www.upload.ee/download/15948481/66efff39742d1ddce8e5/Server.exe
51.91.30.159 401 B URL www.upload.ee/download/15948481/66efff39742d1ddce8e5/Server.exe
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (401), with no line terminators
Hash a0ac8f2c18b97de6a7e5ff3d09faab2d
5f3f03bbd55be8ab20e59041d4a2c3eb204d4bcf
3d42882d1712993548446fa684f3911185c2fc643fd09737bf7d84f1b80ff2f6
GET /download/15948481/66efff39742d1ddce8e5/Server.exe HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 18 Nov 2023 00:26:05 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 401
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
www.upload.ee/download/15948481/66efff39742d1ddce8e5/Server.exe
51.91.30.159 401 B URL www.upload.ee/download/15948481/66efff39742d1ddce8e5/Server.exe
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (401), with no line terminators
Hash a0ac8f2c18b97de6a7e5ff3d09faab2d
5f3f03bbd55be8ab20e59041d4a2c3eb204d4bcf
3d42882d1712993548446fa684f3911185c2fc643fd09737bf7d84f1b80ff2f6
GET /download/15948481/66efff39742d1ddce8e5/Server.exe HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 18 Nov 2023 00:26:06 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 401
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
51.91.30.159200 OK 9.0 kB URL User Request GET HTTP/1.1 www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
IP 51.91.30.159:443
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4526)
Hash e2570d2bd51edf098cdd36a72911b48c
01a8000d5f6bf064b9e102e674a5a1c7e07b2790
b855536ca2c0835b574cbf9c584afd1b3062572cd2568992db4d69e1629804fc
GET /files/15948481/Server.exe.html?msg=sess_error HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/download/15948481/66efff39742d1ddce8e5/Server.exe
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Nov 2023 00:26:06 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8983
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 18 Nov 2023 02:26:06 +0200
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
Set-Cookie: lng=eng; expires=Sat, 16-Dec-2023 00:26:06 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None
Content-Encoding: gzip
www.upload.ee/static/ubr__style.css
51.91.30.159 2.8 kB URL www.upload.ee/static/ubr__style.css
IP 51.91.30.159:0
File type ASCII text, with very long lines (591), with CRLF line terminators
Hash 7b9692d4caecccf38e40d2333f8e00b0
8ecb4f873571250f02a5cc2ceff0a24aed25fc33
c4042306388924b75aa7d584c1e61165264967a52d09544ecba836f0d00eb9b9
GET /static/ubr__style.css HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Nov 2023 00:26:06 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Oct 2023 12:17:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"652e7b50-24da"
Expires: Sat, 25 Nov 2023 00:26:06 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip
www.upload.ee/js/js__file_upload.js
51.91.30.159200 OK 7.7 kB URL GET HTTP/1.1 www.upload.ee/js/js__file_upload.js
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (1853)
Hash 66684709338f7239056ff3302e16bc4a
7dbd501434bdc062cdc8f6744e272a7d39ca5136
5163e50a8fe4549a8ca064e266de9c8e6aebd1d848185e0931959824a4d32c0f
GET /js/js__file_upload.js HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Nov 2023 00:26:06 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Oct 2023 12:32:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"652e7ed5-651c"
Expires: Sat, 25 Nov 2023 00:26:06 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip
www.upload.ee/images/arrow.gif
51.91.30.159 59 B URL www.upload.ee/images/arrow.gif
IP 51.91.30.159:0
File type GIF image data, version 89a, 6 x 9\012- data
Hash 6675f814b94f13f91f1383707b250e36
31452650e8fce2095613a2010799bdb7548bdd51
061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411
GET /images/arrow.gif HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Nov 2023 00:26:06 GMT
Content-Type: image/gif
Content-Length: 59
Last-Modified: Sun, 14 Apr 2013 07:15:01 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "516a5775-3b"
Expires: Sat, 25 Nov 2023 00:26:06 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.upload.ee/images/dl_.png
51.91.30.159 1.9 kB URL www.upload.ee/images/dl_.png
IP 51.91.30.159:0
File type PNG image data, 154 x 32, 8-bit colormap, non-interlaced\012- data
Hash f3e8f284a4e98cdb91b6abfc142d94a4
fa9e618c2f56bea752ddd7e45a372c5539dadda9
2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882
GET /images/dl_.png HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Nov 2023 00:26:06 GMT
Content-Type: image/png
Content-Length: 1900
Last-Modified: Thu, 01 Dec 2016 09:37:27 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "583fef57-76c"
Expires: Sat, 25 Nov 2023 00:26:06 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.googletagmanager.com/gtag/js?id=UA-6703115-1
142.250.74.168 51 kB URL www.googletagmanager.com/gtag/js?id=UA-6703115-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2213)
Hash 77c7e3b34877e66bd92a86ccf10dff70
a3e1de92fb7c5521a71660bff967cceb57143c1e
fdb5b72df35a6a7af2bda76deef4b77db23c2b648fdfb59de82b5f6cd43f9399
GET /gtag/js?id=UA-6703115-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Nov 2023 00:26:06 GMT
expires: Sat, 18 Nov 2023 00:26:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51371
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
du0pud0sdlmzf.cloudfront.net/?dupud=997369
143.204.42.211 118 kB URL du0pud0sdlmzf.cloudfront.net/?dupud=997369
IP 143.204.42.211:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 118 kB (117754 bytes)
Hash bb79aaad1cec2b662af9789f22abc5b4
eb7565685ce03fc0cdf2311f863eecf9fb44fe73
18af19e2725475ff5a880c962dfaf7321e48b0fdb82c08d475338d44e5722ada
GET /?dupud=997369 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 117754
date: Sat, 18 Nov 2023 00:26:06 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nvlJZSrjwB3dY3mcSljq3nAwKM3M4C-XwIrk6sqzzOweE6Nxtm36xw==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
