upload.ee/download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar
285 B URL upload.ee/download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f14b03562dc7862800230059bcd0db22
f36b399f3569b34ee27dfac77fa4cf3695c2dedf
c6add8184ca4f018d3f9c0c755eb17b808683c9e59f7ebf2772ce4f0c93c2f38
GET /download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar HTTP/1.1
Host: upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 14 Sep 2023 22:30:23 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 285
Connection: keep-alive
Keep-Alive: timeout=5
Location: http://www.upload.ee/download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar
www.upload.ee/download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar
0 B URL www.upload.ee/download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 14 Sep 2023 22:30:23 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
Location: https://www.upload.ee/download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar
www.upload.ee/download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar
385 B URL www.upload.ee/download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385), with no line terminators
Hash 4d5a7da6269d5b263cc4dc11dd74f490
1f35278dcf00e6893b2f8cbe162efc8a1a2e0731
b4b63ace9e3433f10b25f8e517d8dca74d4071a3c06df53e4ed205a3595ad69e
GET /download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 14 Sep 2023 22:30:24 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 385
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
www.upload.ee/download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar
385 B URL www.upload.ee/download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385), with no line terminators
Hash 4d5a7da6269d5b263cc4dc11dd74f490
1f35278dcf00e6893b2f8cbe162efc8a1a2e0731
b4b63ace9e3433f10b25f8e517d8dca74d4071a3c06df53e4ed205a3595ad69e
GET /download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 14 Sep 2023 22:30:24 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 385
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
200 OK 9.0 kB URL User Request GET HTTP/1.1 www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
IP
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4526)
Hash 930959ac8ef039e66fa335c8828b6ad7
ce8b9c7e779453bc981941315570c2010e6f2390
92ffbfb568c3b24ed54c06ff6c4d5429c11b9261b06b4ebfcdc397bd224f0d80
GET /files/15669277/KeyGen_-_BTCR.rar.html HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/download/15669277/40d1651a77ea1d8a0a10/keygen_-_btcr.rar
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Sep 2023 22:30:24 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8955
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 15 Sep 2023 01:30:24 +0300
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
Set-Cookie: lng=eng; expires=Thu, 12-Oct-2023 22:30:24 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None
Content-Encoding: gzip
www.upload.ee/static/ubr__style.css
200 OK 2.9 kB URL GET HTTP/1.1 www.upload.ee/static/ubr__style.css
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (591), with CRLF line terminators
Hash 3ba04e290212b44bcca8f10a60a4e879
a9b021c9019bdbb28250836039b2372a1b4d0f0f
f618b1c7be10c3203620d44c6f323be5b61ac10e67588d96cb69988b3173c7d2
GET /static/ubr__style.css HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Cookie: lng=eng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Sep 2023 22:30:24 GMT
Content-Type: text/css
Last-Modified: Fri, 04 Oct 2013 10:02:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"524e9233-25a0"
Expires: Thu, 21 Sep 2023 22:30:24 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
472 B IP
Hash f0c3764846e94d980dac7b0bcaf1370a
bd130bc50dfca28ca3da931d18182ef12248b48d
def6874f90d7dbbb6e0df2c5e6cd18c9398b8f8324f5bd765319387d47ef2467
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 14 Sep 2023 22:30:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upload.ee/js/js__file_upload.js
200 OK 27 kB URL GET HTTP/1.1 www.upload.ee/js/js__file_upload.js
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (1853)
Hash 617f6d5a2744bc8c02e3d2c67544bd68
f57c068257c8bc85644d3be1e845c36506cd4625
62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658
GET /js/js__file_upload.js HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Cookie: lng=eng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Sep 2023 22:30:24 GMT
Content-Type: application/javascript
Content-Length: 27351
Last-Modified: Thu, 07 May 2020 19:13:28 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "5eb45dd8-6ad7"
Expires: Thu, 21 Sep 2023 22:30:24 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Accept-Ranges: bytes
www.upload.ee/images/dl_.png
200 OK 1.9 kB URL GET HTTP/1.1 www.upload.ee/images/dl_.png
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type PNG image data, 154 x 32, 8-bit colormap, non-interlaced\012- data
Hash f3e8f284a4e98cdb91b6abfc142d94a4
fa9e618c2f56bea752ddd7e45a372c5539dadda9
2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882
GET /images/dl_.png HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Sep 2023 22:30:24 GMT
Content-Type: image/png
Content-Length: 1900
Last-Modified: Thu, 01 Dec 2016 09:37:27 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "583fef57-76c"
Expires: Thu, 21 Sep 2023 22:30:24 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.upload.ee/images/arrow.gif
200 OK 59 B URL GET HTTP/1.1 www.upload.ee/images/arrow.gif
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 6 x 9\012- data
Hash 6675f814b94f13f91f1383707b250e36
31452650e8fce2095613a2010799bdb7548bdd51
061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411
GET /images/arrow.gif HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Sep 2023 22:30:24 GMT
Content-Type: image/gif
Content-Length: 59
Last-Modified: Sun, 14 Apr 2013 07:15:01 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "516a5775-3b"
Expires: Thu, 21 Sep 2023 22:30:24 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.googletagmanager.com/gtag/js?id=UA-6703115-1
200 OK 52 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-6703115-1
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File type ASCII text, with very long lines (2271)
Hash 993d66266c5ca6a50a635c143300df5f
ac0397cc0c8f83fbd67a18faed4191732c772821
6e8da8fb747f7c94c326d41e21d9a27d6e3dda3a3d010d01b7a98e21b1b9729f
GET /gtag/js?id=UA-6703115-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 14 Sep 2023 22:30:24 GMT
expires: Thu, 14 Sep 2023 22:30:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51491
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
472 B IP
Hash f0c3764846e94d980dac7b0bcaf1370a
bd130bc50dfca28ca3da931d18182ef12248b48d
def6874f90d7dbbb6e0df2c5e6cd18c9398b8f8324f5bd765319387d47ef2467
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 14 Sep 2023 22:30:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
du0pud0sdlmzf.cloudfront.net/?dupud=997369
200 OK 118 kB URL GET HTTP/2 du0pud0sdlmzf.cloudfront.net/?dupud=997369
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 118 kB (117734 bytes)
Hash e4758febf8d37c3aadb52b77400f35f6
31e84a3bd2551047b7a0eba82b7e8fb7a9321520
2c6af949302dc70bffa78f631828be22f2d40d3d46211ac4fd36913b4dbeef4c
GET /?dupud=997369 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 117734
