{"report_id":"25f8b8be-2c9e-439b-b139-ccd068d67180","version":6,"status":"done","tags":[],"date":"2023-10-26T17:30:42Z","url":{"schema":"http","addr":"upload.ee/download/15851345/3797f05bf2341dbeb135/sadfok.hta","fqdn":"upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"final":{"url":{"schema":"https","addr":"www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"title":"UPLOAD.EE - sadfok.hta - Download"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T17:40:46Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"dskwugy0u6y9l.cloudfront.net","ip":{"addr":"143.204.42.48","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2021-11-03 13:00:09","last_seen":"2023-10-25 20:03:37","alert_count":0,"request_count":5,"received_data":296380,"sent_data":2479,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pogothere.xyz","ip":{"addr":"104.21.24.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-08-22","domain_rank":0,"first_seen":"2022-09-04 21:11:25","last_seen":"2023-10-25 19:10:48","alert_count":0,"request_count":2,"received_data":177475,"sent_data":840,"comment":"","tags":null,"fingerprints":null},{"fqdn":"static.bepolite.eu","ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2017-01-29 06:13:55","last_seen":"2023-10-25 18:37:16","alert_count":0,"request_count":2,"received_data":179153,"sent_data":878,"comment":"","tags":null,"fingerprints":null},{"fqdn":"banner.hookusbookus.com","ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2018-09-12","domain_rank":0,"first_seen":"2021-10-05 06:31:23","last_seen":"2023-10-25 18:37:16","alert_count":0,"request_count":13,"received_data":321584,"sent_data":16283,"comment":"","tags":null,"fingerprints":null},{"fqdn":"serving.bepolite.eu","ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2017-01-29 19:42:29","last_seen":"2023-10-25 18:37:15","alert_count":0,"request_count":4,"received_data":1046,"sent_data":3236,"comment":"","tags":null,"fingerprints":null},{"fqdn":"banner-server.hookusbookus.com","ip":{"addr":"18.194.32.185","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2018-09-12","domain_rank":0,"first_seen":"2023-01-24 15:19:09","last_seen":"2023-10-25 18:37:16","alert_count":0,"request_count":2,"received_data":52218,"sent_data":998,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.upload.ee","ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"domain_registered":"2010-07-04","domain_rank":981196,"first_seen":"2012-05-24 10:39:37","last_seen":"2023-10-25 14:07:50","alert_count":3,"request_count":9,"received_data":26585,"sent_data":4573,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ismscoldnesfspl.info","ip":{"addr":"172.67.195.47","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2023-10-04","domain_rank":0,"first_seen":"2023-10-12 11:48:07","last_seen":"2023-10-12 11:48:07","alert_count":0,"request_count":4,"received_data":2389,"sent_data":2149,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.r2m02.amazontrust.com","ip":{"addr":"54.230.218.11","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2007-05-11","domain_rank":0,"first_seen":"2022-10-12 16:01:39","last_seen":"2023-10-25 18:37:16","alert_count":0,"request_count":2,"received_data":1884,"sent_data":680,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":75,"first_seen":"2013-05-22 04:07:37","last_seen":"2023-10-25 18:46:23","alert_count":0,"request_count":2,"received_data":137650,"sent_data":875,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":175,"first_seen":"2018-07-01 08:43:07","last_seen":"2023-10-25 18:12:06","alert_count":0,"request_count":5,"received_data":3500,"sent_data":1665,"comment":"","tags":null,"fingerprints":null},{"fqdn":"du0pud0sdlmzf.cloudfront.net","ip":{"addr":"143.204.42.48","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2023-08-24 12:49:59","last_seen":"2023-10-25 20:03:34","alert_count":0,"request_count":4,"received_data":120761,"sent_data":2408,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ticalfelixstownru.info","ip":{"addr":"143.204.55.117","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2023-10-04","domain_rank":0,"first_seen":"2023-10-12 21:49:31","last_seen":"2023-10-12 22:20:32","alert_count":0,"request_count":5,"received_data":6916,"sent_data":3789,"comment":"","tags":null,"fingerprints":null},{"fqdn":"accounts.google.com","ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":81,"first_seen":"2016-03-20 13:44:49","last_seen":"2023-10-25 18:22:51","alert_count":0,"request_count":6,"received_data":10614,"sent_data":3688,"comment":"","tags":null,"fingerprints":null},{"fqdn":"upload.ee","ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"domain_registered":"2010-07-04","domain_rank":450367,"first_seen":"2015-01-15 12:52:19","last_seen":"2023-10-26 10:30:55","alert_count":0,"request_count":1,"received_data":557,"sent_data":515,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-10-26T17:30:22Z","timestamp":1698341422,"ip_dst":{"addr":"51.91.30.159","port":80,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"ip_src":{"addr":"Client IP","port":57048,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible HTA Application Download","source":"{\"timestamp\":\"2023-10-26T17:30:22.992585+0000\",\"flow_id\":1961638839072882,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.73\",\"src_port\":57048,\"dest_ip\":\"51.91.30.159\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.HTA.Download\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2022520,\"rev\":6,\"signature\":\"ET POLICY Possible HTA Application Download\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"created_at\":[\"2016_02_15\"],\"updated_at\":[\"2020_10_06\"]}},\"http\":{\"hostname\":\"www.upload.ee\",\"url\":\"/download/15851345/3797f05bf2341dbeb135/sadfok.hta\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://www.upload.ee/download/15851345/3797f05bf2341dbeb135/sadfok.hta\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":709,\"bytes_toclient\":535,\"start\":\"2023-10-26T17:30:22.931954+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-6703115-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"647fc35b2b337fa6d9d8df9cc0b0a223","sha1":"e463fe4d716d59dbd9b6e38a6afde66fee185bb5","sha256":"2305e3a2c3a4f011b060dcb9fff8b820fcdf064f1793706c46e24e890e91ec19","sha512":"4c6fbd0abf923f0a97c4fcc62a2806df2a57793771ed98cb30b217025d9a901bbbde212aba63f019a9785b484d826034789cb2a2a9b6bd032cdcdd37b252a1cc","ssdeep":"1536:DRalb0aNNELMYxTy5cmGDD60ZkTKREfPEyRtoiwdZllXZq5QTHFXkOyf59KpdGTU:DRa10aNNU1h1D60uof3PQ5QTHxkw++","tlshash":"6dd3f9d9b3977166c2a3b4b8553f010bf17a6e92f84cdc94e186c9c02e7869a0177f6c","size":133694,"data":"","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:gr5xyIhZ6pQ/d/bTQcFeqZVxNnR36Hc9lDJlQC8dA9Sa5fLtUB5roNiEP:gr58IhZ6pg/bTXVx9t689fN8INtEONig","tlshash":"7ea1cd9b39e650310332bfe91bfaa559b22937605220c161be0c915b7399233d3e1bec","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-23T21:07:01.023883Z","times_seen":897667,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"8ee0d8d014894b0954d7c4f97d4ec41e","sha1":"ab3d4a4ebed224956457df2162e3f9fc10b0ae00","sha256":"7a0de7afa3918b10e9d3e08e13bcbd9318e6d007d8ca0f2e417c40121375a3f7","sha512":"ebba7a987e72c463770896691a2a7051a387024cce21e491f446dffb6554ddb7f3566ea6ba555cae80fdeb21bb730065eb47d931a2fc198a9e19b92a4dc6e2b4","ssdeep":"","tlshash":"e0b00410f41570c535150031030510f151417314dd5dc1111f00015750155df3d13014","size":91,"data":"","first_seen":"2024-08-21T03:16:46.010461Z","last_seen":"2024-08-21T03:16:46.010461Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/scripts/saresponsive.js","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b966d35075632aae6108d54928c2ae9","sha1":"c76f1c7ab28ade483e7a852c049eeb5bddaf4e5e","sha256":"da22da01f20d28d9171f8107e155ca01f9811d6abcd3b64dbeb832ec6c34578e","sha512":"94a815a1978744d0e4084813cf6dcbdbab67220ff313a90221766f8ad9c8a3e2d38a46b83a12ae42c41759ff7d9d2a2e9a686196d5290540c2a8eb9d8e2e5c8c","ssdeep":"3072:y4J+03jL5TCOauTwDhFdnCVQNLa98HrPevC2eYCLaISE92oa:40zEOQR+iLa98HrgreYCvSE9K","tlshash":"ea0418d57b8e381787a632a980ff014ef17dd2f6a1094875f09894a06db8a1d13b7f6c","size":176966,"data":"","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-26T19:30:47Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"c5517099957bd7e57f4415880a2907cc","sha1":"db3764d6bebbae0c4fdfdf7c13018d5fe5223b1d","sha256":"4e9a260a37ba9ae1b51aeb7b1d9c6df34e726e2646a3ce2d04f154aa45281de4","sha512":"07327cfa2d225bf5559c18309af9e60eceee091faf8e87d21797df52094b3b30791d7870df8cf89c0450dedc3771ad008febd26ea966533b178cf765324cd967","ssdeep":"","tlshash":"5eb00475c45741451cd44373c3404cf045f5c070c5d045c504d173f010f750fd143015","size":125,"data":"","first_seen":"2024-08-21T03:16:46.011508Z","last_seen":"2024-08-21T03:16:46.011508Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"48e07e6b9e60fc36f21db6b71bf0b4b1","sha1":"fb4085cc0058779b28e5c366a2b92cf242399c2f","sha256":"3cbdc71216bd0aa119c93b4c5213941e9972e26ef16b3386c7c9cb32bcc60d64","sha512":"10187db826a6c668fff87f61e2468ecaf94b9a87475115b9718c9458f75281581aa84a3001fad9d5a1c48ba75a443d03da26fdf243fdc1e964770fb12b140178","ssdeep":"","tlshash":"ae60000030f00000c3c3003000c00030000003000cc00303000300c03000c00ccf0300","size":14,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2026-05-15T03:10:01.480683Z","times_seen":3584,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/js/js__file_upload.js","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"66684709338f7239056ff3302e16bc4a","sha1":"7dbd501434bdc062cdc8f6744e272a7d39ca5136","sha256":"5163e50a8fe4549a8ca064e266de9c8e6aebd1d848185e0931959824a4d32c0f","sha512":"736a47122121ab209a76fb53a07aad3fc5b3a10dd8e1c760b65ecb66a7c16c802d105d9db843d36216ad65f7aa50652cd5b626daa0b2bf7a1a1573dd8b83ea03","ssdeep":"768:nE5keq96s7jR29qxFJuuGBs98dSx1yUL9acoR13knV96Qx8VDJR:n+qP7jR29eFJuuGBs98dSx1yUL9at6VM","tlshash":"77c2e793778684a48dda157e249e03ca7634c4176d0aa850fc6ccca8ae74f89907bf7d","size":25884,"data":"","first_seen":"2023-10-24T16:45:51Z","last_seen":"2026-05-15T03:10:01.468433Z","times_seen":3528,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15851345/sandbox%20eval%20code","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"23c336606ee3a6d444b305153fa0e2e2","sha1":"473a2111970ae2a94b373e656d20c4bd4184d703","sha256":"305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60","sha512":"ab0470885483545a0306733fa3a067239e299e0b47d35f9769a763f65ba5e9d928ee364a66f9e577499ab0c452f34dc7a3a48a774ce3d09e56fd88d1989e84ba","ssdeep":"","tlshash":"bbc02b137750017d2f1016b0b9009003a1c923005eb78001f006001f2040eae88dc180","size":128,"data":"","first_seen":"2023-05-06T01:21:43Z","last_seen":"2026-05-23T20:05:55.924408Z","times_seen":77148,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/js/adsbygoogle.js","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e9e391ad98fbe1b2de0b7b4fa9ca904","sha1":"21d7771223e8286a06ad878af425094a40de32b5","sha256":"1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69","sha512":"defa1ba5ce4193014a4657fe394734634087d66c9db8024778ea2c3a59be02e38e0077725c7d000ff7046bea23070594f8942446c6068b4032d329d0716532b0","ssdeep":"","tlshash":"f63197075511c5fa022195d6ea7a3e2e61337628523440a8f238f23b23770cbf3d1abd","size":1648,"data":"","first_seen":"2023-05-06T01:21:43Z","last_seen":"2026-05-23T20:05:55.929388Z","times_seen":75004,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"63fa78e3d4ae4b7fc4cf5126264cb75e","sha1":"65657518c61173b8205d4fb68aabfae6ae7270a0","sha256":"a31d904d1ab6191632f68d0b375b622e4699c6e840f99ce53699df5d9f77ef6a","sha512":"84a1432bf021cfe79ca89727eabd12fc350317b89e20986f12393d7b25df94e424ec561aafb41922db622d4cd2eb4af54d6ae0ddab57d0d3bbdb8c8a9d698034","ssdeep":"","tlshash":"4d90222820800200c20080303003220f80e8200b28800088000002800232030022388e","size":57,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2026-05-15T03:10:01.483397Z","times_seen":3535,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15851345/sandbox%20eval%20code","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"69c02be3f74421ae2f1156f2b810e043a2c62b015ae7c402f00e003f2440fea4eee1e8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-23T21:07:01.157992Z","times_seen":899315,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/?dupud=997369","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.48","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9aab97f2a6e1e0d9e904582b89e98180","sha1":"35ca105900e4da6099e530995c2e572f70d5ca07","sha256":"bc3de5f026eead63b88652a8eb08b527aee3a1092b6ca245dc0e7a676143522d","sha512":"d46309ab2f5e296f97fdbca324731bb56715a2fe617d159b51cee9a159b965d6229732807acaca800133b13c4d13945ae96b5746809147559a246491b9b37d73","ssdeep":"6144:WShLAyB2hrfVxt103N+wSShLAyB2hrfV3R:Wi0yYh7VHg0vi0yYh7Vh","tlshash":"07743b89be523869836374b540ff124e723f4669b8084dd4b49ad4d16db8d0a43bffac","size":362703,"data":"","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c\u0026type=direct\u0026page_id=9635669\u0026screen_width=1280\u0026screen_height=1024\u0026os=Linux%20x86_64\u0026refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15851345%2F3797f05bf2341dbeb135%2Fsadfok.hta\u0026pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15851345%2Fsadfok.hta.html%3Fmsg%3Dsess_error\u0026rnd=1698341423792","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4d3ae41496b086212d6d747a75980507","sha1":"7a90810a036bafd9fc1778869a65dd29b866fab9","sha256":"1a8143cb42229ebf60e336bcf33b6b82a08c73ae21b3f175f2206e0ef21