www.upload.ee/download/14835929/2d8f63cf3ce01c527524/Mercurial_Grabber.zip
51.91.30.159302 Found 0 B URL HTTP/1.1 www.upload.ee/download/14835929/2d8f63cf3ce01c527524/Mercurial_Grabber.zip
IP 51.91.30.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /download/14835929/2d8f63cf3ce01c527524/Mercurial_Grabber.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 21 Jan 2023 12:33:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
Location: https://www.upload.ee/download/14835929/2d8f63cf3ce01c527524/Mercurial_Grabber.zip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3904
Expires: Sat, 21 Jan 2023 13:38:32 GMT
Date: Sat, 21 Jan 2023 12:33:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7550
Expires: Sat, 21 Jan 2023 14:39:18 GMT
Date: Sat, 21 Jan 2023 12:33:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 11:34:44 GMT
content-type: application/json
age: 3524
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 38c102db4bcfb9c4fb19174986950fd3
51c2cc8a3aca4da5c9ab3438467c29203fc0b0c3
dad6b64bc9f4dd827471ccc2e5273fceee574685376083aaa80f9d2f918037f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAD6B64BC9F4DD827471CCC2E5273FCEEE574685376083AAA80F9D2F918037F2"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14678
Expires: Sat, 21 Jan 2023 16:38:07 GMT
Date: Sat, 21 Jan 2023 12:33:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4mZHD4Ot/DSjyenonDiw+Tsx/cXrpUE4lc9oKBjRaGl03gN73lPvfoCVPZB+hDy1N38CKb+zoUTuy1/oy++fPw==
x-amz-request-id: BW4JQ5X32ESPC4N3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 12:18:00 GMT
age: 929
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615308caeec867153ca642eacbd453c0
11af330b19512ead181d1d674b386bd2a40e7d93
280df36590bf43e17ca07edf49b329d221c8992fba5cb76db6c7211546cd4a12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5888
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:29 GMT
Last-Modified: Sat, 21 Jan 2023 10:55:22 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
www.upload.ee/download/14835929/2d8f63cf3ce01c527524/Mercurial_Grabber.zip
51.91.30.159404 Not Found 423 B URL HTTP/1.1 www.upload.ee/download/14835929/2d8f63cf3ce01c527524/Mercurial_Grabber.zip
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (423), with no line terminators
Hash bc173ee0e7ba4fe4870d16d214478dcc
f0803c80d5bc7a31c9f8aa9dcf508f55ece7f38b
26b22db61ee364d7fd79f57d526c5a8f897ec313f26f3b82a24457ad8c8b966d
GET /download/14835929/2d8f63cf3ce01c527524/Mercurial_Grabber.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 21 Jan 2023 12:33:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 423
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:33:29 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.upload.ee/files/14835929/Mercurial_Grabber.zip.html?msg=sess_error
51.91.30.159200 OK 8.9 kB URL HTTP/1.1 www.upload.ee/files/14835929/Mercurial_Grabber.zip.html?msg=sess_error
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4526)
Hash 6c671ad7523a1bc6df69b631805182a1
4f3e72ca0a7621c5dcab67df18c488be033549bb
c453d4ed9d69b3f29e18dcc6c7e3681bda00270615626c16b02886cfbe647772
GET /files/14835929/Mercurial_Grabber.zip.html?msg=sess_error HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/download/14835929/2d8f63cf3ce01c527524/Mercurial_Grabber.zip
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 12:33:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8911
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 21 Jan 2023 14:33:29 +0200
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
Set-Cookie: lng=eng; expires=Sat, 18-Feb-2023 12:33:29 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None
Content-Encoding: gzip
www.upload.ee/static/ubr__style.css
51.91.30.159200 OK 2.9 kB URL HTTP/1.1 www.upload.ee/static/ubr__style.css
IP 51.91.30.159:0
File type ASCII text, with very long lines (591), with CRLF line terminators
Hash 7b736ade714db0c4ee6dbd432b2b1367
98b85ea1586315cba25380eca3c9785820a23042
e3d11bbf89fb8f84070b6616e4f422eef0182dbf937f0398d0d2c779509b07a1
GET /static/ubr__style.css HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/14835929/Mercurial_Grabber.zip.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 12:33:29 GMT
Content-Type: text/css
Last-Modified: Fri, 04 Oct 2013 10:02:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"524e9233-25a0"
Expires: Sat, 28 Jan 2023 12:33:29 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upload.ee/js/js__file_upload.js
51.91.30.159200 OK 27 kB URL HTTP/1.1 www.upload.ee/js/js__file_upload.js
IP 51.91.30.159:0
File type Unicode text, UTF-8 text, with very long lines (1853)
Hash 617f6d5a2744bc8c02e3d2c67544bd68
f57c068257c8bc85644d3be1e845c36506cd4625
62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658
GET /js/js__file_upload.js HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/14835929/Mercurial_Grabber.zip.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 12:33:29 GMT
Content-Type: application/javascript
Content-Length: 27351
Last-Modified: Thu, 07 May 2020 19:13:28 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "5eb45dd8-6ad7"
Expires: Sat, 28 Jan 2023 12:33:29 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Accept-Ranges: bytes
www.upload.ee/images/arrow.gif
51.91.30.159200 OK 59 B URL HTTP/1.1 www.upload.ee/images/arrow.gif
IP 51.91.30.159:0
File type GIF image data, version 89a, 6 x 9\012- data
Hash 6675f814b94f13f91f1383707b250e36
31452650e8fce2095613a2010799bdb7548bdd51
061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411
GET /images/arrow.gif HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/14835929/Mercurial_Grabber.zip.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 12:33:29 GMT
Content-Type: image/gif
Content-Length: 59
Last-Modified: Sun, 14 Apr 2013 07:15:01 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "516a5775-3b"
Expires: Sat, 28 Jan 2023 12:33:29 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.upload.ee/images/dl_.png
51.91.30.159200 OK 1.9 kB URL HTTP/1.1 www.upload.ee/images/dl_.png
IP 51.91.30.159:0
File type PNG image data, 154 x 32, 8-bit colormap, non-interlaced\012- data
Hash f3e8f284a4e98cdb91b6abfc142d94a4
fa9e618c2f56bea752ddd7e45a372c5539dadda9
2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882
GET /images/dl_.png HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/14835929/Mercurial_Grabber.zip.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 12:33:29 GMT
Content-Type: image/png
Content-Length: 1900
Last-Modified: Thu, 01 Dec 2016 09:37:27 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "583fef57-76c"