date: Thu, 14 Sep 2023 22:30:24 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ShG5BqpL3Bz6CuYf3UbKpiuPrzKhQQ8xPzQZbhofVufB5KeYoW0qhA==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
200 OK 86 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File type ASCII text, with very long lines (3034)
Hash 7161133f75f177bed7b567b6de3bbfff
a9b4bfbba116ec69c188b3f7722c961a8f9f41ef
b8ce708faa0fefd8259aba73f8039f2ce3d4e10143ef306c83696c42d6ff8c15
GET /gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 14 Sep 2023 22:30:24 GMT
expires: Thu, 14 Sep 2023 22:30:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
everalmefarketing.info/T3NKOEtgTClLdis1EHAuBwMHYgMZMh59HSgQeg0bHTQAQR8aBGxMIitOcwF8e0NyHjsmF3cJc2kAPlk/OgB3CW0mHSxXdmkFdwllf114Fn9pBncJbTsDK192flU6TD8jTnsOcntEeQh9fUZ6DXM
204 No Content 0 B URL GET HTTP/2 everalmefarketing.info/T3NKOEtgTClLdis1EHAuBwMHYgMZMh59HSgQeg0bHTQAQR8aBGxMIitOcwF8e0NyHjsmF3cJc2kAPlk/OgB3CW0mHSxXdmkFdwllf114Fn9pBncJbTsDK192flU6TD8jTnsOcntEeQh9fUZ6DXM
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjecteveralmefarketing.info
Fingerprint19:19:D5:41:8A:08:61:6C:F2:5F:69:91:D0:9A:A8:6A:F8:73:9B:B5
ValidityMon, 04 Sep 2023 06:52:52 GMT - Sun, 03 Dec 2023 06:52:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /T3NKOEtgTClLdis1EHAuBwMHYgMZMh59HSgQeg0bHTQAQR8aBGxMIitOcwF8e0NyHjsmF3cJc2kAPlk/OgB3CW0mHSxXdmkFdwllf114Fn9pBncJbTsDK192flU6TD8jTnsOcntEeQh9fUZ6DXM HTTP/1.1
Host: everalmefarketing.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 14 Sep 2023 22:30:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F79%2FO4Z5%2BqXhSpvfKyjxiOhs1QfBMqVkWGjNw2qkmd%2BS9rSoXWrQ80Wh7leQNUgMgUYCSj01Yq4Y0gvEpzAlhdnwIJbKU0%2ByeCAJQjMts5JvS%2BpzDMecFYRhkFN8Bz0OypaKsEdlO2TM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 806c13066e1056bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
everalmefarketing.info/WlpDUDd1ZSAjCj4wLwFjawwLE1oybxkFVAo7G2FDCAsvPFE3C2UkXj5nemkAaWx6dkczPn5hESkuIiRCKWdydl40PCxtESxncn4EbnRwZBlqfDZtBnwuMzFQZ2tlIEMuNn5hAWNudGMHbGh2YARt
204 No Content 0 B URL GET HTTP/2 everalmefarketing.info/WlpDUDd1ZSAjCj4wLwFjawwLE1oybxkFVAo7G2FDCAsvPFE3C2UkXj5nemkAaWx6dkczPn5hESkuIiRCKWdydl40PCxtESxncn4EbnRwZBlqfDZtBnwuMzFQZ2tlIEMuNn5hAWNudGMHbGh2YARt
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjecteveralmefarketing.info
Fingerprint19:19:D5:41:8A:08:61:6C:F2:5F:69:91:D0:9A:A8:6A:F8:73:9B:B5
ValidityMon, 04 Sep 2023 06:52:52 GMT - Sun, 03 Dec 2023 06:52:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WlpDUDd1ZSAjCj4wLwFjawwLE1oybxkFVAo7G2FDCAsvPFE3C2UkXj5nemkAaWx6dkczPn5hESkuIiRCKWdydl40PCxtESxncn4EbnRwZBlqfDZtBnwuMzFQZ2tlIEMuNn5hAWNudGMHbGh2YARt HTTP/1.1
Host: everalmefarketing.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 14 Sep 2023 22:30:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QaSdvvegZMVgk3sB4kpSHPJhmTek%2BmuWxhxaOrPcFajK3OUNhwsB6Z60vJagSehVfiNi3o2IDpgwwJFqectEvzjLm7xEHmul%2B4c11HzI4%2FWizHW5locDiCmGmfgi8dy4Cgbij1qC85og"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 806c13065e0f56bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
everalmefarketing.info/MXdXTDkeSDQ/BGYzBQZoADElDQoIDQ0hSnIRHxZJUCYNO1p2PnE4UFVKbnUOBUZjaklYE2p9H0IDNjhMQkpmalBfEThxH0dKZmIKBVlkeBcBUSJxCBcDJy1eDEZxPE1FG2p9DwhDYH8JB0VifA4C
204 No Content 0 B URL GET HTTP/2 everalmefarketing.info/MXdXTDkeSDQ/BGYzBQZoADElDQoIDQ0hSnIRHxZJUCYNO1p2PnE4UFVKbnUOBUZjaklYE2p9H0IDNjhMQkpmalBfEThxH0dKZmIKBVlkeBcBUSJxCBcDJy1eDEZxPE1FG2p9DwhDYH8JB0VifA4C
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjecteveralmefarketing.info
Fingerprint19:19:D5:41:8A:08:61:6C:F2:5F:69:91:D0:9A:A8:6A:F8:73:9B:B5
ValidityMon, 04 Sep 2023 06:52:52 GMT - Sun, 03 Dec 2023 06:52:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MXdXTDkeSDQ/BGYzBQZoADElDQoIDQ0hSnIRHxZJUCYNO1p2PnE4UFVKbnUOBUZjaklYE2p9H0IDNjhMQkpmalBfEThxH0dKZmIKBVlkeBcBUSJxCBcDJy1eDEZxPE1FG2p9DwhDYH8JB0VifA4C HTTP/1.1
Host: everalmefarketing.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 14 Sep 2023 22:30:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4vh2YswsMVWta027Nco770Y6rD6NhWAUibqb%2FH8DkuHtARSP%2BHAvrebqI2bACNZ9Ha%2F6UBkIgVQOfbi497sCyY0e4eR5h43b9hApZkcm4pLSQLWONb7jqeX%2FiSWsoOuyHzmcQIHLsV%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 806c13067e1556bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
otorwardsoffhdgat.com/eXExbkUYE1IDehhMU0gwCx0MS3c/VAMoIQxBQRshSQJVAigDFx8NKRYEVQg3Fh9FQCscBRRcAzcnXCgUL0NGXwETRUk7PDA4fyk1LxMANC4jQGMZBgA8BS8sIxJ/OgwUPVYdcjsGdBcLOhp+PgYoQ1UHCC48XRYiGiBwXQEDFUA9LzQhfFw1HRJwL3U3J3cHFwAkAzsRCj56BHE4PlYsdCMiQQQRSzNINigjO3opHx0SACcWGh0EAwEtGgQpFkw0aAMmLBNdDRUgJ1kUEBE7SDYoICV7AA8fNwAsIhsaewMWMSddNgE8NHwUMj0SACMSIydJABAuXHMDHT4VdDcoGjphFghIPGAjMCs2eDwdLhVgCCgdOnhfPRFXWx0qFwEMCyAzCVsFFRQVZBccKQNm
200 OK 1.2 kB URL GET HTTP/2 otorwardsoffhdgat.com/eXExbkUYE1IDehhMU0gwCx0MS3c/VAMoIQxBQRshSQJVAigDFx8NKRYEVQg3Fh9FQCscBRRcAzcnXCgUL0NGXwETRUk7PDA4fyk1LxMANC4jQGMZBgA8BS8sIxJ/OgwUPVYdcjsGdBcLOhp+PgYoQ1UHCC48XRYiGiBwXQEDFUA9LzQhfFw1HRJwL3U3J3cHFwAkAzsRCj56BHE4PlYsdCMiQQQRSzNINigjO3opHx0SACcWGh0EAwEtGgQpFkw0aAMmLBNdDRUgJ1kUEBE7SDYoICV7AA8fNwAsIhsaewMWMSddNgE8NHwUMj0SACMSIydJABAuXHMDHT4VdDcoGjphFghIPGAjMCs2eDwdLhVgCCgdOnhfPRFXWx0qFwEMCyAzCVsFFRQVZBccKQNm
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerAmazon
Subjectotorwardsoffhdgat.com
FingerprintBC:57:08:75:C4:48:43:22:6C:E1:2E:85:79:73:4C:DD:D0:4D:02:0E
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3005), with no line terminators
Hash 5e6c12ac7e666ca4554be9912ac03561
388240a998d656843411373f82dc9751e6b38e65
5e667c44e0c3ddee7535a62e5e3d641f9df17c8136db5ce67314f5b17a844eea
GET /eXExbkUYE1IDehhMU0gwCx0MS3c/VAMoIQxBQRshSQJVAigDFx8NKRYEVQg3Fh9FQCscBRRcAzcnXCgUL0NGXwETRUk7PDA4fyk1LxMANC4jQGMZBgA8BS8sIxJ/OgwUPVYdcjsGdBcLOhp+PgYoQ1UHCC48XRYiGiBwXQEDFUA9LzQhfFw1HRJwL3U3J3cHFwAkAzsRCj56BHE4PlYsdCMiQQQRSzNINigjO3opHx0SACcWGh0EAwEtGgQpFkw0aAMmLBNdDRUgJ1kUEBE7SDYoICV7AA8fNwAsIhsaewMWMSddNgE8NHwUMj0SACMSIydJABAuXHMDHT4VdDcoGjphFghIPGAjMCs2eDwdLhVgCCgdOnhfPRFXWx0qFwEMCyAzCVsFFRQVZBccKQNm HTTP/1.1
Host: otorwardsoffhdgat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1163
date: Thu, 14 Sep 2023 22:30:25 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 472198048b2177f6905d44f001875bcc.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: KDgx8VmqWtvg7p-62xqUl3XZz1syv3rfAu0CBYJ56nymZSBNmx39Ag==
X-Firefox-Spdy: h2
otorwardsoffhdgat.com/U2lEbGgyCycBVzJUJkodIQV5SVoVTHYqDCZZNBkMYxogAAUpD2oPBDwcIAoaPAcwQgY2HWFeLh4IAggcB1twICcSJDQ5OiRMdi4rCyMcOT8RMyIAGBw5FlgPEissHSwrPBQpOWoPIhtYJC4CXFkRBXAJK2ECJSkCHTgiXA8WJyMhBwZZcBUpKhEQOzAWJA8bEAUwdB9fGw4nVD0XCiUpLBYICC05GyYGCBgUHigdKRAoES08ICsIBxwyLBIEAAsCdQAwBAoTOz8JICIvEB0zElwCER4dBS4EGSc7K2o/ITguNjB0BFAfLHUAMAdZHTg/AhoiAF0BDBJBWT46dRwGEAArIikpAQ0KOzsIHl0QdlsCNAQ/BxwrGDA+ACktAzg3IycRPzU0K2YEHCRdEj4MKTEwBXxKAiAGKhxVMTMlFTBhWSc0J2MTLFohNQ
200 OK 1.2 kB URL GET HTTP/2 otorwardsoffhdgat.com/U2lEbGgyCycBVzJUJkodIQV5SVoVTHYqDCZZNBkMYxogAAUpD2oPBDwcIAoaPAcwQgY2HWFeLh4IAggcB1twICcSJDQ5OiRMdi4rCyMcOT8RMyIAGBw5FlgPEissHSwrPBQpOWoPIhtYJC4CXFkRBXAJK2ECJSkCHTgiXA8WJyMhBwZZcBUpKhEQOzAWJA8bEAUwdB9fGw4nVD0XCiUpLBYICC05GyYGCBgUHigdKRAoES08ICsIBxwyLBIEAAsCdQAwBAoTOz8JICIvEB0zElwCER4dBS4EGSc7K2o/ITguNjB0BFAfLHUAMAdZHTg/AhoiAF0BDBJBWT46dRwGEAArIikpAQ0KOzsIHl0QdlsCNAQ/BxwrGDA+ACktAzg3IycRPzU0K2YEHCRdEj4MKTEwBXxKAiAGKhxVMTMlFTBhWSc0J2MTLFohNQ
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerAmazon
Subjectotorwardsoffhdgat.com
FingerprintBC:57:08:75:C4:48:43:22:6C:E1:2E:85:79:73:4C:DD:D0:4D:02:0E
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3029), with no line terminators
Hash 5f14f98b3dd3d0b3661b66ed46c6868e
6b09d18a14936e6ecbec52bd7a4829ca9ce41f8a
f23487650434b4d82849f4d3a590de92d9adc30fcf447648f6ac95a9ad61405f
GET /U2lEbGgyCycBVzJUJkodIQV5SVoVTHYqDCZZNBkMYxogAAUpD2oPBDwcIAoaPAcwQgY2HWFeLh4IAggcB1twICcSJDQ5OiRMdi4rCyMcOT8RMyIAGBw5FlgPEissHSwrPBQpOWoPIhtYJC4CXFkRBXAJK2ECJSkCHTgiXA8WJyMhBwZZcBUpKhEQOzAWJA8bEAUwdB9fGw4nVD0XCiUpLBYICC05GyYGCBgUHigdKRAoES08ICsIBxwyLBIEAAsCdQAwBAoTOz8JICIvEB0zElwCER4dBS4EGSc7K2o/ITguNjB0BFAfLHUAMAdZHTg/AhoiAF0BDBJBWT46dRwGEAArIikpAQ0KOzsIHl0QdlsCNAQ/BxwrGDA+ACktAzg3IycRPzU0K2YEHCRdEj4MKTEwBXxKAiAGKhxVMTMlFTBhWSc0J2MTLFohNQ HTTP/1.1
Host: otorwardsoffhdgat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1183
date: Thu, 14 Sep 2023 22:30:25 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 472198048b2177f6905d44f001875bcc.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: ISLgWHgspgVuBhfiMVLUova55mji29ZnQ0FWSwWXfcrE-e74vqhb8A==
X-Firefox-Spdy: h2
otorwardsoffhdgat.com/b0lheHAOKwIVTw50A14FHSVcXUIpbFM+FBp5EQ0UXzoFFB0VL08bHAA8BR4CACcVVh4KPURKNjsYUCI3Ph4SHz88Lg8uNAxsUz45ATEyHR0peAVJOgMZJS0FLR0vCjEVOlU8JC46BRE5PA8ZQD47HQILOQExAyIkACctDwhKeyMbMyI/IjBFARAiOSAmHhUBKhdxGzcjXnEkAhMaACUhOSQdCgg/X3lTNkMcOiM8G0p7JzMZXwI7FSEuLSQuCgx6MwAhFT0PHEI9ECAgPl8qMBsBIA0sTSQBDwwoHgMtKT8yFhMnHzIMejMANzsfGxwhLSgCSkkAKjQyHTUBTCEdKyAgQTs4Gzs6Jz17Aj4EFRNSIgc7JycVOSwuOzIaLjkuLUUXDCkcBzgkUBUpKxs2GxdJIxIXHh90JAIjIS8LTzk+CDg0
200 OK 1.2 kB URL GET HTTP/2 otorwardsoffhdgat.com/b0lheHAOKwIVTw50A14FHSVcXUIpbFM+FBp5EQ0UXzoFFB0VL08bHAA8BR4CACcVVh4KPURKNjsYUCI3Ph4SHz88Lg8uNAxsUz45ATEyHR0peAVJOgMZJS0FLR0vCjEVOlU8JC46BRE5PA8ZQD47HQILOQExAyIkACctDwhKeyMbMyI/IjBFARAiOSAmHhUBKhdxGzcjXnEkAhMaACUhOSQdCgg/X3lTNkMcOiM8G0p7JzMZXwI7FSEuLSQuCgx6MwAhFT0PHEI9ECAgPl8qMBsBIA0sTSQBDwwoHgMtKT8yFhMnHzIMejMANzsfGxwhLSgCSkkAKjQyHTUBTCEdKyAgQTs4Gzs6Jz17Aj4EFRNSIgc7JycVOSwuOzIaLjkuLUUXDCkcBzgkUBUpKxs2GxdJIxIXHh90JAIjIS8LTzk+CDg0
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerAmazon
Subjectotorwardsoffhdgat.com
FingerprintBC:57:08:75:C4:48:43:22:6C:E1:2E:85:79:73:4C:DD:D0:4D:02:0E
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3020), with no line terminators
Hash 93cc4bc7554894c28f49e5f8107fe1bc
a0b7f4ba79426e08f817aab02254f1ce99470562
50f6335399bb2b2ccecb51c62273afa6a8618804e8359fd2765a535abaf2c10c
GET /b0lheHAOKwIVTw50A14FHSVcXUIpbFM+FBp5EQ0UXzoFFB0VL08bHAA8BR4CACcVVh4KPURKNjsYUCI3Ph4SHz88Lg8uNAxsUz45ATEyHR0peAVJOgMZJS0FLR0vCjEVOlU8JC46BRE5PA8ZQD47HQILOQExAyIkACctDwhKeyMbMyI/IjBFARAiOSAmHhUBKhdxGzcjXnEkAhMaACUhOSQdCgg/X3lTNkMcOiM8G0p7JzMZXwI7FSEuLSQuCgx6MwAhFT0PHEI9ECAgPl8qMBsBIA0sTSQBDwwoHgMtKT8yFhMnHzIMejMANzsfGxwhLSgCSkkAKjQyHTUBTCEdKyAgQTs4Gzs6Jz17Aj4EFRNSIgc7JycVOSwuOzIaLjkuLUUXDCkcBzgkUBUpKxs2GxdJIxIXHh90JAIjIS8LTzk+CDg0 HTTP/1.1
Host: otorwardsoffhdgat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1174
date: Thu, 14 Sep 2023 22:30:25 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 472198048b2177f6905d44f001875bcc.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: hVk2Uln71qgNJFevHFsma3PHEXRixK7rWg2M4i330hjF-Wm_tT6Zkw==
X-Firefox-Spdy: h2
www.upload.ee/favicon.ico
200 OK 1.2 kB URL GET HTTP/1.1 www.upload.ee/favicon.ico
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f299cf2e651c19e48d27900ced493ccb
c2d1086d517d7a26292e0d7b32da7c55b166c23b
115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1
GET /favicon.ico HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Cookie: lng=eng; _ga_LT9YQX0N49=GS1.1.1694730625.1.0.1694730625.0.0.0; _ga=GA1.1.616281105.1694730625
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 14 Sep 2023 22:30:25 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 16 Dec 2008 17:17:25 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "4947e2a5-47e"
Expires: Thu, 21 Sep 2023 22:30:25 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
472 B IP
Hash ee0f92218205242a6e420518d0faaef7
2b3f45f59f49d1e137a1a13c66f50cd208e36f81
fbb80ae3a52f28385b7f6690e480b2272923381d43c56162d3ccace1cc5c6c64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 14 Sep 2023 22:30:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
472 B IP
Hash ee0f92218205242a6e420518d0faaef7
2b3f45f59f49d1e137a1a13c66f50cd208e36f81
fbb80ae3a52f28385b7f6690e480b2272923381d43c56162d3ccace1cc5c6c64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 14 Sep 2023 22:30:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint75:5C:17:06:78:FB:DD:37:D1:56:96:14:FC:26:4B:66:26:5F:D9:9D
ValidityMon, 14 Aug 2023 08:23:05 GMT - Mon, 06 Nov 2023 08:23:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:uqV-zLs_xmsIFy8abJSJAXE80EUJeg:7irRcy4zrtn7uj8_; Expires=Sat, 13-Sep-2025 22:30:25 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 14 Sep 2023 22:30:25 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhexitHOe30YVzRgAxRv5RU6peaXoCOWjcwZ4QfzvqbS7jAIRjqzMRCLoUk5J9g3rKI9KUM0FQ
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-FOq7XIkqzG-F5p8D6DRceQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint75:5C:17:06:78:FB:DD:37:D1:56:96:14:FC:26:4B:66:26:5F:D9:9D
ValidityMon, 14 Aug 2023 08:23:05 GMT - Mon, 06 Nov 2023 08:23:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:DQHjaXTWRQt1dJbvQGjjLLJdcT61CA:0YpCYkxoT0v0eAoc; Expires=Sat, 13-Sep-2025 22:30:25 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 14 Sep 2023 22:30:25 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhfei1F-i8nZdx1-twhExJbGLRZuN9cI6PozXkep2DoWqNg8o8ZaVWsTBq6BPgSdW5XVEVAabg
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-sjOWuisQtwmlAVGPNUBORQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
otorwardsoffhdgat.com/utx?cb=syr2EMtOOF4x&top=www.upload.ee&tid=997369
204 No Content 0 B URL GET HTTP/2 otorwardsoffhdgat.com/utx?cb=syr2EMtOOF4x&top=www.upload.ee&tid=997369
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerAmazon
Subjectotorwardsoffhdgat.com
FingerprintBC:57:08:75:C4:48:43:22:6C:E1:2E:85:79:73:4C:DD:D0:4D:02:0E
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=syr2EMtOOF4x&top=www.upload.ee&tid=997369 HTTP/1.1
Host: otorwardsoffhdgat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 14 Sep 2023 22:30:25 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 14 Sep 2023 22:31:25 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 472198048b2177f6905d44f001875bcc.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: tKd5x2tA1IHip2BUhG7q2etC0AK1CyPQSjbs3wfeu5Vgeutt0nS8rg==
X-Firefox-Spdy: h2
otorwardsoffhdgat.com/utx?cb=OYKrcqN7AeFB&top=www.upload.ee&tid=997414
204 No Content 0 B URL GET HTTP/2 otorwardsoffhdgat.com/utx?cb=OYKrcqN7AeFB&top=www.upload.ee&tid=997414
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerAmazon
Subjectotorwardsoffhdgat.com
FingerprintBC:57:08:75:C4:48:43:22:6C:E1:2E:85:79:73:4C:DD:D0:4D:02:0E
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=OYKrcqN7AeFB&top=www.upload.ee&tid=997414 HTTP/1.1
Host: otorwardsoffhdgat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 14 Sep 2023 22:30:25 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 14 Sep 2023 22:31:25 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 472198048b2177f6905d44f001875bcc.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: NqqDM_T5srkI5-5J4GtWFb-tnIALWUC_Nv2l1tBmX3sDYILdQljIiw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash b25303f18eedaf68de02701aa97dfff6