b75aa","sha512":"ddc9010224b41e579a9d6a2497286258b12825401291478ae6199875373fa387fd6adfa5547cc1516dd915823ab9b59c494220095b73ae3494542d8b140f2fd9","ssdeep":"192:JMmEXVHkYTkYLkYakYrkYOHkYapkYa9kYa8kYalkYaED:CmEFZ1tINaaja3aSa/aO","tlshash":"94d15198d75b70589bf8083727ec1cd8e58f52b8ad174d5a7d0b402b75c72a3929603d","size":6302,"data":"","first_seen":"2024-08-21T03:16:46.015482Z","last_seen":"2024-08-21T03:16:46.015482Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"ae2452eb7c54151982b0b486a6d6b5b7","sha1":"25f5c6feb836bace698c4bdb505a708590feed47","sha256":"e45eb4131f38e706a60ce3644754dbad18964752f41286bdfe108acb6c0ef4e4","sha512":"2383a32caf7d71893fd6d17f0619cc63f975391c200508a174d15170b611b14d189178323c65c339291baa7a178c4516aa50c3cdcb9ee9d50d7acb6cd867bd6f","ssdeep":"","tlshash":"a7b00410f41570c535150031030510f151417314dd5dc1111f00015750155df3d13014","size":88,"data":"","first_seen":"2024-08-21T03:16:46.016578Z","last_seen":"2024-08-21T03:16:46.016578Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/js/jquery.min.js","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-05-23T21:05:33.525694Z","times_seen":243284,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba71a86056b5c9ef37b625aade54337e","sha1":"4769c2a07aa71c342dcb06dfa2950cff7ecae40f","sha256":"65d96ab8cd224643e09a693cdc8fa0b76eb9c6cfe0a4be8b797136ca83a305c0","sha512":"e115753c5b2d6cbecba098a1efc800f3b04e17610b6e509e81aa0bb637e4f7d74b1c9c79d89e7e4bf7204d7607a8ba490b44adf1719b6a20bb96e3819e55fdc4","ssdeep":"","tlshash":"d9c02b89210e0c7190f733808f3fbd01f4122364a4d05c33484e23058e20f27d358910","size":155,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2026-03-28T13:29:03.445604Z","times_seen":3495,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"bada815b0add3317d69cbff824573d6b","sha1":"60ebc2061d3dbf196d418b6802aa0d971b7bc189","sha256":"f2fe3c2dc65244420df6fc8efd959211c4ef3d9f76e2a3c530b4a3163138d92b","sha512":"ebebfda077663be98ce77e2cd5423a0714b98afd3e733b59e81eb93b8fad64d788707761de91ed96d6cbe281cd96b11641a77532c41ae95a08944e1987070463","ssdeep":"","tlshash":"a43140f4ab7d64a498be210d633cf38fa46d60373c431c43ad5e55e41a71e2f0523a96","size":1636,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2024-08-21T09:18:42.71122Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/config/config.js?v=1","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee16e21326dec006274a554647c4d759","sha1":"8e4389c35e12ea6d1e4d7214c174fda343047865","sha256":"5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f","sha512":"a239a8e81f283185fdb6793b9d85b0418d876138414aab138425f356942648542372165bd3faac525d4538dd308467a432492efe6f3efc402ef3029b33d1ebb4","ssdeep":"","tlshash":"4ea012f3818884730728057185d738249f0da14444618184626814026008221511252c","size":75,"data":"","first_seen":"2023-03-13T06:46:56Z","last_seen":"2024-08-21T08:57:42.304883Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49\u0026l=dataLayer\u0026cx=c","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2b77a5a151642ca57682308f9e696737","sha1":"0f56fa95dab7db831e036527f327abe0dff04e45","sha256":"808b56d2d784ed3918d99ff53c7e7e6d5941f2a0058103fdec10a2846f159cd6","sha512":"276617ab888b6c244dd0ca6c456ab5102ae0bb21eaeef02f1627ea729d5d0b9a64b38eeff6ed1a74526c86d3ddb1ff9c085ead7dcc23ceb57622a71482bb43f4","ssdeep":"6144:ueNh/uWUy3p4ybJjg04JCttQ3TxZID6ST:uGGWUyCybxEZM","tlshash":"703408d9b383706682a7f479503f014be5bb2ca6b44dcc94e189c9d02e78a89517bf7c","size":247611,"data":"","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"ae4d1450c0a0740f9e0f622115d74d62","sha1":"6da1bfc18e6c4db1abb65ee95b977f7d51cb8794","sha256":"da230fff6f7e8fb6e53baf504974ea2bc85918fcd77f777cf43d18778c288c3d","sha512":"ea14aef190e8e6077cd31dc85c884d1d7f8400ba6c3ee5842db1e462301a7dfba7e31627a04569ec4bc44e6aa4d25461b0990f7f33da37dbee581ea65e1ae5d3","ssdeep":"","tlshash":"18b00475c45741451cd44373c3404cf045f5c070c5d045c504d173f010f750fd143015","size":128,"data":"","first_seen":"2024-08-21T03:16:46.019396Z","last_seen":"2024-08-21T03:16:46.019396Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"upload.ee/download/15851345/3797f05bf2341dbeb135/sadfok.hta","fqdn":"upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:22.925766824Z","timestamp":1698341422925,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /download/15851345/3797f05bf2341dbeb135/sadfok.hta HTTP/1.1\r\nHost: upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate: Thu, 26 Oct 2023 17:30:22 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 278\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nLocation: http://www.upload.ee/download/15851345/3797f05bf2341dbeb135/sadfok.hta\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":278,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"1100158b140fe036fdb8834ca5451de8","sha1":"c9bc18c6e09447509196049ad6e5542d8e6b2b58","sha256":"ca79b55ff026e68387df1346def7f187caaca3a0affd7030d2d13785f807464c","sha512":"fd2582d642d77af055cbdd693ec97f8e881a13d0747c1a615b945adf450065308313b2f29dc93a60aa31fcd1b5191cb38daaca85cf1cd3aa6428c269bcff2a68","ssdeep":"","tlshash":"6dd02becd7435094a4033b40b5d160f0a05a51b652c684ed26ff28ead05a8b55c4b2de","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/download/15851345/3797f05bf2341dbeb135/sadfok.hta","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:22.992983353Z","timestamp":1698341422992,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /download/15851345/3797f05bf2341dbeb135/sadfok.hta HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Thu, 26 Oct 2023 17:30:22 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nLocation: https://www.upload.ee/download/15851345/3797f05bf2341dbeb135/sadfok.hta\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2023-10-26T17:30:22Z","timestamp":1698341422,"ip_dst":{"addr":"51.91.30.159","port":80,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"ip_src":{"addr":"10.70.215.73","port":57048,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible HTA Application Download","source":"{\"timestamp\":\"2023-10-26T17:30:22.992585+0000\",\"flow_id\":1961638839072882,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.73\",\"src_port\":57048,\"dest_ip\":\"51.91.30.159\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.HTA.Download\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2022520,\"rev\":6,\"signature\":\"ET POLICY Possible HTA Application Download\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"created_at\":[\"2016_02_15\"],\"updated_at\":[\"2020_10_06\"]}},\"http\":{\"hostname\":\"www.upload.ee\",\"url\":\"/download/15851345/3797f05bf2341dbeb135/sadfok.hta\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://www.upload.ee/download/15851345/3797f05bf2341dbeb135/sadfok.hta\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":709,\"bytes_toclient\":535,\"start\":\"2023-10-26T17:30:22.931954+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/download/15851345/3797f05bf2341dbeb135/sadfok.hta","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:23.162918814Z","timestamp":1698341423162,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /download/15851345/3797f05bf2341dbeb135/sadfok.hta HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Thu, 26 Oct 2023 17:30:22 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 401\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nP3P: CP=\"CAO PSA OUR\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":401,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (401), with no line terminators","md5":"bf975add8f8623d71ac9e3d56d6bbce7","sha1":"9b1c5a26fee65f5b170b0d2c0b50f6e6c62175ed","sha256":"e703e833f6971eec9953bc8713b656812ef260b34d75bc9c2a4c4199f5917614","sha512":"b66a36074dd5e9e36275c1541f3aef05aee3769532e892dca27eef71d34d922645e339cb41b1a1f6ac01024e3f66fb90174dedb44baa96c32f9f25014f6d4878","ssdeep":"","tlshash":"e6e068ee8d01d90fe65020f0e4f1f298589ec13bed948950a5d408be47d1feacc433a9","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":3,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2023-10-26T17:30:22Z","timestamp":1698341422,"ip_dst":{"addr":"51.91.30.159","port":80,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"ip_src":{"addr":"10.70.215.73","port":57048,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible HTA Application Download","source":"{\"timestamp\":\"2023-10-26T17:30:22.992585+0000\",\"flow_id\":1961638839072882,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.73\",\"src_port\":57048,\"dest_ip\":\"51.91.30.159\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.HTA.Download\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2022520,\"rev\":6,\"signature\":\"ET POLICY Possible HTA Application Download\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"created_at\":[\"2016_02_15\"],\"updated_at\":[\"2020_10_06\"]}},\"http\":{\"hostname\":\"www.upload.ee\",\"url\":\"/download/15851345/3797f05bf2341dbeb135/sadfok.hta\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://www.upload.ee/download/15851345/3797f05bf2341dbeb135/sadfok.hta\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":709,\"bytes_toclient\":535,\"start\":\"2023-10-26T17:30:22.931954+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/download/15851345/3797f05bf2341dbeb135/sadfok.hta","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:23.432112678Z","timestamp":1698341423432,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /download/15851345/3797f05bf2341dbeb135/sadfok.hta HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Thu, 26 Oct 2023 17:30:22 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 401\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nP3P: CP=\"CAO PSA OUR\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":401,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (401), with no line terminators","md5":"bf975add8f8623d71ac9e3d56d6bbce7","sha1":"9b1c5a26fee65f5b170b0d2c0b50f6e6c62175ed","sha256":"e703e833f6971eec9953bc8713b656812ef260b34d75bc9c2a4c4199f5917614","sha512":"b66a36074dd5e9e36275c1541f3aef05aee3769532e892dca27eef71d34d922645e339cb41b1a1f6ac01024e3f66fb90174dedb44baa96c32f9f25014f6d4878","ssdeep":"","tlshash":"e6e068ee8d01d90fe65020f0e4f1f298589ec13bed948950a5d408be47d1feacc433a9","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":3,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2023-10-26T17:30:22Z","timestamp":1698341422,"ip_dst":{"addr":"51.91.30.159","port":80,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"ip_src":{"addr":"10.70.215.73","port":57048,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible HTA Application Download","source":"{\"timestamp\":\"2023-10-26T17:30:22.992585+0000\",\"flow_id\":1961638839072882,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.73\",\"src_port\":57048,\"dest_ip\":\"51.91.30.159\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"ET.HTA.Download\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2022520,\"rev\":6,\"signature\":\"ET POLICY Possible HTA Application Download\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"created_at\":[\"2016_02_15\"],\"updated_at\":[\"2020_10_06\"]}},\"http\":{\"hostname\":\"www.upload.ee\",\"url\":\"/download/15851345/3797f05bf2341dbeb135/sadfok.hta\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://www.upload.ee/download/15851345/3797f05bf2341dbeb135/sadfok.hta\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":709,\"bytes_toclient\":535,\"start\":\"2023-10-26T17:30:22.931954+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-10-26T17:30:23.571Z","timestamp":1698341423571,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /files/15851345/sadfok.hta.html?msg=sess_error HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/download/15851345/3797f05bf2341dbeb135/sadfok.hta\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 26 Oct 2023 17:30:22 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 8985\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nExpires: Mon, 26 Jul 1997 05:00:00 GMT\r\nLast-Modified: Thu, 26 Oct 2023 20:30:22 +0300\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nP3P: CP=\"CAO PSA OUR\"\r\nSet-Cookie: lng=eng; expires=Thu, 23-Nov-2023 17:30:22 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8985,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (4526)","md5":"d136cb45b898b911fdf3fc1a00b2fab4","sha1":"ba3df85cc37c53fce92fb322505b818a2dc8b208","sha256":"d443f13df19a3d19fe9f73273344e4b47568b9ec93d033fa47478ca587baea0f","sha512":"1957752104c595d0371176507da1d76f1ab863ab7f96c4cec14566429da13beb5b12b268c4613389e14990bcd82dbc8f482ff584d3f606380a5451189dd27473","ssdeep":"384:1oJylIn7xpYwuu504Y6eHYCDRzhU3E8+UUKIz40qoWgp03eBizEm+K:1oJCIn7XY20tVDRzh4E8+UUKIz40qoWR","tlshash":"a1922a71558ee82e8654a0d4e274feac99c774afc7800884e47f68b7a5c1fa46c321f9","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":1,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/static/ubr__style.css","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:23.667Z","timestamp":1698341423667,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /static/ubr__style.css HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error\r\nCookie: lng=eng\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 26 Oct 2023 17:30:22 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 17 Oct 2023 12:17:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: W/\"652e7b50-24da\"\r\nExpires: Thu, 02 Nov 2023 17:30:22 GMT\r\nCache-Control: max-age=604800\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2841,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (591), with CRLF line terminators","md5":"7b9692d4caecccf38e40d2333f8e00b0","sha1":"8ecb4f873571250f02a5cc2ceff0a24aed25fc33","sha256":"c4042306388924b75aa7d584c1e61165264967a52d09544ecba836f0d00eb9b9","sha512":"c7f31f284e1efd4e69f239cb705f27db186aac82acc7fee042fed2c23909f4c8192bef0c54b382f2aa3bb1e9d5542b8567024de43a795c3361ae74763a4d2d56","ssdeep":"192:a2jAySjuE174K/B4kxWnInnHGYaN4OI56pYgq+:Ejj2K/B4annc66pYgt","tlshash":"b012b572d2aa302e71abc0bab051fa9e3d58908bd4539771f96636b5cac10e53337708","first_seen":"2023-10-24T16:45:51Z","last_seen":"2026-05-15T03:10:01.473925Z","times_seen":3424,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/js/js__file_upload.js","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:23.669Z","timestamp":1698341423669,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /js/js__file_upload.js HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error\r\nCookie: lng=eng\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 26 Oct 2023 17:30:22 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 17 Oct 2023 12:32:21 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: W/\"652e7ed5-651c\"\r\nExpires: Thu, 02 Nov 2023 17:30:22 GMT\r\nCache-Control: max-age=604800\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7670,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (1853)","md5":"66684709338f7239056ff3302e16bc4a","sha1":"7dbd501434bdc062cdc8f6744e272a7d39ca5136","sha256":"5163e50a8fe4549a8ca064e266de9c8e6aebd1d848185e0931959824a4d32c0f","sha512":"736a47122121ab209a76fb53a07aad3fc5b3a10dd8e1c760b65ecb66a7c16c802d105d9db843d36216ad65f7aa50652cd5b626daa0b2bf7a1a1573dd8b83ea03","ssdeep":"768:nE5keq96s7jR29qxFJuuGBs98dSx1yUL9acoR13knV96Qx8VDJR:n+qP7jR29eFJuuGBs98dSx1yUL9at6VM","tlshash":"77c2e793778684a48dda157e249e03ca7634c4176d0aa850fc6ccca8ae74f89907bf7d","first_seen":"2023-10-24T16:45:51Z","last_seen":"2026-05-15T03:10:01.468433Z","times_seen":3528,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":29,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/images/arrow.gif","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:23.693Z","timestamp":1698341423693,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /images/arrow.gif HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error\r\nCookie: lng=eng\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 26 Oct 2023 17:30:22 GMT\r\nContent-Type: image/gif\r\nContent-Length: 59\r\nLast-Modified: Sun, 14 Apr 2013 07:15:01 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"516a5775-3b\"\r\nExpires: Thu, 02 Nov 2023 17:30:22 GMT\r\nCache-Control: max-age=604800\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":59,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 6 x 9\\012- data","md5":"6675f814b94f13f91f1383707b250e36","sha1":"31452650e8fce2095613a2010799bdb7548bdd51","sha256":"061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411","sha512":"d232d7337ef45394ddeb09894a7aec31363ef026299bd047d49dc46975757da192136b03531ab7be451a4d28ce8e3250a9538f94c6ae38347537de00192e9c62","ssdeep":"","tlshash":"3fa0020295b4c144c80411761c58815056027226858e175736bc7722ec498a17152121","first_seen":"2023-04-30T19:35:34Z","last_seen":"2026-05-15T03:10:01.465295Z","times_seen":3578,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":12,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:23.756015269Z","timestamp":1698341423756,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Thu, 26 Oct 2023 17:30:22 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"c088aa1505da9f4e034c43608e2135bb","sha1":"0ea8e2a58b27fc8a7f547367c4fda26c78bdefd9","sha256":"60c63114d67758ba8a98a5ceae6f2f0a6ca9b7a6e3367e6545517e78e07b74ad","sha512":"d44bdce4ca59f3ab6fecac9d625a06013d8a3a8b2179e45baeecbdd08d22722ee4caf28a74db4ae73066d5f1a49561accb83ff87cc1be27bc9e07a1b0f21bd51","ssdeep":"","tlshash":"caf02b1339347413dd5ff40427cf4af96564f417176c6f4475dd765cc6061dd1155109","first_seen":"2023-10-26T12:14:34Z","last_seen":"2023-10-27T09:09:29Z","times_seen":1044,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/images/dl_.png","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:23.670Z","timestamp":1698341423670,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /images/dl_.png HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error\r\nCookie: lng=eng\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 26 Oct 2023 17:30:22 GMT\r\nContent-Type: image/png\r\nContent-Length: 1900\r\nLast-Modified: Thu, 01 Dec 2016 09:37:27 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"583fef57-76c\"\r\nExpires: Thu, 02 Nov 2023 17:30:22 GMT\r\nCache-Control: max-age=604800\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1900,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 154 x 32, 8-bit colormap, non-interlaced\\012- data","md5":"f3e8f284a4e98cdb91b6abfc142d94a4","sha1":"fa9e618c2f56bea752ddd7e45a372c5539dadda9","sha256":"2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882","sha512":"e3d0865ac754c5956d7636635dd87df016e893a20c3292b0918b26305e4ebe3515a7498cff2e1902155de884b9fcfca8ec7a01d8a5ab5053b6ad62c914781144","ssdeep":"","tlshash":"6241398ffcfc75dc437e002a1a943806266692c471a4a7382b5108be2d4270f4224e66","first_seen":"2023-04-30T19:35:34Z","last_seen":"2026-05-15T03:10:01.474469Z","times_seen":3578,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":55,"dns":0,"connect":28,"send":0,"wait":30,"receive":0,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-6703115-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:23.695Z","timestamp":1698341423695,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 28 Sep 2023 05:26:20 GMT","end":"Thu, 21 Dec 2023 05:26:19 GMT"},"fingerprint":{"sha1":"81:B9:A4:E4:E4:84:05:A7:F6:52:4F:E2:74:27:36:05:0D:74:15:89","sha256":"BF:65:05:97:11:62:1C:0A:F5:44:E0:12:95:5F:87:62:0B:A7:91:BE:8B:EA:52:FB:C4:0D:05:93:22:9B:A8:47"}}},"request":{"raw":"GET /gtag/js?id=UA-6703115-1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 26 Oct 2023 17:30:22 GMT\r\nexpires: Thu, 26 Oct 2023 17:30:22 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 51069\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":51069,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (2213)","md5":"647fc35b2b337fa6d9d8df9cc0b0a223","sha1":"e463fe4d716d59dbd9b6e38a6afde66fee185bb5","sha256":"2305e3a2c3a4f011b060dcb9fff8b820fcdf064f1793706c46e24e890e91ec19","sha512":"4c6fbd0abf923f0a97c4fcc62a2806df2a57793771ed98cb30b217025d9a901bbbde212aba63f019a9785b484d826034789cb2a2a9b6bd032cdcdd37b252a1cc","ssdeep":"1536:DRalb0aNNELMYxTy5cmGDD60ZkTKREfPEyRtoiwdZllXZq5QTHFXkOyf59KpdGTU:DRa10aNNU1h1D60uof3PQ5QTHxkw++","tlshash":"6dd3f9d9b3977166c2a3b4b8553f010bf17a6e92f84cdc94e186c9c02e7869a0177f6c","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":1,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":62,"dns":1,"connect":8,"send":0,"wait":23,"receive":11,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:23.864050232Z","timestamp":1698341423864,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Thu, 26 Oct 2023 17:30:23 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"c088aa1505da9f4e034c43608e2135bb","sha1":"0ea8e2a58b27fc8a7f547367c4fda26c78bdefd9","sha256":"60c63114d67758ba8a98a5ceae6f2f0a6ca9b7a6e3367e6545517e78e07b74ad","sha512":"d44bdce4ca59f3ab6fecac9d625a06013d8a3a8b2179e45baeecbdd08d22722ee4caf28a74db4ae73066d5f1a49561accb83ff87cc1be27bc9e07a1b0f21bd51","ssdeep":"","tlshash":"caf02b1339347413dd5ff40427cf4af96564f417176c6f4475dd765cc6061dd1155109","first_seen":"2023-10-26T12:14:34Z","last_seen":"2023-10-27T09:09:29Z","times_seen":1044,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/?dupud=997369","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.48","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:23.696Z","timestamp":1698341423696,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /?dupud=997369 HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 117768\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform\r\ncontent-encoding: gzip\r\npragma: no-cache\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: 0HxU9WN54Oc1nHUhbTzi_xVK69woblKLKa_0VltHkMmODTXQRocIFw==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":117768,"size_decoded":0,"mime_type":"text/plain","magic":"Unicode text, UTF-8 text, with very long lines (15948)","md5":"9aab97f2a6e1e0d9e904582b89e98180","sha1":"35ca105900e4da6099e530995c2e572f70d5ca07","sha256":"bc3de5f026eead63b88652a8eb08b527aee3a1092b6ca245dc0e7a676143522d","sha512":"d46309ab2f5e296f97fdbca324731bb56715a2fe617d159b51cee9a159b965d6229732807acaca800133b13c4d13945ae96b5746809147559a246491b9b37d73","ssdeep":"6144:WShLAyB2hrfVxt103N+wSShLAyB2hrfV3R:Wi0yYh7VHg0vi0yYh7Vh","tlshash":"07743b89be523869836374b540ff124e723f4669b8084dd4b49ad4d16db8d0a43bffac","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":3,"resource_available":true,"data":null}},"time_used":241,"timings":{"blocked":13,"dns":14,"connect":3,"send":0,"wait":178,"receive":5,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49\u0026l=dataLayer\u0026cx=c","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:23.885Z","timestamp":1698341423885,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 28 Sep 2023 05:26:20 GMT","end":"Thu, 21 Dec 2023 05:26:19 GMT"},"fingerprint":{"sha1":"81:B9:A4:E4:E4:84:05:A7:F6:52:4F:E2:74:27:36:05:0D:74:15:89","sha256":"BF:65:05:97:11:62:1C:0A:F5:44:E0:12:95:5F:87:62:0B:A7:91:BE:8B:EA:52:FB:C4:0D:05:93:22:9B:A8:47"}}},"request":{"raw":"GET /gtag/js?id=G-LT9YQX0N49\u0026l=dataLayer\u0026cx=c HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\nexpires: Thu, 26 Oct 2023 17:30:23 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 85399\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85399,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (3034)","md5":"2b77a5a151642ca57682308f9e696737","sha1":"0f56fa95dab7db831e036527f327abe0dff04e45","sha256":"808b56d2d784ed3918d99ff53c7e7e6d5941f2a0058103fdec10a2846f159cd6","sha512":"276617ab888b6c244dd0ca6c456ab5102ae0bb21eaeef02f1627ea729d5d0b9a64b38eeff6ed1a74526c86d3ddb1ff9c085ead7dcc23ceb57622a71482bb43f4","ssdeep":"6144:ueNh/uWUy3p4ybJjg04JCttQ3TxZID6ST:uGGWUyCybxEZM","tlshash":"703408d9b383706682a7f479503f014be5bb2ca6b44dcc94e189c9d02e78a89517bf7c","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":1,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ismscoldnesfspl.info/R1kwSXFoZlM6TBM0Xz4jdQsGHAYVaWYRHSMaeAMgIg9XChUBDBY9GCNkCXBGc2kIbwEuPQ14SWEqRCgFMioNeFcuN1YmTGEvDXhfd3cCZ0VhLA14VzMpUS5Mdn9APQUrZAF/SH9qBHhFdW0BeUM","fqdn":"ismscoldnesfspl.info","domain":"ismscoldnesfspl.info","tld":"info"},"ip":{"addr":"172.67.195.47","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.107Z","timestamp":1698341424107,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ismscoldnesfspl.info","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 12 Oct 2023 08:47:57 GMT","end":"Wed, 10 Jan 2024 08:47:56 GMT"},"fingerprint":{"sha1":"A0:89:A4:0E:87:A8:62:EA:DC:42:35:82:62:8C:B6:CC:95:A1:9C:5E","sha256":"88:BF:67:28:72:79:4A:D3:6E:38:98:FB:92:64:1D:22:9E:94:8F:38:25:8C:AB:40:D4:62:00:AA:90:26:12:2D"}}},"request":{"raw":"GET /R1kwSXFoZlM6TBM0Xz4jdQsGHAYVaWYRHSMaeAMgIg9XChUBDBY9GCNkCXBGc2kIbwEuPQ14SWEqRCgFMioNeFcuN1YmTGEvDXhfd3cCZ0VhLA14VzMpUS5Mdn9APQUrZAF/SH9qBHhFdW0BeUM HTTP/1.1\r\nHost: ismscoldnesfspl.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=ocZaAZbJkLu5gHg0qRoD2mVrfrZZjVK%2F1IYhaP3SWFH1HRuPuYlWLyPOO5X%2Fg%2F%2FcbQw62ukzupxxy89IF2Eo2jeZkQkl8sLmLf3paioNFLFSS22h3ayEZ2pblioqBTDvCWBSgt%2FTdg%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 81c46d479af50b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":113,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ismscoldnesfspl.info/UzNUODh8DDdLBR1ZGlNiYwsTem4JZzJfABZlEnYLEXIgXGA9WHJMUTcObQEPYAVtHkg6V2kJHiBHNUxNIA5lHlE9VTsFHiUOZRYLZx1nDBZjFSEFCXVHJFlfbgJySEwnX2kJDmoLZwwJZwFgCA9l","fqdn":"ismscoldnesfspl.info","domain":"ismscoldnesfspl.info","tld":"info"},"ip":{"addr":"172.67.195.47","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.086Z","timestamp":1698341424086,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ismscoldnesfspl.info","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 12 Oct 2023 08:47:57 GMT","end":"Wed, 10 Jan 2024 08:47:56 GMT"},"fingerprint":{"sha1":"A0:89:A4:0E:87:A8:62:EA:DC:42:35:82:62:8C:B6:CC:95:A1:9C:5E","sha256":"88:BF:67:28:72:79:4A:D3:6E:38:98:FB:92:64:1D:22:9E:94:8F:38:25:8C:AB:40:D4:62:00:AA:90:26:12:2D"}}},"request":{"raw":"GET /UzNUODh8DDdLBR1ZGlNiYwsTem4JZzJfABZlEnYLEXIgXGA9WHJMUTcObQEPYAVtHkg6V2kJHiBHNUxNIA5lHlE9VTsFHiUOZRYLZx1nDBZjFSEFCXVHJFlfbgJySEwnX2kJDmoLZwwJZwFgCA9l HTTP/1.1\r\nHost: ismscoldnesfspl.