142.250.74.168 86 kB URL www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (3034)
Hash 2fbc4fd40a97ef8677cc9165a2e7d2d5
9331977a4921eb9e1ba4eb22a0bfba13cca54e7b
23bf5c37b74f87250600fb9e726f485114fc231eee6c3de8343a1cdcc5acd9e2
GET /gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 18 Nov 2023 00:26:06 GMT
expires: Sat, 18 Nov 2023 00:26:06 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85976
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
setitoefanyor.org/UWo0ZjZ+VVcVCwIQUD5sFShOJ2EXP3VVBhczBTdyNw12C2MmJxISXzVXDV8BYlwNQEY4DglXECIeVRJDIlcFQF8/DFtbECdXBUgFZUQHUhhhTEFbB3ceRAdRbFsSFkIlBglXAWFaBlABYFwDUQ5o
172.67.198.24204 No Content 0 B URL GET HTTP/2 setitoefanyor.org/UWo0ZjZ+VVcVCwIQUD5sFShOJ2EXP3VVBhczBTdyNw12C2MmJxISXzVXDV8BYlwNQEY4DglXECIeVRJDIlcFQF8/DFtbECdXBUgFZUQHUhhhTEFbB3ceRAdRbFsSFkIlBglXAWFaBlABYFwDUQ5o
IP 172.67.198.24:443
Requested by https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectsetitoefanyor.org
Fingerprint71:E6:35:28:05:47:4A:2C:6E:EB:4C:92:5D:31:D3:8B:D5:4D:B8:83
ValidityWed, 15 Nov 2023 06:34:23 GMT - Tue, 13 Feb 2024 06:34:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UWo0ZjZ+VVcVCwIQUD5sFShOJ2EXP3VVBhczBTdyNw12C2MmJxISXzVXDV8BYlwNQEY4DglXECIeVRJDIlcFQF8/DFtbECdXBUgFZUQHUhhhTEFbB3ceRAdRbFsSFkIlBglXAWFaBlABYFwDUQ5o HTTP/1.1
Host: setitoefanyor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 18 Nov 2023 00:26:06 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7J5BpGMlR2wOal8LypjbO%2BIwGM%2BScB0XZjLLr7quo01qoOzxb6Bz2D4LCt1N%2FmKgSQR8AU3Tq5T8lpO6hkUehEFPSW507288RUPqfy9dntKe9hLE6FzcrunvBngnLOtb52497Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 827c148099cfb4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
setitoefanyor.org/eDVvQmpXCgwxVzVwOXYnMHglIQEfdD4lDktmLhQoOX09DCg9Rkk2AxwIVntdTAVXZBoRUVJzUl5GGyMeDUZSc0wRWwktV15DUnNESBtdbF5eQFJzTAxFDiVXSRMfNh4UCF51WkgHWXVbTgJXc1s
172.67.198.24 0 B URL setitoefanyor.org/eDVvQmpXCgwxVzVwOXYnMHglIQEfdD4lDktmLhQoOX09DCg9Rkk2AxwIVntdTAVXZBoRUVJzUl5GGyMeDUZSc0wRWwktV15DUnNESBtdbF5eQFJzTAxFDiVXSRMfNh4UCF51WkgHWXVbTgJXc1s
IP 172.67.198.24:0
Certificate IssuerGoogle Trust Services LLC
Subjectsetitoefanyor.org
Fingerprint71:E6:35:28:05:47:4A:2C:6E:EB:4C:92:5D:31:D3:8B:D5:4D:B8:83
ValidityWed, 15 Nov 2023 06:34:23 GMT - Tue, 13 Feb 2024 06:34:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eDVvQmpXCgwxVzVwOXYnMHglIQEfdD4lDktmLhQoOX09DCg9Rkk2AxwIVntdTAVXZBoRUVJzUl5GGyMeDUZSc0wRWwktV15DUnNESBtdbF5eQFJzTAxFDiVXSRMfNh4UCF51WkgHWXVbTgJXc1s HTTP/1.1
Host: setitoefanyor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 18 Nov 2023 00:26:06 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OROZDkUclcIZY0lrh7%2F0dXSXJSehhfMMIurB7lXYZYn2bBkp35fcLjkGEB4GrRauJ0w7QWfhYfOEUHMPGSJ6PY%2B10KbCltHPxs4SFjn%2BUGl0jv1NhUJEB0xpDckctBIvLqXrXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 827c1480a9d2b4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
adiingsinspiri.org/TDQyanQtVlEHSy0JUEwBPlgPT0YKEQAsEDkEQh8QfEdWBhk2UhwJGCNBVgwGI1pGRBopQBdYMnh6ZQY9GAVkPTYlbUILHwl1fiI+P3B0X0MpY0U+NTZHVSVEGmF4IhgrYV4rEg1ecyg+CH0XWDYGQ2g6JAhhSikyIEF7ECYucFw8BAFyQSEQFAFIPDV8RVEHMRh8Zg0THFNVIzkfXwUyEzsRACg/NlBwPg58QVMsEwt5WzNBG2VaHhIeeXM4RyRFaB0iDnl6Xx8Jcl0hFSFXdCgnCVx7L0UBUVxSAAhiCjIRG3FjPRM8RWgdIS5kXxoZKHJaXhAiR3Q7M2EFCzAiBXl5EyV6cXQZOypjZy8jFFwXWDYWZWAnESIMSDI2P0B5PgQCYHoFPhZ1YDMuIg1IOzIeARQAByNaQlcYegFVUyMBUQYnDj1GAQ
54.230.111.81 1.2 kB URL adiingsinspiri.org/TDQyanQtVlEHSy0JUEwBPlgPT0YKEQAsEDkEQh8QfEdWBhk2UhwJGCNBVgwGI1pGRBopQBdYMnh6ZQY9GAVkPTYlbUILHwl1fiI+P3B0X0MpY0U+NTZHVSVEGmF4IhgrYV4rEg1ecyg+CH0XWDYGQ2g6JAhhSikyIEF7ECYucFw8BAFyQSEQFAFIPDV8RVEHMRh8Zg0THFNVIzkfXwUyEzsRACg/NlBwPg58QVMsEwt5WzNBG2VaHhIeeXM4RyRFaB0iDnl6Xx8Jcl0hFSFXdCgnCVx7L0UBUVxSAAhiCjIRG3FjPRM8RWgdIS5kXxoZKHJaXhAiR3Q7M2EFCzAiBXl5EyV6cXQZOypjZy8jFFwXWDYWZWAnESIMSDI2P0B5PgQCYHoFPhZ1YDMuIg1IOzIeARQAByNaQlcYegFVUyMBUQYnDj1GAQ
IP 54.230.111.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators
Hash bd862f99cfb56ab187551a51f15c22e7
18aeb8ae70d502d3b2722bb3ce1cce632b383b90
bba31d07930548bf60fe44a7bec5d18a21cfdb00ecd675152b9001776d8087e0
GET /TDQyanQtVlEHSy0JUEwBPlgPT0YKEQAsEDkEQh8QfEdWBhk2UhwJGCNBVgwGI1pGRBopQBdYMnh6ZQY9GAVkPTYlbUILHwl1fiI+P3B0X0MpY0U+NTZHVSVEGmF4IhgrYV4rEg1ecyg+CH0XWDYGQ2g6JAhhSikyIEF7ECYucFw8BAFyQSEQFAFIPDV8RVEHMRh8Zg0THFNVIzkfXwUyEzsRACg/NlBwPg58QVMsEwt5WzNBG2VaHhIeeXM4RyRFaB0iDnl6Xx8Jcl0hFSFXdCgnCVx7L0UBUVxSAAhiCjIRG3FjPRM8RWgdIS5kXxoZKHJaXhAiR3Q7M2EFCzAiBXl5EyV6cXQZOypjZy8jFFwXWDYWZWAnESIMSDI2P0B5PgQCYHoFPhZ1YDMuIg1IOzIeARQAByNaQlcYegFVUyMBUQYnDj1GAQ HTTP/1.1
Host: adiingsinspiri.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Sat, 18 Nov 2023 00:26:06 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 517CGqnMyPvacrEGRsQZsfulY7guMFvq7Haa9QE_ZYvjjIp2Fapyvg==
X-Firefox-Spdy: h2
adiingsinspiri.org/VGhkRXc1CgcoSDVVBmMCJgRZYEUSTVYDEyFYFDATZBsAKRouDkomGzsdACMFOwYQaxkxHEF3MQIKVAM6BT8tCDs9IQodJScHLw0PNj4KH0M3PhQPPC5QEQE1bVAndhA2KiwIEBcRB3Y+LgcxFzUnXy8NDwc7N3UDGB8yFi0tAxIEIR4fBSw2Eyw8PUMOEAcKERctEQI2DRwtBjUcMDUhQjZZLg4UZxAUAhthHwUdPjM7CgtPGDkXBzkQOg8QMWxdAA0UbT88Ewc3ASYOFGcfHgMyJBEgHTUHPgl8TzUtACEUBxsPBCYFHQUdOj8wPANONz4uIBQMRVUuIhJQCg8jGSAnFkNkMiIEBzcgVTIjElEKCi8sPEIvBDsGFHgwbREPdxseLTwnAQE
54.230.111.81200 OK 1.2 kB URL GET HTTP/2 adiingsinspiri.org/VGhkRXc1CgcoSDVVBmMCJgRZYEUSTVYDEyFYFDATZBsAKRouDkomGzsdACMFOwYQaxkxHEF3MQIKVAM6BT8tCDs9IQodJScHLw0PNj4KH0M3PhQPPC5QEQE1bVAndhA2KiwIEBcRB3Y+LgcxFzUnXy8NDwc7N3UDGB8yFi0tAxIEIR4fBSw2Eyw8PUMOEAcKERctEQI2DRwtBjUcMDUhQjZZLg4UZxAUAhthHwUdPjM7CgtPGDkXBzkQOg8QMWxdAA0UbT88Ewc3ASYOFGcfHgMyJBEgHTUHPgl8TzUtACEUBxsPBCYFHQUdOj8wPANONz4uIBQMRVUuIhJQCg8jGSAnFkNkMiIEBzcgVTIjElEKCi8sPEIvBDsGFHgwbREPdxseLTwnAQE
IP 54.230.111.81:443
Requested by https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Certificate IssuerAmazon
Subjectadiingsinspiri.org
FingerprintF1:71:03:4D:5E:75:1B:A9:AB:5F:04:38:5F:1A:B1:DB:D9:D4:85:4C
ValidityWed, 15 Nov 2023 00:00:00 GMT - Fri, 13 Dec 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2998), with no line terminators