Expires: Sat, 28 Jan 2023 12:33:29 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.googletagmanager.com/gtag/js?id=UA-6703115-1
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-6703115-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash e62420c28945cc9edfddb792c97a6c3f
50579f4069887263fdef328e5ead25e062a632b4
6dab710d3a7b21eaa984197fd6e058bfba128e9dc09a026fecb2127fa9e91d79
GET /gtag/js?id=UA-6703115-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 21 Jan 2023 12:33:29 GMT
expires: Sat, 21 Jan 2023 12:33:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45056
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bccd1fe14275d3bb56418297e502cd10
cdf19d2a4099ada369589fc7aa7021f9b30302aa
801e8b57b77806d98fe23b8421a8fdba9f1138827cc320cb5dcc986161aa7ca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 11:48:58 GMT
age: 2671
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
s7.addthis.com/js/250/addthis_widget.js?pub=uploadee
2.18.172.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/250/addthis_widget.js?pub=uploadee
IP 2.18.172.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116300 bytes)
Hash e1b471e868511628f304d455993c3d01
3fd1b26968af92ba9d194a4dddb60e3f22e34e54
4867d40a3e4f5e8bcec3ffc215869c7a127171117a1fe27459b427100b1bf3ee
GET /js/250/addthis_widget.js?pub=uploadee HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116300
date: Sat, 21 Jan 2023 12:33:29 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
2.18.172.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 2.18.172.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sat, 21 Jan 2023 12:33:29 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fc96297d0b59147e8f6052b16f1ca13f
23aeddfa143bb9be19b2ed06f2024a3a8aa120ce
034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1125
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:29 GMT
Last-Modified: Sat, 21 Jan 2023 12:14:44 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
s7.addthis.com/static/btn/lg-share-en.gif
2.18.172.123200 OK 596 B URL HTTP/2 s7.addthis.com/static/btn/lg-share-en.gif
IP 2.18.172.123:0
File type GIF image data, version 89a, 125 x 16\012- data
Hash 212668d558dfda57c80995d818ad9d39
f5c7e2ed67eeba644dc220e8ba32956bcf413eb9
8d261abb1cdf02888b9a1f12cf9694e7ec7e93d7da3e8f20e2907af422327489
GET /static/btn/lg-share-en.gif HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: image/gif
content-length: 596
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-254"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
date: Sat, 21 Jan 2023 12:33:29 GMT
x-host: s7.addthis.com
X-Firefox-Spdy: h2
www.upload.ee/favicon.ico
51.91.30.159200 OK 1.2 kB URL HTTP/1.1 www.upload.ee/favicon.ico
IP 51.91.30.159:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f299cf2e651c19e48d27900ced493ccb
c2d1086d517d7a26292e0d7b32da7c55b166c23b
115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1
GET /favicon.ico HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/14835929/Mercurial_Grabber.zip.html?msg=sess_error
Cookie: lng=eng; __atuvc=1%7C3; __atuvs=63cbdb98204c3339000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 21 Jan 2023 12:33:29 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 16 Dec 2008 17:17:25 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "4947e2a5-47e"
Expires: Sat, 28 Jan 2023 12:33:29 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
z.moatads.com/addthismoatframe568911941483/moatframe.js
2.18.173.140200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 2.18.173.140:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=13577
date: Sat, 21 Jan 2023 12:33:29 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 875fc1415608498b67d609fd3b7335ae
463aca613dcdfc3446e7c7f4663d9577ef92f94e
fcb4c1657bc5afb8c1adfbec67198211be206ff61b5cc7c13565d5ce492de66e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
172.217.21.162200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 172.217.21.162:0
File type ASCII text, with very long lines (4879)
Hash 0e9a00f5e2a7f5fc1534061abaf6bf59
d6696d1f29087efa6a892426b495775345409005
d7dab6eed9665c8f553aa13823c2679d2d80b0722ad4d2ae491f0c42d68d2411
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 21 Jan 2023 12:33:29 GMT
expires: Sat, 21 Jan 2023 12:33:29 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 2891700282282328835
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49606
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=63cbdb98ef98ffab&bkl=0&bl=1&pdt=111&sid=63cbdb98ef98ffab&pub=uploadee&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.upload.ee&fp=files%2F14835929%2FMercurial_Grabber.zip.html%3Fmsg%3Dsess_error&fr=download%2F14835929%2F2d8f63cf3ce01c527524%2FMercurial_Grabber.zip&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&mk=upload%2Cfiles%2Cdownload%2Cfailid%2Chosting%2Cgaleriid%2Cgalleries%2Cvideo%2Cpilt%2Cimage%2Ctasuta%20upload%2Cupload%20clipboard%2Ceestimaine%20upload%2Cpiltide%20upload&colc=1674304408890&jsl=0&uvs=63cbdb98204c3339000&skipb=1&callback=addthis.cbs.jsonp__38309345953831340
2.18.172.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=63cbdb98ef98ffab&bkl=0&bl=1&pdt=111&sid=63cbdb98ef98ffab&pub=uploadee&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.upload.ee&fp=files%2F14835929%2FMercurial_Grabber.zip.html%3Fmsg%3Dsess_error&fr=download%2F14835929%2F2d8f63cf3ce01c527524%2FMercurial_Grabber.zip&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&mk=upload%2Cfiles%2Cdownload%2Cfailid%2Chosting%2Cgaleriid%2Cgalleries%2Cvideo%2Cpilt%2Cimage%2Ctasuta%20upload%2Cupload%20clipboard%2Ceestimaine%20upload%2Cpiltide%20upload&colc=1674304408890&jsl=0&uvs=63cbdb98204c3339000&skipb=1&callback=addthis.cbs.jsonp__38309345953831340
IP 2.18.172.123:0
File type ASCII text, with no line terminators
Hash 810517ac74f96ed6f2fc97224235565c
20a44788a1caeebed1d103e77ee2f6b42214a6f7
b7716b7d9c71a49e0f071c84ef9ca19478606d83d2a6ffb2198a59ae84962011
GET /live/red_lojson/300lo.json?si=63cbdb98ef98ffab&bkl=0&bl=1&pdt=111&sid=63cbdb98ef98ffab&pub=uploadee&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.upload.ee&fp=files%2F14835929%2FMercurial_Grabber.zip.html%3Fmsg%3Dsess_error&fr=download%2F14835929%2F2d8f63cf3ce01c527524%2FMercurial_Grabber.zip&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&mk=upload%2Cfiles%2Cdownload%2Cfailid%2Chosting%2Cgaleriid%2Cgalleries%2Cvideo%2Cpilt%2Cimage%2Ctasuta%20upload%2Cupload%20clipboard%2Ceestimaine%20upload%2Cpiltide%20upload&colc=1674304408890&jsl=0&uvs=63cbdb98204c3339000&skipb=1&callback=addthis.cbs.jsonp__38309345953831340 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Sat, 21 Jan 2023 12:33:29 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 875fc1415608498b67d609fd3b7335ae
