405 B URL www.upload.ee/download/14800326/e4398404aa471d955ec6/dayzhack.zip
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (405), with no line terminators
Hash 5de786ddc505af14f75644c258b912b6
bed4e9e2ef938b914a56d9a00b6fa7bedfcd211e
4e2350102710f3f36047ebb5de6cc7868e26c117a8375bbe2242daec2d04644d
GET /download/14800326/e4398404aa471d955ec6/dayzhack.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 23 Sep 2023 12:00:37 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 405
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
405 B URL www.upload.ee/download/14800326/e4398404aa471d955ec6/dayzhack.zip
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (405), with no line terminators
Hash 5de786ddc505af14f75644c258b912b6
bed4e9e2ef938b914a56d9a00b6fa7bedfcd211e
4e2350102710f3f36047ebb5de6cc7868e26c117a8375bbe2242daec2d04644d
GET /download/14800326/e4398404aa471d955ec6/dayzhack.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 23 Sep 2023 12:00:37 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 405
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
GET www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
200 OK 9.0 kB URL User Request GET HTTP/1.1 www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
IP
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4526)
Hash 8fdf319dcd04824adfdb9902bcf3925f
3655a20965fdbbe205b320d7652889c1c1e0693d
555cec8efde12bcd276ea3cedbdab573aedad0385c615aef61f2ab3543be4b91
GET /files/14800326/dayzhack.zip.html?msg=sess_error HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/download/14800326/e4398404aa471d955ec6/dayzhack.zip
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 23 Sep 2023 12:00:37 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8993
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 23 Sep 2023 15:00:37 +0300
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
Set-Cookie: lng=eng; expires=Sat, 21-Oct-2023 12:00:37 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None
Content-Encoding: gzip
GET www.upload.ee/favicon.ico
200 OK 1.2 kB URL GET HTTP/1.1 www.upload.ee/favicon.ico
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f299cf2e651c19e48d27900ced493ccb
c2d1086d517d7a26292e0d7b32da7c55b166c23b
115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1
GET /favicon.ico HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/download/14800326/e4398404aa471d955ec6/dayzhack.zip
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 23 Sep 2023 12:00:37 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 16 Dec 2008 17:17:25 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "4947e2a5-47e"
Expires: Sat, 30 Sep 2023 12:00:37 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
GET www.upload.ee/static/ubr__style.css
200 OK 2.9 kB URL GET HTTP/1.1 www.upload.ee/static/ubr__style.css
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (591), with CRLF line terminators
Hash 3ba04e290212b44bcca8f10a60a4e879
a9b021c9019bdbb28250836039b2372a1b4d0f0f
f618b1c7be10c3203620d44c6f323be5b61ac10e67588d96cb69988b3173c7d2
GET /static/ubr__style.css HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 23 Sep 2023 12:00:37 GMT
Content-Type: text/css
Last-Modified: Fri, 04 Oct 2013 10:02:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"524e9233-25a0"
Expires: Sat, 30 Sep 2023 12:00:37 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip
GET du0pud0sdlmzf.cloudfront.net/?dupud=997369
200 OK 118 kB URL GET HTTP/2 du0pud0sdlmzf.cloudfront.net/?dupud=997369
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 118 kB (117711 bytes)
Hash 294a5aeb8a0d83b2c43bac4ade4342f0
83d39700aada7236f6778b17741110afd9ab312c
186f20dd17589d830087a91089cc25daaa84464042b780430b432e7cf89b21b4
GET /?dupud=997369 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 117711
date: Sat, 23 Sep 2023 11:20:59 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: apiE1kryb6PiWY2jCIw-9SqUMesZbXfWWCJ4YAsR6UhIIOErO0xjsQ==
age: 2379
X-Firefox-Spdy: h2
GET www.upload.ee/js/js__file_upload.js
200 OK 27 kB URL GET HTTP/1.1 www.upload.ee/js/js__file_upload.js
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (1853)
Hash 617f6d5a2744bc8c02e3d2c67544bd68
f57c068257c8bc85644d3be1e845c36506cd4625
62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658
GET /js/js__file_upload.js HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 23 Sep 2023 12:00:38 GMT
Content-Type: application/javascript
Content-Length: 27351
Last-Modified: Thu, 07 May 2020 19:13:28 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "5eb45dd8-6ad7"
Expires: Sat, 30 Sep 2023 12:00:38 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Accept-Ranges: bytes
GET www.upload.ee/images/dl_.png
200 OK 1.9 kB URL GET HTTP/1.1 www.upload.ee/images/dl_.png
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type PNG image data, 154 x 32, 8-bit colormap, non-interlaced\012- data
Hash f3e8f284a4e98cdb91b6abfc142d94a4
fa9e618c2f56bea752ddd7e45a372c5539dadda9
2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882
GET /images/dl_.png HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 23 Sep 2023 12:00:38 GMT
Content-Type: image/png
Content-Length: 1900
Last-Modified: Thu, 01 Dec 2016 09:37:27 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "583fef57-76c"
Expires: Sat, 30 Sep 2023 12:00:38 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
GET www.upload.ee/images/arrow.gif
200 OK 59 B URL GET HTTP/1.1 www.upload.ee/images/arrow.gif
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 6 x 9\012- data
Hash 6675f814b94f13f91f1383707b250e36
31452650e8fce2095613a2010799bdb7548bdd51
061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411
GET /images/arrow.gif HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 23 Sep 2023 12:00:38 GMT
Content-Type: image/gif
Content-Length: 59
Last-Modified: Sun, 14 Apr 2013 07:15:01 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "516a5775-3b"
Expires: Sat, 30 Sep 2023 12:00:38 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