Hash 8b9e5b452e3dfd18e7eeab61e0583e8c
55ba1cabd3640742073b7e7df66a9aa208d7fee7
660e8aceedbe459ef992b1bb9b63670b43ba22510e4dbc00904ee476bdba0dff
GET /VGhkRXc1CgcoSDVVBmMCJgRZYEUSTVYDEyFYFDATZBsAKRouDkomGzsdACMFOwYQaxkxHEF3MQIKVAM6BT8tCDs9IQodJScHLw0PNj4KH0M3PhQPPC5QEQE1bVAndhA2KiwIEBcRB3Y+LgcxFzUnXy8NDwc7N3UDGB8yFi0tAxIEIR4fBSw2Eyw8PUMOEAcKERctEQI2DRwtBjUcMDUhQjZZLg4UZxAUAhthHwUdPjM7CgtPGDkXBzkQOg8QMWxdAA0UbT88Ewc3ASYOFGcfHgMyJBEgHTUHPgl8TzUtACEUBxsPBCYFHQUdOj8wPANONz4uIBQMRVUuIhJQCg8jGSAnFkNkMiIEBzcgVTIjElEKCi8sPEIvBDsGFHgwbREPdxseLTwnAQE HTTP/1.1
Host: adiingsinspiri.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1156
date: Sat, 18 Nov 2023 00:26:06 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QbXKej69jrqNNpKMqvK7hZ_VTIhDGssGKabNId5FVsPCAczizXrPJQ==
X-Firefox-Spdy: h2
adiingsinspiri.org/Z2ZXMDEGBDRdDgZbNRZEFQpqFQMhQ2V2VRJWJ0VVVxUzXFwdAHlTXQgTM1ZDCAgjHl8CEnICdw4oAmZnBAwRZ3oNFQJ0WiIVGmUJLiIfelk2EQJkfR4/M2gBMVIZW1UQJGRmWSJVbkR5JVIyVEYEVDRHayszD1hdMSBmZXodLAd2ACYUGVsJJiMuYUkiJyByaB4jFGhdUlIZcUU/MS4ERiUgAWh8PysfZXAACRhXWT4xBFsBMREZSlIvEhR2cANXMWFeJiQQclwqJAZ4VTMNNWgBJl80dXAlMg8BWys3NHJoID8gdnADVx1HYDIkMGJaNgEwUlU/Sy9ocBAzPn1zIQcAXXMJKBZ9dwMhAXNwJjBnU3QmJAJJRgkgZlRQNz4VcVUQNGdqdxAkEkpzCDcgFlsUCTlADARTFgIBUwcZaGgsChECQg
54.230.111.81 1.2 kB URL adiingsinspiri.org/Z2ZXMDEGBDRdDgZbNRZEFQpqFQMhQ2V2VRJWJ0VVVxUzXFwdAHlTXQgTM1ZDCAgjHl8CEnICdw4oAmZnBAwRZ3oNFQJ0WiIVGmUJLiIfelk2EQJkfR4/M2gBMVIZW1UQJGRmWSJVbkR5JVIyVEYEVDRHayszD1hdMSBmZXodLAd2ACYUGVsJJiMuYUkiJyByaB4jFGhdUlIZcUU/MS4ERiUgAWh8PysfZXAACRhXWT4xBFsBMREZSlIvEhR2cANXMWFeJiQQclwqJAZ4VTMNNWgBJl80dXAlMg8BWys3NHJoID8gdnADVx1HYDIkMGJaNgEwUlU/Sy9ocBAzPn1zIQcAXXMJKBZ9dwMhAXNwJjBnU3QmJAJJRgkgZlRQNz4VcVUQNGdqdxAkEkpzCDcgFlsUCTlADARTFgIBUwcZaGgsChECQg
IP 54.230.111.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3027), with no line terminators
Hash 0f8fb7d41a25e350e4a9b4f57909bc38
a34338d03f71f8f81bbac5c9524c8e3b3792ba76
3d14f5c5ee0a83311b79a8df26a20deb48eac0baeb4f335cac2f0fce5e9ab1c5
GET /Z2ZXMDEGBDRdDgZbNRZEFQpqFQMhQ2V2VRJWJ0VVVxUzXFwdAHlTXQgTM1ZDCAgjHl8CEnICdw4oAmZnBAwRZ3oNFQJ0WiIVGmUJLiIfelk2EQJkfR4/M2gBMVIZW1UQJGRmWSJVbkR5JVIyVEYEVDRHayszD1hdMSBmZXodLAd2ACYUGVsJJiMuYUkiJyByaB4jFGhdUlIZcUU/MS4ERiUgAWh8PysfZXAACRhXWT4xBFsBMREZSlIvEhR2cANXMWFeJiQQclwqJAZ4VTMNNWgBJl80dXAlMg8BWys3NHJoID8gdnADVx1HYDIkMGJaNgEwUlU/Sy9ocBAzPn1zIQcAXXMJKBZ9dwMhAXNwJjBnU3QmJAJJRgkgZlRQNz4VcVUQNGdqdxAkEkpzCDcgFlsUCTlADARTFgIBUwcZaGgsChECQg HTTP/1.1
Host: adiingsinspiri.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Sat, 18 Nov 2023 00:26:06 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zfy-5kg7PeXqMV4iMjaHo_KgIAJYaFvmFIM5MemzxUhHMhr_SXR1HQ==
X-Firefox-Spdy: h2
setitoefanyor.org/WWpPUE12VSwjcAo8GQIpMh43CSAbLioYdDIwfx40Pz0JOB8RBWkkJD1Xdml6bVt7dj0wDnJhayoeLiQ4Kld+diQ3DCBtay9Xfn5+bUR8ZGNpTDptfH8ePzEqZFtpIDktBnJhemlafWZ6aFx4aH9h
172.67.198.24 0 B URL setitoefanyor.org/WWpPUE12VSwjcAo8GQIpMh43CSAbLioYdDIwfx40Pz0JOB8RBWkkJD1Xdml6bVt7dj0wDnJhayoeLiQ4Kld+diQ3DCBtay9Xfn5+bUR8ZGNpTDptfH8ePzEqZFtpIDktBnJhemlafWZ6aFx4aH9h
IP 172.67.198.24:0
Certificate IssuerGoogle Trust Services LLC
Subjectsetitoefanyor.org
Fingerprint71:E6:35:28:05:47:4A:2C:6E:EB:4C:92:5D:31:D3:8B:D5:4D:B8:83
ValidityWed, 15 Nov 2023 06:34:23 GMT - Tue, 13 Feb 2024 06:34:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WWpPUE12VSwjcAo8GQIpMh43CSAbLioYdDIwfx40Pz0JOB8RBWkkJD1Xdml6bVt7dj0wDnJhayoeLiQ4Kld+diQ3DCBtay9Xfn5+bUR8ZGNpTDptfH8ePzEqZFtpIDktBnJhemlafWZ6aFx4aH9h HTTP/1.1
Host: setitoefanyor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 18 Nov 2023 00:26:06 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTeRXMtyXj8NOz8FC0gA%2FUlrnFVDJ8%2FyZrzuFFX2t2gKoSN%2BWX4GQnG6XB6nj80EFaU7m%2FrE8yDKvtFLZ44N5dmh%2B6IXjkRtjcT9R%2BKTeNjzvSifgOZx3F165YcCaUt2M82s%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 827c1480c9d8b4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.upload.ee/favicon.ico
51.91.30.159 1.2 kB URL www.upload.ee/favicon.ico
IP 51.91.30.159:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f299cf2e651c19e48d27900ced493ccb
c2d1086d517d7a26292e0d7b32da7c55b166c23b
115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1
GET /favicon.ico HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Cookie: lng=eng; _ga_LT9YQX0N49=GS1.1.1700267167.1.0.1700267167.0.0.0; _ga=GA1.1.1424656933.1700267168
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 18 Nov 2023 00:26:07 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 16 Dec 2008 17:17:25 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "4947e2a5-47e"
Expires: Sat, 25 Nov 2023 00:26:07 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109 0 B URL accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:igJNz-FhNbVmU_iK3ge32xnlcdHOUw:4ktV2wqGb7EP0cqQ; Expires=Mon, 17-Nov-2025 00:26:07 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 18 Nov 2023 00:26:07 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyxTgw_GcdUgUGZzwzh9QdyZQLmkoKZckjF3vWHcjmH6-IKBpsJlRcWRv99VAh4QS0mynTFa
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-cSY0vrSUnHOtwedpYf8Y5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adiingsinspiri.org/utx?cb=xLVEEdAsDwqH&top=www.upload.ee&tid=997414
54.230.111.81 0 B URL adiingsinspiri.org/utx?cb=xLVEEdAsDwqH&top=www.upload.ee&tid=997414
IP 54.230.111.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=xLVEEdAsDwqH&top=www.upload.ee&tid=997414 HTTP/1.1
Host: adiingsinspiri.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 18 Nov 2023 00:26:07 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 18 Nov 2023 00:27:07 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A7TsDeYYF0nakbj6z7Lyisnuxc1EX4EG-aty8PJQm_yCIoqf6Qc6aA==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109 0 B URL accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:TSnx0RhCmfSupl16l7lSL_BiFVT6WQ:zA7SV4jnRoHJjQmC; Expires=Mon, 17-Nov-2025 00:26:07 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 18 Nov 2023 00:26:07 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyw95RLM0xRCzOjLEiNxw-0nuYROpxGafshKLDchsfOvqTwUSYDVsM3_UjPqfl1TuPpdv8zY