463aca613dcdfc3446e7c7f4663d9577ef92f94e
fcb4c1657bc5afb8c1adfbec67198211be206ff61b5cc7c13565d5ce492de66e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
v1.addthisedge.com/live/boost/uploadee/_ate.track.config_resp
2.18.172.123200 OK 47 B URL HTTP/2 v1.addthisedge.com/live/boost/uploadee/_ate.track.config_resp
IP 2.18.172.123:0
File type ASCII text, with no line terminators
Hash 24c668b115f75423506f2ea21d1b49c2
14f956ddb2d9e8b072cd5f605c3f39526490b391
b542daef470a9730029174f975ce3ce236b3e58bf9183b11956acce994b13a16
GET /live/boost/uploadee/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 47
cache-control: public, max-age=60, s-maxage=86400
date: Sat, 21 Jan 2023 12:33:29 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.88.143.102101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.143.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: C1FeN875PSpA9m4gtz8igg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9DR6620JuxIK2JeKlDNJFH81Sy0=
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-6703115-1&cid=2037752084.1674304409&jid=392374038&gjid=925740598&_gid=1646351816.1674304409&_u=YADAAUAAAAAAACAAI~&z=309294786
64.233.161.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-6703115-1&cid=2037752084.1674304409&jid=392374038&gjid=925740598&_gid=1646351816.1674304409&_u=YADAAUAAAAAAACAAI~&z=309294786
IP 64.233.161.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-6703115-1&cid=2037752084.1674304409&jid=392374038&gjid=925740598&_gid=1646351816.1674304409&_u=YADAAUAAAAAAACAAI~&z=309294786 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.upload.ee
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.upload.ee
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 21 Jan 2023 12:33:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d3e5c3b089b8604c1bc1a6ac2ccb1688
bacbf48ce86aeb575783bb74ea09559fcaa37816
b1aa341569a6a888ae426572441696d430537d422e39513fdca5a4883d5402b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c232c19f3fc429b50b4b21d042ea2d1
232ff9e14ff2bd70e2c058c139e3694cc8c45f25
dfdf4248506d908ca817562e74c64bdb1a192c61c6d1f2f2f66db045bc1e3575
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9046bdd3634f2cfb8ace7c326c4af05f
d92d1610bbcc211f0648ec87b5aee6a562f606db
eea88fe2aaabd085058e3cf139e8780e1ddeff62e4fb94d6eeabe512a309d8ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.upload.ee
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.upload.ee
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.upload.ee HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 21 Jan 2023 12:33:30 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.upload.ee
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.upload.ee
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.upload.ee HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 21 Jan 2023 12:33:30 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=www.upload.ee&callback=_gfp_s_&client=ca-pub-5364884771898146
216.58.207.226200 OK 247 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.upload.ee&callback=_gfp_s_&client=ca-pub-5364884771898146
IP 216.58.207.226:0
File type ASCII text, with very long lines (385), with no line terminators
Hash e29cd8358dd425babaad9d38a394e455
98142528cb9a8ddbd7c2e750afab187df9e49efb
f873bef3504bd91c96172619052b0a8469c47b699cbd5dbf9259a9912852447f
GET /gampad/cookie.js?domain=www.upload.ee&callback=_gfp_s_&client=ca-pub-5364884771898146 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 21 Jan 2023 12:33:30 GMT
server: cafe
cache-control: private
content-length: 247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c232c19f3fc429b50b4b21d042ea2d1
232ff9e14ff2bd70e2c058c139e3694cc8c45f25
dfdf4248506d908ca817562e74c64bdb1a192c61c6d1f2f2f66db045bc1e3575
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9046bdd3634f2cfb8ace7c326c4af05f
d92d1610bbcc211f0648ec87b5aee6a562f606db
eea88fe2aaabd085058e3cf139e8780e1ddeff62e4fb94d6eeabe512a309d8ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d3e5c3b089b8604c1bc1a6ac2ccb1688
bacbf48ce86aeb575783bb74ea09559fcaa37816
b1aa341569a6a888ae426572441696d430537d422e39513fdca5a4883d5402b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 59069e66283df9267308142d1293f6b5
da9ce92271212d977ddbd80eba990396a8ed86e2
f95e9f64b1accca63f9e53921837c2406983db8638049ca1c86bae2c662446eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F95E9F64B1ACCCA63F9E53921837C2406983DB8638049CA1C86BAE2C662446EB"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4847
Expires: Sat, 21 Jan 2023 13:54:17 GMT
Date: Sat, 21 Jan 2023 12:33:30 GMT
Connection: keep-alive
serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=8309233&screen_width=1280&screen_height=939&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14835929%2F2d8f63cf3ce01c527524%2FMercurial_Grabber.zip&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14835929%2FMercurial_Grabber.zip.html%3Fmsg%3Dsess_error&rnd=1674304408875
212.47.222.21200 OK 2.2 kB URL HTTP/2 serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=8309233&screen_width=1280&screen_height=939&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14835929%2F2d8f63cf3ce01c527524%2FMercurial_Grabber.zip&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14835929%2FMercurial_Grabber.zip.html%3Fmsg%3Dsess_error&rnd=1674304408875
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type ASCII text, with very long lines (394)
Hash ae56a3d7d3d734a0ce1cca8551d62c2e
4a5a1cda04a6f8522e4b9ab8e87bec236857eee8
e258c84c4e176d4a35be043b10f5330555e76849a57eb830c408568cd1bba008
GET /script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=8309233&screen_width=1280&screen_height=939&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14835929%2F2d8f63cf3ce01c527524%2FMercurial_Grabber.zip&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14835929%2FMercurial_Grabber.zip.html%3Fmsg%3Dsess_error&rnd=1674304408875 HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private, must-revalidate, max-age=0
vary: accept-encoding
content-encoding: gzip
content-type: text/plain;charset=ISO-8859-1
date: Sat, 21 Jan 2023 12:32:28 GMT
set-cookie: bepolite_id=7312163ce61d347df29185db1ff3cc03; Max-Age=7776000; Expires=Fri, 21-Apr-2023 12:32:29 GMT; SameSite=None; Secure
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 123031659