3edcb88e3cad0793265c4d86f9d6bc5a38d3920e
8c6ffa470b7ea37147425874c7d6679813dd08f38b2dd7a4d33875abc53c8bcb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 14 Sep 2023 22:30:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhexitHOe30YVzRgAxRv5RU6peaXoCOWjcwZ4QfzvqbS7jAIRjqzMRCLoUk5J9g3rKI9KUM0FQ
302 Found 400 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhexitHOe30YVzRgAxRv5RU6peaXoCOWjcwZ4QfzvqbS7jAIRjqzMRCLoUk5J9g3rKI9KUM0FQ
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint75:5C:17:06:78:FB:DD:37:D1:56:96:14:FC:26:4B:66:26:5F:D9:9D
ValidityMon, 14 Aug 2023 08:23:05 GMT - Mon, 06 Nov 2023 08:23:04 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (395)
Hash 35718220829679017119cf1278edb357
6354eabc7786345f9394d4cfb67137b47d37838e
e4604d9f553f42f39c067cb6653edd7ac7a0fac2c0f401b884eff8ae356ed65d
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhexitHOe30YVzRgAxRv5RU6peaXoCOWjcwZ4QfzvqbS7jAIRjqzMRCLoUk5J9g3rKI9KUM0FQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:pX2diKyZwmZa-khgHn6NyXtDtyhupw:8_qemWrkuyJgVtdO;Path=/;Expires=Sat, 13-Sep-2025 22:30:25 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 14 Sep 2023 22:30:25 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhd0PjCkIGDBx8rsL0otsDrybgkbBAJAPJecY4r31f36ZNXmkn6xrmEMkzn8Lqfo1qFsjnsLug&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-368680077%3A1694730625442157&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-xwEYQsmSu7I-PnORXvtlgQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 400
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhfei1F-i8nZdx1-twhExJbGLRZuN9cI6PozXkep2DoWqNg8o8ZaVWsTBq6BPgSdW5XVEVAabg
302 Found 407 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhfei1F-i8nZdx1-twhExJbGLRZuN9cI6PozXkep2DoWqNg8o8ZaVWsTBq6BPgSdW5XVEVAabg
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint75:5C:17:06:78:FB:DD:37:D1:56:96:14:FC:26:4B:66:26:5F:D9:9D
ValidityMon, 14 Aug 2023 08:23:05 GMT - Mon, 06 Nov 2023 08:23:04 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (398)
Hash 328fbfa14ae24d029e9e3e49d6668146
b8bf38675dad2a09ebce45d9e3a0693102ac0811
7f1c6c83ad5fe66b11bf11c4a44eb35be64305633120fa00887801935b9c2374
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhfei1F-i8nZdx1-twhExJbGLRZuN9cI6PozXkep2DoWqNg8o8ZaVWsTBq6BPgSdW5XVEVAabg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:wgSwKWBpzobifSLTYL4OgbBfoPCaPA:ialEeu8cLGXinDQZ;Path=/;Expires=Sat, 13-Sep-2025 22:30:25 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 14 Sep 2023 22:30:25 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcMQQ6p2g645n8j9IhB5Wp3_bMSH21j0W0GeYSZVoJvfh2ELzY-hnIEKLOIj2skQyvaD9iRTw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S588193658%3A1694730625513938&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-iiQBLE0cokWdbMmxLLBu_g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 407
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
du0pud0sdlmzf.cloudfront.net/MaFdtT24LOAMpURw+CXJXUWBZflpOPR4gABhqDxUPEQ9ffw0wGF01Bl4eC2kaEjNQf0gENgMoU04yAyxTWXEMKwxVY0s7Hgc8UDcaEDEaLAQHOBdpGwlqACAUATsBLktaEVhhXk1lXWcWWWZIfCxNZV0jBwYiFWpcWC9VeTFeY0h8LE1lXT0YTWQsfl5ReV-1mS1pnCioNAzhIfShaZ1x/XllnXGpcWDEEPQsOOBVqXC5mXH5AWHEYcl8
576 B URL du0pud0sdlmzf.cloudfront.net/MaFdtT24LOAMpURw+CXJXUWBZflpOPR4gABhqDxUPEQ9ffw0wGF01Bl4eC2kaEjNQf0gENgMoU04yAyxTWXEMKwxVY0s7Hgc8UDcaEDEaLAQHOBdpGwlqACAUATsBLktaEVhhXk1lXWcWWWZIfCxNZV0jBwYiFWpcWC9VeTFeY0h8LE1lXT0YTWQsfl5ReV-1mS1pnCioNAzhIfShaZ1x/XllnXGpcWDEEPQsOOBVqXC5mXH5AWHEYcl8
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (816), with no line terminators
Hash 8e5b17558655908bb89926269cd5c8e0
ecfd1b664e20cba4d070f362b4aa6373aca67a51
5e45f33497baab9bd2c4a0d5bbfdee9f2ed82892b8a10d650a22623070742416
GET /MaFdtT24LOAMpURw+CXJXUWBZflpOPR4gABhqDxUPEQ9ffw0wGF01Bl4eC2kaEjNQf0gENgMoU04yAyxTWXEMKwxVY0s7Hgc8UDcaEDEaLAQHOBdpGwlqACAUATsBLktaEVhhXk1lXWcWWWZIfCxNZV0jBwYiFWpcWC9VeTFeY0h8LE1lXT0YTWQsfl5ReV-1mS1pnCioNAzhIfShaZ1x/XllnXGpcWDEEPQsOOBVqXC5mXH5AWHEYcl8 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://otorwardsoffhdgat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 576
date: Thu, 14 Sep 2023 22:30:25 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aL-LFEU2XCWH2JH5QfnJhd3N1-JaUGvZPRhmMViZ4MtNiSn2ShluMQ==
X-Firefox-Spdy: h2
du0pud0sdlmzf.cloudfront.net/NVmFQV2w1Dj4xUyIINGpVb1ZkZ1RwCyM4AiZcNTImLgs7BwEyNCkOPCQ2diMWMlxgcQA3DzdqSjMPM2pdcAA0NVFiRyU2UTsOKj4AOgB1ZSpjT2ByXmZJKGZdc1IScl5mDTk5GS5EYmcUblcPYVhzUhJyXmYTJnJfF1BgbkJmSHVlXDEEMzwDc1MWZVxnUW-BmXGdEYmcKPxM1MQMuRGIRXWdQfmdKI1xh
203 B URL du0pud0sdlmzf.cloudfront.net/NVmFQV2w1Dj4xUyIINGpVb1ZkZ1RwCyM4AiZcNTImLgs7BwEyNCkOPCQ2diMWMlxgcQA3DzdqSjMPM2pdcAA0NVFiRyU2UTsOKj4AOgB1ZSpjT2ByXmZJKGZdc1IScl5mDTk5GS5EYmcUblcPYVhzUhJyXmYTJnJfF1BgbkJmSHVlXDEEMzwDc1MWZVxnUW-BmXGdEYmcKPxM1MQMuRGIRXWdQfmdKI1xh
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash c1e5835df0f2d97859640460c6fa9d65
123b41514ecf5b4dfdcff5e01c48dc71ddb643e8
d4f13aa3641b539aaa332e3caa8b1f228af1563853fa68eac0bed6ae9814b1f2
GET /NVmFQV2w1Dj4xUyIINGpVb1ZkZ1RwCyM4AiZcNTImLgs7BwEyNCkOPCQ2diMWMlxgcQA3DzdqSjMPM2pdcAA0NVFiRyU2UTsOKj4AOgB1ZSpjT2ByXmZJKGZdc1IScl5mDTk5GS5EYmcUblcPYVhzUhJyXmYTJnJfF1BgbkJmSHVlXDEEMzwDc1MWZVxnUW-BmXGdEYmcKPxM1MQMuRGIRXWdQfmdKI1xh HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://otorwardsoffhdgat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 203
date: Thu, 14 Sep 2023 22:30:25 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1-8O1h5ry6oD3wSZdgUgACWomsYv39oEDroB66vmWl98jZgUoULb1g==
X-Firefox-Spdy: h2
du0pud0sdlmzf.cloudfront.net/TQ1ZGQWsgOSgnVDc/InxSemF1d1JlPDUuBTNrAzs4DTAsdiISFx8NTTcsInxbZTonLwx+cCMvCH5nYCAPIWtyZx8zOS18EzcuIDYIKTkpO002N3ssBDk/Ki0KZmQAdEVzc3RxQztnd2RYAXN0cQcqODM5TnFmPnldHGByZFgBc3RxGTVzdQBac29ocUJmZH-YmDiA9KWRZBWR2cFtzZ3ZwTnFmICgZJjApOU5xEHdwWm1mYDRWcg
608 B URL du0pud0sdlmzf.cloudfront.net/TQ1ZGQWsgOSgnVDc/InxSemF1d1JlPDUuBTNrAzs4DTAsdiISFx8NTTcsInxbZTonLwx+cCMvCH5nYCAPIWtyZx8zOS18EzcuIDYIKTkpO002N3ssBDk/Ki0KZmQAdEVzc3RxQztnd2RYAXN0cQcqODM5TnFmPnldHGByZFgBc3RxGTVzdQBac29ocUJmZH-YmDiA9KWRZBWR2cFtzZ3ZwTnFmICgZJjApOU5xEHdwWm1mYDRWcg
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (880), with no line terminators
Hash 041d5c221e5fa0e0cd404fc34fa890df
8dc3bdb8de0fedef5fdff2011911b8cea9a7577f
181704ed7111a4bd2ebcb84bc9446b6ae83871f3ca0d463f67b756bdbf8e2720
GET /TQ1ZGQWsgOSgnVDc/InxSemF1d1JlPDUuBTNrAzs4DTAsdiISFx8NTTcsInxbZTonLwx+cCMvCH5nYCAPIWtyZx8zOS18EzcuIDYIKTkpO002N3ssBDk/Ki0KZmQAdEVzc3RxQztnd2RYAXN0cQcqODM5TnFmPnldHGByZFgBc3RxGTVzdQBac29ocUJmZH-YmDiA9KWRZBWR2cFtzZ3ZwTnFmICgZJjApOU5xEHdwWm1mYDRWcg HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://otorwardsoffhdgat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 608
date: Thu, 14 Sep 2023 22:30:25 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SAu6PGBztfIjYZMhKpNrTlmRh6qy8ByvN7gPvaVGGc3IGx8Bp-nYhQ==
X-Firefox-Spdy: h2
everalmefarketing.info/dXhyakRaRxEZeSM/JCknMTYcPyonOTAtICEcQj8ILy4WXRUCOVQeLRFFS1NzQUlGTDQcHE9bYgYMEx4xBkVBWnREXhsEIhpFQlp0RF4EV3VbS0ZEd0FWQkwxSE5HXHxGTERZcURLRFlwUwwCCyNISVQaMAEUT1tyTExFWXRDSkdTcU0
204 No Content 0 B URL POST HTTP/3 everalmefarketing.info/dXhyakRaRxEZeSM/JCknMTYcPyonOTAtICEcQj8ILy4WXRUCOVQeLRFFS1NzQUlGTDQcHE9bYgYMEx4xBkVBWnREXhsEIhpFQlp0RF4EV3VbS0ZEd0FWQkwxSE5HXHxGTERZcURLRFlwUwwCCyNISVQaMAEUT1tyTExFWXRDSkdTcU0