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=kTRQzXOAKxRv20HA8aVnukIxXhsz2paw4PWtsw0UEyot2NvXrsMRkmiy8DWaIDIfqePibBEkSRIABlAwTcyy8YDXM%2B07amy%2BZ116j1%2Fp0iGfgUGtnQSBDhtdhxcxMbKjQtRyjMXB7A%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 81c46d479aee0b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":16,"dns":5,"connect":1,"send":0,"wait":122,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ticalfelixstownru.info/TVpLMk4sOChfcSxnKRQ7PzZ2F3wLf3l0KjhqO0cqfSkvXiM3PGVRIiIvL1Q8IjQ/HCAoLm4ACAM7DXM2Lw1zfh58YgdnDDpvHWQMGg8cUQ0aaxF9ASYTCHMcJS4ZS3YvHRlCeAMOL1ceJjEMYg0paBlgLQEMHHMWDAt/dQA6IgdxKRQgD3Q2BxkfYBoYHD99BAgfCHAIGDMccw8XGSF8KwktOHAqJgsGZykYf3l0HToLD3AKCA8TSyIpPCx0BxUMIwYdGyIuZhkDIBh0fxQKDVUKCjIJAw98ahNnCRcvHAM6AwN4fAcVDCxbHH0yKHkZCBgddwgUPxkfHCsCPAp/GD0ScxoaEHhqf3QAEnMILgJ6Xn8Ma3t4Dx4QHnE5DAsvYwM/AideJgVrengGGmoKFCQ+NSVCczsYP0MEBgITBCA1MRh9","fqdn":"ticalfelixstownru.info","domain":"ticalfelixstownru.info","tld":"info"},"ip":{"addr":"143.204.55.117","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.101Z","timestamp":1698341424101,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ticalfelixstownru.info","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 12 Oct 2023 00:00:00 GMT","end":"Sat, 09 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"86:76:7C:D2:5F:B7:F1:4A:DD:80:F6:D4:16:23:2B:37:97:3B:D1:C8","sha256":"F1:9A:59:8D:5E:17:7A:B4:1E:88:F0:9F:F3:65:C4:4B:35:FA:17:4E:3B:BD:6B:89:E1:6D:9C:DD:0E:83:74:F1"}}},"request":{"raw":"GET /TVpLMk4sOChfcSxnKRQ7PzZ2F3wLf3l0KjhqO0cqfSkvXiM3PGVRIiIvL1Q8IjQ/HCAoLm4ACAM7DXM2Lw1zfh58YgdnDDpvHWQMGg8cUQ0aaxF9ASYTCHMcJS4ZS3YvHRlCeAMOL1ceJjEMYg0paBlgLQEMHHMWDAt/dQA6IgdxKRQgD3Q2BxkfYBoYHD99BAgfCHAIGDMccw8XGSF8KwktOHAqJgsGZykYf3l0HToLD3AKCA8TSyIpPCx0BxUMIwYdGyIuZhkDIBh0fxQKDVUKCjIJAw98ahNnCRcvHAM6AwN4fAcVDCxbHH0yKHkZCBgddwgUPxkfHCsCPAp/GD0ScxoaEHhqf3QAEnMILgJ6Xn8Ma3t4Dx4QHnE5DAsvYwM/AideJgVrengGGmoKFCQ+NSVCczsYP0MEBgITBCA1MRh9 HTTP/1.1\r\nHost: ticalfelixstownru.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 1179\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\ncontent-encoding: gzip\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: P5nkUMBwH8hu_MA0aGMn0AcqtSGp5c1JyI40ZxYVieXWPWGwHlPw_A==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1179,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators","md5":"b893a341cad113bf144025c900384966","sha1":"bfbcc5a996169962566373e15593450b3f209c14","sha256":"4378671318ed86cbd289f2b09536200421dd371f8a25d44012bae2ea6468929d","sha512":"56ccfab1908c40cecea8ece9a858076fa4940134142bd25b5435417e5bc75414be2d4bd0eddb3ca1136cf6212bcf7b0dfdc2a5cd4bd67b69a00e17975f6b5c58","ssdeep":"","tlshash":"5f51009d34f3a0c2c2f27025043bb59afa284aa1874cdb14863d96bcbd705ea6317f4c","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":1,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":16,"dns":5,"connect":1,"send":0,"wait":108,"receive":0,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ticalfelixstownru.info/ckdDOU0TJSBUchN6IR84ACt+HH80YnF/KQd3M0wpQjQnVSAIIW1aIR0yJ18/HSk3FyMXM2YLCxEUcQwYIS0OVgwmKDB9CUoPDnEuOSQvVSoXIDdNDzEkL2EZBhMBQwc3IhFaKj4Bc18KNnMAfxlKEg5xLjYlEnB8OAERCx42AihsBSghIFA5KgwVdyoQAhpIGAgsL2oeOwQMej4lIhBRJSgGDUwVNRUqan4CISBhIQolL0EmOCssVQoLPzV4FQEQIXE1ASEVSTUXHwVMFTUWd2saRyMFYT42JCh7Jis/GQwVGAo1bA4zBSBhJUMiFQwhFyANDxUfahVPDCo0CmkZGhAPaAgBJTR8Ayp1FQ4FKjMKcBURBGVTPh0pMwQeCjBxQDkUKRdPJzo","fqdn":"ticalfelixstownru.info","domain":"ticalfelixstownru.info","tld":"info"},"ip":{"addr":"143.204.55.117","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.146Z","timestamp":1698341424146,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ticalfelixstownru.info","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 12 Oct 2023 00:00:00 GMT","end":"Sat, 09 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"86:76:7C:D2:5F:B7:F1:4A:DD:80:F6:D4:16:23:2B:37:97:3B:D1:C8","sha256":"F1:9A:59:8D:5E:17:7A:B4:1E:88:F0:9F:F3:65:C4:4B:35:FA:17:4E:3B:BD:6B:89:E1:6D:9C:DD:0E:83:74:F1"}}},"request":{"raw":"GET /ckdDOU0TJSBUchN6IR84ACt+HH80YnF/KQd3M0wpQjQnVSAIIW1aIR0yJ18/HSk3FyMXM2YLCxEUcQwYIS0OVgwmKDB9CUoPDnEuOSQvVSoXIDdNDzEkL2EZBhMBQwc3IhFaKj4Bc18KNnMAfxlKEg5xLjYlEnB8OAERCx42AihsBSghIFA5KgwVdyoQAhpIGAgsL2oeOwQMej4lIhBRJSgGDUwVNRUqan4CISBhIQolL0EmOCssVQoLPzV4FQEQIXE1ASEVSTUXHwVMFTUWd2saRyMFYT42JCh7Jis/GQwVGAo1bA4zBSBhJUMiFQwhFyANDxUfahVPDCo0CmkZGhAPaAgBJTR8Ayp1FQ4FKjMKcBURBGVTPh0pMwQeCjBxQDkUKRdPJzo HTTP/1.1\r\nHost: ticalfelixstownru.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 1154\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\ncontent-encoding: gzip\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: 42RqfNnF5lHycFfN5xS2zWU-B8Zozg_u-F05Bm4mdahZp_kfMfl3bw==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1154,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (2998), with no line terminators","md5":"1c452f08a1d17580ad4846c8321f2092","sha1":"3618348fe0e16a1e7dce98b952ca846dce158d4b","sha256":"ce79f30564ff6ba9c88b3058c79ace9e4fab39e19f626f6fc0905be121e8db56","sha512":"a1eb5017a3337d59202c979dc0d4c029c6975d25799a5322aeb0f66822ff275b8ed881f68dfe276dbe55a5841c866d590f67311951e325f6c0767b78c0492c7d","ssdeep":"","tlshash":"c751d08d34f36082c2f66064447bb59afa385a91834cda14863d97bcbd715ed6317f4c","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":1,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ticalfelixstownru.info/ajB3dkELUhQbfgsNFVA0GFxKU3MsFUUwJR8ABwMlWkMTGiwQVlkVLQVFExAzBV4DWC8PRFJEBz1+RwZ0OWQtIws4UwE1FCdaPy4QOnQZRw8PcT4kCCtfGiEEDgMxMnQlUzQBECcCIjMDAHE0JBkCQzMiDzlzGQYnIGYTLA0/YgEjcAFAJT4mO2YeQiMOcT4kEQ1bGi4QBQQyNRMrZiQdFiEBPRMjK0cYNXAFXDYPAwtnDgIiDwM2NRsvXAQ0AA5ZNi4mInUZHXYIcSY+CwJxGSdxU0YkRS0ldEQBLAxHPiUkPkQENAAJBDNENixUGQILCXIQPhhbHQ9BAwZxATEoIGoyGCZPAjETNjN3Eh0tXnIQLDc5AxsnGQBXFDpwBmAVRjI6cgAsdjwDHCcQBFQ+UCsZXxkGfAdHDzEnA0okRQ0jewQ5","fqdn":"ticalfelixstownru.info","domain":"ticalfelixstownru.info","tld":"info"},"ip":{"addr":"143.204.55.117","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.150Z","timestamp":1698341424150,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ticalfelixstownru.info","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 12 Oct 2023 00:00:00 GMT","end":"Sat, 09 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"86:76:7C:D2:5F:B7:F1:4A:DD:80:F6:D4:16:23:2B:37:97:3B:D1:C8","sha256":"F1:9A:59:8D:5E:17:7A:B4:1E:88:F0:9F:F3:65:C4:4B:35:FA:17:4E:3B:BD:6B:89:E1:6D:9C:DD:0E:83:74:F1"}}},"request":{"raw":"GET /ajB3dkELUhQbfgsNFVA0GFxKU3MsFUUwJR8ABwMlWkMTGiwQVlkVLQVFExAzBV4DWC8PRFJEBz1+RwZ0OWQtIws4UwE1FCdaPy4QOnQZRw8PcT4kCCtfGiEEDgMxMnQlUzQBECcCIjMDAHE0JBkCQzMiDzlzGQYnIGYTLA0/YgEjcAFAJT4mO2YeQiMOcT4kEQ1bGi4QBQQyNRMrZiQdFiEBPRMjK0cYNXAFXDYPAwtnDgIiDwM2NRsvXAQ0AA5ZNi4mInUZHXYIcSY+CwJxGSdxU0YkRS0ldEQBLAxHPiUkPkQENAAJBDNENixUGQILCXIQPhhbHQ9BAwZxATEoIGoyGCZPAjETNjN3Eh0tXnIQLDc5AxsnGQBXFDpwBmAVRjI6cgAsdjwDHCcQBFQ+UCsZXxkGfAdHDzEnA0okRQ0jewQ5 HTTP/1.1\r\nHost: ticalfelixstownru.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 1177\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\ncontent-encoding: gzip\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: hFvqrKXETWPogSqhjNjjTuS5ScrTf8_yG16bWzMqlKZGTRvhROBlGg==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1177,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators","md5":"ea421c3c8c010be7ad5f3d3dd46fcd7d","sha1":"c972cb595f5d211866ae1f3ef04e8802a33b705b","sha256":"1bd2b6ef520f8f331ff9603787b1ecc94b74417dc8802bc93ca0b25585ae8e36","sha512":"be36eee7f2d072d3e772d00cdea0b2095a4ca957830dabedc3c0f2f7eea9d6a52cd45d68905dffc202fdef21293ce542aa1d7d5a50ac2d4f1599e60b45e24a06","ssdeep":"","tlshash":"5451029d34f3608282b26015442bb99afa385a91934ccf14863d96bcbc715e96357f4c","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":1,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ismscoldnesfspl.info/aE42UUJHcVUifzo0dGQYWwhMEBdRKGQZISkaWh8DDileHRQtLRAlKwxzD2h1XH8CdzIBKgtgZBs6VyU3G3MHdysGKFlsZB5zB39xXGAFZWxYaENsc046RjAlVX8QITYcIgtgdFF2BWVzXHwCYHBd","fqdn":"ismscoldnesfspl.info","domain":"ismscoldnesfspl.info","tld":"info"},"ip":{"addr":"172.67.195.47","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.152Z","timestamp":1698341424152,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ismscoldnesfspl.info","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 12 Oct 2023 08:47:57 GMT","end":"Wed, 10 Jan 2024 08:47:56 GMT"},"fingerprint":{"sha1":"A0:89:A4:0E:87:A8:62:EA:DC:42:35:82:62:8C:B6:CC:95:A1:9C:5E","sha256":"88:BF:67:28:72:79:4A:D3:6E:38:98:FB:92:64:1D:22:9E:94:8F:38:25:8C:AB:40:D4:62:00:AA:90:26:12:2D"}}},"request":{"raw":"GET /aE42UUJHcVUifzo0dGQYWwhMEBdRKGQZISkaWh8DDileHRQtLRAlKwxzD2h1XH8CdzIBKgtgZBs6VyU3G3MHdysGKFlsZB5zB39xXGAFZWxYaENsc046RjAlVX8QITYcIgtgdFF2BWVzXHwCYHBd HTTP/1.1\r\nHost: ismscoldnesfspl.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=VGqZcxFhv70hbRSSNOV9WFQTmtU3ia7Z0fPPsqVhX4m9u3tHfop6xVoR4p0j35yeil7qmI11V9fE8WdgkMWxX3bSBwnpbQ8TzoG7hDk4bi3%2B03cqeoGmhUxc4fgniddEggnOYIS8yQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 81c46d47db0e0b06-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":119,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/favicon.ico","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.451Z","timestamp":1698341424451,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error\r\nCookie: lng=eng; _ga_LT9YQX0N49=GS1.1.1698341424.1.0.1698341424.0.0.0; _ga=GA1.1.1496193467.1698341424\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Thu, 26 Oct 2023 17:30:23 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 1150\r\nLast-Modified: Tue, 16 Dec 2008 17:17:25 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"4947e2a5-47e\"\r\nExpires: Thu, 02 Nov 2023 17:30:23 GMT\r\nCache-Control: max-age=604800\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\\012- data","md5":"f299cf2e651c19e48d27900ced493ccb","sha1":"c2d1086d517d7a26292e0d7b32da7c55b166c23b","sha256":"115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1","sha512":"b46341bfbac50f48afcd2a4e34910901d722ce72f9f34f809916103e01d7ebc11bce15a28bf6449efd49ab9dfef1f84a94e3ad775cbe52d5822996674124b104","ssdeep":"","tlshash":"6921fea2f747de24d05a027081978e195686ee563199204b711c7d6e782e5504435237","first_seen":"2023-04-30T19:35:34Z","last_seen":"2026-05-15T03:10:01.47651Z","times_seen":3625,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:24.486266301Z","timestamp":1698341424486,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Thu, 26 Oct 2023 17:30:23 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"285bbba68b5592c22437bac94e89c841","sha1":"eb59489bdc1ba05b6f270afac3b5d24c7b1c29b9","sha256":"58892ccd9341b4335f930416670de4bbe22f70aad55bd7e111fa90337aa6cb98","sha512":"b36e174f8cf78ee5bca226eb508bcdca369571f69c57b2d320c4ca4d1c16a000c2820d7918cb19a70c95f33541e129314dae4f9855a2eef5a33bdcda03a9f879","ssdeep":"","tlshash":"7cf054cd0c357d10ec1e9138a68308d82a90a5488e585a4379f44e754ad19ee216c30c","first_seen":"2023-10-26T12:01:51Z","last_seen":"2023-10-27T08:54:51Z","times_seen":352,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:24.489833073Z","timestamp":1698341424489,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Thu, 26 Oct 2023 17:30:23 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"285bbba68b5592c22437bac94e89c841","sha1":"eb59489bdc1ba05b6f270afac3b5d24c7b1c29b9","sha256":"58892ccd9341b4335f930416670de4bbe22f70aad55bd7e111fa90337aa6cb98","sha512":"b36e174f8cf78ee5bca226eb508bcdca369571f69c57b2d320c4ca4d1c16a000c2820d7918cb19a70c95f33541e129314dae4f9855a2eef5a33bdcda03a9f879","ssdeep":"","tlshash":"7cf054cd0c357d10ec1e9138a68308d82a90a5488e585a4379f44e754ad19ee216c30c","first_seen":"2023-10-26T12:01:51Z","last_seen":"2023-10-27T08:54:51Z","times_seen":352,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.438Z","timestamp":1698341424438,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 28 Sep 2023 05:32:39 GMT","end":"Thu, 21 Dec 2023 05:32:38 GMT"},"fingerprint":{"sha1":"C3:EF:CC:C7:6C:FD:21:E8:B0:08:50:37:0F:AC:B1:DD:AB:1D:1E:FF","sha256":"B0:55:5D:E4:9A:9C:09:AB:D7:96:E9:F8:35:67:4F:9F:5C:4A:3C:54:37:E6:AE:8B:A4:B8:EE:3C:9A:D9:07:09"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:QFMTnlHHiporLuG3-1YemOdEc4uwBA:kZePv6MFRgH0go9K; Expires=Sat, 25-Oct-2025 17:30:23 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AVQVeywt83A_6QvJvJwrh18JMWOuHojkQgUCI8H3bxPO-XFSRi9sD0XEQaj9vbAE9iUYyk6CBZu0AA\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy: unsafe-none\r\ncross-origin-resource-policy: cross-origin\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-20exVT40k_8HVeKXocwnfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":183,"timings":{"blocked":60,"dns":0,"connect":8,"send":0,"wait":39,"receive":1,"ssl":66},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ticalfelixstownru.info/utx?cb=l8G025tieKVC\u0026top=www.upload.ee\u0026tid=997369","fqdn":"ticalfelixstownru.info","domain":"ticalfelixstownru.info","tld":"info"},"ip":{"addr":"143.204.55.117","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.457Z","timestamp":1698341424457,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ticalfelixstownru.info","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 12 Oct 2023 00:00:00 GMT","end":"Sat, 09 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"86:76:7C:D2:5F:B7:F1:4A:DD:80:F6:D4:16:23:2B:37:97:3B:D1:C8","sha256":"F1:9A:59:8D:5E:17:7A:B4:1E:88:F0:9F:F3:65:C4:4B:35:FA:17:4E:3B:BD:6B:89:E1:6D:9C:DD:0E:83:74:F1"}}},"request":{"raw":"GET /utx?cb=l8G025tieKVC\u0026top=www.upload.ee\u0026tid=997369 HTTP/1.1\r\nHost: ticalfelixstownru.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\nserver: openresty/1.17.8.2\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.upload.ee\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\nset-cookie: ut=x; Expires=Thu, 26 Oct 2023 17:31:23 GMT; Max-Age=60\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: ggnwGMeVprmfTCOpC60mM4vAgOUlHQ-O9Yr8pJC70zo5bGh9kFbyEQ==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ticalfelixstownru.info/utx?cb=DvnrgY6auPPb\u0026top=www.upload.ee\u0026tid=997414","fqdn":"ticalfelixstownru.info","domain":"ticalfelixstownru.info","tld":"info"},"ip":{"addr":"143.204.55.117","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.460Z","timestamp":1698341424460,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ticalfelixstownru.info","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 12 Oct 2023 00:00:00 GMT","end":"Sat, 09 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"86:76:7C:D2:5F:B7:F1:4A:DD:80:F6:D4:16:23:2B:37:97:3B:D1:C8","sha256":"F1:9A:59:8D:5E:17:7A:B4:1E:88:F0:9F:F3:65:C4:4B:35:FA:17:4E:3B:BD:6B:89:E1:6D:9C:DD:0E:83:74:F1"}}},"request":{"raw":"GET /utx?cb=DvnrgY6auPPb\u0026top=www.upload.ee\u0026tid=997414 HTTP/1.1\r\nHost: ticalfelixstownru.