age: 0
via: 1.1 varnish (Varnish/6.2)
accept-ranges: bytes
content-length: 2224
server: lighttpd/1.4.64
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bd2e2265c884eb9c7d560fe2294c1154
ee9a3c7c23134a6dae6e3eadd20f91ebf1798a7b
bb1c07ac2e0901ce5f3bc468681dd475477f26df545d91730915eaa4f580b4e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.bepolite.eu/scripts/saresponsive.js
212.47.222.21200 OK 175 kB URL HTTP/2 static.bepolite.eu/scripts/saresponsive.js
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type ASCII text, with very long lines (32077), with CRLF line terminators
Size 175 kB (174597 bytes)
Hash ab9074f7f6d1549fb6febe869e34bcd5
8fc2a53ea741c38fb674dcc7eaf7a774be67bfbc
c3e4013421d3da576ff619f21e1913f7267ddbbd9f4f93b535857e6299cfbeaa
GET /scripts/saresponsive.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "102782918"
last-modified: Wed, 31 Aug 2022 21:50:38 GMT
content-length: 174597
date: Sat, 21 Jan 2023 12:32:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122545083
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 21 Jan 2023 12:33:30 GMT
expires: Sat, 21 Jan 2023 12:33:30 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-LT9YQX0N49>m=2oe1i0&_p=464846422&cid=2037752084.1674304409&ul=en-us&sr=1280x1024&_s=1&sid=1674304409&sct=1&seg=0&dl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14835929%2FMercurial_Grabber.zip.html%3Fmsg%3Dsess_error&dr=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14835929%2F2d8f63cf3ce01c527524%2FMercurial_Grabber.zip&dt=UPLOAD.EE%20-%20Mercurial_Grabber.zip%20-%20Download&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LT9YQX0N49>m=2oe1i0&_p=464846422&cid=2037752084.1674304409&ul=en-us&sr=1280x1024&_s=1&sid=1674304409&sct=1&seg=0&dl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14835929%2FMercurial_Grabber.zip.html%3Fmsg%3Dsess_error&dr=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14835929%2F2d8f63cf3ce01c527524%2FMercurial_Grabber.zip&dt=UPLOAD.EE%20-%20Mercurial_Grabber.zip%20-%20Download&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LT9YQX0N49>m=2oe1i0&_p=464846422&cid=2037752084.1674304409&ul=en-us&sr=1280x1024&_s=1&sid=1674304409&sct=1&seg=0&dl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14835929%2FMercurial_Grabber.zip.html%3Fmsg%3Dsess_error&dr=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14835929%2F2d8f63cf3ce01c527524%2FMercurial_Grabber.zip&dt=UPLOAD.EE%20-%20Mercurial_Grabber.zip%20-%20Download&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.upload.ee
date: Sat, 21 Jan 2023 12:33:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 34a6ffa8918b00f3f6d21bd90db799f4
6573697e6488b07ba3551ca7fea9b89220494b3a
dff7862c0cfa5ae27f6e8daef94bf0cd05000b667dbabd62a673ec0354e4873b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash fa26a5b4f95b35274d8c819d88298fa6
86b155fb35b045c39d422ea1ba544cba750796db
76f657fe11e83f7fe331dec6ee2d2db3ce23fabb29557189d1bb92c61379f8c1
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 21 Jan 2023 12:33:30 GMT
date: Sat, 21 Jan 2023 12:33:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-O-1TB0EVVBcbP9qVJjDBQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.bepolite.eu/banners/61b6f9a6-17d8-43d2-bc50-db026a2a2a0d/Toy_Elke_RAV4_1000x200px.gif
212.47.222.21200 OK 97 kB URL HTTP/2 static.bepolite.eu/banners/61b6f9a6-17d8-43d2-bc50-db026a2a2a0d/Toy_Elke_RAV4_1000x200px.gif
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type GIF image data, version 89a, 1000 x 200\012- data
Hash 0600d1c92a3e1e3f622da79c30451dfc
17b8bb9854b853b3f89eac80d8bb01d0ae47cd6d
5a85d0f742de426ab08c685bf9320b9e907e365ce0418c621f8de70d9034e5ab
GET /banners/61b6f9a6-17d8-43d2-bc50-db026a2a2a0d/Toy_Elke_RAV4_1000x200px.gif HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
accept-ranges: bytes
etag: "3551291448"
last-modified: Wed, 18 Jan 2023 10:31:25 GMT
content-length: 97239
date: Sat, 21 Jan 2023 12:32:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122545086
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
212.47.222.21200 OK 1.2 kB URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 22d2629d056da2a4368c3cf2e2c45816
6f6857ddb4507f85183cfd19e60a073fecd7d4b2
bf307259c516ad7a8268f22b759079cdc76b1ee658cb2d4d5961b66c64e6a03a
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
etag: "2188963096"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 1151
date: Sat, 21 Jan 2023 12:31:18 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 123031665
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
212.47.222.21200 OK 1.2 kB URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c59e769d4fc44df3def3f03c8ea7598c
f7df7a207240efbe30f5599ef42412bd68022baa
6a2dc74118155e7207007443139f1418450f7b1ab048bf2fe65a03d120ce7c7d
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
etag: "239713841"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 1150
date: Sat, 21 Jan 2023 12:31:04 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122518434
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/files/close-gray.png
212.47.222.21200 OK 1.5 kB URL HTTP/2 static.bepolite.eu/files/close-gray.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 41d9676ab94bece3f7a549b4769ddbe2
521f14490fc57fea51e2e5bf00e2299dce51561b
c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34
GET /files/close-gray.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "801691811"
last-modified: Fri, 08 Apr 2022 18:07:56 GMT
content-length: 1497
date: Sat, 21 Jan 2023 12:32:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 123031668
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1uFOrKylZttFl4PSrLWjdopAvH28JsJSdo2BGPLo01YQLDuNtnuWyQ4uPliZEAxIja5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.21200 OK 0 B URL HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1uFOrKylZttFl4PSrLWjdopAvH28JsJSdo2BGPLo01YQLDuNtnuWyQ4uPliZEAxIja5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /event?key=FYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1uFOrKylZttFl4PSrLWjdopAvH28JsJSdo2BGPLo01YQLDuNtnuWyQ4uPliZEAxIja5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=7312163ce61d347df29185db1ff3cc03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 21 Jan 2023 12:32:28 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122545089
age: 0
via: 1.1 varnish (Varnish/6.2)
accept-ranges: bytes
server: lighttpd/1.4.64
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash d7b1a17a072b278b7922a51eaf206ecc
a2b571edb9ada1fca70f420ab37d1792aeb63963