471 B IP
Hash 94111c3420bb2c6a13c84437834119c2
a60b1aaa235c754b4f840e14e5c32f3bd1920d3b
9f0636387ba07be147b51285a1e30b77ad2e4e77126f1c1082775fd981b32d78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 12:00:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET www.googletagmanager.com/gtag/js?id=UA-6703115-1
200 OK 52 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-6703115-1
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (2213)
Hash eacd178869eee320eca08e9072db10d0
8fb23d920b9901468f0163016b9e5102ecea819a
e83d72c2d471d989efc30712e03b3c84c2068cf4b6d4d6decdbfe9d016134670
GET /gtag/js?id=UA-6703115-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 23 Sep 2023 12:00:38 GMT
expires: Sat, 23 Sep 2023 12:00:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51717
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
471 B IP
Hash 94111c3420bb2c6a13c84437834119c2
a60b1aaa235c754b4f840e14e5c32f3bd1920d3b
9f0636387ba07be147b51285a1e30b77ad2e4e77126f1c1082775fd981b32d78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 12:00:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET aplainmpatoio.com/Rksxa0snKVIGdCd2U00+NCcMTnkAbgMtLzN7QR4vdjhVByY8LR8IJyk+VQ05KSVFRSUjPxRZDSsfZBs/JR9SHgEXBmkoDy0hcj48CS95WhEXCn8ZAgR/VDwfd3hyWx0ICkkMPQQTfC0tEHNTPQw1bgMpDT4eeg0cMQl0LSA3LwEYHhEYBFgTAC9mIBguGmM5DnMEViIqBSJ4HQgHI2I7MQsuclozNBtGEwYRIngcCQR6UycMfy1/HAEsLloDDwR5ZBITAwpiDSwuAmAcKC4CRiYOEnlZXxMXIGEOMxApYzkBY3lzKA4uD3MRc34YdCF5IANBPhMxL1oJemtycz4IITtzA38VLUYTLRcaa1IuKjNzKSYuf2k5LyMbSFMHDiAIBC4FP3ApJT4gaT0vBSh5GG0sOF4FO3stBREFFAlFLwNxeVsI
200 OK 1.2 kB URL GET HTTP/2 aplainmpatoio.com/Rksxa0snKVIGdCd2U00+NCcMTnkAbgMtLzN7QR4vdjhVByY8LR8IJyk+VQ05KSVFRSUjPxRZDSsfZBs/JR9SHgEXBmkoDy0hcj48CS95WhEXCn8ZAgR/VDwfd3hyWx0ICkkMPQQTfC0tEHNTPQw1bgMpDT4eeg0cMQl0LSA3LwEYHhEYBFgTAC9mIBguGmM5DnMEViIqBSJ4HQgHI2I7MQsuclozNBtGEwYRIngcCQR6UycMfy1/HAEsLloDDwR5ZBITAwpiDSwuAmAcKC4CRiYOEnlZXxMXIGEOMxApYzkBY3lzKA4uD3MRc34YdCF5IANBPhMxL1oJemtycz4IITtzA38VLUYTLRcaa1IuKjNzKSYuf2k5LyMbSFMHDiAIBC4FP3ApJT4gaT0vBSh5GG0sOF4FO3stBREFFAlFLwNxeVsI
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerAmazon
Subjectaplainmpatoio.com
FingerprintD8:1B:FF:C9:30:FF:BD:A5:C3:AE:82:46:FF:89:39:F9:81:20:8A:E3
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3022), with no line terminators
Hash ee5414a0148c7b4e07d57236a81477fb
49456a7329279de6ab4c46ce6f19fc321af8eace
eda823fef6485f7923c02fea268a1f02d0fa926decc6fdd4498fc090788c4c97
GET /Rksxa0snKVIGdCd2U00+NCcMTnkAbgMtLzN7QR4vdjhVByY8LR8IJyk+VQ05KSVFRSUjPxRZDSsfZBs/JR9SHgEXBmkoDy0hcj48CS95WhEXCn8ZAgR/VDwfd3hyWx0ICkkMPQQTfC0tEHNTPQw1bgMpDT4eeg0cMQl0LSA3LwEYHhEYBFgTAC9mIBguGmM5DnMEViIqBSJ4HQgHI2I7MQsuclozNBtGEwYRIngcCQR6UycMfy1/HAEsLloDDwR5ZBITAwpiDSwuAmAcKC4CRiYOEnlZXxMXIGEOMxApYzkBY3lzKA4uD3MRc34YdCF5IANBPhMxL1oJemtycz4IITtzA38VLUYTLRcaa1IuKjNzKSYuf2k5LyMbSFMHDiAIBC4FP3ApJT4gaT0vBSh5GG0sOF4FO3stBREFFAlFLwNxeVsI HTTP/1.1
Host: aplainmpatoio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1176
date: Sat, 23 Sep 2023 12:00:38 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: AY-mllOmf9RE_XgWYA9ESAXHtfrswOx4ijwrOZTk0aqfPtUXmPoTnw==
X-Firefox-Spdy: h2
GET andhthrewdo.com/QUt0U1NudBcgbiQdLiQELQk4CRYPIS1jJyoaMzs5FXkyETIGElInOiV2TWpkdXpAdSMoL0lidTI/FScmMnZFdTovLRtudTd2RX1gdWVHZ31xbQFuYmc/BDI0fHpSIyc1J0liZXh+QGRjdXhMZmV3
204 No Content 0 B URL GET HTTP/2 andhthrewdo.com/QUt0U1NudBcgbiQdLiQELQk4CRYPIS1jJyoaMzs5FXkyETIGElInOiV2TWpkdXpAdSMoL0lidTI/FScmMnZFdTovLRtudTd2RX1gdWVHZ31xbQFuYmc/BDI0fHpSIyc1J0liZXh+QGRjdXhMZmV3
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectandhthrewdo.com
Fingerprint82:9D:09:34:55:07:35:BE:0D:40:F8:AA:5C:EB:64:38:E5:BA:41:84
ValidityWed, 13 Sep 2023 06:21:24 GMT - Tue, 12 Dec 2023 06:21:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /QUt0U1NudBcgbiQdLiQELQk4CRYPIS1jJyoaMzs5FXkyETIGElInOiV2TWpkdXpAdSMoL0lidTI/FScmMnZFdTovLRtudTd2RX1gdWVHZ31xbQFuYmc/BDI0fHpSIyc1J0liZXh+QGRjdXhMZmV3 HTTP/1.1
Host: andhthrewdo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 23 Sep 2023 12:00:38 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agQaM5v3%2F4Erh78A2U9SPk7Xsrbwk3Kei2kNhEK7O1tZNSKQXBXnkLHiXN5KwHBrktbkc6%2FYXE%2FLLL8HJGqqVdxdP2Wefp4QttIRnKn5O54Xb6gC0Hz9rK%2B5aIrC5gqfbqw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b2a0e00ffd0b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET aplainmpatoio.com/d2xweFYWDhMVaRZREl4jBQBNXWQxSUI+MgJcAA0yRx8UFDsNCl4bOhgZFB4kGAIEVjgSGFVKEB42NTIgJjQ9MBomKR4sFDYeM0suPDQoLjUTXAA7HTUbBTAEJUlCPgYNJUk8LBgoPgEPMw8YISInLgcwFRoPODA/LT8TLgM+JQc9OyMHORYXJCY/LgEmIzoqEC0IGxNnNhsDCAMeWCc5AgQnPQ85LyMxKjg1CyZdZDEtGUwcMz9EPB8xNic6EAcaIUgQADRCExohND4zNR0qMhsQTxg3HzlEKkIqFCEoACAyDhQjHD0HFT0tEAA0CjUQJjQ1DTUyIhQaEFpVHy46LRUzOwcmKAlJHRQWJi81G1kIKWchFSgVBDU6MykROhQpOxolCBspBT0WKBYUEzo3KTcRKTlePAQDHghrJx8+Ey4bGiUfZg4APwATEg
200 OK 1.2 kB URL GET HTTP/2 aplainmpatoio.com/d2xweFYWDhMVaRZREl4jBQBNXWQxSUI+MgJcAA0yRx8UFDsNCl4bOhgZFB4kGAIEVjgSGFVKEB42NTIgJjQ9MBomKR4sFDYeM0suPDQoLjUTXAA7HTUbBTAEJUlCPgYNJUk8LBgoPgEPMw8YISInLgcwFRoPODA/LT8TLgM+JQc9OyMHORYXJCY/LgEmIzoqEC0IGxNnNhsDCAMeWCc5AgQnPQ85LyMxKjg1CyZdZDEtGUwcMz9EPB8xNic6EAcaIUgQADRCExohND4zNR0qMhsQTxg3HzlEKkIqFCEoACAyDhQjHD0HFT0tEAA0CjUQJjQ1DTUyIhQaEFpVHy46LRUzOwcmKAlJHRQWJi81G1kIKWchFSgVBDU6MykROhQpOxolCBspBT0WKBYUEzo3KTcRKTlePAQDHghrJx8+Ey4bGiUfZg4APwATEg
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerAmazon
Subjectaplainmpatoio.com
FingerprintD8:1B:FF:C9:30:FF:BD:A5:C3:AE:82:46:FF:89:39:F9:81:20:8A:E3
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3029), with no line terminators
Hash e6b53d9e048dc14325e5137e675c490c
353356a116f924e65180648eb18534616e110e04
f486dfb81839e7c80d596c2287cfa79365e673a4266981c24f8df4f1ea62fddc
GET /d2xweFYWDhMVaRZREl4jBQBNXWQxSUI+MgJcAA0yRx8UFDsNCl4bOhgZFB4kGAIEVjgSGFVKEB42NTIgJjQ9MBomKR4sFDYeM0suPDQoLjUTXAA7HTUbBTAEJUlCPgYNJUk8LBgoPgEPMw8YISInLgcwFRoPODA/LT8TLgM+JQc9OyMHORYXJCY/LgEmIzoqEC0IGxNnNhsDCAMeWCc5AgQnPQ85LyMxKjg1CyZdZDEtGUwcMz9EPB8xNic6EAcaIUgQADRCExohND4zNR0qMhsQTxg3HzlEKkIqFCEoACAyDhQjHD0HFT0tEAA0CjUQJjQ1DTUyIhQaEFpVHy46LRUzOwcmKAlJHRQWJi81G1kIKWchFSgVBDU6MykROhQpOxolCBspBT0WKBYUEzo3KTcRKTlePAQDHghrJx8+Ey4bGiUfZg4APwATEg HTTP/1.1