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce-q6ReAexXZK1mWV8pLu1l2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyxTgw_GcdUgUGZzwzh9QdyZQLmkoKZckjF3vWHcjmH6-IKBpsJlRcWRv99VAh4QS0mynTFa
142.250.74.109302 Found 402 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyxTgw_GcdUgUGZzwzh9QdyZQLmkoKZckjF3vWHcjmH6-IKBpsJlRcWRv99VAh4QS0mynTFa
IP 142.250.74.109:443
Requested by https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (393)
Hash 7537716fd72c9181f689a7bb04f7f25b
a06bb805fef6dc83ce3a2aa9f65c9ffd91966f5c
236f2810bb2e0191f53dc5827b2a643c44b146e4cdd433767d359225e3b27da3
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AVQVeyxTgw_GcdUgUGZzwzh9QdyZQLmkoKZckjF3vWHcjmH6-IKBpsJlRcWRv99VAh4QS0mynTFa HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:hDVQ8Z9X1OVyAmxb2ffRyFFv4rovyQ:JQ6ENq97UA0JpdwS;Path=/;Expires=Mon, 17-Nov-2025 00:26:07 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 18 Nov 2023 00:26:07 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeywOeJYRf4ECoVjFMsbpriRE_6LATPfO71-y_dZVtN9tTF0a9y-KeiXzDJvKtoS1lpVcxrtR&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-754235248%3A1700267167247993&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-RlTyCAuHIbxkUFcmBF1Mww' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 402
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adiingsinspiri.org/utx?cb=IoIQax0m6hwJ&top=www.upload.ee&tid=997369
54.230.111.81 0 B URL adiingsinspiri.org/utx?cb=IoIQax0m6hwJ&top=www.upload.ee&tid=997369
IP 54.230.111.81:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=IoIQax0m6hwJ&top=www.upload.ee&tid=997369 HTTP/1.1
Host: adiingsinspiri.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 18 Nov 2023 00:26:07 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 18 Nov 2023 00:27:07 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fyuRM3kiKUbzfX8554GgcN4OxF-e7zZqa7cI_eKo9wsgP45-A_jdRg==
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyw95RLM0xRCzOjLEiNxw-0nuYROpxGafshKLDchsfOvqTwUSYDVsM3_UjPqfl1TuPpdv8zY
142.250.74.109 407 B URL accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyw95RLM0xRCzOjLEiNxw-0nuYROpxGafshKLDchsfOvqTwUSYDVsM3_UjPqfl1TuPpdv8zY
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (399)
Hash e3dcda91153a75e46ff4350cf7b1d740
0d99b236ed77c8c9783c83d2a7e6d0fd38f88284
2772dc91a14602ddc44add14805e34ed333ed90301529cb9e9664575a59fa2e7
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AVQVeyw95RLM0xRCzOjLEiNxw-0nuYROpxGafshKLDchsfOvqTwUSYDVsM3_UjPqfl1TuPpdv8zY HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:XlhGi20XLQ-UAUIP7np-MR1q74-mLQ:qGk3hjplFQMk042j;Path=/;Expires=Mon, 17-Nov-2025 00:26:07 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 18 Nov 2023 00:26:07 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyzUbjbemTt4oBcd6UNMUIa0dTWEgBiOiFnSWM3nHGq3e949Xj1kOWks4I_b5XRD7SW_IG7Dww&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-771687877%3A1700267167325014&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-j-_KWuWvDkL1g3iMP1_6bg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 407
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
du0pud0sdlmzf.cloudfront.net/4NWlIT1VWBiYpakEALHJsDF57eWwTAzsgO0VUJHlgUlAfAjABJDI+JwZPPDUxCFluIzRbDnVpMFsKdX5zVA0qcmETHTggPggIMSk7Xgw+KzdBTz0uaFgGMiY5WQhtfRMAR3hqZwVBMH5kEFoKamcFBSEhIE1Men8tDV8XeWEQWgpqZwUbPmpmdFh4dnsFQG-19ZVIMKyQ6EFsOfWUEWXh+ZQRMen8zXBstKTpNTHoJZARYZn9zQFR5
143.204.42.211 612 B URL du0pud0sdlmzf.cloudfront.net/4NWlIT1VWBiYpakEALHJsDF57eWwTAzsgO0VUJHlgUlAfAjABJDI+JwZPPDUxCFluIzRbDnVpMFsKdX5zVA0qcmETHTggPggIMSk7Xgw+KzdBTz0uaFgGMiY5WQhtfRMAR3hqZwVBMH5kEFoKamcFBSEhIE1Men8tDV8XeWEQWgpqZwUbPmpmdFh4dnsFQG-19ZVIMKyQ6EFsOfWUEWXh+ZQRMen8zXBstKTpNTHoJZARYZn9zQFR5
IP 143.204.42.211:0
File type ASCII text, with very long lines (866), with no line terminators
Hash db6e0a7b17fafcab40427e77f4132a87
db66bd688cfb4de092403d1228a66100d798eb48
3bacbb3d6957644660eec4d9150874bb942a04b9722c3c4ff1854eb78c83d914
GET /4NWlIT1VWBiYpakEALHJsDF57eWwTAzsgO0VUJHlgUlAfAjABJDI+JwZPPDUxCFluIzRbDnVpMFsKdX5zVA0qcmETHTggPggIMSk7Xgw+KzdBTz0uaFgGMiY5WQhtfRMAR3hqZwVBMH5kEFoKamcFBSEhIE1Men8tDV8XeWEQWgpqZwUbPmpmdFh4dnsFQG-19ZVIMKyQ6EFsOfWUEWXh+ZQRMen8zXBstKTpNTHoJZARYZn9zQFR5 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adiingsinspiri.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 612
date: Sat, 18 Nov 2023 00:26:07 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lzSJNEvOAr7IpC0n0_9x2y4F2UgBt-EI5nykp5KoNIoKx1HfZjeMQQ==
X-Firefox-Spdy: h2
du0pud0sdlmzf.cloudfront.net/Vb0FMQWIMLiInXRsoKHxbVnZ4cVpJKz8uDB98C3gbBHMgCyc3IzoURBs7KHxSSS0tLwVSZykvAVJwaiAGDXx4ZxcOfCEuGAYtICBHXQd5b1JKc3xpGl5waXIgSnN8LQsBNDRkUF85dHc9WXVpciBKc3wzFEpyDXBSVm98aEddcSskAQQuaXMkXXF9cVJecX-1kUF8nJTMHCS40ZFApcH1wTF9nOXxT
143.204.42.211 189 B URL du0pud0sdlmzf.cloudfront.net/Vb0FMQWIMLiInXRsoKHxbVnZ4cVpJKz8uDB98C3gbBHMgCyc3IzoURBs7KHxSSS0tLwVSZykvAVJwaiAGDXx4ZxcOfCEuGAYtICBHXQd5b1JKc3xpGl5waXIgSnN8LQsBNDRkUF85dHc9WXVpciBKc3wzFEpyDXBSVm98aEddcSskAQQuaXMkXXF9cVJecX-1kUF8nJTMHCS40ZFApcH1wTF9nOXxT
IP 143.204.42.211:0
File type ASCII text, with no line terminators
Hash 521a520fe46dd875cc6efe10a234f3c8
191b754a854279a4030c00ea2e3e29cdb3f540d2
59ba8cc7373872eaaf269c4df49528570d3cde302e0dc2d2b4348ac7340ce57d
GET /Vb0FMQWIMLiInXRsoKHxbVnZ4cVpJKz8uDB98C3gbBHMgCyc3IzoURBs7KHxSSS0tLwVSZykvAVJwaiAGDXx4ZxcOfCEuGAYtICBHXQd5b1JKc3xpGl5waXIgSnN8LQsBNDRkUF85dHc9WXVpciBKc3wzFEpyDXBSVm98aEddcSskAQQuaXMkXXF9cVJecX-1kUF8nJTMHCS40ZFApcH1wTF9nOXxT HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adiingsinspiri.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 189
date: Sat, 18 Nov 2023 00:26:07 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O8xXSNfpOjTJpNMgwNMnwCZBRdgce0HL2ChuWVRxYt53RPqfWTtRRg==
X-Firefox-Spdy: h2