23a7daf8bc0861889821a76151791557dbef8e3bf7ef2c7a0675fe8964d22235
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=139488
Date: Sat, 21 Jan 2023 12:33:30 GMT
Etag: "63cb56e4-1d7"
Expires: Mon, 23 Jan 2023 03:18:18 GMT
Last-Modified: Sat, 21 Jan 2023 03:07:16 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gfOmj8Q8eIqGXa_L3dyQfgz7aD0aMvXBBbi3CZDJqm3d5jP0v0pJoQ==
Age: 662
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ea28cc82849ac166f8818f0d0f94f3d6
67fd0d1d43643eaf4860329991074b3fee5d2070
4e09da546feda1944f1db7036fbe6ab326d8e86805d626758c0995a00f5cebe3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1566
Cache-Control: max-age=114065
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 12:33:30 GMT
Etag: "63caf00d-1d7"
Expires: Sun, 22 Jan 2023 20:14:35 GMT
Last-Modified: Fri, 20 Jan 2023 19:48:29 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
animate.adobe.com/runtime/6.0.0/edge.6.0.0.min.js
23.33.119.10200 OK 34 kB URL HTTP/2 animate.adobe.com/runtime/6.0.0/edge.6.0.0.min.js
IP 23.33.119.10:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (561)
Hash 7abd3002a743d28c0c1bd98a64eda18c
cca936df62e2dcfbf790b0ab14ab279ac8e2c353
2d616c4a760ea77e76af1c7fe272a225abeed861b85db2f7f23efe8b7514e559
GET /runtime/6.0.0/edge.6.0.0.min.js HTTP/1.1
Host: animate.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Tue, 05 May 2015 12:17:26 GMT
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=900
expires: Sat, 21 Jan 2023 12:48:30 GMT
date: Sat, 21 Jan 2023 12:33:30 GMT
content-length: 33737
X-Firefox-Spdy: h2
banner.hookusbookus.com/config/config.js
52.57.219.21200 OK 65 B URL HTTP/2 banner.hookusbookus.com/config/config.js
IP 52.57.219.21:0
Hash d7d5fd3ed41b114bc1c24ff2cde94913
b24fe3ea014efd02765af7868964d66dae822a95
64937fdd91804cee2b2fdda3281cdc505df7f69321b578d4eb42d7e4d29ae45e
GET /config/config.js HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=43f1ff9b6bce46119b6d0ca8fca6542950dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 12:33:30 GMT
content-type: application/javascript
content-length: 65
server: nginx/1.15.12
last-modified: Wed, 18 Jan 2023 04:58:44 GMT
etag: "63c77c84-41"
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1_edge.js
212.47.222.21200 OK 2.6 kB URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1_edge.js
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type ASCII text, with very long lines (2175), with CRLF line terminators
Hash 0ec78d5ed1d27b254594079373445fe4
98cdc809e3f1bb72014bab8556577e6ae5b85889
266b2995e27a47f49af4e44c177b2063d8a23b1497fc2e9e0981b8032f4d8f37
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1_edge.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "3461430622"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 2556
date: Sat, 21 Jan 2023 12:31:05 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122599723
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/js/jquery.min.js
52.57.219.21200 OK 40 kB URL HTTP/2 banner.hookusbookus.com/assets/js/jquery.min.js
IP 52.57.219.21:0
Hash de04040db6db6aed93024a6e6abe1225
875e1c7d443abe98c70baa19cb20c8869991bae8
6acdd50581bd25b0a602ff993315604be45374e011d63e4140aacec5440ef0a9
GET /assets/js/jquery.min.js HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=43f1ff9b6bce46119b6d0ca8fca6542950dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 12:33:30 GMT
content-type: application/javascript
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
vary: Accept-Encoding
etag: W/"608123af-15d84"
content-encoding: gzip
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/prices-bg-3.png
52.57.219.21200 OK 2.4 kB URL HTTP/2 banner.hookusbookus.com/assets/image/prices-bg-3.png
IP 52.57.219.21:0
File type PNG image data, 250 x 118, 8-bit/color RGBA, non-interlaced\012- data
Hash ef56eff9c1246b25c0088c156116ae05
21f5a8245443365c960a196d005277a3c5ef4709
be624625b85909d1b549672c0a13b167751f842e035c3156f1d5e4a1b677ce54
GET /assets/image/prices-bg-3.png HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 12:33:31 GMT
content-type: image/png
content-length: 2442
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-98a"
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1_edge.js
212.47.222.21200 OK 2.6 kB URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1_edge.js
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type ASCII text, with very long lines (2175), with CRLF line terminators
Hash 0ec78d5ed1d27b254594079373445fe4
98cdc809e3f1bb72014bab8556577e6ae5b85889
266b2995e27a47f49af4e44c177b2063d8a23b1497fc2e9e0981b8032f4d8f37
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1_edge.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 11 Jan 2023 07:15:51 GMT
If-None-Match: "3461430622"
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "1113615991"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 2556
date: Sat, 21 Jan 2023 12:31:18 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122599726
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/svg/hb-logo.svg
52.57.219.21200 OK 15 kB URL HTTP/2 banner.hookusbookus.com/assets/image/svg/hb-logo.svg
IP 52.57.219.21:0
Hash 5d5b5422877cf5f4b6f82bc138216149
ed9b73da9b377d75a4311c4cba445a283ef5db6f
d47c0fd762c411c0c81b44dcaf82d4677c5682cc1b3d229a86e9fb85d8daf743
GET /assets/image/svg/hb-logo.svg HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 12:33:31 GMT
content-type: image/svg+xml
server: nginx/1.15.12
last-modified: Mon, 05 Jul 2021 19:56:59 GMT
vary: Accept-Encoding
etag: W/"60e3640b-3be5"
content-encoding: gzip
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t31.png
212.47.222.21200 OK 2.9 kB URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t31.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 1200 x 400, 4-bit colormap, non-interlaced\012- data
Hash c395924d3a00694dcdb9d703d9f51e18
8ce35c00dfdb2bdc6862490ed8235be4f9985fb3
5e7ec4cc1813293239902e53e78ccb2599eb34fbff26a39425c38950e2d1b0b1
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t31.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3261276967"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 2861
date: Sat, 21 Jan 2023 12:32:30 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 123031677
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/css/index_1000x200.css
52.57.219.21200 OK 2.9 kB URL HTTP/2 banner.hookusbookus.com/assets/css/index_1000x200.css
IP 52.57.219.21:0
Hash 92866bac4d0ace08f78f25db4481c295
0fd36cbe621f06664f685320cb74560229f9e9cc
e6252491f5e8955b69e078443974ad90a602e8bf5e36ee4173d00ecf349c7958