Host: aplainmpatoio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1184
date: Sat, 23 Sep 2023 12:00:38 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: E3H75FIrkGRAOCC7uwEEId-b5GiqUJV2BUBUlN_n7r3_46nfae0g_w==
X-Firefox-Spdy: h2
GET andhthrewdo.com/YVZRVTNOaTImDjcAHwNmUQwlNAErJzJnVwk0BiFKOGQXOGkpYnchWgVraGwEUmBoc0MIMmxkFRIiMCFGEmtgc1oPMD5oFRdrYHsAVXhiYR1RcCRoAkciITRUXGd3JUcVOmxkBVhjZWIDVWVpYQpZ
204 No Content 0 B URL GET HTTP/2 andhthrewdo.com/YVZRVTNOaTImDjcAHwNmUQwlNAErJzJnVwk0BiFKOGQXOGkpYnchWgVraGwEUmBoc0MIMmxkFRIiMCFGEmtgc1oPMD5oFRdrYHsAVXhiYR1RcCRoAkciITRUXGd3JUcVOmxkBVhjZWIDVWVpYQpZ
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectandhthrewdo.com
Fingerprint82:9D:09:34:55:07:35:BE:0D:40:F8:AA:5C:EB:64:38:E5:BA:41:84
ValidityWed, 13 Sep 2023 06:21:24 GMT - Tue, 12 Dec 2023 06:21:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /YVZRVTNOaTImDjcAHwNmUQwlNAErJzJnVwk0BiFKOGQXOGkpYnchWgVraGwEUmBoc0MIMmxkFRIiMCFGEmtgc1oPMD5oFRdrYHsAVXhiYR1RcCRoAkciITRUXGd3JUcVOmxkBVhjZWIDVWVpYQpZ HTTP/1.1
Host: andhthrewdo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 23 Sep 2023 12:00:38 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDJJemL3zZN%2F%2BjA6VGI%2FnUJg%2BhMlE57kPULSP0zI3hpQieEWnPk3AeH2EmtJBsOTym93ZSpnxjTzOW5UnbvUO%2BbpXYgBpmGcn0oWWeLpITxY7nJ4NkRiy2RrcMRzZxSIjlg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b2a0e00ffb0b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
200 OK 86 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (3034)
Hash 9699264e2c4bfcc62d9b6bf9d78c5dd7
9a4c1eeb4c822c89f6ba2adb0a70ac1f6d20e9f7
14a74fe02e55874ecdce3789650687713796c0d66562fd1ad66a375467ceffc2
GET /gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 23 Sep 2023 12:00:38 GMT
expires: Sat, 23 Sep 2023 12:00:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85870
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET aplainmpatoio.com/V0k3RVM2K1QobDZ0VWMmJSUKYGERbAUDNyJ5RzA3ZzpTKT4tLxkmPzg8UyMhOCdDaz0yPRJ3FRIdBQMyDiNQNhc9GHIHKSQAZylrFS1bHyYCLnU1EC4ieRM5bipyPxUNAE4uYxgOcioWBSp2HQIGOlEHCRQCBj0iBQ9mMBcteFENOjgZeBNrHShmBHZlC3YEBWAbTn0XFRp+ChoWPWIMJBVsBQMGH3wBEWEnAXQrah0AWwgZNiV+HAEgORJ3FRMdeggHAy1yJBUdCFN0MBEfdj0iAiFfDRA5cWMJFjQFcykRJh5PH3ZlD2QNagYKdCIWGBhbHTI7BFQQEj9sBQcGAGRHERAffHIkFR0sfS0ecntxBxU0emUCNDwKb3ACMw9+IBw7MUVjOSQmWTVuHhpWKRs5E24iIxorUg4e
200 OK 1.2 kB URL GET HTTP/2 aplainmpatoio.com/V0k3RVM2K1QobDZ0VWMmJSUKYGERbAUDNyJ5RzA3ZzpTKT4tLxkmPzg8UyMhOCdDaz0yPRJ3FRIdBQMyDiNQNhc9GHIHKSQAZylrFS1bHyYCLnU1EC4ieRM5bipyPxUNAE4uYxgOcioWBSp2HQIGOlEHCRQCBj0iBQ9mMBcteFENOjgZeBNrHShmBHZlC3YEBWAbTn0XFRp+ChoWPWIMJBVsBQMGH3wBEWEnAXQrah0AWwgZNiV+HAEgORJ3FRMdeggHAy1yJBUdCFN0MBEfdj0iAiFfDRA5cWMJFjQFcykRJh5PH3ZlD2QNagYKdCIWGBhbHTI7BFQQEj9sBQcGAGRHERAffHIkFR0sfS0ecntxBxU0emUCNDwKb3ACMw9+IBw7MUVjOSQmWTVuHhpWKRs5E24iIxorUg4e
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerAmazon
Subjectaplainmpatoio.com
FingerprintD8:1B:FF:C9:30:FF:BD:A5:C3:AE:82:46:FF:89:39:F9:81:20:8A:E3
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3005), with no line terminators
Hash f8357a25dd830e13a0bf3da2d9c1f8c3
44d4e469b5f248bc6fb88c69e36f0937215c1d36
95cb74ea6b9439db1d97137f674a1ac67b310c28fdb891e07c62501c9113550e
GET /V0k3RVM2K1QobDZ0VWMmJSUKYGERbAUDNyJ5RzA3ZzpTKT4tLxkmPzg8UyMhOCdDaz0yPRJ3FRIdBQMyDiNQNhc9GHIHKSQAZylrFS1bHyYCLnU1EC4ieRM5bipyPxUNAE4uYxgOcioWBSp2HQIGOlEHCRQCBj0iBQ9mMBcteFENOjgZeBNrHShmBHZlC3YEBWAbTn0XFRp+ChoWPWIMJBVsBQMGH3wBEWEnAXQrah0AWwgZNiV+HAEgORJ3FRMdeggHAy1yJBUdCFN0MBEfdj0iAiFfDRA5cWMJFjQFcykRJh5PH3ZlD2QNagYKdCIWGBhbHTI7BFQQEj9sBQcGAGRHERAffHIkFR0sfS0ecntxBxU0emUCNDwKb3ACMw9+IBw7MUVjOSQmWTVuHhpWKRs5E24iIxorUg4e HTTP/1.1
Host: aplainmpatoio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1163
date: Sat, 23 Sep 2023 12:00:38 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: xAu7YBl0o1jl-7NXGBqrUI-l18tsxf9drmTaB6R_eMwlLJra_0CPuw==
X-Firefox-Spdy: h2
GET andhthrewdo.com/V0g4YzB4d1sQDQQeYhNmERIAOnYRIWIrSCIQCgdZNA8NAlIQER4XWTN1AVoHY3gARUA+LAVSCHE7TAJEIjsFUhY+Jl4MDXE+BVIeZ2YKTQRxPQVSFiM4WQQNZm5IF0Q7dQlVCWJ8D1MEZHANUAI
204 No Content 0 B URL GET HTTP/2 andhthrewdo.com/V0g4YzB4d1sQDQQeYhNmERIAOnYRIWIrSCIQCgdZNA8NAlIQER4XWTN1AVoHY3gARUA+LAVSCHE7TAJEIjsFUhY+Jl4MDXE+BVIeZ2YKTQRxPQVSFiM4WQQNZm5IF0Q7dQlVCWJ8D1MEZHANUAI
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectandhthrewdo.com
Fingerprint82:9D:09:34:55:07:35:BE:0D:40:F8:AA:5C:EB:64:38:E5:BA:41:84
ValidityWed, 13 Sep 2023 06:21:24 GMT - Tue, 12 Dec 2023 06:21:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /V0g4YzB4d1sQDQQeYhNmERIAOnYRIWIrSCIQCgdZNA8NAlIQER4XWTN1AVoHY3gARUA+LAVSCHE7TAJEIjsFUhY+Jl4MDXE+BVIeZ2YKTQRxPQVSFiM4WQQNZm5IF0Q7dQlVCWJ8D1MEZHANUAI HTTP/1.1
Host: andhthrewdo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 23 Sep 2023 12:00:38 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0awiRcKBoY3VwqFHr5EjIdI2XxiGvT6mpnbbI4KsgfxjUHA7%2FGmGUnzEpOl66h9ouWX6l383sy7jW8sHrptHxkB0EnRc378yRF6Q8J9yqIDcSADzT2Nml5LwJUqWnSP38eo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b2a0e038180b51-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.upload.ee/favicon.ico
200 OK 1.2 kB URL GET HTTP/1.1 www.upload.ee/favicon.ico
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f299cf2e651c19e48d27900ced493ccb
c2d1086d517d7a26292e0d7b32da7c55b166c23b
115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1
GET /favicon.ico HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Cookie: lng=eng; _ga_LT9YQX0N49=GS1.1.1695470439.1.0.1695470439.0.0.0; _ga=GA1.1.1096151945.1695470439
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 23 Sep 2023 12:00:38 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 16 Dec 2008 17:17:25 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "4947e2a5-47e"
Expires: Sat, 30 Sep 2023 12:00:38 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
471 B IP
Hash a1df14e0c62a34d1aeeb45ab94638130