du0pud0sdlmzf.cloudfront.net/iNUVVcjFWKjsUDkEsMU8IDHJhQwUTLyYdX0V4NkdwB3VhE39tHB4edwc2cwZLUXhlVF1UKzJPF1ArNk8AEyQxEAwBYyECXl54NAtXWy4wBFVXMXMHUAgoOghYWSk0VwNzcHtCFAd1fQoABGBmMBQHdTkbX0A9cEABTX1jLQcBYGYwFAd1JwQUBgRkQggbdX-xXAwUiMBFaWmBnNAMFdGVCAAV0cEABUywnF1daPXBAdwR0ZFwBEzBoQw
143.204.42.211 579 B URL du0pud0sdlmzf.cloudfront.net/iNUVVcjFWKjsUDkEsMU8IDHJhQwUTLyYdX0V4NkdwB3VhE39tHB4edwc2cwZLUXhlVF1UKzJPF1ArNk8AEyQxEAwBYyECXl54NAtXWy4wBFVXMXMHUAgoOghYWSk0VwNzcHtCFAd1fQoABGBmMBQHdTkbX0A9cEABTX1jLQcBYGYwFAd1JwQUBgRkQggbdX-xXAwUiMBFaWmBnNAMFdGVCAAV0cEABUywnF1daPXBAdwR0ZFwBEzBoQw
IP 143.204.42.211:0
File type ASCII text, with very long lines (799), with no line terminators
Hash 89fb982b48eedc49039e9a60dde4b527
5a3e141e55f85bbbcd0e078406552c2a7d1a485f
84f02c470522afb35513b609d7a5150d64f2bc9599f87e36981b4482515a01af
GET /iNUVVcjFWKjsUDkEsMU8IDHJhQwUTLyYdX0V4NkdwB3VhE39tHB4edwc2cwZLUXhlVF1UKzJPF1ArNk8AEyQxEAwBYyECXl54NAtXWy4wBFVXMXMHUAgoOghYWSk0VwNzcHtCFAd1fQoABGBmMBQHdTkbX0A9cEABTX1jLQcBYGYwFAd1JwQUBgRkQggbdX-xXAwUiMBFaWmBnNAMFdGVCAAV0cEABUywnF1daPXBAdwR0ZFwBEzBoQw HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://adiingsinspiri.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 579
date: Sat, 18 Nov 2023 00:26:07 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: IDHCR12DBXLKlNGySXvCztiTIe12sCfigKlfP_QIjVXctBQMiQhHvA==
X-Firefox-Spdy: h2
setitoefanyor.org/bGJiSmxDXQE5UT5TJDg9XjRHeCo2DhJ4OgIkBRI0NgEBeDoOATQbShgLBndVVVVWe1hKEgsuUV1EET4NGBcRd19cUlNsBQIEDXdcXFJTbBpRU0x5WEJRVmRcShdfe11dUlp7WFVbW39eVVFRfEoYEgMtUV1EEj4YAF9TfVxcUFR9XVpaVHhe
172.67.198.24204 No Content 0 B URL POST HTTP/3 setitoefanyor.org/bGJiSmxDXQE5UT5TJDg9XjRHeCo2DhJ4OgIkBRI0NgEBeDoOATQbShgLBndVVVVWe1hKEgsuUV1EET4NGBcRd19cUlNsBQIEDXdcXFJTbBpRU0x5WEJRVmRcShdfe11dUlp7WFVbW39eVVFRfEoYEgMtUV1EEj4YAF9TfVxcUFR9XVpaVHhe
IP 172.67.198.24:443
Requested by https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectsetitoefanyor.org
Fingerprint71:E6:35:28:05:47:4A:2C:6E:EB:4C:92:5D:31:D3:8B:D5:4D:B8:83
ValidityWed, 15 Nov 2023 06:34:23 GMT - Tue, 13 Feb 2024 06:34:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bGJiSmxDXQE5UT5TJDg9XjRHeCo2DhJ4OgIkBRI0NgEBeDoOATQbShgLBndVVVVWe1hKEgsuUV1EET4NGBcRd19cUlNsBQIEDXdcXFJTbBpRU0x5WEJRVmRcShdfe11dUlp7WFVbW39eVVFRfEoYEgMtUV1EEj4YAF9TfVxcUFR9XVpaVHhe HTTP/1.1
Host: setitoefanyor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
date: Sat, 18 Nov 2023 00:26:07 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BSHj18QoPfSGb2PXqJi9UkVgwDteuz8sv6ViwaAaPavAUQHP291uIDroBtVv2YpdKNUuYyYu3nFu%2BFOnH5SdtK8rhHtM%2FHLaCIqyXqIpY1WlbIeHKNwqdlQ8M1SwbNcqSiCCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 827c1485b865b523-OSL
alt-svc: h3=":443"; ma=86400
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyzUbjbemTt4oBcd6UNMUIa0dTWEgBiOiFnSWM3nHGq3e949Xj1kOWks4I_b5XRD7SW_IG7Dww&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-771687877%3A1700267167325014&theme=glif
142.250.74.109 2.8 kB URL accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyzUbjbemTt4oBcd6UNMUIa0dTWEgBiOiFnSWM3nHGq3e949Xj1kOWks4I_b5XRD7SW_IG7Dww&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-771687877%3A1700267167325014&theme=glif
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1656)
Hash 25b8cecfa88d9ed73e68966e05922f06
eccc5b1b3e8367b63a7a81b850fffde58f726de8
da1b92e93af28be0e11b0d14a67aa5d216069771269faa0270b9e07257431af2
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AVQVeyzUbjbemTt4oBcd6UNMUIa0dTWEgBiOiFnSWM3nHGq3e949Xj1kOWks4I_b5XRD7SW_IG7Dww&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-771687877%3A1700267167325014&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 18 Nov 2023 00:26:07 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-1X9C3lOjiRCRMIrNTI6IIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
setitoefanyor.org/popunder.gif
172.67.198.24 177 kB URL setitoefanyor.org/popunder.gif
IP 172.67.198.24:0
Certificate IssuerGoogle Trust Services LLC
Subjectsetitoefanyor.org
Fingerprint71:E6:35:28:05:47:4A:2C:6E:EB:4C:92:5D:31:D3:8B:D5:4D:B8:83
ValidityWed, 15 Nov 2023 06:34:23 GMT - Tue, 13 Feb 2024 06:34:22 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Size 177 kB (177037 bytes)
Hash a484f93e1e1e1735547ff8650cd01f7d
5244badd6d6e8cee6f79b381db050877e62d366b
95ef72f51d062d408d3c2fb6351223f58d9cc78b873dfa5d16ceb78a6c5aba50
Analyzer Verdict Alert Public InfoSec YARA rules malware Identifies a webshell or backdoor in image files.
GET /popunder.gif HTTP/1.1
Host: setitoefanyor.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 18 Nov 2023 00:26:07 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 18518
last-modified: Fri, 17 Nov 2023 19:17:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wn5NembL%2Ffkv0y6Mh5ovi2m46teuW4zNkvsH6LjQrpA%2F1ua48CWYi9oWgc4%2F%2B0yOJXSBQxq2AnNBGHuOtDgn%2FLWpamdLR023VbaK%2BzYJzuG9UsZy8Pr0YtPGeT8bOIpw3RP9zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 827c14852fe5b523-OSL
alt-svc: h3=":443"; ma=86400
static.bepolite.eu/banners/2c571999-e5b7-410d-a271-bf1532acf5e0/Novembercampaing_1000x400_EE.jpg
212.47.222.22 53 kB URL static.bepolite.eu/banners/2c571999-e5b7-410d-a271-bf1532acf5e0/Novembercampaing_1000x400_EE.jpg
IP 212.47.222.22:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type JPEG image data, progressive, precision 8, 1000x400, components 3\012- data
Hash 4f8c6d530b3b16463c23f63c5c039f20
028f36c64868215ee266bf88f87126b8ca324c9c
0a671462370c495769e35b68d809de5ee4e0102f8dcc86ca7a882d2eaf6b9af1
GET /banners/2c571999-e5b7-410d-a271-bf1532acf5e0/Novembercampaing_1000x400_EE.jpg HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
accept-ranges: bytes
etag: "1818358582"
last-modified: Fri, 10 Nov 2023 22:00:23 GMT
content-length: 52870
date: Sat, 18 Nov 2023 00:25:57 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 832129724
age: 0
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeywOeJYRf4ECoVjFMsbpriRE_6LATPfO71-y_dZVtN9tTF0a9y-KeiXzDJvKtoS1lpVcxrtR&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-754235248%3A1700267167247993&theme=glif