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjecteveralmefarketing.info
Fingerprint19:19:D5:41:8A:08:61:6C:F2:5F:69:91:D0:9A:A8:6A:F8:73:9B:B5
ValidityMon, 04 Sep 2023 06:52:52 GMT - Sun, 03 Dec 2023 06:52:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /dXhyakRaRxEZeSM/JCknMTYcPyonOTAtICEcQj8ILy4WXRUCOVQeLRFFS1NzQUlGTDQcHE9bYgYMEx4xBkVBWnREXhsEIhpFQlp0RF4EV3VbS0ZEd0FWQkwxSE5HXHxGTERZcURLRFlwUwwCCyNISVQaMAEUT1tyTExFWXRDSkdTcU0 HTTP/1.1
Host: everalmefarketing.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
date: Thu, 14 Sep 2023 22:30:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6a7BvRtrn%2B5R%2FpSvTFiaVwdYnChoE5kcBSOJTTh%2BI73KrDXQ9k0N%2B197MbenMSEedCaOwZgmbnx%2BlUF7R%2FnKGWf9nyR6f3GFwM3sXS0oFlVxYp6pvDXdFIQ3pOXL8VWcULVRNJB7w3Gr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 806c130baaac568f-OSL
alt-svc: h3=":443"; ma=86400
everalmefarketing.info/popunder.gif
200 OK 2.2 kB URL GET HTTP/3 everalmefarketing.info/popunder.gif
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjecteveralmefarketing.info
Fingerprint19:19:D5:41:8A:08:61:6C:F2:5F:69:91:D0:9A:A8:6A:F8:73:9B:B5
ValidityMon, 04 Sep 2023 06:52:52 GMT - Sun, 03 Dec 2023 06:52:51 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 504f356669933a20680ab9b0639edb1c
30e39ad13c05a3ae12d36012a5f44acb0d017561
4fad84923f27fff9b5de01e058476d916a01f3015fec4602964780b6871d804d
GET /popunder.gif HTTP/1.1
Host: everalmefarketing.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 14 Sep 2023 22:30:25 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 38703
last-modified: Thu, 14 Sep 2023 11:45:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHs8bLCXAXZKNjpSU%2FQ1U9p9yxkCbGwq9j7m2l6DS19E1tXVmA%2BgxInOb7Se2NK44BSowPmbQDrXeRkIodOtZimm3yPHx8MR%2F7eX4lLaORXBJGUIafKiGXz4V9h6geKBzfwb2LgF3vRT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 806c130919af568f-OSL
alt-svc: h3=":443"; ma=86400
static.bepolite.eu/scripts/saresponsive.js
200 OK 177 kB URL GET HTTP/2 static.bepolite.eu/scripts/saresponsive.js
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type ASCII text, with very long lines (32077), with CRLF line terminators
Size 177 kB (177010 bytes)
Hash 5dd7b76b6ad78e49ab00b222a5b70ffd
f666ece92b0ecf7a97d1b3f62dee37839bb8547d
c74a8006b8d6111e0bc150c9df9bfcdcb38e432ab65080cb1443b05234b98bc2
GET /scripts/saresponsive.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "3328660138"
last-modified: Thu, 14 Sep 2023 19:59:43 GMT
content-length: 177010
date: Thu, 14 Sep 2023 22:30:16 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 390287477
age: 0
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcMQQ6p2g645n8j9IhB5Wp3_bMSH21j0W0GeYSZVoJvfh2ELzY-hnIEKLOIj2skQyvaD9iRTw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S588193658%3A1694730625513938&theme=glif
403 Forbidden 76 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcMQQ6p2g645n8j9IhB5Wp3_bMSH21j0W0GeYSZVoJvfh2ELzY-hnIEKLOIj2skQyvaD9iRTw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S588193658%3A1694730625513938&theme=glif
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5A:48:5B:27:A7:FB:0B:D6:63:83:8E:8E:80:DB:29:B7:2C:72:A8:8E
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File type gzip compressed data, max compression\012- data
Hash b094597b7b59293628e2c84b1485ea96
c71af7dc1efabfa50eb3e9772191cb7f894042d4
fb264342598fc7de7900a8e67f8ee6a40554d22226740ac3e74a50be5bc4219b
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcMQQ6p2g645n8j9IhB5Wp3_bMSH21j0W0GeYSZVoJvfh2ELzY-hnIEKLOIj2skQyvaD9iRTw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S588193658%3A1694730625513938&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 14 Sep 2023 22:30:25 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-haFa5mN9fe6A7nXj5-725Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
200 OK 2.1 kB URL GET HTTP/2 static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash e550164902f92f0e647f0a04e1f70e78
7dabb8cdd25e9e1e95db19d0eb99ce2616fcf4f7
66fc2e4838058041efd1e179ae21a300c9cad11c151e96952ec5aef6fdfbfb66
GET /banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
etag: "3764638404"
last-modified: Thu, 07 Sep 2023 08:52:50 GMT
content-length: 2141
date: Thu, 14 Sep 2023 22:22:37 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 390324621
age: 0
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 106 kB IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 106 kB (105469 bytes)
Hash 1a8863316e72c25c5da50dc2abcd14d6
91276ef54c7a644939259b23aaf5f31af91e03cd
45962c7653fb186f4d40d3c857499b5b671cc05575adbfbb2fda7cc72946046b
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 14 Sep 2023 22:30:25 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5614
last-modified: Thu, 14 Sep 2023 20:56:51 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eu%2FsByA9dgu15Gf0bmKNkNjiBYdEiYgN7FgCF4YMOyPuKao6xP9IBL%2Fdzjmn93DraCmVz%2B0ZI4lncy115ZMcOg13EAQdAGvUs5kAmZ8X8n697UrFZzVX8rslGauLaIl%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 806c1308e9467791-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/slide.png
200 OK 4.1 kB URL GET HTTP/2 static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/slide.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 1000 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash b51540f93709fa5cba5b273adaa7dfb5
07dd75d5ddfa5f5e39c6ff4978b70b82dadfbe82
bf75d98b3287eee9260f16df11f43e0fdb790d9e5313b41e57f915ca46a93cba
GET /banners/a247979d-f898-4aab-a992-ab17ac1c83a6/slide.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1405592900"
last-modified: Thu, 07 Sep 2023 08:52:50 GMT
content-length: 4062
date: Thu, 14 Sep 2023 22:30:17 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 391232974
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/app.js
200 OK 1.7 kB URL GET HTTP/2 static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/app.js
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type ASCII text, with very long lines (352), with CRLF line terminators
Hash 1490aac2cf251cb7a3827a5602b8b509
ce48a21df8129270737a70bc9d9c94070ce81c52
b7b9a176a0902b49e9f052670293d84ce122874dde3d0dd80af95dcecfd9c026
GET /banners/a247979d-f898-4aab-a992-ab17ac1c83a6/app.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "306079837"
last-modified: Thu, 07 Sep 2023 08:52:50 GMT
content-length: 1692
date: Thu, 14 Sep 2023 22:30:17 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 390287486
age: 0
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhd0PjCkIGDBx8rsL0otsDrybgkbBAJAPJecY4r31f36ZNXmkn6xrmEMkzn8Lqfo1qFsjnsLug&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-368680077%3A1694730625442157&theme=glif
403 Forbidden 1.3 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhd0PjCkIGDBx8rsL0otsDrybgkbBAJAPJecY4r31f36ZNXmkn6xrmEMkzn8Lqfo1qFsjnsLug&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-368680077%3A1694730625442157&theme=glif
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5A:48:5B:27:A7:FB:0B:D6:63:83:8E:8E:80:DB:29:B7:2C:72:A8:8E
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File type gzip compressed data, max compression\012- data
Hash e46bfe846b16c3a45699d77e8a59edba
cab8b86757a0528e312afaa5ab06dfff84a8dfd9
