}}},"request":{"raw":"GET /i.js HTTP/1.1\r\nHost: ct.captcha-delivery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://no-go.kelkoogroup.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript\r\ncontent-length: 15685\r\ndate: Sat, 11 Apr 2026 13:53:09 GMT\r\nlast-modified: Wed, 18 Mar 2026 13:51:30 GMT\r\netag: \"14867fc17e7a0d59f653596d425b2feb\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: null\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 ceb77ae2808ed96bb38d1b2c27dcb6aa.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: ZVFtmUJMvXiwnuXy5a0-LL493Dtri-MjwYOjtaBJAM-j9IgvmutoCw==\r\nage: 18128\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":15685,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"14867fc17e7a0d59f653596d425b2feb","sha1":"2c12b362f630bc3058da912580cb4382c73888d3","sha256":"b2086fb19988cbf9d2caa696692c0711145ee92124319146e0d1352d8eb5797d","sha512":"30999e7314d56ead316c3bb0591b2c4bc158f1841e17a107a46587622d81cdda24fd5a9a3ee921f389a6716e9fb00a40250fa1c3ecf6c05cd48ce8ef2be1a18b","ssdeep":"192:Rc6NViX29WR+ctayDQ7/p3GyxLq3ffZ0CVcF6rNUOuSeK3+nX8hOUO40252JCIo9:RFyrSDK173Us5MCkC","tlshash":"476295ad68f345680763603d1bbf6218b1715113349ecc50bc5ca6117f90e67da7abec","first_seen":"2025-12-09T15:18:57.63761Z","last_seen":"2026-04-11T18:55:40.680604Z","times_seen":815,"resource_available":true,"data":null}},"time_used":89,"timings":{"blocked":43,"dns":24,"connect":1,"send":0,"wait":2,"receive":1,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.captcha-delivery.com/captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css","fqdn":"static.captcha-delivery.com","domain":"captcha-delivery.com","tld":"com"},"ip":{"addr":"52.84.50.118","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://geo.captcha-delivery.com/captcha/?initialCid=AHrlqAAAAAMAwZvwcpPvj20AW1oqmg==\u0026cid=NvBjXwVQDzbCzuiBsozMGEdFHe8ZA20g106KyzxXOgVUaC6LNQDEK9FgT2k_7C9vnAWF~onPSP56EgKKdXFh7Q~R89vXNIINA9Gia_S1O2LNuOoSSAMI52K2~OXh_61J\u0026referer=https%3A%2F%2Fno-go.kelkoogroup.net%2Fredirect%3Fcountry%3Dno%26k%3D612f7a9541cd6ea6c9a780de621954dacfb2725d953c2811971ef53104128f73c8972d5409929748d5ae6e2fbe2220a0d3e1ed19e7acc993ee2406d1b1ffd30592a591b1b59c419d37fcd9bff4afc3a96f0ee638f272ab776a05bf5708875fda3836e4abee429f1cbce336d35e98cf046ec329415f2eb01269cfd22270fb8dc167d49e5f4e2e6e5cacaf6eaaa86ab4cf2fa5c3b4013e5e81d5138a23aad8dbf25c628d62d29e311b2c199a849142bfa2c366139aa3ed42b3710bd0e5aace41b1bbe674edec4681b223275395d1bb1d6971d35c9e7e1630251439bffb33dfe983f2eae94ca8f20fa0aa80196e587829585dcdf1e59509b4356fe41c45610e0c29aa7ee5b1fda92bc2384491abb77e047fc1b583636076a15c117d2b9e26cd4ac2299537a96b46a2aacc205e0272b5a4e80235aea1254bb1c6dde66f62c543234f%26url%3Dhttps%253A%252F%252Fwww.med24.no%253Fkk%253Da4c6295-19d7de5f660-1b2704%2526utm_campaign%253Dkelkooclick%2526utm_medium%253Dcpc%2526utm_source%253Dkelkoono%2526utm_source_platform%253DKelkooGroup%26initiator%3Dtimeout%26dc%3Dfalse\u0026hash=5954443B90DC91C1E924DE9BFBEAA5\u0026t=fe\u0026s=35103\u0026e=211c91962c1d554c1ad6175ccc41017b55e2f52cf7489c58b28d651c2e1f15bb1f5183c01ff51f3ebc67ef5d62c3a57f\u0026ir=482766%2C20\u0026dm=dc_ir\u0026b=1441348","date":"2026-04-11T18:55:19.353Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.captcha-delivery.com","organization":""},"issuer":{"commonName":"Amazon ECDSA 256 M01","organization":"Amazon"},"validity":{"start":"Wed, 14 Jan 2026 00:00:00 GMT","end":"Fri, 12 Feb 2027 23:59:59 GMT"},"fingerprint":{"sha1":"4B:F8:91:06:E4:2C:48:D9:73:19:0B:2F:00:40:4B:06:4D:09:7D:0B","sha256":"68:6B:3C:E2:9D:5A:C8:78:F5:26:BA:B6:2B:AD:7D:91:43:EC:24:F5:BB:80:E0:55:B0:37:E6:C3:ED:2D:CB:44"}}},"request":{"raw":"GET /captcha/assets/tpl/6dc485c0c428c35b53577b146dc6f9179f55ef9ad41b327a2a179998839364bf/index.css HTTP/1.1\r\nHost: static.captcha-delivery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://geo.captcha-delivery.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css\r\nlast-modified: Wed, 31 Dec 2025 12:40:40 GMT\r\nserver: AmazonS3\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: null\r\ncontent-encoding: gzip\r\ndate: Sat, 11 Apr 2026 02:52:59 GMT\r\netag: W/\"23464822977c44c55ef7876a5a849489\"\r\nvary: Accept-Encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2f3a70deb5812eb0e48215ada7b72404.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: t5eyjvxE6-QwgAk9JuYyTTTabhjiO5GZWUzaV5EQkyxfZbIj37cPkg==\r\nage: 60660\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":6164,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"23464822977c44c55ef7876a5a849489","sha1":"13922faf1b34b8e6bfec73db4c0e1505c53d2145","sha256":"90f12503b24159799afe91146630c31cb4301ed17864f9a136d77ed265d70709","sha512":"b8488474f4e86bbebf4fe54c287416009d5b719bc71dacd2f09cf30424a2a7c71be9e607047bd9ed538bd45a27b9ae52b5258428e80a7b30e53fe199b2f03495","ssdeep":"96:8uP8pig6K2JRZi9aL1Cjl4c3wS8OJqU6gms50nZKc:8uSig4JAaL1Cjyc3wSpJqU6FsmnZ","tlshash":"8cd1cda44e8180b7663789745bf84679e24d8c43e70219e17dac62448ff68e4b271e8f","first_seen":"2025-12-31T15:30:25.272226Z","last_seen":"2026-04-11T19:38:54.37079Z","times_seen":1521,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":4,"dns":0,"connect":0,"send":0,"wait":3,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}