d3bdfb2c75f9fdc495b9662ae128e4992accc8d6
e95646a781b21b7bebac7070f1b6e5d511fb2fa24d0b24e382ecc97736e3d92a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 12:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET aplainmpatoio.com/utx?cb=OtuI477Aqpgm&top=www.upload.ee&tid=997369
204 No Content 0 B URL GET HTTP/2 aplainmpatoio.com/utx?cb=OtuI477Aqpgm&top=www.upload.ee&tid=997369
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerAmazon
Subjectaplainmpatoio.com
FingerprintD8:1B:FF:C9:30:FF:BD:A5:C3:AE:82:46:FF:89:39:F9:81:20:8A:E3
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=OtuI477Aqpgm&top=www.upload.ee&tid=997369 HTTP/1.1
Host: aplainmpatoio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 23 Sep 2023 12:00:39 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 23 Sep 2023 12:01:39 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: B3rmv0VOlMh9t02EcIM1bgLMEqlug3LpxAlBAk9aBl_SS04YhR3TWg==
X-Firefox-Spdy: h2
GET aplainmpatoio.com/utx?cb=kplu1yu0loXc&top=www.upload.ee&tid=997414
204 No Content 0 B URL GET HTTP/2 aplainmpatoio.com/utx?cb=kplu1yu0loXc&top=www.upload.ee&tid=997414
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerAmazon
Subjectaplainmpatoio.com
FingerprintD8:1B:FF:C9:30:FF:BD:A5:C3:AE:82:46:FF:89:39:F9:81:20:8A:E3
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=kplu1yu0loXc&top=www.upload.ee&tid=997414 HTTP/1.1
Host: aplainmpatoio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 23 Sep 2023 12:00:39 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 23 Sep 2023 12:01:39 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 930c2e58be2ae5a0faf6f308189d2776.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: yEBZ5T7Mwe9-n7FSrJsGS8zrDEJPPgxnFMDvWYMGogyIGGFrFcSwJA==
X-Firefox-Spdy: h2
471 B IP
Hash a1df14e0c62a34d1aeeb45ab94638130
d3bdfb2c75f9fdc495b9662ae128e4992accc8d6
e95646a781b21b7bebac7070f1b6e5d511fb2fa24d0b24e382ecc97736e3d92a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 12:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:0JsKQkM1HRDCwfBtjy2Cr7gJWEea2A:3_dd12xOEniJ0l3J; Expires=Mon, 22-Sep-2025 12:00:39 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 12:00:39 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVheU-QDGY37UFjiIYtP8eP2RjM6Y0mtSThdXBkvTEIX7hLuzRQPysQzIUMD-Eb6o3XIFwjGA
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce-WfIM5vIcATlBIa3s6HlYCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
602 B URL du0pud0sdlmzf.cloudfront.net/iZEJvQXMHLQEnTBArC3xKXXVcd0pCKBwuHRR/PzI9DzoDNyYDchYtPBwHCmcHHiZScVUIIwEmTkInASJOVWQOJRFZdkk1AwspUi4WATsKMwoXOARnBgV/Ai4JDS4DIFZWBFpvQ0FwX2kLVXNKcjFBcF8tGgo3F2RBVDpXdyxSdkpyMUFwXzMFQXEucENdbF-9oVlZyCCQQDy1KczVWcl5xQ1VyXmRBVCQGMxYCLRdkQSJzXnBdVGQafEI
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (860), with no line terminators
Hash 9aab4b8d9f68d469a5216c4f5f8cdda0
0bf6ba8c42c0b4dfd702504a3d82159ca7b9b526
cac9ff27472b2580c150ceca4ec45400d8c06daf4bad2173c087024717bcda7a
GET /iZEJvQXMHLQEnTBArC3xKXXVcd0pCKBwuHRR/PzI9DzoDNyYDchYtPBwHCmcHHiZScVUIIwEmTkInASJOVWQOJRFZdkk1AwspUi4WATsKMwoXOARnBgV/Ai4JDS4DIFZWBFpvQ0FwX2kLVXNKcjFBcF8tGgo3F2RBVDpXdyxSdkpyMUFwXzMFQXEucENdbF-9oVlZyCCQQDy1KczVWcl5xQ1VyXmRBVCQGMxYCLRdkQSJzXnBdVGQafEI HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aplainmpatoio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 602
date: Sat, 23 Sep 2023 12:00:39 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BDKKw-rB_-FpTantNQi0BiCFsNle6Uz7FoOPwipeRf97-krBVw-_vw==
X-Firefox-Spdy: h2
561 B URL du0pud0sdlmzf.cloudfront.net/mTUptcTcuJQMXCDkjCUwOdH1ZQANrIB4eWT13C0VNAxgvBXMFfV8bVGs+FxUKfWwBEFkqd0sUWS53XFdWKShQRRE5OgIaCiIvCAhSPzMeC1xrPwxMWiIwBB1bLG9fNwJjekhDB2UyXEASfghIQwchIwMET2h4XQkPexVbRRJ+CEhDBz88SEJ2fHpUXwdkb1-9BUCgpBh4SfwxfQQZ9elxBBmh4XRdePy8LHk9oeCtABnxkXVdCcHs
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (789), with no line terminators
Hash 006d3f747d30d7bf42bea8c762012956
b7944c22ff04d9b8016572314dd4a6e32069c431
e8c14ed7964f6acf7497b50508eefe99feb9ab098e9cafeda6c8646bebaca853
GET /mTUptcTcuJQMXCDkjCUwOdH1ZQANrIB4eWT13C0VNAxgvBXMFfV8bVGs+FxUKfWwBEFkqd0sUWS53XFdWKShQRRE5OgIaCiIvCAhSPzMeC1xrPwxMWiIwBB1bLG9fNwJjekhDB2UyXEASfghIQwchIwMET2h4XQkPexVbRRJ+CEhDBz88SEJ2fHpUXwdkb1-9BUCgpBh4SfwxfQQZ9elxBBmh4XRdePy8LHk9oeCtABnxkXVdCcHs HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aplainmpatoio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 561
date: Sat, 23 Sep 2023 12:00:39 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: L8wQNzfGSChv5z6L3eMORroOz5QHX2HD5O5L8QycUIjrVQ-ZoN_sNg==
X-Firefox-Spdy: h2
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:s0KeCV1SZRBvF4f0EORUh8DJfvctYA:0kBLOcpQc9t5bbrQ; Expires=Mon, 22-Sep-2025 12:00:39 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 12:00:39 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhe0jkM_GP6e60kjFh1Z11CifcZ7W1R2D6psrM-I4swEXgGrqNsDDo9QO5QnPGbd1elTFWbg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-NgD_Y2aG28BXhQdGsHpRWQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
185 B URL du0pud0sdlmzf.cloudfront.net/ET2FaYjgsDjQEBzsIPl8BdlZuUgBpCykNVj9cEzFZIyk0OGEoERcAXQQsfBZCK1xqRFQuDz1fHioPOV8JaQA+AAV7Ry8DBSIOIAtUIwB/UH56T2pHCn9JIlMJalIYRwp/DTMMTTdEaFJAd1cFVAxqUhhHCn8TLEcLDlBqWxZ/SH9QCCgEOQlXalMcUAh+UW-pTCH5EaFJeJhM/BFc3RGgkCX5QdFIeOlxr
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 83e1f99725f15cffc162c5ea8cf82b89
3e25c5a0dbbceb6c52100ad79fdd9fac38f7ff1e
1b3d4cf32321bb838d10cce6f9e875561ce5a0c29c9b65657e20ce3f1823f78a
GET /ET2FaYjgsDjQEBzsIPl8BdlZuUgBpCykNVj9cEzFZIyk0OGEoERcAXQQsfBZCK1xqRFQuDz1fHioPOV8JaQA+AAV7Ry8DBSIOIAtUIwB/UH56T2pHCn9JIlMJalIYRwp/DTMMTTdEaFJAd1cFVAxqUhhHCn8TLEcLDlBqWxZ/SH9QCCgEOQlXalMcUAh+UW-pTCH5EaFJeJhM/BFc3RGgkCX5QdFIeOlxr HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://aplainmpatoio.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 185
date: Sat, 23 Sep 2023 12:00:39 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: v9uJcf6fEwOH-HJp54ETdrl8DOp8nBLePTEUB1aWzZDrH3tVl0W2VQ==
X-Firefox-Spdy: h2
472 B IP