GET /assets/css/index_1000x200.css HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=43f1ff9b6bce46119b6d0ca8fca6542950dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 12:33:30 GMT
content-type: text/css
server: nginx/1.15.12
last-modified: Fri, 17 Dec 2021 08:13:58 GMT
vary: Accept-Encoding
etag: W/"61bc46c6-1301"
content-encoding: gzip
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/mull.png
212.47.222.21200 OK 2.5 kB URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/mull.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 1200 x 400, 8-bit colormap, non-interlaced\012- data
Hash ce5ff2baf534e918ff507c43c0e73567
244e231e69e8a93ba1b313ae39639e3a219b6fe4
8f75da5716c2886b12458b34c8f1b1f2a069dff10c4ff9b7cc8539d47db6c3ce
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/mull.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1113632696"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 2498
date: Sat, 21 Jan 2023 12:31:18 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 123770774
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/btn.png
212.47.222.21200 OK 1.8 kB URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/btn.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 1200 x 400, 8-bit colormap, non-interlaced\012- data
Hash bf6cefefd58444530bb2630108cb3b91
99f0b62cbc6b853021c1eb3719780c7c9a1bf4d8
41f629612d856a62d002c5ed9906743b4b91450a674f94a6720145b71428ca09
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/btn.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2387243656"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 1806
date: Sat, 21 Jan 2023 12:31:05 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 121699310
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/arw.png
212.47.222.21200 OK 803 B URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/arw.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 1200 x 400, 8-bit colormap, non-interlaced\012- data
Hash 0ae4b5ad140ac6216fad7b8ee69a43c8
9033c468e5dcfbf9ecb2c526bc15902b9ed48eeb
06bc2615ae1760460c266d91b67e383efc02fc24f1c1cde299c12f5c121cb113
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/arw.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "4170838655"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 803
date: Sat, 21 Jan 2023 12:32:30 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122518449
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/logo.png
212.47.222.21200 OK 2.0 kB URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/logo.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 1200 x 400, 8-bit colormap, non-interlaced\012- data
Hash f96093879985b4b30f2c5d14814a6cb2
48cfa9cc309b33efa1c909de3f1a619ff77da11e
e61c78dbf7916127ee48c5546d687eb0b33d5033e7f9368692fbab22640d3837
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/logo.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index1.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "41634922"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 1993
date: Sat, 21 Jan 2023 12:32:30 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122545101
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p12.png
212.47.222.21404 Not Found 341 B URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p12.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1ec31972ec65a65470d3b5d790c1f401
ff246ff3f34725545777856854cd50034c1eba55
664f2b1654c363a6348b688d5d475ed9ec0e7ef3c72f6f315f37fe97a2fe63eb
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p12.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 341
date: Sat, 21 Jan 2023 12:32:30 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122672745
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p22.png
212.47.222.21404 Not Found 341 B URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p22.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1ec31972ec65a65470d3b5d790c1f401
ff246ff3f34725545777856854cd50034c1eba55
664f2b1654c363a6348b688d5d475ed9ec0e7ef3c72f6f315f37fe97a2fe63eb
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p22.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 341
date: Sat, 21 Jan 2023 12:31:18 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 121699313
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p32.png
212.47.222.21404 Not Found 341 B URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p32.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1ec31972ec65a65470d3b5d790c1f401
ff246ff3f34725545777856854cd50034c1eba55
664f2b1654c363a6348b688d5d475ed9ec0e7ef3c72f6f315f37fe97a2fe63eb
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p32.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 341
date: Sat, 21 Jan 2023 12:32:30 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122545104
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p42.png
212.47.222.21404 Not Found 341 B URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p42.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1ec31972ec65a65470d3b5d790c1f401
ff246ff3f34725545777856854cd50034c1eba55
664f2b1654c363a6348b688d5d475ed9ec0e7ef3c72f6f315f37fe97a2fe63eb
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p42.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 341
date: Sat, 21 Jan 2023 12:32:30 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122672748
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p52.png
212.47.222.21404 Not Found 341 B URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p52.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1ec31972ec65a65470d3b5d790c1f401
ff246ff3f34725545777856854cd50034c1eba55
664f2b1654c363a6348b688d5d475ed9ec0e7ef3c72f6f315f37fe97a2fe63eb
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/p52.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 341
date: Sat, 21 Jan 2023 12:32:30 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 121699316
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t11.png
212.47.222.21200 OK 2.0 kB URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t11.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 1200 x 400, 4-bit colormap, non-interlaced\012- data
Hash fcf8c4f54d4aa2e45d2524213a309d56
af81a11579a6175e881ef286332496493ba01132
872c999b89bc3ce9af4344dd5949cc6c189f61cdac6081d5f1d7740cbbea1409
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t11.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "41602185"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 1988