984ef80ca6da398ed87cc35351a69ebbcf79bfd3b28702607108547a5b644e66
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhd0PjCkIGDBx8rsL0otsDrybgkbBAJAPJecY4r31f36ZNXmkn6xrmEMkzn8Lqfo1qFsjnsLug&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-368680077%3A1694730625442157&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 14 Sep 2023 22:30:25 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-KhASGHXS3g2E3wyD78AAEw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/bg.jpg
200 OK 42 kB URL GET HTTP/2 static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/bg.jpg
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1000x200, components 3\012- data
Hash af1a254a5f123d454cb0e1ec63254fe9
1d9797b1762aa67dc778c95b80fb6b3295c41d55
74603b6a138d1cf198a3ff0c4e1c79efcee89d4a22c0d669fb320b6dd47acee2
GET /banners/a247979d-f898-4aab-a992-ab17ac1c83a6/bg.jpg HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
accept-ranges: bytes
etag: "287780702"
last-modified: Thu, 07 Sep 2023 08:52:50 GMT
content-length: 42238
date: Thu, 14 Sep 2023 22:30:17 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 390324627
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/s1.png
200 OK 16 kB URL GET HTTP/2 static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/s1.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 1000 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b9b514b46a9902a7aedaac6d68ef4ac
16ff3a6383fc987d0908869aa628586bd1d20a96
8a495162f888ba3ca028f0b36e9d63c9aa248045539f2a79b3881d7138a58e11
GET /banners/a247979d-f898-4aab-a992-ab17ac1c83a6/s1.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1321280244"
last-modified: Thu, 07 Sep 2023 08:52:50 GMT
content-length: 16268
date: Thu, 14 Sep 2023 22:22:37 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 265218511
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/btn.png
200 OK 8.0 kB URL GET HTTP/2 static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/btn.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 1000 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 4761331603de667e145efe17142b5732
25ac69257257af4d4e52ac7154bb13a858bd02d5
f4d586462a9544054a3253a2d45cc0da02581c4182a6a57388390ac132fb72e1
GET /banners/a247979d-f898-4aab-a992-ab17ac1c83a6/btn.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1914681209"
last-modified: Thu, 07 Sep 2023 08:52:50 GMT
content-length: 7971
date: Thu, 14 Sep 2023 22:30:05 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 391232977
age: 0
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 103 B IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 40e082b57375dfa81fd6cb69448ef650
2ce84d227263cde38a46b640cb9be5f72f4c90e6
df725fac3290cb04a2323126cafe78592b679c09d1fac74e234db20eb6794df9
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 14 Sep 2023 22:30:25 GMT
content-type: text/plain
set-cookie: csu=1146487525251901@1@1694730625; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sqNOog9Y17xVDSN1pa5M1ppTjMvOUitJrgX%2FYPRBtjkX3hHeSCEJYBOQ0jx3FLIjEfL4OtzA9MxkcNncF4yS8fO7YSi84eklJyKU0dRPXnGIYjkEqCk2I7m1O3QAS4X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 806c1308f96c7791-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 33 kB IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 1ddd022ca8885b468f8918eef1a1b677
bd88ec1bb1487db14c60a3f91af6fb287bab920a
00396d7a272e064bac2f40f1f5bae826c1ca1b95ac8f9398310111723fa0c11a
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 14 Sep 2023 22:30:25 GMT
content-type: text/plain
set-cookie: csu=65683463513634@1@1694730625; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lVnNi8AvO9I2AUQbv08dVkIxoFW5UaIyuLC1zYlxwP95nIjSPDA7G29h6gu2t7n8tO%2FXYOHrV%2BSh%2FwJMYWHN2y9W3wCPJgqD45OY7nkMqrIEf27z9rH1qeTXK3I96%2FBf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 806c1308e94c7791-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/prices-bg-3.png
200 OK 2.4 kB URL GET HTTP/2 banner.hookusbookus.com/assets/image/prices-bg-3.png
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type PNG image data, 250 x 118, 8-bit/color RGBA, non-interlaced\012- data
Hash ef56eff9c1246b25c0088c156116ae05
21f5a8245443365c960a196d005277a3c5ef4709
be624625b85909d1b549672c0a13b167751f842e035c3156f1d5e4a1b677ce54
GET /assets/image/prices-bg-3.png HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 14 Sep 2023 22:30:26 GMT
content-type: image/png
content-length: 2442
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-98a"
accept-ranges: bytes
X-Firefox-Spdy: h2
banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
200 OK 98 kB URL GET HTTP/2 banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
Hash 487cdb5921753469d6bd2a21e38654cb
d41581b3e054fd532a0e6d121fd3b763b5eadf82
0585ee7a851118a915de319bf6e5848ec35cadfcb9046e44b100eaff965e33c8
GET /package-feed?language=et_ee&utmSource=allmedia HTTP/1.1
Host: banner-server.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://banner.hookusbookus.com
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 14 Sep 2023 22:30:27 GMT
content-type: application/json
access-control-allow-origin: https://banner.hookusbookus.com
access-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate
access-control-allow-credentials: true
access-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
X-Firefox-Spdy: h2
banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
200 OK 86 kB URL GET HTTP/2 banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash ff0dbde21582d92c399df4384d2ed2e7
d5d06aff9f677270d5d0250bec650a173aefac58
bbdacad3f9c2989a7296ff634a6279114c406ae327c4311960356b2eaac0dbbe
GET /index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 14 Sep 2023 22:30:26 GMT
content-type: text/html
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
vary: Accept-Encoding
etag: W/"63cfe903-1781"
content-encoding: gzip
X-Firefox-Spdy: h2
static.bepolite.eu/files/close-gray.png
200 OK 1.5 kB URL GET HTTP/2 static.bepolite.eu/files/close-gray.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 41d9676ab94bece3f7a549b4769ddbe2
521f14490fc57fea51e2e5bf00e2299dce51561b
c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34
GET /files/close-gray.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2525417386"
last-modified: Fri, 08 Apr 2022 18:07:56 GMT
content-length: 1497
date: Thu, 14 Sep 2023 22:30:18 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 265218520
age: 0
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=3c2b692012ae69d2cbfd07a37209c528
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 14 Sep 2023 22:30:18 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 390324636
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=3c2b692012ae69d2cbfd07a37209c528
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 14 Sep 2023 22:30:18 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 391232986
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=3c2b692012ae69d2cbfd07a37209c528
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 14 Sep 2023 22:22:38 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 390287498
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=3c2b692012ae69d2cbfd07a37209c528
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 14 Sep 2023 22:30:19 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 265218541