142.250.74.109403 Forbidden 4.6 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeywOeJYRf4ECoVjFMsbpriRE_6LATPfO71-y_dZVtN9tTF0a9y-KeiXzDJvKtoS1lpVcxrtR&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-754235248%3A1700267167247993&theme=glif
IP 142.250.74.109:443
Requested by https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type gzip compressed data, max compression\012- data
Hash 874fc81768deef19df7b8d433abd1fe2
3dc9d8a1059c9b9bca947de53e372cf6a5ed3d4d
07faf061090c4c0a2c4577cefd2bcc6ed4cf940bd8092568c5087fd3458910ff
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AVQVeywOeJYRf4ECoVjFMsbpriRE_6LATPfO71-y_dZVtN9tTF0a9y-KeiXzDJvKtoS1lpVcxrtR&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-754235248%3A1700267167247993&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 18 Nov 2023 00:26:07 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-z7Wkg9e0_KdL-5D7YQxC9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
static.bepolite.eu/files/close-gray.png
212.47.222.22200 OK 1.5 kB URL GET HTTP/2 static.bepolite.eu/files/close-gray.png
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 41d9676ab94bece3f7a549b4769ddbe2
521f14490fc57fea51e2e5bf00e2299dce51561b
c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34
GET /files/close-gray.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1971769258"
last-modified: Fri, 08 Apr 2022 18:07:56 GMT
content-length: 1497
date: Sat, 18 Nov 2023 00:25:57 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 805212424
age: 0
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.132.28200 OK 8.2 kB IP 172.64.132.28:443
Requested by https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 763baa4409804540ccf837b5f9622e77
93ca74b9d1c9b4bd45516e4157a4eb37fc9db6ad
bba1583dce0d12d0dd2e1928079811eec02a2016a48e3fee4bda453e0ed57a33
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 18 Nov 2023 00:26:07 GMT
content-type: text/plain
set-cookie: csu=1110814999529336@1@1700267167; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thfQJiKxT5Wjq2M8CYuyQLB18dVFCJiehDOiDCMFPa67Eqnn%2BdoypeCVY6R%2FTN96aLm5juH%2BQhJg5WyFnLn0rvJLGDIuYjLgGqNPXkZUI6UWLLJka7XoAHndT9IiT0Vb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 827c14831e336397-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/gh/tumult/hype-runtime/HYPE-752.thin.min.js
151.101.129.229200 OK 26 kB URL GET HTTP/2 cdn.jsdelivr.net/gh/tumult/hype-runtime/HYPE-752.thin.min.js
IP 151.101.129.229:443
Requested by https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File type HTML document, ASCII text, with very long lines (3286)
Hash a7736c83b9ad2dd6317674cd4ed0bb68
0366b254fafb4a7a979a69fb9ef7be3434b74d14
4804b62bc3461ff1ab61aa2482690d79db2646701da68b6371ad1485c6f948fd
GET /gh/tumult/hype-runtime/HYPE-752.thin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"de41-A2ayVPr7SnqXmmn7nve+NDS3TRQ"
content-encoding: br
accept-ranges: bytes
date: Sat, 18 Nov 2023 00:26:09 GMT
age: 18462
x-served-by: cache-fra-eddf8230058-FRA, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26057
X-Firefox-Spdy: h2
static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/rimi-logo.png
212.47.222.22200 OK 2.4 kB URL GET HTTP/2 static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/rimi-logo.png
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
File type PNG image data, 217 x 78, 8-bit colormap, non-interlaced\012- data
Hash 4a7ad134a262803b349d9ee16df28c26
5ac60279269c61df50eaecf3cee3ad1e00d800da
9bb95117866759fb9cd38a74a39b1674e7843645032386748a5d4cb81ac4292b
GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/rimi-logo.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2867619645"
last-modified: Thu, 16 Nov 2023 09:49:38 GMT
content-length: 2424
date: Sat, 18 Nov 2023 00:25:58 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 877444071
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/est.png
212.47.222.22 7.3 kB URL static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/est.png
IP 212.47.222.22:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 392 x 141, 8-bit colormap, non-interlaced\012- data
Hash e580ec9b0f35b1b79bda72ce33fb6d1f
4f7bc40878126203ab538f8793869a95cb3f2e3c
f32b53a2d6e43bfc7ff31bf05a46a047a5bcba2d97eeae021024c19d546ea925
GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/est.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1809572135"
last-modified: Thu, 16 Nov 2023 09:49:38 GMT
content-length: 7328
date: Sat, 18 Nov 2023 00:25:58 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 867891857
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1000x200.png
212.47.222.22 9.4 kB URL static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1000x200.png
IP 212.47.222.22:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 1000 x 200, 8-bit colormap, non-interlaced\012- data
Hash 772e1546faf6e7d8a3db157dcb85f437
b2234be7206e161b45b5e6312719d6b17f8b80bf
4bd80455b71ec910d4efea6385b4737ea541b9c64b6976bc50b03dad3a48085f
GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1000x200.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3391313778"
last-modified: Thu, 16 Nov 2023 09:49:38 GMT
content-length: 9381
date: Sat, 18 Nov 2023 00:25:58 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 850896076
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-pic.png
212.47.222.22 24 kB URL static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-pic.png
IP 212.47.222.22:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 236 x 171, 8-bit colormap, non-interlaced\012- data
Hash 0f64aa6a68afedbcdc50baeedce643f0
175274267d9a396a691d4d869b666938cf3200ad
498efdaf701f047073b42e3058d3e86963043d812c2340f4a792accb77a1384b
GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-pic.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2236804787"
last-modified: Thu, 16 Nov 2023 09:49:38 GMT
content-length: 24451
date: Sat, 18 Nov 2023 00:25:44 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 726103408