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\nserver: openresty/1.17.8.2\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.upload.ee\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\nset-cookie: ut=x; Expires=Thu, 26 Oct 2023 17:31:23 GMT; Max-Age=60\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: JuN4bw1XhUZ8ozrM6p79eN7hHVjGHBZe80HrcfYxU8r4KNSLMk2gNg==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=mail","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.435Z","timestamp":1698341424435,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 28 Sep 2023 05:32:39 GMT","end":"Thu, 21 Dec 2023 05:32:38 GMT"},"fingerprint":{"sha1":"C3:EF:CC:C7:6C:FD:21:E8:B0:08:50:37:0F:AC:B1:DD:AB:1D:1E:FF","sha256":"B0:55:5D:E4:9A:9C:09:AB:D7:96:E9:F8:35:67:4F:9F:5C:4A:3C:54:37:E6:AE:8B:A4:B8:EE:3C:9A:D9:07:09"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=mail HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:V1l9LBs3uscBNN6xcsFYNwlzuZzctA:FHJt7Z3BKIWb8Obl; Expires=Sat, 25-Oct-2025 17:30:23 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026ifkv=AVQVeyzpT6LIK84CwsiF2-6uoOPBN4SVJwVjIhndrRPOwLbjE3UdEBNC24IqEzA6wR9NumlUuEr4zA\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: script-src 'nonce-V1KYeutLd0EPxJPR2qeaKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\ncross-origin-opener-policy: unsafe-none\r\ncross-origin-resource-policy: cross-origin\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":87,"dns":0,"connect":8,"send":0,"wait":29,"receive":0,"ssl":84},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:24.619776005Z","timestamp":1698341424619,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Thu, 26 Oct 2023 17:30:23 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"4b6a32d56d9cb7328aaab78926acda91","sha1":"2f85bb8c58223c6bc24ffbf8a90797ce62388495","sha256":"dc0646907d82d407bb70478f1527bff3fe4ba388604831bf3b70ddb99bed1f98","sha512":"e8c7d6a3c85eb67b5db28e4cb6c42351f4f216b17f766e2f478fb91acf9cdd9e5a549fa222d764463ed3f35f25b6cf9d3620d6903e2ec58180bd4e954f0e2e79","ssdeep":"","tlshash":"e4f0d4881cbdb302465f26b47740093a2d8890591679638c36fcae844aa52e69358e18","first_seen":"2023-10-25T18:03:46Z","last_seen":"2023-10-26T22:57:32Z","times_seen":1650,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AVQVeywt83A_6QvJvJwrh18JMWOuHojkQgUCI8H3bxPO-XFSRi9sD0XEQaj9vbAE9iUYyk6CBZu0AA","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.580Z","timestamp":1698341424580,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 28 Sep 2023 05:32:39 GMT","end":"Thu, 21 Dec 2023 05:32:38 GMT"},"fingerprint":{"sha1":"C3:EF:CC:C7:6C:FD:21:E8:B0:08:50:37:0F:AC:B1:DD:AB:1D:1E:FF","sha256":"B0:55:5D:E4:9A:9C:09:AB:D7:96:E9:F8:35:67:4F:9F:5C:4A:3C:54:37:E6:AE:8B:A4:B8:EE:3C:9A:D9:07:09"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AVQVeywt83A_6QvJvJwrh18JMWOuHojkQgUCI8H3bxPO-XFSRi9sD0XEQaj9vbAE9iUYyk6CBZu0AA HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:DmeEIIjrz7uVpq373adqmzid4YC_Qw:6YuPlgy5TuYzuFQ1;Path=/;Expires=Sat, 25-Oct-2025 17:30:23 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyw_hOwQhDZvDAm6ZZGaA1Kzyt6WhSxaSuJQBD0IH64MyWwZJU3UH-zMeHiFyVbjJKe07AK0Pw\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-1022763188%3A1698341423810205\u0026theme=glif\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-security-policy: script-src 'nonce-1BFIcU3wn9O3goYWpWhAqw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 409\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":409,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (400)","md5":"24263e11752bceafb8d7cb60d1f85759","sha1":"2fa3cf433039cfee1f78545dfde93fd574f3b9a2","sha256":"fb76b576846d3686626d9a268bccc71e2f8bc21753ca08867fcc46a2f30a3c12","sha512":"49305a58a7cfc8a4bcaadce4f8f512e9cff889cf4940c0ac434a95e11e31f1721efda0a637f6cbc6ce2116f64713b7160e396b131cf9bcf85dd706fe2446b07c","ssdeep":"","tlshash":"77f0209e088910ee454338f5c408a08c446428a87ed7e978e0e7a35801b491710213b3","first_seen":"2023-10-26T19:30:46Z","last_seen":"2023-10-26T19:30:46Z","times_seen":1,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":66,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026ifkv=AVQVeyzpT6LIK84CwsiF2-6uoOPBN4SVJwVjIhndrRPOwLbjE3UdEBNC24IqEzA6wR9NumlUuEr4zA","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.597Z","timestamp":1698341424597,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 28 Sep 2023 05:32:39 GMT","end":"Thu, 21 Dec 2023 05:32:38 GMT"},"fingerprint":{"sha1":"C3:EF:CC:C7:6C:FD:21:E8:B0:08:50:37:0F:AC:B1:DD:AB:1D:1E:FF","sha256":"B0:55:5D:E4:9A:9C:09:AB:D7:96:E9:F8:35:67:4F:9F:5C:4A:3C:54:37:E6:AE:8B:A4:B8:EE:3C:9A:D9:07:09"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026ifkv=AVQVeyzpT6LIK84CwsiF2-6uoOPBN4SVJwVjIhndrRPOwLbjE3UdEBNC24IqEzA6wR9NumlUuEr4zA HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:bU6azAxJLhKaoTLDDcryegNBei4Edw:S1k8bluP2AA2DWky;Path=/;Expires=Sat, 25-Oct-2025 17:30:23 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeywu89zt7-iMTRCiUE2X4ez0rOYaPaYbJCYKYR5SRbiPrnHEhMlPhLdKBJW4sN_TRXaJubzaKg\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-1559669267%3A1698341423830657\u0026theme=glif\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: script-src 'nonce-S0Inf0t6XXqqryHtxCPJtg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 405\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":405,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (396)","md5":"b08f0a53d36e9f96033d4d62663891e8","sha1":"27dd9cd7329d3b24f51a05d6cd06a55108b4b29b","sha256":"c9f3b7061664bfb011810c55a265d0ab3b1877ae241f603824365cb0277c60bd","sha512":"6cb96cf292f177fda123dce7204559be21aaaffde5181f4d83bca30064266bd029025629095f060bcd8778bd3d9b5b4a1f28209656a9bc8ef0c107fe72e77e71","ssdeep":"","tlshash":"0ef005aa48c640ae589364f9f014a4cc09f464553ec7f5a8b1fba71a40e5d1b104b3f3","first_seen":"2023-10-26T19:30:47Z","last_seen":"2023-10-26T19:30:47Z","times_seen":1,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/NaFAxbW8LP18LUBw5VVBWUWcCW1ZOOkICARhtRy8bGRp6NTdePkkGPCd2RRcLVWAXAQ4GNwxLCgYzDFxJCTRTUFtOJEECBFUiWAAZCjNeDwsBdkQMUgU/SwQDBDEUXyldfgFIXVh4SVxeTWNzSF1YPFgDGhB1A10XUGZuW1tNY3NIXVgiR0hcKWEBVEFYeR-RfXw81UgYATWJ3X19ZYAFcX1l1A10JASJUCwAQdQMrXllhH11JHW0A","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.48","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:24.713170492Z","timestamp":1698341424713,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /NaFAxbW8LP18LUBw5VVBWUWcCW1ZOOkICARhtRy8bGRp6NTdePkkGPCd2RRcLVWAXAQ4GNwxLCgYzDFxJCTRTUFtOJEECBFUiWAAZCjNeDwsBdkQMUgU/SwQDBDEUXyldfgFIXVh4SVxeTWNzSF1YPFgDGhB1A10XUGZuW1tNY3NIXVgiR0hcKWEBVEFYeR-RfXw81UgYATWJ3X19ZYAFcX1l1A10JASJUCwAQdQMrXllhH11JHW0A HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ticalfelixstownru.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 617\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: v60bXf96uXgHv-FvQ4wtu5rBX2y8jO6S9vW0px92UMVlQ1R1uP4tyQ==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":617,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (878), with no line terminators","md5":"f305df099075ab7cd16da6d8453d7c38","sha1":"910ff850363aa01c297f39c4cadd75a728a0d31e","sha256":"b3a1cedc696759ff5f51682d3557649bfc3a163398d741f6543fb0a0fd9536ea","sha512":"76c651f6d82e224a54f625767634796f56f3aa110dad9dbf743b4d8698173577fe87e7a0d1cfbb2f6ceffec9619a19a9652a48ec44dd9c47b55b80caf45a1f24","ssdeep":"","tlshash":"3f1123ba52648f0228abf03a13f1f4d48788e0cd1dec137c55231983990de3bcee1619","first_seen":"2023-10-26T19:30:47Z","last_seen":"2023-10-26T19:30:47Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/cS25USjMoATosDD8HMHcKcllgegttBCclXTtTBzJEeRcgLF0fGD4CFT8UMHcDbQI1JFR2SDEkUHZfcitXKVNgbEYqUzklSSICOCsWeShhZANuXGRiS3pfcXlxblxkJlolGyxvAXsWbHxsfVpxeXFuXGQ4RW5dFXsDckBkYxZ5XjMvUCABcXh1eV5legN6Xm-VvAXsIPThWLQEsbwENX2V7HXtIIXcC","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.48","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:24.722151216Z","timestamp":1698341424722,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /cS25USjMoATosDD8HMHcKcllgegttBCclXTtTBzJEeRcgLF0fGD4CFT8UMHcDbQI1JFR2SDEkUHZfcitXKVNgbEYqUzklSSICOCsWeShhZANuXGRiS3pfcXlxblxkJlolGyxvAXsWbHxsfVpxeXFuXGQ4RW5dFXsDckBkYxZ5XjMvUCABcXh1eV5legN6Xm-VvAXsIPThWLQEsbwENX2V7HXtIIXcC HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ticalfelixstownru.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 195\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: 7YSKK7zdeItvJcCmQe78QUlm8eqHx8DpxWFLNa1mgRNYT86wmAu5yg==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":195,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"7a2a713feddf6207ed42db9cb734f218","sha1":"951ae415fe383a28d62411e8be4012fe562d6137","sha256":"440516ea5611385f1d98e4511d19403f7ac5787f78be5ef42d6712c59619cf97","sha512":"9b1834b53e2c9337c83254dda36da9c84b0414730fbb110f2df6f5b668f32b4c4e866cf2151a1798c16999bdb25173aacf232492b972d4c438f7c65a74f6df52","ssdeep":"","tlshash":"add022b8ab70228a18a607af213014ea8ac401d917a00135d877af836a0d80ed1ae2ca","first_seen":"2023-10-26T19:30:47Z","last_seen":"2023-10-26T19:30:47Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/WN0p5STZUJRcvCUMjHXQPDn1NeAIRIAomWEd3FD5OcCwQM2UEBjACRXhsDTNSCnpfJVdZLURvU1kpRHgQVi4bdAIRPgkmXQo4ECRAVSkWK1JebAwoC1olAyBaWytce3ACZElsBAdiAXgHEnk7bAQHJhAnQ09vS3lOD3wmfwISeTtsBAc4D2wFdntJcBgHY1-x7BlAvGiJZEng/ewYGekl4BgZvS3lQXjgcL1lPb0sPBwZ7V3kQQndI","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.48","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:24.732347454Z","timestamp":1698341424732,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /WN0p5STZUJRcvCUMjHXQPDn1NeAIRIAomWEd3FD5OcCwQM2UEBjACRXhsDTNSCnpfJVdZLURvU1kpRHgQVi4bdAIRPgkmXQo4ECRAVSkWK1JebAwoC1olAyBaWytce3ACZElsBAdiAXgHEnk7bAQHJhAnQ09vS3lOD3wmfwISeTtsBAc4D2wFdntJcBgHY1-x7BlAvGiJZEng/ewYGekl4BgZvS3lQXjgcL1lPb0sPBwZ7V3kQQndI HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ticalfelixstownru.info/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 584\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: SHBxWeXsiPpL-pQC91M9GqM921Yc-YLukQKTu323dSSaOwuoXTO_yA==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":584,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (810), with no line terminators","md5":"56f90098b1b6f64eed0e6280a0b35a1e","sha1":"8aca1b163c22f524233b1cbbeb55a148dc34a94f","sha256":"bb13a0f1412bb771ec7a8bb93bd3d6a5994a2abe91e0852184c928b14915edac","sha512":"712cd60a86d1f9db502771f758f8354d87b459a9595d3006876b53013162b8a8783c6ea4f0e41b31bdcfe79612ca41351beb693c6d9da827df3899e2f439aaba","ssdeep":"","tlshash":"8201ceaa56918e0528a6a43d16f0e4898788a0de25a4137d49232a83850df7bcba1729","first_seen":"2023-10-26T19:30:47Z","last_seen":"2023-10-26T19:30:47Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pogothere.xyz/asd100.bin","fqdn":"pogothere.xyz","domain":"pogothere.xyz","tld":"xyz"},"ip":{"addr":"104.21.24.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.454Z","timestamp":1698341424454,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Tue, 28 Feb 2023 00:00:00 GMT","end":"Tue, 27 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB","sha256":"09:91:FB:E4:53:65:EC:A7:C4:6B:EB:F6:E2:94:A5:09:45:6F:FC:DC:B1:B4:E4:67:80:61:7A:EE:7F:81:DD:45"}}},"request":{"raw":"GET /asd100.bin HTTP/1.1\r\nHost: pogothere.xyz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\ncontent-type: binary/octet-stream\r\naccess-control-allow-origin: https://www.upload.ee\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: X-Requested-With, content-type\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nlast-modified: Thu, 26 Oct 2023 13:40:48 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=JHigWtOl783O8N95NJ1thLlI6tH4h5nGtqUU5UC0chAm1WR4yUDe4z7wfmOiv7kCmYqUgaW7qyUd9nM1QHVbZ2E5yev3M7wCNdBwyzjGq7KQjIWxV8%2BohLVkduXGO2jm\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 81c46d4a6a9e0b69-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":104650,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"a8d478e2f969ffa7d1bbf8deddc5e352","sha1":"f7be68d4045d19eb439ed428f3a72e82c2339512","sha256":"7d38a3e9f2fbd2e5cc1accb2a40b7ca0453b4b3ac13a7c81e41a85cadb25e141","sha512":"0d9c9235a0c81d7676ebab725a37d4d1fac060af7ca0cc4760a3d85e7bd1c817860ce9042637692b34f632ed4376e86a08aa05c7bd7ecdbd2d1397861ac3e320","ssdeep":"48:XskysO5xaNIVHkyevJ0zR+ByKfDpjLZLTlCpAwp+wS5IaV:8kysq3mmzRJIFTlCymfE","tlshash":"82a349380bc0592ce476cf7206325bde88ee05db0c699690c106ab06dba11d8f0d8af3","first_seen":"2023-10-26T19:30:47Z","last_seen":"2023-10-26T19:30:47Z","times_seen":1,"resource_available":false,"data":null}},"time_used":479,"timings":{"blocked":118,"dns":63,"connect":0,"send":0,"wait":227,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/scripts/saresponsive.js","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:25.435Z","timestamp":1698341425435,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Sep 2023 21:06:47 GMT","end":"Sun, 03 Dec 2023 21:06:46 GMT"},"fingerprint":{"sha1":"B7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD","sha256":"E6:B8:D8:CD:C4:AF:99:B8:FE:AA:BC:4E:7A:2B:BA:32:A0:C0:A7:49:70:CE:35:CA:6C:01:D2:B9:1A:97:CD:30"}}},"request":{"raw":"GET /scripts/saresponsive.js HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\naccept-ranges: bytes\r\netag: \"2499122404\"\r\nlast-modified: Mon, 09 Oct 2023 23:05:33 GMT\r\ncontent-length: 176966\r\ndate: Thu, 26 Oct 2023 17:30:13 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 663518105\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":176966,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (32077), with CRLF line terminators","md5":"8b966d35075632aae6108d54928c2ae9","sha1":"c76f1c7ab28ade483e7a852c049eeb5bddaf4e5e","sha256":"da22da01f20d28d9171f8107e155ca01f9811d6abcd3b64dbeb832ec6c34578e","sha512":"94a815a1978744d0e4084813cf6dcbdbab67220ff313a90221766f8ad9c8a3e2d38a46b83a12ae42c41759ff7d9d2a2e9a686196d5290540c2a8eb9d8e2e5c8c","ssdeep":"3072:y4J+03jL5TCOauTwDhFdnCVQNLa98HrPevC2eYCLaISE92oa:40zEOQR+iLa98HrgreYCvSE9K","tlshash":"ea0418d57b8e381787a632a980ff014ef17dd2f6a1094875f09894a06db8a1d13b7f6c","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-26T19:30:47Z","times_seen":6,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":30,"receive":118,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.r2m02.amazontrust.com/","fqdn":"ocsp.r2m02.amazontrust.com","domain":"amazontrust.com","tld":"com"},"ip":{"addr":"54.230.218.11","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:25.856794088Z","timestamp":1698341425856,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.r2m02.amazontrust.