Hash 8e0560c46747530b07f20c3704aecf0c
30e8a5e5b62c28ed29ef6408f9044f2d8a911db5
e5b8c6bd88bfb832b0b14cf3e17048b546cbf82d7de8d539f8fdad12794b3cb8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 12:00:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVheU-QDGY37UFjiIYtP8eP2RjM6Y0mtSThdXBkvTEIX7hLuzRQPysQzIUMD-Eb6o3XIFwjGA
302 Found 406 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVheU-QDGY37UFjiIYtP8eP2RjM6Y0mtSThdXBkvTEIX7hLuzRQPysQzIUMD-Eb6o3XIFwjGA
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (396)
Hash bbda1da72fefea859e05db879ac80850
f1702bff64c143ee5be8406b98442f842eed772b
8365445fc3a7ad876b1919a44e7c7ee4e3c7e6d0e4fbdf3f58f50891c2a17931
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVheU-QDGY37UFjiIYtP8eP2RjM6Y0mtSThdXBkvTEIX7hLuzRQPysQzIUMD-Eb6o3XIFwjGA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:nJeItUvPbzsvMYg51XoxQdhTEnIfKQ:C5glwRGwYhW8nLEL;Path=/;Expires=Mon, 22-Sep-2025 12:00:39 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 12:00:39 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcaidjAYb0zkok8GXL8zoXRMXc26Iq03y_wyKbXLxhJ7VQHylabCW3qckAguzFbb4pur0YDZQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1291259851%3A1695470439316269&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-l7MvEy4SlL97ciJGqQyf_Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 406
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhe0jkM_GP6e60kjFh1Z11CifcZ7W1R2D6psrM-I4swEXgGrqNsDDo9QO5QnPGbd1elTFWbg
302 Found 402 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhe0jkM_GP6e60kjFh1Z11CifcZ7W1R2D6psrM-I4swEXgGrqNsDDo9QO5QnPGbd1elTFWbg
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (398)
Hash a140690b7f51d064c3cd058d0685bfd6
75adb5796ef3f9749e1754d9d904aa06f5fa341d
0569360ebccabf42049404d70d88a2395ddbf9f54662feb9526fc63d40616216
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhe0jkM_GP6e60kjFh1Z11CifcZ7W1R2D6psrM-I4swEXgGrqNsDDo9QO5QnPGbd1elTFWbg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:wOzd9ukp4rqXVucbzo62o4KAuWdB8Q:K9QvtzQONebjY-i1;Path=/;Expires=Mon, 22-Sep-2025 12:00:39 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 12:00:39 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdaGCa1wd8QlZrzx80fP6EIeAU4Rj3OkybCXP2OYlI1EA2wRI7ahmN-1Wva8_w6f9fK6lEwZQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S386848694%3A1695470439339547&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: script-src 'nonce-fQ3JyP9Xyzeq6tJp8gl7ig' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 402
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcaidjAYb0zkok8GXL8zoXRMXc26Iq03y_wyKbXLxhJ7VQHylabCW3qckAguzFbb4pur0YDZQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1291259851%3A1695470439316269&theme=glif
403 Forbidden 1.3 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcaidjAYb0zkok8GXL8zoXRMXc26Iq03y_wyKbXLxhJ7VQHylabCW3qckAguzFbb4pur0YDZQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1291259851%3A1695470439316269&theme=glif
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type gzip compressed data, max compression\012- data
Hash fb2d57d84271763341fb7755fa0e3bea
06e46016ccbab5ad53d7b24bd713d254e9767f0a
e2e5638a1f06be240d54b6e5c010cccb5be7ee77887383edf922f67c6e3a8b00
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcaidjAYb0zkok8GXL8zoXRMXc26Iq03y_wyKbXLxhJ7VQHylabCW3qckAguzFbb4pur0YDZQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1291259851%3A1695470439316269&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 12:00:39 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-DqMhbGKfyMaVmPc7sONmOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdaGCa1wd8QlZrzx80fP6EIeAU4Rj3OkybCXP2OYlI1EA2wRI7ahmN-1Wva8_w6f9fK6lEwZQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S386848694%3A1695470439339547&theme=glif
403 Forbidden 2.6 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdaGCa1wd8QlZrzx80fP6EIeAU4Rj3OkybCXP2OYlI1EA2wRI7ahmN-1Wva8_w6f9fK6lEwZQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S386848694%3A1695470439339547&theme=glif
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1656)
Hash cc484c58c196368fe51fad6fa2277e0b
35813a3ad8795cae69ff8827de0e9d5ad396f181
a3721d2c142f37e9ae15ea7ce549759d7385d060a7991e7b21267b1ae99469b5
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdaGCa1wd8QlZrzx80fP6EIeAU4Rj3OkybCXP2OYlI1EA2wRI7ahmN-1Wva8_w6f9fK6lEwZQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S386848694%3A1695470439339547&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 12:00:39 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-_dDOFCTkrtOLdQ1rhDpxCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET static.bepolite.eu/scripts/saresponsive.js
200 OK 177 kB URL GET HTTP/2 static.bepolite.eu/scripts/saresponsive.js
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type ASCII text, with very long lines (32077), with CRLF line terminators
Size 177 kB (176967 bytes)
Hash 636b4ad7f97aa55c2242b396fe3e9f44
b4d6aae9e6f3de7fb4478f9ee5e12a8141bb02ba
54f7e44d9e8b65978b3753e157c4a3c9c338645fcc31429f6c49aca5e4bd1c62
GET /scripts/saresponsive.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "2445274911"
last-modified: Sun, 17 Sep 2023 21:45:34 GMT
content-length: 176967
date: Sat, 23 Sep 2023 11:52:38 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 486455645
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/d6876ab1-3da0-45f3-a575-1503dfbc76c2/14_LUMINOR_Black_Card_SmartAd_EST_300x250px_51.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67355152&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fd6876ab1-3da0-45f3-a575-1503dfbc76c2%2F14_LUMINOR_Black_Card_SmartAd_EST_300x250px_51.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67355152&banner_id=a4c655eac54243c88b25b5913ed9c50b50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=250&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