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-est-1.png
212.47.222.22 1.6 kB URL static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-est-1.png
IP 212.47.222.22:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 430 x 20, 4-bit colormap, non-interlaced\012- data
Hash dcb8605fdeee97d9f57483401d3b5c77
1fd628c3554e651b96183ec599964ca5f15ae8fc
f80ebf95d1bf5561a22540ef15af2d18f0a16df72b461c7f9abf81c0e9b8e1a7
GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-est-1.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1793107396"
last-modified: Thu, 16 Nov 2023 09:49:38 GMT
content-length: 1580
date: Sat, 18 Nov 2023 00:25:58 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 867891860
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-hind.png
212.47.222.22 1.5 kB URL static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-hind.png
IP 212.47.222.22:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 183 x 85, 8-bit colormap, non-interlaced\012- data
Hash 5ed39dafed0f85ee73b66293f53d1d65
32525648c9336de3fd12566fa88c0ac9bb49b492
a542aa385925bf99ba0071275dee27a80d36fb255e4384f337213fb4fd33d5fc
GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-hind.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "200709162"
last-modified: Thu, 16 Nov 2023 09:49:38 GMT
content-length: 1476
date: Sat, 18 Nov 2023 00:25:42 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 877444074
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-pic.png
212.47.222.22 24 kB URL static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-pic.png
IP 212.47.222.22:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 191 x 212, 8-bit colormap, non-interlaced\012- data
Hash 0f6df0e2a99e301d31c23eb5fdb2821d
ac728ae3ec1d26030c1792aa5769c5988373c445
9ef84892439181262952bf9ec897d3047bda9fe887b7ccf690c015c63db75a5b
GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-pic.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "631513606"
last-modified: Thu, 16 Nov 2023 09:49:38 GMT
content-length: 23603
date: Sat, 18 Nov 2023 00:25:58 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 850896079
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-est.png
212.47.222.22 1.6 kB URL static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-est.png
IP 212.47.222.22:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 459 x 20, 4-bit colormap, non-interlaced\012- data
Hash f405ccd9bc811e7b425db042cc87cae8
1d0982c7eb344a9c5e5190075137afb069968a98
619f56a1e00a0e6669d04cfb3a40c4b0ab489a5244fb4c0cd2722f6fe58b2f6b
GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-est.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2858560924"
last-modified: Thu, 16 Nov 2023 09:49:38 GMT
content-length: 1639
date: Sat, 18 Nov 2023 00:25:58 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 726103411
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-hind.png
212.47.222.22200 OK 1.6 kB URL GET HTTP/2 static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-hind.png
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
File type PNG image data, 183 x 85, 8-bit colormap, non-interlaced\012- data
Hash ed31899f3a5ad7d063a49939b18be2fe
18089afa6ba79161a622996c0aa5ea858b86eeb1
4b0ec3a07d0f688c34df83422d51b233bb0abaeb6080141d039d9ce9f2cb6593
GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-hind.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "855136650"
last-modified: Thu, 16 Nov 2023 09:49:38 GMT
content-length: 1626
date: Sat, 18 Nov 2023 00:25:44 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 877444077
age: 0
X-Firefox-Spdy: h2
banner.hookusbookus.com/config/config.js?v=1
3.124.150.20 75 B URL banner.hookusbookus.com/config/config.js?v=1
IP 3.124.150.20:0
Hash ee16e21326dec006274a554647c4d759
8e4389c35e12ea6d1e4d7214c174fda343047865
5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f
GET /config/config.js?v=1 HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 18 Nov 2023 00:26:10 GMT
content-type: application/javascript
content-length: 75
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
etag: "63cfe903-4b"
accept-ranges: bytes
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/prices-bg-3.png
3.124.150.20 2.4 kB URL banner.hookusbookus.com/assets/image/prices-bg-3.png
IP 3.124.150.20:0
File type PNG image data, 250 x 118, 8-bit/color RGBA, non-interlaced\012- data
Hash ef56eff9c1246b25c0088c156116ae05
21f5a8245443365c960a196d005277a3c5ef4709
be624625b85909d1b549672c0a13b167751f842e035c3156f1d5e4a1b677ce54
GET /assets/image/prices-bg-3.png HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 18 Nov 2023 00:26:10 GMT
content-type: image/png
content-length: 2442
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-98a"
accept-ranges: bytes
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
3.124.150.20 53 kB URL banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
IP 3.124.150.20:0
File type Web Open Font Format, TrueType, length 53104, version 1.500\012- data
Hash 4f5975fe17a8ca74963be0165ff6a443
4bca2ab6c3da2b6ae09602601adeac22e7a90381
5b8f98e0c93afef19bd64c3dea2a16d60dc1574e5a4a79b788ef03b9eb3c22df
GET /assets/fonts/greycliff-cf-regular.woff HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 18 Nov 2023 00:26:10 GMT
content-type: font/woff
content-length: 53104
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-cf70"
accept-ranges: bytes
X-Firefox-Spdy: h2
banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
3.124.150.20 67 kB URL banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 3.124.150.20:0
File type gzip compressed data, from Unix\012- data
Hash 9db4f4d24bc947fa1be4fa7d1d289214
69c3c2644f35d0583f6af8f11caa9cd9fde8dd49
20eae81a9273d63fc9e25ef00f9bf70d43632f0fb03841a49a8e86035b14f735
GET /index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 18 Nov 2023 00:26:10 GMT
content-type: text/html
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
vary: Accept-Encoding
etag: W/"63cfe903-1781"