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nContent-Length: 471\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=7200\r\nDate: Thu, 26 Oct 2023 17:30:25 GMT\r\nLast-Modified: Thu, 26 Oct 2023 16:22:35 GMT\r\nServer: ECAcc (ska/F6D2)\r\nX-Cache: Miss from cloudfront\r\nVia: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: OSL50-P1\r\nX-Amz-Cf-Id: d2BptsJdB592vusBfvon3ITSnwVIJgM4Eaaa8w_DKgm6IrWah3vLZg==\r\nAge: 4070\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"ef6101d80c8513d0ac775ee8590c6daf","sha1":"6b8d93a7f121c3cc5329c8605d7ab8cab5fb86f2","sha256":"e2eb65fe693792d567f245c4e8e21da3da713c736db0bfb28de2354422cc7838","sha512":"f099306dd8bba3ba7a8a4c3da1f2d12a2f6f789c1440e8939544d25186172c901b0a2a7285ce36cc69462ea2a08ac0b764c9cf5ec23c870a1a4085eeecfeac13","ssdeep":"","tlshash":"92f0dc6144b788881c099e258c58492d38618626c9e54d9b2d7cdfe8202226eee5c926","first_seen":"2023-10-26T19:30:47Z","last_seen":"2023-10-26T19:30:47Z","times_seen":2,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.r2m02.amazontrust.com/","fqdn":"ocsp.r2m02.amazontrust.com","domain":"amazontrust.com","tld":"com"},"ip":{"addr":"54.230.218.11","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-26T17:30:25.883849107Z","timestamp":1698341425883,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.r2m02.amazontrust.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nContent-Length: 471\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=7200\r\nDate: Thu, 26 Oct 2023 17:30:25 GMT\r\nLast-Modified: Thu, 26 Oct 2023 15:52:57 GMT\r\nServer: ECAcc (amb/6B35)\r\nX-Cache: Miss from cloudfront\r\nVia: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: OSL50-P1\r\nX-Amz-Cf-Id: ry_vQO7Cg5KVH_IHIN30ENTAkiLtJvgsxA9GzX99kyVImVSvTb4Y_Q==\r\nAge: 5848\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"ef6101d80c8513d0ac775ee8590c6daf","sha1":"6b8d93a7f121c3cc5329c8605d7ab8cab5fb86f2","sha256":"e2eb65fe693792d567f245c4e8e21da3da713c736db0bfb28de2354422cc7838","sha512":"f099306dd8bba3ba7a8a4c3da1f2d12a2f6f789c1440e8939544d25186172c901b0a2a7285ce36cc69462ea2a08ac0b764c9cf5ec23c870a1a4085eeecfeac13","ssdeep":"","tlshash":"92f0dc6144b788881c099e258c58492d38618626c9e54d9b2d7cdfe8202226eee5c926","first_seen":"2023-10-26T19:30:47Z","last_seen":"2023-10-26T19:30:47Z","times_seen":2,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/files/close-gray.png","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:26.030Z","timestamp":1698341426030,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Sep 2023 21:06:47 GMT","end":"Sun, 03 Dec 2023 21:06:46 GMT"},"fingerprint":{"sha1":"B7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD","sha256":"E6:B8:D8:CD:C4:AF:99:B8:FE:AA:BC:4E:7A:2B:BA:32:A0:C0:A7:49:70:CE:35:CA:6C:01:D2:B9:1A:97:CD:30"}}},"request":{"raw":"GET /files/close-gray.png HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\netag: \"801691811\"\r\nlast-modified: Fri, 08 Apr 2022 18:07:56 GMT\r\ncontent-length: 1497\r\ndate: Thu, 26 Oct 2023 17:30:13 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 666218446\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1497,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\\012- data","md5":"41d9676ab94bece3f7a549b4769ddbe2","sha1":"521f14490fc57fea51e2e5bf00e2299dce51561b","sha256":"c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34","sha512":"9988bd18d13f38d3bfe107d116c28f896b9965de6ca0949905f47901965a356d621c1ec4b1a573dfb0ed753ccc270015419b24729b767de2d5210a73b2c3daaf","ssdeep":"","tlshash":"5d31f7f3e40c4ba3d57313928a6a7184ada3d5f230014014fcc9a90c966cf0eeaee253","first_seen":"2023-04-30T19:35:34Z","last_seen":"2024-08-21T09:18:42.702606Z","times_seen":112,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/config/config.js?v=1","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.005Z","timestamp":1698341426005,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /config/config.js?v=1 HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 75\r\nserver: nginx/1.15.12\r\nlast-modified: Tue, 24 Jan 2023 14:19:47 GMT\r\netag: \"63cfe903-4b\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":75,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"ee16e21326dec006274a554647c4d759","sha1":"8e4389c35e12ea6d1e4d7214c174fda343047865","sha256":"5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f","sha512":"a239a8e81f283185fdb6793b9d85b0418d876138414aab138425f356942648542372165bd3faac525d4538dd308467a432492efe6f3efc402ef3029b33d1ebb4","ssdeep":"","tlshash":"4ea012f3818884730728057185d738249f0da14444618184626814026008221511252c","first_seen":"2023-03-13T06:46:56Z","last_seen":"2024-08-21T08:57:42.304883Z","times_seen":97,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:26.028Z","timestamp":1698341426028,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Sep 2023 21:06:47 GMT","end":"Sun, 03 Dec 2023 21:06:46 GMT"},"fingerprint":{"sha1":"B7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD","sha256":"E6:B8:D8:CD:C4:AF:99:B8:FE:AA:BC:4E:7A:2B:BA:32:A0:C0:A7:49:70:CE:35:CA:6C:01:D2:B9:1A:97:CD:30"}}},"request":{"raw":"GET /event?key=FYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1\r\nHost: serving.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nCookie: bepolite_id=53c84cc0cba1f5f1b905feb7941ca153\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 0\r\ndate: Thu, 26 Oct 2023 17:30:13 GMT\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 665043456\r\nage: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:26.034Z","timestamp":1698341426034,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Sep 2023 21:06:47 GMT","end":"Sun, 03 Dec 2023 21:06:46 GMT"},"fingerprint":{"sha1":"B7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD","sha256":"E6:B8:D8:CD:C4:AF:99:B8:FE:AA:BC:4E:7A:2B:BA:32:A0:C0:A7:49:70:CE:35:CA:6C:01:D2:B9:1A:97:CD:30"}}},"request":{"raw":"GET /event?key=FYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1\r\nHost: serving.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nCookie: bepolite_id=53c84cc0cba1f5f1b905feb7941ca153\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 0\r\ndate: Thu, 26 Oct 2023 17:30:13 GMT\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 666573160\r\nage: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/config/config.js?v=1","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.005Z","timestamp":1698341426005,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /config/config.js?v=1 HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 75\r\nserver: nginx/1.15.12\r\nlast-modified: Tue, 24 Jan 2023 14:19:47 GMT\r\netag: \"63cfe903-4b\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":75,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"ee16e21326dec006274a554647c4d759","sha1":"8e4389c35e12ea6d1e4d7214c174fda343047865","sha256":"5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f","sha512":"a239a8e81f283185fdb6793b9d85b0418d876138414aab138425f356942648542372165bd3faac525d4538dd308467a432492efe6f3efc402ef3029b33d1ebb4","ssdeep":"","tlshash":"4ea012f3818884730728057185d738249f0da14444618184626814026008221511252c","first_seen":"2023-03-13T06:46:56Z","last_seen":"2024-08-21T08:57:42.304883Z","times_seen":97,"resource_available":true,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.153Z","timestamp":1698341426153,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/fonts/greycliff-cf-regular.woff HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/assets/css/index_300x600.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: font/woff\r\ncontent-length: 53104\r\nserver: nginx/1.15.12\r\nlast-modified: Thu, 22 Apr 2021 07:20:15 GMT\r\netag: \"608123af-cf70\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":53104,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 53104, version 1.500\\012- data","md5":"4f5975fe17a8ca74963be0165ff6a443","sha1":"4bca2ab6c3da2b6ae09602601adeac22e7a90381","sha256":"5b8f98e0c93afef19bd64c3dea2a16d60dc1574e5a4a79b788ef03b9eb3c22df","sha512":"6ca6fb1d1845ac2cbd2510fb8882193fa8c800f2dea37b680fed0780f6d50a08258eccda0ef52495d2af346c32866c3a34a7ceefb7448af211b1b4ef6a7585da","ssdeep":"1536:YkREtZ1LgzQ0J3ysMpc4EcDFBxfknCHWCFJqjQmt:os/MCLaMCCQg","tlshash":"2c3302610f0d0d77da5499ed2a6ee7fa6a03c4300e83036578da63e1a6637bcc7341e9","first_seen":"2023-05-01T00:43:07Z","last_seen":"2024-08-21T08:57:42.307464Z","times_seen":94,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/fonts/greycliff-cf-bold.woff","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.159Z","timestamp":1698341426159,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/fonts/greycliff-cf-bold.woff HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/assets/css/index_300x600.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: font/woff\r\ncontent-length: 53208\r\nserver: nginx/1.15.12\r\nlast-modified: Thu, 22 Apr 2021 07:20:15 GMT\r\netag: \"608123af-cfd8\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":53208,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 53208, version 1.500\\012- data","md5":"c03dece8ec0635406a35b888337dca8f","sha1":"b72706815dccadd44dba1693ed8865b41782b14f","sha256":"092416b2a5cbe9f6596ff7ee177db702262c64326231a3664a34a65c861601b1","sha512":"dbdd29503b0afeca12cfdd19339ea718874676e3bed1cab043ffd0cef412be4fd22cc217633d340378dcc67fa15bc32246b53c04401c3f2986eea52c81507e9c","ssdeep":"","tlshash":"","first_seen":"2023-08-12T19:04:02Z","last_seen":"2023-10-26T19:30:47Z","times_seen":45,"resource_available":false,"data":null}},"time_used":48,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":29,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/image/prices-bg-3.png","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.204Z","timestamp":1698341426204,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/image/prices-bg-3.png HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/assets/css/index_1000x200.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: image/png\r\ncontent-length: 2442\r\nserver: nginx/1.15.12\r\nlast-modified: Thu, 22 Apr 2021 07:20:15 GMT\r\netag: \"608123af-98a\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2442,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 118, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ef56eff9c1246b25c0088c156116ae05","sha1":"21f5a8245443365c960a196d005277a3c5ef4709","sha256":"be624625b85909d1b549672c0a13b167751f842e035c3156f1d5e4a1b677ce54","sha512":"10b48f3e266b0ec278b3dd880afe7bcc5b86ee40cd76293a6dfb9bc647780a7e95e366bec96ee1765aebea41307bfcca30aef7f14256addea31f047b132dfc24","ssdeep":"","tlshash":"9e510a0666a5109da0c37ee32c475c58cf302363618066ddd77fa5dd68a2885bf81b89","first_seen":"2023-05-01T00:43:07Z","last_seen":"2024-08-21T08:57:42.312691Z","times_seen":76,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.153Z","timestamp":1698341426153,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/fonts/greycliff-cf-regular.woff HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/assets/css/index_1000x200.