200 OK 85 kB URL GET HTTP/2 static.bepolite.eu/banners/d6876ab1-3da0-45f3-a575-1503dfbc76c2/14_LUMINOR_Black_Card_SmartAd_EST_300x250px_51.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67355152&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fd6876ab1-3da0-45f3-a575-1503dfbc76c2%2F14_LUMINOR_Black_Card_SmartAd_EST_300x250px_51.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67355152&banner_id=a4c655eac54243c88b25b5913ed9c50b50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=250&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60154)
Hash c3d784eba8cfd57029560be9b4f28078
b0fc38fa2a3b35d1df0938521fadf37525e596cd
44dab1fadd105a3a3df8426e987fe17e2995570511adf928e5cdcb53cc98b784
GET /banners/d6876ab1-3da0-45f3-a575-1503dfbc76c2/14_LUMINOR_Black_Card_SmartAd_EST_300x250px_51.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67355152&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fd6876ab1-3da0-45f3-a575-1503dfbc76c2%2F14_LUMINOR_Black_Card_SmartAd_EST_300x250px_51.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67355152&banner_id=a4c655eac54243c88b25b5913ed9c50b50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=250&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
etag: "606437047"
last-modified: Tue, 05 Sep 2023 04:47:47 GMT
content-length: 85212
date: Sat, 23 Sep 2023 12:00:25 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 492201387
age: 0
X-Firefox-Spdy: h2
GET andhthrewdo.com/popunder.gif
200 OK 3.8 kB URL GET HTTP/3 andhthrewdo.com/popunder.gif
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectandhthrewdo.com
Fingerprint82:9D:09:34:55:07:35:BE:0D:40:F8:AA:5C:EB:64:38:E5:BA:41:84
ValidityWed, 13 Sep 2023 06:21:24 GMT - Tue, 12 Dec 2023 06:21:23 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b8cfe20e35d8920ae6fe2cbfd50bef1b
1dc6707b29ac4b2d4f63d2f8beb8ab25be4ef105
b9d721335f048325388773835526be2b8f9bd3c55340eac8a5b5170211e07801
GET /popunder.gif HTTP/1.1
Host: andhthrewdo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 23 Sep 2023 12:00:39 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 78560
last-modified: Fri, 22 Sep 2023 14:11:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOcojzAV%2FOh5UIkC6r1%2FiLDjKTCNAyMey1wCT1Uuktz34TrLTONBgRAgPsGN%2Fo6yL8zzj9HPTN05prHVMR5qEAoSEULWTJBa7cCQ9mpAYMTa2TXdGKFCV0DYSeQIAeOzPGA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b2a0e5282a5685-OSL
alt-svc: h3=":443"; ma=86400
GET static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/rimivarbamiskampaania1000x200est_hype_generated_script.js?5296
200 OK 5.5 kB URL GET HTTP/2 static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/rimivarbamiskampaania1000x200est_hype_generated_script.js?5296
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type ASCII text, with very long lines (3078)
Hash 9d81292df5073cfc8f3d5404a292b67b
d2639c2ed146ceea49ef117c2c66da303f207aae
abf39ec70bf57aa8514f6497fd6cc16b27bfaab44772b89cdafc5d84a6e6109f
GET /banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/rimivarbamiskampaania1000x200est_hype_generated_script.js?5296 HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "3147684260"
last-modified: Mon, 11 Sep 2023 11:04:16 GMT
content-length: 5537
date: Sat, 23 Sep 2023 12:00:25 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 495753438
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/d6876ab1-3da0-45f3-a575-1503dfbc76c2/14_LUMINOR_Black_Card_SmartAd_EST_300x250px_atlas_1.jpg
200 OK 20 kB URL GET HTTP/2 static.bepolite.eu/banners/d6876ab1-3da0-45f3-a575-1503dfbc76c2/14_LUMINOR_Black_Card_SmartAd_EST_300x250px_atlas_1.jpg
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/d6876ab1-3da0-45f3-a575-1503dfbc76c2/14_LUMINOR_Black_Card_SmartAd_EST_300x250px_51.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67355152&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fd6876ab1-3da0-45f3-a575-1503dfbc76c2%2F14_LUMINOR_Black_Card_SmartAd_EST_300x250px_51.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67355152&banner_id=a4c655eac54243c88b25b5913ed9c50b50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=250&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 0x0, segment length 16, progressive, precision 8, 512x256, components 3\012- data
Hash 05804ee0edbe55811bfb39e993394019
e0a761934a4a3271a97418557453cb69f46a75f1
947cf118d487b784185e554a8d00c91feed78894f12ae9c5b97ca42d5d3cd9ce
GET /banners/d6876ab1-3da0-45f3-a575-1503dfbc76c2/14_LUMINOR_Black_Card_SmartAd_EST_300x250px_atlas_1.jpg HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/d6876ab1-3da0-45f3-a575-1503dfbc76c2/14_LUMINOR_Black_Card_SmartAd_EST_300x250px_51.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67355152&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fd6876ab1-3da0-45f3-a575-1503dfbc76c2%2F14_LUMINOR_Black_Card_SmartAd_EST_300x250px_51.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67355152&banner_id=a4c655eac54243c88b25b5913ed9c50b50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=250&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
accept-ranges: bytes
etag: "3025132769"
last-modified: Tue, 05 Sep 2023 04:47:47 GMT
content-length: 19962
date: Sat, 23 Sep 2023 11:52:39 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 497292906
age: 0
X-Firefox-Spdy: h2
GET cdn.jsdelivr.net/gh/tumult/hype-runtime/HYPE-752.thin.min.js
200 OK 26 kB URL GET HTTP/2 cdn.jsdelivr.net/gh/tumult/hype-runtime/HYPE-752.thin.min.js
IP
Requested by https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type HTML document, ASCII text, with very long lines (3286)
Hash a7736c83b9ad2dd6317674cd4ed0bb68
0366b254fafb4a7a979a69fb9ef7be3434b74d14
4804b62bc3461ff1ab61aa2482690d79db2646701da68b6371ad1485c6f948fd
GET /gh/tumult/hype-runtime/HYPE-752.thin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"de41-A2ayVPr7SnqXmmn7nve+NDS3TRQ"
content-encoding: br
accept-ranges: bytes
date: Sat, 23 Sep 2023 12:00:40 GMT
age: 3591
x-served-by: cache-fra-eddf8230058-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26057
X-Firefox-Spdy: h2
GET code.createjs.com/1.0.0/createjs.min.js
200 OK 67 kB URL GET HTTP/2 code.createjs.com/1.0.0/createjs.min.js