content-encoding: gzip
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/nPEAWYJLUSat8p4TwADQ.jpg
143.204.42.129200 OK 63 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/nPEAWYJLUSat8p4TwADQ.jpg
IP 143.204.42.129:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash 9d39df13669f4b0a37f1ec935fcf07c1
bee556a5a2eb792bc07095365d7ce55e0f20c488
c4ae0112f49b2e7eec621163661ab594d1deab9e18f27dfe9c37f212d5292ebd
GET /hotelliveeb/images/general/1/nPEAWYJLUSat8p4TwADQ.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 62663
date: Fri, 17 Nov 2023 23:27:18 GMT
last-modified: Mon, 20 Dec 2021 05:01:37 GMT
etag: "9d39df13669f4b0a37f1ec935fcf07c1"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: a5qPs2M4TYkBhi6WZFI0DNaALsZQsjFulSzMXHl2URUwZLlStJRA4g==
age: 3539
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.22200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=79a1c098136558b43368e93811a0fd44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 18 Nov 2023 00:25:53 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 805212427
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2bY5oiw4fyrAwn75trUE1bqspeCQ9uTRSMQOvtTdOJeWFA4xtXAzUZpt8hxla7Gk7a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
212.47.222.22 0 B URL serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2bY5oiw4fyrAwn75trUE1bqspeCQ9uTRSMQOvtTdOJeWFA4xtXAzUZpt8hxla7Gk7a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
IP 212.47.222.22:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2bY5oiw4fyrAwn75trUE1bqspeCQ9uTRSMQOvtTdOJeWFA4xtXAzUZpt8hxla7Gk7a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=79a1c098136558b43368e93811a0fd44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 18 Nov 2023 00:25:50 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 819162138
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.22 0 B URL serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.22:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=79a1c098136558b43368e93811a0fd44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 18 Nov 2023 00:26:06 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 764365794
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2bY5oiw4fyrAwn75trUE1bqspeCQ9uTRSMQOvtTdOJeWFA4xtXAzUZpt8hxla7Gk7a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.22 0 B URL serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2bY5oiw4fyrAwn75trUE1bqspeCQ9uTRSMQOvtTdOJeWFA4xtXAzUZpt8hxla7Gk7a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.22:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2bY5oiw4fyrAwn75trUE1bqspeCQ9uTRSMQOvtTdOJeWFA4xtXAzUZpt8hxla7Gk7a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=79a1c098136558b43368e93811a0fd44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 18 Nov 2023 00:25:53 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 832129727
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/rimijoulukataloog1000x200est_hype_generated_script.js?50933
212.47.222.22200 OK 8.2 kB URL GET HTTP/2 static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/rimijoulukataloog1000x200est_hype_generated_script.js?50933
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
File type ASCII text, with very long lines (8966), with no line terminators
Hash 62d26f2e0063b7c52102dfa1e6d10aea
01b2a8e575b70f7661113557297fa84ab5907840
98e64a0cf024c9f1311cf800982867284d1819d004aee066608a359e2dc9212e
GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/rimijoulukataloog1000x200est_hype_generated_script.js?50933 HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "849680914"
last-modified: Thu, 16 Nov 2023 09:49:38 GMT
content-length: 8161
date: Sat, 18 Nov 2023 00:25:44 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 884652809
age: 0
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/pxsDq6wPqej3c4rCsSZ0.jpg
143.204.42.211421 Misdirected Request 59 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/pxsDq6wPqej3c4rCsSZ0.jpg
IP 143.204.42.211:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash fbddc409b98c0f668bb1ee09bbe260da
24e9827e9c3a061226d664dc973f8d49b7ee1fe3
96701d3fca8ccd83350be02117fc3d86636a6e378f4f4462bab21587aa26b762
GET /hotelliveeb/images/general/1/pxsDq6wPqej3c4rCsSZ0.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 421 Misdirected Request
server: CloudFront
date: Sat, 18 Nov 2023 00:26:10 GMT
content-type: text/html
content-length: 1003
x-cache: Error from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ujqf4lTsnuiUfYkYbmPBJIuFIwwzC0ygzIJsI_E58OypnF3Zy4Qiyg==
X-Firefox-Spdy: h2
banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
3.124.150.20200 OK 27 kB URL GET HTTP/2 banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
IP 3.124.150.20:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /package-feed?language=et_ee&utmSource=allmedia HTTP/1.1
Host: banner-server.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://banner.hookusbookus.com
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 18 Nov 2023 00:26:10 GMT
content-type: application/json
access-control-allow-origin: https://banner.hookusbookus.com
access-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate
access-control-allow-credentials: true
access-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
X-Firefox-Spdy: h2
static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
212.47.222.22200 OK 3.8 kB URL GET HTTP/2 static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4204), with no line terminators
Hash ff2334419a0ead85454249f977c0c6ac
ce322ef758a08386a6d7924627897ef42b9e53ad
a55642be49c8fbd3842d8d1dc1961430e118aa88d71b50f1ae9ce5dbcf181689
GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138&banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
etag: "2330996668"
last-modified: Thu, 16 Nov 2023 09:49:38 GMT
content-length: 3775
date: Sat, 18 Nov 2023 00:25:57 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 726103405
age: 0
X-Firefox-Spdy: h2