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: font/woff\r\ncontent-length: 53104\r\nserver: nginx/1.15.12\r\nlast-modified: Thu, 22 Apr 2021 07:20:15 GMT\r\netag: \"608123af-cf70\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":53104,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 53104, version 1.500\\012- data","md5":"4f5975fe17a8ca74963be0165ff6a443","sha1":"4bca2ab6c3da2b6ae09602601adeac22e7a90381","sha256":"5b8f98e0c93afef19bd64c3dea2a16d60dc1574e5a4a79b788ef03b9eb3c22df","sha512":"6ca6fb1d1845ac2cbd2510fb8882193fa8c800f2dea37b680fed0780f6d50a08258eccda0ef52495d2af346c32866c3a34a7ceefb7448af211b1b4ef6a7585da","ssdeep":"1536:YkREtZ1LgzQ0J3ysMpc4EcDFBxfknCHWCFJqjQmt:os/MCLaMCCQg","tlshash":"2c3302610f0d0d77da5499ed2a6ee7fa6a03c4300e83036578da63e1a6637bcc7341e9","first_seen":"2023-05-01T00:43:07Z","last_seen":"2024-08-21T08:57:42.307464Z","times_seen":94,"resource_available":false,"data":null}},"time_used":30,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/js/jquery.min.js","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.021Z","timestamp":1698341426021,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/js/jquery.min.js HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: application/javascript\r\nserver: nginx/1.15.12\r\nlast-modified: Thu, 22 Apr 2021 07:20:15 GMT\r\nvary: Accept-Encoding\r\netag: W/\"608123af-15d84\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":101680,"size_decoded":0,"mime_type":"application/javascript","magic":"gzip compressed data, from Unix\\012- data","md5":"4f1adf4bf89832d17978c19772edfcaf","sha1":"50e75d2bdc28a1f1ef2239af31faa0bb824dff74","sha256":"9ff72430f7588048696cbfca2eb43f08753adf8e151030e1cdd8465d79f7a563","sha512":"185d6fbc9f5154d5a3093a7eea34fc427f3b4fb4c5286681b1fd0899b336e399555fbb5a34c757af44a0a1c281e2d66437ad06f7514dcf6cb1da8e1dc8cad1d0","ssdeep":"1536:uJWwx5j66gD7CnXNAZUur9BiFwxbCk6dSyRoGb6Gq02va7Hh:hf29ASnSCPoGuGq02uh","tlshash":"9ea36b6b4f684b33df5409677d4fb2e8c0c9730bd990c2539e662c22c4b81a957eb6c8","first_seen":"2023-10-26T19:30:47Z","last_seen":"2023-10-26T19:30:47Z","times_seen":1,"resource_available":false,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/siAdbm36aJT4SbFwxrl2.jpg","fqdn":"dskwugy0u6y9l.cloudfront.net","domain":"dskwugy0u6y9l.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.48","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.447Z","timestamp":1698341426447,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /hotelliveeb/images/general/1/siAdbm36aJT4SbFwxrl2.jpg HTTP/1.1\r\nHost: dskwugy0u6y9l.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 421 Misdirected Request\r\nserver: CloudFront\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: text/html\r\ncontent-length: 1003\r\nx-cache: Error from cloudfront\r\nvia: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: Ma9r5duNQMzaInZvmC10Y9YuwiEHvVeraznovHiej_4dRNPNnZh6JA==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"421","status_text":"Misdirected Request","fingerprints":null,"data":{"size":46158,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\\012- data","md5":"91451d1ec57ce1bc7c4c8ca7bddec42f","sha1":"45745a127deca1d09ce6b76ad6fc61098a40d488","sha256":"acbf223b98dddada08e0b403986fc5f7bfd8c360d6c63cd50cafc3fc5540979d","sha512":"e037ef6778fae0dbbc1b3e06b7b1a19af6d29d57fb856bebd40197f35be3da9474159aed9367db4265bdc690fffbf27fb90970d4e7d60c566c1e965808d580d1","ssdeep":"768:MJqC5BbVTXlPGWRVp6Db2ZVMEjnVLgM67TQwjjZXFAoOdqSAjaSjJRJmI:MUCN7lOyM2n0HpBXFedvAjacJRJ5","tlshash":"7b2302fa1762d410b225aa703d785b1f1b1ac3294be9811cd15a47faf196f762e00e37","first_seen":"2023-04-16T07:01:51Z","last_seen":"2024-08-21T08:32:41.192055Z","times_seen":19,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":30,"dns":6,"connect":3,"send":36,"wait":-1,"receive":38,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:27.531Z","timestamp":1698341427531,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Sep 2023 21:06:47 GMT","end":"Sun, 03 Dec 2023 21:06:46 GMT"},"fingerprint":{"sha1":"B7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD","sha256":"E6:B8:D8:CD:C4:AF:99:B8:FE:AA:BC:4E:7A:2B:BA:32:A0:C0:A7:49:70:CE:35:CA:6C:01:D2:B9:1A:97:CD:30"}}},"request":{"raw":"GET /event?key=FYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1\r\nHost: serving.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nCookie: bepolite_id=53c84cc0cba1f5f1b905feb7941ca153\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 0\r\ndate: Thu, 26 Oct 2023 17:30:15 GMT\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 666478067\r\nage: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":74,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/B7IwTxkHR5fkysoQaj01.jpg","fqdn":"dskwugy0u6y9l.cloudfront.net","domain":"dskwugy0u6y9l.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:32.422Z","timestamp":1698341432422,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /hotelliveeb/images/general/1/B7IwTxkHR5fkysoQaj01.jpg HTTP/1.1\r\nHost: dskwugy0u6y9l.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 64040\r\ndate: Thu, 26 Oct 2023 07:40:39 GMT\r\nlast-modified: Mon, 20 Dec 2021 05:01:29 GMT\r\netag: \"d972a34b1a1b834989b84bac0782a6ae\"\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: R4-iUxxhgcSw1OU7VcFVJnjUk5SvT03AMWwyPK0v2gyT02XdQIJT8w==\r\nage: 35393\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64040,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\\012- data","md5":"d972a34b1a1b834989b84bac0782a6ae","sha1":"8fd9e3ad378bc036c7d52f8e00520f2a1a86c6de","sha256":"41d582f52c7efdb1cfe4352b10a881bc05f4f2e88bead954adcf3e8efd179179","sha512":"bed36d5959c7798db3aabe0f92f86a1a1173d4b01485a7ed26c125d598f0d3f3db1baa0ea73082c63ac3c83b025897f5dc85247bc587c5995d4d490ca6b8514b","ssdeep":"","tlshash":"","first_seen":"2023-09-08T18:24:21Z","last_seen":"2023-10-26T19:30:47Z","times_seen":11,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":10,"dns":2,"connect":1,"send":0,"wait":3,"receive":2,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/cG1bEB3nZo9dBelViWmV.jpg","fqdn":"dskwugy0u6y9l.cloudfront.net","domain":"dskwugy0u6y9l.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:32.447Z","timestamp":1698341432447,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /hotelliveeb/images/general/1/cG1bEB3nZo9dBelViWmV.jpg HTTP/1.1\r\nHost: dskwugy0u6y9l.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 65788\r\ndate: Wed, 25 Oct 2023 20:46:32 GMT\r\nlast-modified: Mon, 20 Dec 2021 05:01:49 GMT\r\netag: \"7cec3a9fd00d4d6ec1b1aa7adbf4c31d\"\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: 4-eKrFgupug_imMS6vee30MNWe0vSXQyjspt7WElkFMmLE5v5CANKQ==\r\nage: 74640\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":65788,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\\012- data","md5":"7cec3a9fd00d4d6ec1b1aa7adbf4c31d","sha1":"554920ade5bff12c44b7c631977e7b9938e75b9d","sha256":"3ec3f0e6b1d9f68d5f17ccf3b318ed1f719aefc6e9faffba763e789fe30ac0ae","sha512":"2dc12518312c29236c23e34e590587c0eff3b8033fa31c42909743c3ea5a3b204dd72af9f57c79868836ce3d7324896a3f4cfebab1ba2dbfac49058cdd57491e","ssdeep":"","tlshash":"","first_seen":"2023-05-28T18:45:01Z","last_seen":"2024-08-21T07:18:46.515236Z","times_seen":17,"resource_available":false,"data":null}},"time_used":4,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":2,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pogothere.xyz/","fqdn":"pogothere.xyz","domain":"pogothere.xyz","tld":"xyz"},"ip":{"addr":"104.21.24.208","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.459Z","timestamp":1698341424459,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Tue, 28 Feb 2023 00:00:00 GMT","end":"Tue, 27 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB","sha256":"09:91:FB:E4:53:65:EC:A7:C4:6B:EB:F6:E2:94:A5:09:45:6F:FC:DC:B1:B4:E4:67:80:61:7A:EE:7F:81:DD:45"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pogothere.xyz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\ncontent-type: text/plain\r\nset-cookie: csu=428065100723909@1@1698341423; Max-Age=31104000; Secure; SameSite=None\r\naccess-control-allow-origin: https://www.upload.ee\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: X-Requested-With, content-type\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=tIYpGX3BCb0lLh495gfWA8Wklt6VZL2qVxY13ng8rMA0PuiMXRy9riC2FmYA7lW%2F7bWypwvlU1XXMvc8E7AEQIwoLF5CkG3ZI%2FZomoOELYVLG1zriDwBJrSpewG47mq1\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 81c46d4a7aa70b69-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":71190,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"1df3d77a82ae262ca7ee5354f17f19f9","sha1":"9fd83e1563420a3a28e1433198872ebd94cc15e4","sha256":"e0077b84b1dc8fa6b03923a11a731b3896efa231ae3b8002c39b661be9e883d2","sha512":"5fa3887d4c18cea4c2e0908395980aa51745b9fb0d4e9aea7f8c93005b9724c78b1bca103a17dd681f01d2eb1ed97dc5e6b5984595b5f388b197eac98ac75703","ssdeep":"","tlshash":"3c80003000aa2cae02002ca0028802c803cc0aa28c080000002c02e2b0088f22c000a2","first_seen":"2023-10-26T19:30:47Z","last_seen":"2023-10-26T19:30:47Z","times_seen":1,"resource_available":false,"data":null}},"time_used":358,"timings":{"blocked":110,"dns":58,"connect":6,"send":0,"wait":121,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/uKEQ3VnYU3XSxSyNM64d.jpg","fqdn":"dskwugy0u6y9l.cloudfront.net","domain":"dskwugy0u6y9l.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:38.447Z","timestamp":1698341438447,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /hotelliveeb/images/general/1/uKEQ3VnYU3XSxSyNM64d.jpg HTTP/1.1\r\nHost: dskwugy0u6y9l.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 72949\r\ndate: Thu, 26 Oct 2023 04:04:09 GMT\r\nlast-modified: Mon, 20 Dec 2021 05:01:42 GMT\r\netag: \"bf36e0bf265a935a340671b4d66f2e01\"\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: Tvc1uiLzTQKh-YYBlLSh05Q8hvh01vKyMhyEjs7maLTCh2wi9p8VHg==\r\nage: 48389\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":72949,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\\012- data","md5":"bf36e0bf265a935a340671b4d66f2e01","sha1":"71eacdd355861fa4500b9961d4fcd24b81aa87e4","sha256":"8e6b881322ec75b0070fe04c905f40284ddc3806fdb6253cce210d544c8a0c19","sha512":"4f64fd2121b3807180dc71b74b34dfdaee6ac8d9b80b720b44d49b60185afe5b79c9220072669ddcca31d5e4950f62281fd6d4f8d91073e23e6090f441201966","ssdeep":"1536:MbHlqhJww9cVyKUlepyc65CqSC2/5QA3QyrxfCLjqJRh7uxbM:Gw2LH65xSC2/n3QFLoRh7CM","tlshash":"2663020fc6834cf9c2dee1e861b458b242e4cb1d6f82a46fac596757c8403d79357d45","first_seen":"2023-04-05T22:04:11Z","last_seen":"2023-11-29T21:37:51Z","times_seen":14,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/qmEWWQHZrt0q6Dj1KgR0.jpg","fqdn":"dskwugy0u6y9l.cloudfront.net","domain":"dskwugy0u6y9l.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.48","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.420Z","timestamp":1698341426420,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /hotelliveeb/images/general/1/qmEWWQHZrt0q6Dj1KgR0.jpg HTTP/1.1\r\nHost: dskwugy0u6y9l.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 421 Misdirected Request\r\nserver: CloudFront\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: text/html\r\ncontent-length: 1003\r\nx-cache: Error from cloudfront\r\nvia: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: SE8jVb2GV8XhTFEfmY6TioyaTs44eDAJeF87ruEP3xloiP0diVYlbQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"421","status_text":"Misdirected Request","fingerprints":null,"data":{"size":45364,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\\012- data","md5":"3696054995e4d4e836b239612a3422dc","sha1":"79859a15f9ed363ec60913afa2e2249ea7449501","sha256":"a91c8531d66e78e7a4f0ada00a92bdbe75d1812ea650f5787aefa7331ba5925b","sha512":"90616b5b39efa5e7e46bf93203bd653b7fa0fb85162c6f06d92490c3260bfd03dd39d988a4dfcaad371cc2b511c972c0977b706205bd544a31e542c823ee31da","ssdeep":"768:CiTQ48fi7kbJKyo55jo9Uxfg07rHSiH6uoIPxlj+LbkBTmQwiQe32E8aUaHhf:CiFwxbCk6dSyRoGb6Gq02va7Hh","tlshash":"a41302b6cf3ec617cf6233fb02994f98957aa84569a00b95440bf513f8e0682995b0db","first_seen":"2023-08-12T19:04:02Z","last_seen":"2023-10-26T19:30:47Z","times_seen":13,"resource_available":false,"data":null}},"time_used":156,"timings":{"blocked":53,"dns":53,"connect":1,"send":22,"wait":-1,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner-server.hookusbookus.com/package-feed?language=et_ee\u0026utmSource=allmedia","fqdn":"banner-server.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.194.32.185","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.240Z","timestamp":1698341426240,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /package-feed?language=et_ee\u0026utmSource=allmedia HTTP/1.1\r\nHost: banner-server.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://banner.hookusbookus.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: https://banner.hookusbookus.com\r\naccess-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE\r\naccess-control-max-age: 3600\r\naccess-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: DENY\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25366,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":308,"timings":{"blocked":134,"dns":36,"connect":26,"send":0,"wait":39,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c\u0026type=direct\u0026page_id=9635669\u0026screen_width=1280\u0026screen_height=1024\u0026os=Linux%20x86_64\u0026refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15851345%2F3797f05bf2341dbeb135%2Fsadfok.hta\u0026pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15851345%2Fsadfok.hta.html%3Fmsg%3Dsess_error\u0026rnd=1698341423792","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:25.071Z","timestamp":1698341425071,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Sep 2023 21:06:47 GMT","end":"Sun, 03 Dec 2023 21:06:46 GMT"},"fingerprint":{"sha1":"B7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD","sha256":"E6:B8:D8:CD:C4:AF:99:B8:FE:AA:BC:4E:7A:2B:BA:32:A0:C0:A7:49:70:CE:35:CA:6C:01:D2:B9:1A:97:CD:30"}}},"request":{"raw":"GET /script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c\u0026type=direct\u0026page_id=9635669\u0026screen_width=1280\u0026screen_height=1024\u0026os=Linux%20x86_64\u0026refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15851345%2F3797f05bf2341dbeb135%2Fsadfok.hta\u0026pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15851345%2Fsadfok.hta.html%3Fmsg%3Dsess_error\u0026rnd=1698341423792 HTTP/1.1\r\nHost: serving.