IP
ASN #20940 Akamai International B.V.
Requested by https://static.bepolite.eu/banners/d6876ab1-3da0-45f3-a575-1503dfbc76c2/14_LUMINOR_Black_Card_SmartAd_EST_300x250px_51.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67355152&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fd6876ab1-3da0-45f3-a575-1503dfbc76c2%2F14_LUMINOR_Black_Card_SmartAd_EST_300x250px_51.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67355152&banner_id=a4c655eac54243c88b25b5913ed9c50b50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=250&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerDigiCert Inc
Subjecttls.adobe.com
Fingerprint88:F9:45:0C:5A:A4:E6:B9:EF:07:7C:61:9A:07:71:F4:3F:EA:30:FF
ValidityWed, 08 Feb 2023 00:00:00 GMT - Sun, 10 Mar 2024 23:59:59 GMT
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash ef10a729c388451bc6bb7cd2aa33dd91
ad14ebd960fcfcc67a5b30247c94a91170b09966
21548a9c3759903db898bb1aa70823a177c8158e1af8c7532981370743e278df
GET /1.0.0/createjs.min.js HTTP/1.1
Host: code.createjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Apache
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=900
expires: Sat, 23 Sep 2023 12:15:40 GMT
date: Sat, 23 Sep 2023 12:00:40 GMT
x-n: S
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/tule-toole.png
200 OK 1.7 kB URL GET HTTP/2 static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/tule-toole.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 362 x 51, 8-bit colormap, non-interlaced\012- data
Hash dcaf34e1459792cf9f2189445b74dc3e
e8cf781246e39208cf25037bdd3d104a468c3ad5
cba15ff3321ed8a4bd20a21beb0c2659373974b7a6bac94da7459cea7742d31d
GET /banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/tule-toole.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "4200942369"
last-modified: Mon, 11 Sep 2023 11:04:16 GMT
content-length: 1676
date: Sat, 23 Sep 2023 12:00:25 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 496578942
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/1-1.png
200 OK 832 B URL GET HTTP/2 static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/1-1.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 204 x 37, 4-bit colormap, non-interlaced\012- data
Hash 00335183348d6ee171c6bac5ef5400f0
cd1b887c7fec4e3882aab4e021b43899aa7b1288
e9bddb67e79a3f1f0a65f3876c1e284469d509c79423700feeea64f2bb947333
GET /banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/1-1.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "130337014"
last-modified: Mon, 11 Sep 2023 11:04:16 GMT
content-length: 832
date: Sat, 23 Sep 2023 12:00:25 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 494420679
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/2-1.png
200 OK 4.0 kB URL GET HTTP/2 static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/2-1.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 504 x 69, 4-bit colormap, non-interlaced\012- data
Hash 80c2545a5f5a4e67216e8785bffb59d5
431fa8dde2758a659eb7ab3930ab538c03d56ebb
5a69b4739d7327c7f5c464bd8d6f8b0411b1579d4a6ed9260428c7cbed07255e
GET /banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/2-1.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1491746340"
last-modified: Mon, 11 Sep 2023 11:04:16 GMT
content-length: 3963
date: Sat, 23 Sep 2023 11:52:39 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 497292909
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/white.png
200 OK 995 B URL GET HTTP/2 static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/white.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 90 x 105, 8-bit colormap, non-interlaced\012- data
Hash 3c233b352afdf6f0964e83527d2ec830
73518bc781b18b0596fa89235e65b0fbf19bd493
e7b048333791bff34f6e91de8d6a249a10350a684408fd271e5aec8207572a39
GET /banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/white.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2791080897"
last-modified: Mon, 11 Sep 2023 11:04:16 GMT
content-length: 995
date: Sat, 23 Sep 2023 12:00:05 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 494401666
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/1000x200.jpg
200 OK 57 kB URL GET HTTP/2 static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/1000x200.jpg
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x200, components 3\012- data
Hash 9744522a6cb8802d6b4185ca59faf582
e708931036b7da2fbc9a1350b11b39203c3e0e08
3bf751150586f82b8e850ca4c27a1686f8502c948a03d780cc20deb90e44a47c
GET /banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/1000x200.jpg HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
accept-ranges: bytes
etag: "1132999751"
last-modified: Mon, 11 Sep 2023 11:04:16 GMT
content-length: 56992
date: Sat, 23 Sep 2023 12:00:25 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 496578945
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/files/close-gray.png
200 OK 1.5 kB URL GET HTTP/2 static.bepolite.eu/files/close-gray.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 41d9676ab94bece3f7a549b4769ddbe2
521f14490fc57fea51e2e5bf00e2299dce51561b
c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34
GET /files/close-gray.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1971769258"
last-modified: Fri, 08 Apr 2022 18:07:56 GMT
content-length: 1497
date: Sat, 23 Sep 2023 12:00:26 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 497617050
age: 0
X-Firefox-Spdy: h2
GET serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0O_0twAL41OnQO0ECKEmoj7Z7oQ-6ad2mNndhDufbZZr71xPUAnGTZGIXDZ4rHo9va5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=b6c595477ff8d0f368b4b7a1230339ab
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 23 Sep 2023 12:00:26 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 494420691
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=b6c595477ff8d0f368b4b7a1230339ab
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 23 Sep 2023 12:00:26 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 496152571