date: Sat, 21 Jan 2023 12:31:18 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122518455
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t12.png
212.47.222.21200 OK 2.1 kB URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t12.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 1200 x 400, 4-bit colormap, non-interlaced\012- data
Hash 87be037e634cd7640bb5fd60e5eab7b2
932b0e18c1bd37e59700e8bf9698245773123f75
190217f126045a17c79860db8302ba1086859ea3db60c8b04ee020a795c298fb
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t12.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2924489868"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 2111
date: Sat, 21 Jan 2023 12:31:05 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122545107
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t21.png
212.47.222.21200 OK 1.9 kB URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t21.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 1200 x 400, 4-bit colormap, non-interlaced\012- data
Hash f28ffffe62dc3a8fdc077bcb5d4cf3af
33499061d00d2225a7246e60d91797b887123f6c
c60df447d7bda33ca222d6a12b1d2033d959bed26a5261f957d4869d08d108b5
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t21.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "571614187"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 1936
date: Sat, 21 Jan 2023 12:32:30 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122672751
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t22.png
212.47.222.21200 OK 2.0 kB URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t22.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 1200 x 400, 4-bit colormap, non-interlaced\012- data
Hash 6d4f7e0a6fdce7f57112afa85aedf773
14b11369253f17d3178cefc33acc7bcc3e82aa4c
fe38148d0cebd36f58c00cb9467b539ee465a2508649c2c1093edcc7003b6eef
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t22.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2187408230"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 2023
date: Sat, 21 Jan 2023 12:32:30 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 121699319
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t23.png
212.47.222.21200 OK 2.6 kB URL HTTP/2 static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t23.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 1200 x 400, 4-bit colormap, non-interlaced\012- data
Hash 1b29e05469a072baee0e2371df00f860
ef7d1742ab180a3edc217a4646a0dcbe6c8cbff9
3439e97985d5c5ba606b861152627f1c73358ec88725965061ba1e12d5771864
GET /banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/t23.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/00e2236a-2772-44fe-8c46-1ad5cc4a3738/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fdigikoristuspaev.telia.ee%252F%253Futm_campaign%253Ddigital-cleanup-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dsiteheader-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex1.html&fExp=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F00e2236a-2772-44fe-8c46-1ad5cc4a3738%2Findex.html&clink=https%3A%2F%2Fdigikoristuspaev.telia.ee%2F%3Futm_campaign%3Ddigital-cleanup-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dsiteheader-est&banner_id=6b8dff82fe67442ea68bbdb52de42fed50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=100&wExp=1000&hExp=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1859385306"
last-modified: Wed, 11 Jan 2023 07:15:51 GMT
content-length: 2559
date: Sat, 21 Jan 2023 12:32:30 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122518458
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3658
Expires: Sat, 21 Jan 2023 13:34:29 GMT
Date: Sat, 21 Jan 2023 12:33:31 GMT
Connection: keep-alive
track.adform.net/adfserve/?CC=1&bn=60909798;1x1inv=1;srctype=3;ord=9605439
37.157.6.233200 OK 4.6 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60909798;1x1inv=1;srctype=3;ord=9605439
IP 37.157.6.233:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b9b31dd1a4f2a081c59df6903cc79587
8b7721c00b3de79a91f38343becc3685b4e07251
0aaf21a4edd525061ef5254226ad590069d9ab12a4e67adb824ce52006c02734
GET /adfserve/?CC=1&bn=60909798;1x1inv=1;srctype=3;ord=9605439 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 12:33:30 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3658
Expires: Sat, 21 Jan 2023 13:34:29 GMT
Date: Sat, 21 Jan 2023 12:33:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3658
Expires: Sat, 21 Jan 2023 13:34:29 GMT
Date: Sat, 21 Jan 2023 12:33:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3658
Expires: Sat, 21 Jan 2023 13:34:29 GMT
Date: Sat, 21 Jan 2023 12:33:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7874784-b02c-447d-8e16-f063fdd288aa.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7874784-b02c-447d-8e16-f063fdd288aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e3fd5bf2e8d88fed518583666d68bfe
69343cd051d27b517a7ea167cd6f755fbbc3bd98
923b733f5f44b8cd69b604d37dd1f1f12035e37a2c9835d77a5b6970ab2f3d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7874784-b02c-447d-8e16-f063fdd288aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7435
x-amzn-requestid: f717c884-7d70-4635-88a9-2a2413ff1448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6xJkGe2oAMFdYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c7623d-04021c3978618c584fc8c830;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 03:06:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8iyrTr5fUucanswzT8czlH2op2twCih3ufvZxdd5moT9802Fe5tfKg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 09:10:16 GMT
age: 12195
etag: "69343cd051d27b517a7ea167cd6f755fbbc3bd98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cxuHpm9vR0_DvHdEtR5p5eRRNAFgCrOTnak0RsH3OeCccehhurKhJA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 01:38:03 GMT
age: 39328
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 893ea518ea7c11ec06ffea60b2ee7921
34675a13bbac6abd1b087e546425e141215cf072
675ec12ed5803fad5036cedc1a3b66229316836bb321b4ad3a34aab56a100ca7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8698
x-amzn-requestid: 97c3bd04-2d8a-447e-85cb-376ea44b283c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0K85GOQIAMFbPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4beb8-5b6517906d2f8bad6488e6f8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: reROJ7ha0LKGWpSMN0ioNVaIrIEhJUn_cfprHVZlfyY7jBoFyKh0rw==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 13:48:55 GMT
age: 81876
etag: "34675a13bbac6abd1b087e546425e141215cf072"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=43f1ff9b6bce46119b6d0ca8fca6542950dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