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: private, must-revalidate, max-age=0\r\nvary: accept-encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/plain;charset=ISO-8859-1\r\ndate: Thu, 26 Oct 2023 17:30:12 GMT\r\nset-cookie: bepolite_id=53c84cc0cba1f5f1b905feb7941ca153; Max-Age=7776000; Expires=Wed, 24-Jan-2024 17:30:13 GMT; SameSite=None; Secure\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 663518099\r\nage: 0\r\naccept-ranges: bytes\r\ncontent-length: 1443\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":393,"timings":{"blocked":149,"dns":20,"connect":12,"send":0,"wait":92,"receive":3,"ssl":114},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:25.725Z","timestamp":1698341425725,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: text/html\r\nserver: nginx/1.15.12\r\nlast-modified: Tue, 24 Jan 2023 14:19:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63cfe903-1781\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":6017,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6210), with no line terminators","md5":"b2c258a8d77db021c8f33f8e84dba71b","sha1":"c453e30dac638f4e1b897309fe32db795d540f80","sha256":"2d1065201a188a85c1a7d0a3ee130f5a8dc4e60db8fe221fb2081e77222e5a9f","sha512":"849e6ae2edc1df9ec116829c807ac7a4ba86e4a1a1d8021bfb4e6a61a81740a32e7a4a403f61cd3dd228fba7dbec70ac17c90942cab11e059a3f1a2829c69ecf","ssdeep":"96:4ujYTzRvPn0EL7ni9z32a9tqgEK3bA0tCPK3rA0Py6:mzRvPn0EL7ni9zTtqI3c0tCC3M0Py6","tlshash":"01d13f06f9b5003a95927ea467f929586cff31088d505e107dcc699203d8f9ae3cbbbc","first_seen":"2023-04-05T06:15:55Z","last_seen":"2024-08-21T08:36:49.309083Z","times_seen":49,"resource_available":false,"data":null}},"time_used":347,"timings":{"blocked":160,"dns":48,"connect":28,"send":0,"wait":27,"receive":0,"ssl":81},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/css/index_1000x200.css","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.027Z","timestamp":1698341426027,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/css/index_1000x200.css HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: text/css\r\nserver: nginx/1.15.12\r\nlast-modified: Fri, 17 Dec 2021 08:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61bc46c6-1301\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":4865,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5152), with no line terminators","md5":"bbea28c29e42d59be2f13c38e8eb0845","sha1":"b93e2ad2b20ab7d449a672afc091dc413695c606","sha256":"62990b77849d8b95ca831a9f630cfda48af5be340a3f1e5aa4ee5792a37e4e76","sha512":"9a024df6221fce790878c9c7e751d741812a7b538c81644ab489c5e54e96a5b63d139f3f03780ac2279594e0c2d3cdd6aa5bb37fb4ae6009737114500f904ce8","ssdeep":"96:tePqeqKeDLH0e6geAGeZWeBheKl3JJwurdRtnw27/Gf3iK5ClPx/X/bYjn:o7Yxg4VuGHh/LcLL","tlshash":"19b11e10ae873279a8124fea37e21b10179d305361ba46163fed965fcfac40c405e79c","first_seen":"2023-04-05T06:15:55Z","last_seen":"2024-08-21T08:36:49.307563Z","times_seen":38,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ismscoldnesfspl.info/popunder.gif","fqdn":"ismscoldnesfspl.info","domain":"ismscoldnesfspl.info","tld":"info"},"ip":{"addr":"172.67.195.47","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.675Z","timestamp":1698341424675,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ismscoldnesfspl.info","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 12 Oct 2023 08:47:57 GMT","end":"Wed, 10 Jan 2024 08:47:56 GMT"},"fingerprint":{"sha1":"A0:89:A4:0E:87:A8:62:EA:DC:42:35:82:62:8C:B6:CC:95:A1:9C:5E","sha256":"88:BF:67:28:72:79:4A:D3:6E:38:98:FB:92:64:1D:22:9E:94:8F:38:25:8C:AB:40:D4:62:00:AA:90:26:12:2D"}}},"request":{"raw":"GET /popunder.gif HTTP/1.1\r\nHost: ismscoldnesfspl.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\ncontent-type: image/gif\r\naccess-control-allow-origin: *\r\npragma: public\r\ncache-control: public, max-age=604800, immutable\r\ncf-cache-status: HIT\r\nage: 912\r\nlast-modified: Thu, 26 Oct 2023 17:15:11 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=aDXMtMXHkCQY%2FsPykM%2FtERBvoPP4JapMYrg86s8uLjAXt2lvNIhVKG0BqcYUP3DfysuxF%2BHV4c2SI4TGvJjo0eSnz6mjSwbnTLJng3K3MODj3rOcfLEcZAPBPYWKgYtrM2t%2FPfxciw%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 81c46d4b395b56b7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"28d6814f309ea289f847c69cf91194c6","sha1":"0f4e929dd5bb2564f7ab9c76338e04e292a42ace","sha256":"8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015","sha512":"1d68b92e8d822fe82dc7563edd7b37f3418a02a89f1a9f0454cca664c2fc2565235e0d85540ff9be0b20175be3f5b7b4eae1175067465d5cca13486aab4c582c","ssdeep":"","tlshash":"be800003c280c002c2a2c0308e08ca802a8ab0a08a28030fb0ec3baafc2a2a20c00000","first_seen":"2023-04-05T07:36:27Z","last_seen":"2026-05-23T20:06:21.408512Z","times_seen":48032,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/css/index_300x600.css","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.007Z","timestamp":1698341426007,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/css/index_300x600.css HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: text/css\r\nserver: nginx/1.15.12\r\nlast-modified: Mon, 05 Jul 2021 19:56:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e3640b-1c4f\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7247,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7402), with no line terminators","md5":"ef4576b025213d57cd958c234d61a8a1","sha1":"5dd8d741efe63291e503bb6bf23e603c810b9030","sha256":"69478abb1501f6c8fb03f774621b5f0275d59f55b3fc4f24d95bade9e277efdb","sha512":"5ff68d00b34c558285b994681e319b9e97ca62af0a91bdc308094c4db61609d3bcf328fbd9e17e61d31ab7ac82cb1b913d2a1a8da0bd0cf2b1c09fc6aae910b0","ssdeep":"96:0gvLPOoPF/XfJdOeUccRwXtReYPR85epDyTNUS20Ox:ddqRWPRQe0I","tlshash":"4ce1612098c73038f4239ed773f51b245589304760631f6a72ee9b6bcf6e499404e7ae","first_seen":"2023-08-12T19:04:02Z","last_seen":"2023-10-26T19:30:47Z","times_seen":29,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeywu89zt7-iMTRCiUE2X4ez0rOYaPaYbJCYKYR5SRbiPrnHEhMlPhLdKBJW4sN_TRXaJubzaKg\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-1559669267%3A1698341423830657\u0026theme=glif","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:25.029Z","timestamp":1698341425029,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 28 Sep 2023 05:26:21 GMT","end":"Thu, 21 Dec 2023 05:26:20 GMT"},"fingerprint":{"sha1":"C9:4D:78:AD:EC:04:27:EE:F0:06:4C:C8:78:D8:9F:06:B5:CC:39:37","sha256":"55:2D:D0:D3:BA:2A:5F:AA:6F:C0:1F:04:FD:7D:9F:B2:3F:7B:EB:63:02:05:D4:99:B9:9A:A9:B0:C6:2E:76:AB"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeywu89zt7-iMTRCiUE2X4ez0rOYaPaYbJCYKYR5SRbiPrnHEhMlPhLdKBJW4sN_TRXaJubzaKg\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-1559669267%3A1698341423830657\u0026theme=glif HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 26 Oct 2023 17:30:24 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-pxrcvzUYReaTL9P3Ty47zQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner-server.hookusbookus.com/package-feed?language=et_ee\u0026utmSource=allmedia","fqdn":"banner-server.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.194.32.185","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.231Z","timestamp":1698341426231,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /package-feed?language=et_ee\u0026utmSource=allmedia HTTP/1.1\r\nHost: banner-server.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://banner.hookusbookus.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: https://banner.hookusbookus.com\r\naccess-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE\r\naccess-control-max-age: 3600\r\naccess-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: DENY\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":25366,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":300,"timings":{"blocked":130,"dns":57,"connect":26,"send":0,"wait":27,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:25.710Z","timestamp":1698341425710,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: text/html\r\nserver: nginx/1.15.12\r\nlast-modified: Tue, 24 Jan 2023 14:19:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63cfe903-1761\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":5985,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6183), with no line terminators","md5":"e6203b2e0919f42103d8a3367bbc9b32","sha1":"08d251797a13b125ec05294116373d90493045dd","sha256":"e893c3c55f767327f9d5723610d23852fc9f34827dda3bd918575f75f5ef6e0b","sha512":"41e6091cf06497b06b40358e05780e67a72adb06dc02e671b056e2b13f74890fce9bf322be1afc7da1d5344925dd33c63e24977d5afbc9aa1c7b7da014bdcfba","ssdeep":"96:4uKsMqRvPn0EL7n/9K2a9tqgEK3Fs0HCPK31s0NyX:8qRvPn0EL7n/9itqI360HCC3q0NyX","tlshash":"80d13106f9b5003985427d909bf969496caf32089d615e047dcc649203d8faae7db7fc","first_seen":"2023-08-12T19:04:02Z","last_seen":"2023-10-26T19:30:47Z","times_seen":31,"resource_available":false,"data":null}},"time_used":322,"timings":{"blocked":147,"dns":63,"connect":25,"send":0,"wait":27,"receive":0,"ssl":57},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/image/svg/hb-logo.svg","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.198Z","timestamp":1698341426198,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/image/svg/hb-logo.svg HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/assets/css/index_1000x200.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: image/svg+xml\r\nserver: nginx/1.15.12\r\nlast-modified: Mon, 05 Jul 2021 19:56:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e3640b-3be5\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15333,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (15333), with no line terminators","md5":"bf6baf947f924bf8d67e947a025def06","sha1":"9ac9fccb0351b41c1545714153ed5fa2c4bfef3a","sha256":"64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e","sha512":"b47cc80c2dc4ffc838ec2cbdedca7e5e9edbaf2bea1160a6c557dba9e87e0fd1254648c52a43a4a10d03ee628d2e0564e486fdbe8bfe3e475d37adc5b33a980e","ssdeep":"192:ZPLfC5XdoQgFzFRCNPJVtTOPKFh5zVDxaxb2+9RktWJTvpWB3eGSEDD4iko1kykd:Ze5VC/MpP59xR/O0SFiV1Qd","tlshash":"73627ac6237093cca9ddd89fbf25e558901b64bbb9f7d8c14a9f8b09988b894f704c10","first_seen":"2023-05-01T00:43:07Z","last_seen":"2024-08-21T08:36:49.306758Z","times_seen":69,"resource_available":false,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":28,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/image/svg/hb-logo.svg","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"18.157.94.205","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-26T17:30:26.011Z","timestamp":1698341426011,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/image/svg/hb-logo.svg HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYFzzir6Afpwiyh6fTv_uHsWb9E40EMJX2UQXlyEToQJLTwFmu6gDVl7asyl09zAPXjdFPtVVt_xRE5WWFuPAQ7rLRZIO8j2HeqwbO7aUc72IUrW5sIWV5TVM4Ai6l6Zpf0L8ct-AKkEtNy8WgogPyXWTzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1lOBTrB2gNvK4ykboohAFg9GiTK6hksTtZYDcAaR_SLbZUMMdoZrmihwdxucuHa1za5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=764e06c42a714b508c6da8df6296025f50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 26 Oct 2023 17:30:25 GMT\r\ncontent-type: image/svg+xml\r\nserver: nginx/1.15.12\r\nlast-modified: Mon, 05 Jul 2021 19:56:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e3640b-3be5\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15333,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (15333), with no line terminators","md5":"bf6baf947f924bf8d67e947a025def06","sha1":"9ac9fccb0351b41c1545714153ed5fa2c4bfef3a","sha256":"64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e","sha512":"b47cc80c2dc4ffc838ec2cbdedca7e5e9edbaf2bea1160a6c557dba9e87e0fd1254648c52a43a4a10d03ee628d2e0564e486fdbe8bfe3e475d37adc5b33a980e","ssdeep":"192:ZPLfC5XdoQgFzFRCNPJVtTOPKFh5zVDxaxb2+9RktWJTvpWB3eGSEDD4iko1kykd:Ze5VC/MpP59xR/O0SFiV1Qd","tlshash":"73627ac6237093cca9ddd89fbf25e558901b64bbb9f7d8c14a9f8b09988b894f704c10","first_seen":"2023-05-01T00:43:07Z","last_seen":"2024-08-21T08:36:49.306758Z","times_seen":69,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyw_hOwQhDZvDAm6ZZGaA1Kzyt6WhSxaSuJQBD0IH64MyWwZJU3UH-zMeHiFyVbjJKe07AK0Pw\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-1022763188%3A1698341423810205\u0026theme=glif","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15851345/sadfok.hta.html?msg=sess_error","date":"2023-10-26T17:30:24.660Z","timestamp":1698341424660,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 28 Sep 2023 05:26:21 GMT","end":"Thu, 21 Dec 2023 05:26:20 GMT"},"fingerprint":{"sha1":"C9:4D:78:AD:EC:04:27:EE:F0:06:4C:C8:78:D8:9F:06:B5:CC:39:37","sha256":"55:2D:D0:D3:BA:2A:5F:AA:6F:C0:1F:04:FD:7D:9F:B2:3F:7B:EB:63:02:05:D4:99:B9:9A:A9:B0:C6:2E:76:AB"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyw_hOwQhDZvDAm6ZZGaA1Kzyt6WhSxaSuJQBD0IH64MyWwZJU3UH-zMeHiFyVbjJKe07AK0Pw\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-1022763188%3A1698341423810205\u0026theme=glif HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Thu, 26 Oct 2023 17:30:23 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: script-src 'nonce-qxj9CFeuTjqN-d3PGoV5xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-23T21:07:56.146276Z","times_seen":15628731,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}