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=b6c595477ff8d0f368b4b7a1230339ab
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 23 Sep 2023 12:00:27 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 481421124
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET pogothere.xyz/asd100.bin
200 OK 102 kB IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 12:00:39 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 18
last-modified: Sat, 23 Sep 2023 12:00:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLOEp8lnUVzKBfNtv%2B5C5NqF%2BXWp3zLX4LXXzCSFCvhYnZhG7CmUBEP6Ds1ILKOh4vH%2Bj4AupRLaN%2FvYYeinWHoFVWj0gYRy5ZzpSIC97LrqxGK%2B7W9fCBVJMy%2BSvkV4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b2a0e44cd056aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET pogothere.xyz/
200 OK 26 B IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash d2ca933123d7117415d394c812e99dce
8d969e7fcbd7a22d85bd5e24d3cebc4f085643c1
1727d5f4b266a28a1e810dd4c4fe8802e43b0092486eee909c84ab72b256a6fb
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 12:00:39 GMT
content-type: text/plain
set-cookie: csu=871518076695410@1@1695470439; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lHHeOyhVH%2BK239pZX%2B66XTxMqX%2FC679UApKcDfUztYOMubqdlDV88Z1BdumYslVw4tZffnzyYBsW8IEebi38OfOlY12OV0TikZKuFBjO9KcZcMADCv7BCqDoofbYuxl%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b2a0e43cc656aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
200 OK 3.8 kB URL GET HTTP/2 static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (4215), with no line terminators
Hash 0ec8ccb37d80c8e115ceae8062dfa543
f7e55694a866ba43d5797471c950888d429aea53
6c3374964b9ce90a699d40893285dbf25066b5f652d1ec6734a8b6f2d0143f60
GET /banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
etag: "4176067309"
last-modified: Mon, 11 Sep 2023 11:04:16 GMT
content-length: 3786
date: Sat, 23 Sep 2023 11:52:38 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 486455651
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/rimi-logo.png
200 OK 2.7 kB URL GET HTTP/2 static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/rimi-logo.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 217 x 78, 8-bit colormap, non-interlaced\012- data
Hash 182a326514ebdc1184b5bdbe8936477a
c2175d9f486fcd7dfcca879ffbc6193eba2c1137
c5ee3f53d4b7016bee074b9f506c56af29f7b410e5fe9b22296581359c70214c
GET /banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/rimi-logo.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/a29e5aad-7c1f-436e-83d4-5f350b53a4f1/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D67146737&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9KAzJP5CjPVUSc5rWI7oQKlcVDkcFJUO4Mq_rDzP0Ioig0v0ZRPTqt2gDoP-UNDraDFDpqZKqFxqqnhhbEKyfg19xwkhowGn9NZmLdar2EAj-V2OyoB0kxep4Nl6VDQ4yhU10Ll3Wz20UX4zri2Jh3zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1vxUpMUnEtATkt1k2QUJnmnN86k22Gl6lCI4BKHfTYA-k5vWP825Jw2DxMaJaaUWDa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fa29e5aad-7c1f-436e-83d4-5f350b53a4f1%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67146737&banner_id=3b358ffefd664507985a83f9d5fe184150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "4222046428"
last-modified: Mon, 11 Sep 2023 11:04:16 GMT
content-length: 2651
date: Sat, 23 Sep 2023 12:00:25 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 494401663
age: 0
X-Firefox-Spdy: h2
GET pogothere.xyz/asd100.bin
200 OK 102 kB IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 12:00:39 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 18
last-modified: Sat, 23 Sep 2023 12:00:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgWbkHW%2BdbKnR260J8XURSUNHCuzdvbojqFFvP8zke8jJ6duY3%2FwEoGz%2FGN3rvKDhfdDqMgfcaWJTxH6pKws9XUDGRioX5JfZD3ppL8evjMK2kPurYWNkL6WIV5ZSEJN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b2a0e43cbb56aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET pogothere.xyz/
200 OK 27 B IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash c277a5ee4318af3a7a12fdac1d88fbcf
a116e0ae76d52da2a99089447e109306140025e3
2c4547626fb7c3177806b3ba8e6e500ffcd65468ce04c5e2338f30b2e82eef52
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 23 Sep 2023 12:00:39 GMT
content-type: text/plain
set-cookie: csu=1896644686854541@1@1695470439; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eol0lkWT3ynmX4Nat4D7XA39H4NFsS3MXYtNppDjnm%2BRWtFOY91m5i7K76oOaYHVTkxVbt2CDueXn94hS4X%2BIYlQVvd09QCi1FCIUxLsccOqehT2qgtk719OrFKFrqNX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b2a0e43cc156aa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=3982206&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14800326%2Fe4398404aa471d955ec6%2Fdayzhack.zip&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14800326%2Fdayzhack.zip.html%3Fmsg%3Dsess_error&rnd=1695470438479
0 B URL GET serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=3982206&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14800326%2Fe4398404aa471d955ec6%2Fdayzhack.zip&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14800326%2Fdayzhack.zip.html%3Fmsg%3Dsess_error&rnd=1695470438479
IP
Requested by https://www.upload.ee/files/14800326/dayzhack.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=3982206&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14800326%2Fe4398404aa471d955ec6%2Fdayzhack.zip&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14800326%2Fdayzhack.zip.html%3Fmsg%3Dsess_error&rnd=1695470438479 HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private, must-revalidate, max-age=0
vary: accept-encoding
content-encoding: gzip
content-type: text/plain;charset=ISO-8859-1
date: Sat, 23 Sep 2023 12:00:04 GMT
set-cookie: bepolite_id=b6c595477ff8d0f368b4b7a1230339ab; Max-Age=7776000; Expires=Fri, 22-Dec-2023 12:00:04 GMT; SameSite=None; Secure
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 492201372
age: 0
accept-ranges: bytes
content-length: 1778
X-Firefox-Spdy: h2
51.91.30.159
188.114.97.1
142.250.74.168
212.47.222.21
23.36.76.145
0.0.0.0
0.0.0.0