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=3c2b692012ae69d2cbfd07a37209c528
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 14 Sep 2023 22:22:39 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 391918070
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/9XFTBsexLSaW6Uk3nCoS.jpg
200 OK 59 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/9XFTBsexLSaW6Uk3nCoS.jpg
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash 2bc0042405de1b87297ef3b0e699e446
1c6098f9283395ff9ebf1f5710a61243a1998947
4848bddd5f564c6e0bf254cc2dd163d73618504f83a6c35e48a2938901d93a83
GET /hotelliveeb/images/general/1/9XFTBsexLSaW6Uk3nCoS.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 59129
date: Thu, 14 Sep 2023 17:33:00 GMT
last-modified: Mon, 20 Dec 2021 05:01:50 GMT
etag: "2bc0042405de1b87297ef3b0e699e446"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: V96WUT0RIq2T6lvs5kP1aji-vL3Y_hmKcyIVmQvBtfktKE1PTIEx3w==
age: 17854
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/DuZxkbbpVDIQHcGrS1eF.jpg
45 kB URL dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/DuZxkbbpVDIQHcGrS1eF.jpg
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash 1b20e7bd5b0f912d9de62a1c9b40f3ad
81d170aa7a3ddc28c0cea4323a3532a1e937d67f
769be022bca77c6c4792716f9b44331119cc7ec495a2665d6a5f30e982f1da9a
GET /hotelliveeb/images/general/1/DuZxkbbpVDIQHcGrS1eF.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 44736
last-modified: Tue, 29 Aug 2023 11:30:37 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Thu, 14 Sep 2023 20:14:20 GMT
etag: "1b20e7bd5b0f912d9de62a1c9b40f3ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eGRuM6mcZcG59t9kpjDftz7hpZsV6Z35Ct0IYYhO1_Or-wqkuYNUZg==
age: 8179
X-Firefox-Spdy: h2
static.bepolite.eu/banners/456c2158-70bd-41d6-8add-8501dc1d7bff/L1_wave_3_1000x200_Smartad_EE_424.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67848652&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F456c2158-70bd-41d6-8add-8501dc1d7bff%2FL1_wave_3_1000x200_Smartad_EE_424.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67848652&banner_id=ced757bc6c2d47c680d78256af15544f50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
200 OK 75 kB URL GET HTTP/2 static.bepolite.eu/banners/456c2158-70bd-41d6-8add-8501dc1d7bff/L1_wave_3_1000x200_Smartad_EE_424.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67848652&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F456c2158-70bd-41d6-8add-8501dc1d7bff%2FL1_wave_3_1000x200_Smartad_EE_424.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67848652&banner_id=ced757bc6c2d47c680d78256af15544f50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32968)
Hash 2d413765799bf4c921dbfdc54a6958b4
41b4ba00087bbdacdebb91d23627af9e1dce2af5
063293d72ce2c3502c5ba276722bc4da1113a81773567b87f51dd2286de7db33
GET /banners/456c2158-70bd-41d6-8add-8501dc1d7bff/L1_wave_3_1000x200_Smartad_EE_424.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67848652&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F456c2158-70bd-41d6-8add-8501dc1d7bff%2FL1_wave_3_1000x200_Smartad_EE_424.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67848652&banner_id=ced757bc6c2d47c680d78256af15544f50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
etag: "3997574232"
last-modified: Tue, 12 Sep 2023 09:12:27 GMT
content-length: 75444
date: Thu, 14 Sep 2023 22:30:17 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 390287480
age: 0
X-Firefox-Spdy: h2
banner.hookusbookus.com/config/config.js?v=1
200 OK 75 B URL GET HTTP/2 banner.hookusbookus.com/config/config.js?v=1
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 3ccf7a66b0210ed0be1c31bf636b2bbe
03eebe00ebba8f8cfcc9b8d70df6b5f72a26d4cb
ed3331b59191561c0756eb0c09c9cc705d6a12db4bdd20a54ddd191481ede8ab
GET /config/config.js?v=1 HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 14 Sep 2023 22:30:26 GMT
content-type: application/javascript
content-length: 75
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
etag: "63cfe903-4b"
accept-ranges: bytes
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/js/jquery.min.js
200 OK 90 kB URL GET HTTP/2 banner.hookusbookus.com/assets/js/jquery.min.js
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /assets/js/jquery.min.js HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 14 Sep 2023 22:30:26 GMT
content-type: application/javascript
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
vary: Accept-Encoding
etag: W/"608123af-15d84"
content-encoding: gzip
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/svg/hb-logo.svg
200 OK 15 kB URL GET HTTP/2 banner.hookusbookus.com/assets/image/svg/hb-logo.svg
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15333), with no line terminators
Hash bf6baf947f924bf8d67e947a025def06
9ac9fccb0351b41c1545714153ed5fa2c4bfef3a
64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e
GET /assets/image/svg/hb-logo.svg HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 14 Sep 2023 22:30:26 GMT
content-type: image/svg+xml
server: nginx/1.15.12
last-modified: Mon, 05 Jul 2021 19:56:59 GMT
vary: Accept-Encoding
etag: W/"60e3640b-3be5"
content-encoding: gzip
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/css/index_1000x200.css
200 OK 4.9 kB URL GET HTTP/2 banner.hookusbookus.com/assets/css/index_1000x200.css
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (5152), with no line terminators
Hash bbea28c29e42d59be2f13c38e8eb0845
b93e2ad2b20ab7d449a672afc091dc413695c606
62990b77849d8b95ca831a9f630cfda48af5be340a3f1e5aa4ee5792a37e4e76
GET /assets/css/index_1000x200.css HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 14 Sep 2023 22:30:26 GMT
content-type: text/css
server: nginx/1.15.12
last-modified: Fri, 17 Dec 2021 08:13:58 GMT
vary: Accept-Encoding
etag: W/"61bc46c6-1301"
content-encoding: gzip
X-Firefox-Spdy: h2
serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=6258977&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15669277%2F40d1651a77ea1d8a0a10%2Fkeygen_-_btcr.rar&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15669277%2FKeyGen_-_BTCR.rar.html&rnd=1694730624780
0 B URL GET serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=6258977&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15669277%2F40d1651a77ea1d8a0a10%2Fkeygen_-_btcr.rar&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15669277%2FKeyGen_-_BTCR.rar.html&rnd=1694730624780
IP
Requested by https://www.upload.ee/files/15669277/KeyGen_-_BTCR.rar.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=6258977&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15669277%2F40d1651a77ea1d8a0a10%2Fkeygen_-_btcr.rar&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15669277%2FKeyGen_-_BTCR.rar.html&rnd=1694730624780 HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private, must-revalidate, max-age=0
vary: accept-encoding
content-encoding: gzip
content-type: text/plain;charset=ISO-8859-1
date: Thu, 14 Sep 2023 22:30:17 GMT
set-cookie: bepolite_id=3c2b692012ae69d2cbfd07a37209c528; Max-Age=7776000; Expires=Wed, 13-Dec-2023 22:30:17 GMT; SameSite=None; Secure
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 391232965
age: 0
accept-ranges: bytes
content-length: 2144
X-Firefox-Spdy: h2
code.createjs.com/1.0.0/createjs.min.js
200 OK 242 kB URL GET HTTP/2 code.createjs.com/1.0.0/createjs.min.js
IP
ASN #20940 Akamai International B.V.