52.57.219.21200 OK 8.9 kB URL HTTP/2 banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=43f1ff9b6bce46119b6d0ca8fca6542950dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 52.57.219.21:0
Hash 5cece7da2ca131f32fb6a35500cdadc4
05a89be6f4057351525deede9ff2bfde1c48a2ae
d6438881709d089ebec45c7a1b1e81a717bb23b88f6758a461612fffe0034292
GET /index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=43f1ff9b6bce46119b6d0ca8fca6542950dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 12:33:30 GMT
content-type: text/html
server: nginx/1.15.12
last-modified: Wed, 25 May 2022 06:39:17 GMT
vary: Accept-Encoding
etag: W/"628dcf15-177d"
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b08ef55971faa2683ab9f2af8a11dcec
a46c748cccb714f05a068c2438181328b4fbd57a
1d073abf25fbea2d85f34076eae47f9e89502846815094f5288b8e80762a8fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: 67ff0d3d-ed43-4269-92f4-c3eb5445e9c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyBEhzIAMFnCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-27c6ebf6450d0e3275dad906;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8-aCSDcxTLree8fsGCxZEqY0272fNcqQEtHJ7aVAO6XjQRmjZXgqdw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 05:18:04 GMT
age: 26127
etag: "a46c748cccb714f05a068c2438181328b4fbd57a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62d64384cabb3ee773d9baa88c9fa9f5
3457882213a7c2d2ec863d75cf629ae4fe320092
7adc5cd3cc8a30b5c45c2995b27daf66fcf95280a4f5feaa46e559da464c75be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7616632f-cfb4-4f45-819d-1970213c1ca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9669
x-amzn-requestid: d57517dd-07b7-4477-996d-5cb159f1e608
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: euIvoHVNIAMFVWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c254ca-2737608463cd6cd160497e42;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: q29sVPPuKPCG6Q6jhlrnm79kQvNCAC2u36O1eNorlq8sGf7WoZYRRw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 23:33:45 GMT
age: 46786
etag: "3457882213a7c2d2ec863d75cf629ae4fe320092"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
52.57.219.21200 OK 53 kB URL HTTP/2 banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
IP 52.57.219.21:0
File type Web Open Font Format, TrueType, length 53104, version 1.500\012- data
Hash 4f5975fe17a8ca74963be0165ff6a443
4bca2ab6c3da2b6ae09602601adeac22e7a90381
5b8f98e0c93afef19bd64c3dea2a16d60dc1574e5a4a79b788ef03b9eb3c22df
GET /assets/fonts/greycliff-cf-regular.woff HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 21 Jan 2023 12:33:31 GMT
content-type: font/woff
content-length: 53104
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-cf70"
accept-ranges: bytes
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/soKMSoUtgi9tQM5MYviC.jpg
143.204.42.89200 OK 69 kB URL HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/soKMSoUtgi9tQM5MYviC.jpg
IP 143.204.42.89:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x195, components 3\012- data
Hash 3b3a80140cb69917ab572f878123a250
3afd5fa8de0b9c4f59e188b34230ebf13e35ddae
d1a2571d94db05e28fe4a212717d942385324ec9029981f855c8fb2c95bd786f
GET /hotelliveeb/images/general/1/soKMSoUtgi9tQM5MYviC.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 68726
date: Fri, 20 Jan 2023 15:29:34 GMT
last-modified: Mon, 20 Dec 2021 05:01:52 GMT
etag: "3b3a80140cb69917ab572f878123a250"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: l4YNNC50j4tabdn1jqPt35LJM-FTnrW9cRCvTTYShEsdbKxTX3Do5g==
age: 75838
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.21200 OK 0 B URL HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /event?key=FYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=7312163ce61d347df29185db1ff3cc03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 21 Jan 2023 12:31:05 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122155985
age: 0
via: 1.1 varnish (Varnish/6.2)
accept-ranges: bytes
server: lighttpd/1.4.64
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.21200 OK 0 B URL HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /event?key=FYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=7312163ce61d347df29185db1ff3cc03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 21 Jan 2023 12:32:29 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 122571340
age: 0
via: 1.1 varnish (Varnish/6.2)
accept-ranges: bytes
server: lighttpd/1.4.64
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
212.47.222.21200 OK 0 B URL HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /event?key=FYFWuDany3hwv6rfuoAYF62UsJdms4aP3_Q9iMQPbhmLRpqfFk0urC_tr_YF2Nz3oT1GPGenQtKctXxgcSGJ7qDIxJK0gIyw8wzYlXCzHwVXjPCryvuE9SS5l16XD1STNAMpePTDx8QkNFE6lEYgt5hx0XUeZQyi9fW6EaU8LQfzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3dDN2RGebOKln_Bh5um1WAxpUYOt7ZjDppFHkR7zt8imKhNu2BgHENCmUqqfEMASHa5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=7312163ce61d347df29185db1ff3cc03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 21 Jan 2023 12:31:06 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 121699349
age: 0
via: 1.1 varnish (Varnish/6.2)
accept-ranges: bytes
server: lighttpd/1.4.64
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/9XFTBsexLSaW6Uk3nCoS.jpg
143.204.42.89200 OK 59 kB URL HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/9XFTBsexLSaW6Uk3nCoS.jpg
IP 143.204.42.89:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash 2bc0042405de1b87297ef3b0e699e446
1c6098f9283395ff9ebf1f5710a61243a1998947
4848bddd5f564c6e0bf254cc2dd163d73618504f83a6c35e48a2938901d93a83
GET /hotelliveeb/images/general/1/9XFTBsexLSaW6Uk3nCoS.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 59129
date: Fri, 20 Jan 2023 16:27:35 GMT
last-modified: Mon, 20 Dec 2021 05:01:50 GMT
etag: "2bc0042405de1b87297ef3b0e699e446"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AypOhI3HklFUXWU_B5TIAPoM7u72KePvQ0Bu55nVtAwEphXhXWsNeQ==
age: 72363
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=60909798;1x1inv=1;srctype=3;ord=9605439
37.157.6.233302 Found 0 B URL HTTP/2 track.adform.net/adfserve/?bn=60909798;1x1inv=1;srctype=3;ord=9605439
IP 37.157.6.233:0
GET /adfserve/?bn=60909798;1x1inv=1;srctype=3;ord=9605439 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 21 Jan 2023 12:33:30 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=60909798;1x1inv=1;srctype=3;ord=9605439
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Tue, 21-Feb-2023 12:33:30 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2