Requested by https://static.bepolite.eu/banners/456c2158-70bd-41d6-8add-8501dc1d7bff/L1_wave_3_1000x200_Smartad_EE_424.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67848652&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F456c2158-70bd-41d6-8add-8501dc1d7bff%2FL1_wave_3_1000x200_Smartad_EE_424.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67848652&banner_id=ced757bc6c2d47c680d78256af15544f50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerDigiCert Inc
Subjecttls.adobe.com
Fingerprint88:F9:45:0C:5A:A4:E6:B9:EF:07:7C:61:9A:07:71:F4:3F:EA:30:FF
ValidityWed, 08 Feb 2023 00:00:00 GMT - Sun, 10 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (32043)
Size 242 kB (242057 bytes)
Hash c71464532c0fc2020d8e8667ecfd9a3f
45f5cbaa3881797fd241f040838d495ee8170655
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
GET /1.0.0/createjs.min.js HTTP/1.1
Host: code.createjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Apache
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=900
expires: Thu, 14 Sep 2023 22:45:26 GMT
date: Thu, 14 Sep 2023 22:30:26 GMT
x-n: S
X-Firefox-Spdy: h2
static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/app.css
200 OK 3.1 kB URL GET HTTP/2 static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/app.css
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type ASCII text, with very long lines (3315), with no line terminators
Hash 6b7309ead7025f857f31d01ffbc9756c
fae18b81910d1e3c8e4e90a2a419d639ca600be4
c1b90397679336d32c1f4c0e9bf2b2f9769458854a2de29ca45d407f8345a30e
GET /banners/a247979d-f898-4aab-a992-ab17ac1c83a6/app.css HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/a247979d-f898-4aab-a992-ab17ac1c83a6/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.kaubamaja.ee%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_campaign%253Dilu_aeg_sygis_2023%2526utm_content%253Dsisu%2526utm_term%253Dee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1WXZ8X6JSe0Gnw2zRAzhRqzoptxWl3N6M6wSBlOWoR-TR_lOyfSdK8HxRrQktEc-na5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa247979d-f898-4aab-a992-ab17ac1c83a6%2Findex.html&clink=https%3A%2F%2Fwww.kaubamaja.ee%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_campaign%3Dilu_aeg_sygis_2023%26utm_content%3Dsisu%26utm_term%3Dee&banner_id=104788ef97cd4dc28dbe29d4dd65d6bc50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
accept-ranges: bytes
etag: "306050553"
last-modified: Thu, 07 Sep 2023 08:52:50 GMT
content-length: 3069
date: Thu, 14 Sep 2023 22:30:05 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 390287483
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/456c2158-70bd-41d6-8add-8501dc1d7bff/L1_wave_3_1000x200_Smartad_EE_atlas_1.jpg
200 OK 33 kB URL GET HTTP/2 static.bepolite.eu/banners/456c2158-70bd-41d6-8add-8501dc1d7bff/L1_wave_3_1000x200_Smartad_EE_atlas_1.jpg
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/456c2158-70bd-41d6-8add-8501dc1d7bff/L1_wave_3_1000x200_Smartad_EE_424.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67848652&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F456c2158-70bd-41d6-8add-8501dc1d7bff%2FL1_wave_3_1000x200_Smartad_EE_424.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67848652&banner_id=ced757bc6c2d47c680d78256af15544f50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, progressive, precision 8, 1024x1024, components 3\012- data
Hash f47b1bbc92977d137d2c216ce0e7b3e1
3ec29005ee7124203e3a5206d7f002f29be546f7
ca6b78b4e720adb2390adf282819659a16d1bdf9386ff0c139d947762d299050
GET /banners/456c2158-70bd-41d6-8add-8501dc1d7bff/L1_wave_3_1000x200_Smartad_EE_atlas_1.jpg HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/456c2158-70bd-41d6-8add-8501dc1d7bff/L1_wave_3_1000x200_Smartad_EE_424.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67848652&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Wrr5RY4P2nohgbUh3rZkiID_BMjjenbwXiNTLHU-72zqsKsvj0iXSkLfuiDCLMBba5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F456c2158-70bd-41d6-8add-8501dc1d7bff%2FL1_wave_3_1000x200_Smartad_EE_424.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67848652&banner_id=ced757bc6c2d47c680d78256af15544f50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
accept-ranges: bytes
etag: "3128582732"
last-modified: Tue, 12 Sep 2023 09:12:27 GMT
content-length: 32624
date: Thu, 14 Sep 2023 22:30:18 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 390324630
age: 0
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/uKEQ3VnYU3XSxSyNM64d.jpg
421 Misdirected Request 73 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/uKEQ3VnYU3XSxSyNM64d.jpg
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash bf36e0bf265a935a340671b4d66f2e01
71eacdd355861fa4500b9961d4fcd24b81aa87e4
8e6b881322ec75b0070fe04c905f40284ddc3806fdb6253cce210d544c8a0c19
GET /hotelliveeb/images/general/1/uKEQ3VnYU3XSxSyNM64d.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 421 Misdirected Request
server: CloudFront
date: Thu, 14 Sep 2023 22:30:27 GMT
content-type: text/html
content-length: 1003
x-cache: Error from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ksr1jpSFK4-XiAms_an7uiOnALHv1H7y68Pc1uHAe13_4E7wHPCrYQ==
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
200 OK 53 kB URL GET HTTP/2 banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF39MIpYQ8Q_uizx_9LPDV_T65bWFcWeHVn4n6nlRSdLq1sxEEj0uRUVBN39nkGxTrZdi68yNaaOYRdXvPBmCPkqY4bLalmnYpVqQeLfZg8F3IEKn_L-mm_BjRLhTrRawRviMhF0_hn-Ft6H4CrwjFf3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3Nph6AhIbGKPDtMF7YPxkDU4_Ogio8x-bd6qxktBd7cU06ZH0Tqu0wnEKgeSbUH3La5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=2b832712c40e4d1885d21996092d5e9350dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 53104, version 1.500\012- data
Hash 4f5975fe17a8ca74963be0165ff6a443
4bca2ab6c3da2b6ae09602601adeac22e7a90381
5b8f98e0c93afef19bd64c3dea2a16d60dc1574e5a4a79b788ef03b9eb3c22df
GET /assets/fonts/greycliff-cf-regular.woff HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 14 Sep 2023 22:30:27 GMT
content-type: font/woff
content-length: 53104
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-cf70"
accept-ranges: bytes
X-Firefox-Spdy: h2
51.91.30.159
3.127.166.206
212.47.222.21
142.250.74.109
23.36.76.145
188.114.97.1
0.0.0.0
0.0.0.0