www.upload.ee/download/13008892/a4c70a2b65651deedf8b/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip
51.91.30.159 471 B URL www.upload.ee/download/13008892/a4c70a2b65651deedf8b/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (471), with no line terminators
Hash 15952ca5351a8050127221d03de828da
d0863936209d68420cb324220c871383ec8122ce
077a0141d30310aaec550dd52ac9d24e12650a889ce2118a3170e0de91413d82
GET /download/13008892/a4c70a2b65651deedf8b/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 30 Nov 2023 08:21:19 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 471
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
www.upload.ee/download/13008892/a4c70a2b65651deedf8b/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip
51.91.30.159 471 B URL www.upload.ee/download/13008892/a4c70a2b65651deedf8b/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (471), with no line terminators
Hash 15952ca5351a8050127221d03de828da
d0863936209d68420cb324220c871383ec8122ce
077a0141d30310aaec550dd52ac9d24e12650a889ce2118a3170e0de91413d82
GET /download/13008892/a4c70a2b65651deedf8b/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 30 Nov 2023 08:21:19 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 471
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
51.91.30.159200 OK 9.0 kB URL User Request GET HTTP/1.1 www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
IP 51.91.30.159:443
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4526)
Hash 49b5e8be472f30d8b0fb1f358155cec6
f456a1e1cd0d2d6d737950c6b40700b63b1c8569
5f9d98b0811be8afd9e71330c3630be3f3674d2a1be8d1c162543b951b1ab50e
GET /files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/download/13008892/a4c70a2b65651deedf8b/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:21:19 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 9022
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu, 30 Nov 2023 10:21:19 +0200
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
Set-Cookie: lng=eng; expires=Thu, 28-Dec-2023 08:21:19 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None
Content-Encoding: gzip
du0pud0sdlmzf.cloudfront.net/?dupud=997369
143.204.42.48200 OK 118 kB URL GET HTTP/2 du0pud0sdlmzf.cloudfront.net/?dupud=997369
IP 143.204.42.48:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15945)
Size 118 kB (117741 bytes)
Hash 1ba11ea7dfe5c9e33939f906e76d433b
f61aa115103e848b810fe58ff3430c975eb142f6
1d126181c86662e07f13b39958759d47c58c65dac3c8a89f91a5656af2a31e5c
GET /?dupud=997369 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 117741
date: Thu, 30 Nov 2023 08:21:05 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sFrxFm1opEpHTSGXxxHPfJ7QDen-JhGEzOiItjR7ex951g-sY4XwTA==
age: 14
X-Firefox-Spdy: h2
www.upload.ee/static/ubr__style.css
51.91.30.159200 OK 2.8 kB URL GET HTTP/1.1 www.upload.ee/static/ubr__style.css
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (591), with CRLF line terminators
Hash 7b9692d4caecccf38e40d2333f8e00b0
8ecb4f873571250f02a5cc2ceff0a24aed25fc33
c4042306388924b75aa7d584c1e61165264967a52d09544ecba836f0d00eb9b9
GET /static/ubr__style.css HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:21:19 GMT
Content-Type: text/css
Last-Modified: Tue, 17 Oct 2023 12:17:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"652e7b50-24da"
Expires: Thu, 07 Dec 2023 08:21:19 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip
www.upload.ee/js/js__file_upload.js
51.91.30.159200 OK 7.7 kB URL GET HTTP/1.1 www.upload.ee/js/js__file_upload.js
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (1853)
Hash 66684709338f7239056ff3302e16bc4a
7dbd501434bdc062cdc8f6744e272a7d39ca5136
5163e50a8fe4549a8ca064e266de9c8e6aebd1d848185e0931959824a4d32c0f
GET /js/js__file_upload.js HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:21:19 GMT
Content-Type: application/javascript
Last-Modified: Tue, 17 Oct 2023 12:32:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"652e7ed5-651c"
Expires: Thu, 07 Dec 2023 08:21:19 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=UA-6703115-1
142.250.74.168200 OK 51 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-6703115-1
IP 142.250.74.168:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (2213)
Hash 2fbb91c07ca6b48cbcbef1007015dd4c
9636667a015aa65bf7b80b96f5aa13ea3547728c
615f8852cc06ee67fa3e0c5f2010522c5de7f2b56e807fa64c9f9e1bb8ef496e
GET /gtag/js?id=UA-6703115-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 08:21:19 GMT
expires: Thu, 30 Nov 2023 08:21:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.upload.ee/images/dl_.png
51.91.30.159200 OK 1.9 kB URL GET HTTP/1.1 www.upload.ee/images/dl_.png
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type PNG image data, 154 x 32, 8-bit colormap, non-interlaced\012- data
Hash f3e8f284a4e98cdb91b6abfc142d94a4
fa9e618c2f56bea752ddd7e45a372c5539dadda9
2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882
GET /images/dl_.png HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:21:19 GMT
Content-Type: image/png
Content-Length: 1900
Last-Modified: Thu, 01 Dec 2016 09:37:27 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "583fef57-76c"
Expires: Thu, 07 Dec 2023 08:21:19 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.upload.ee/images/arrow.gif
51.91.30.159200 OK 59 B URL GET HTTP/1.1 www.upload.ee/images/arrow.gif
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 6 x 9\012- data
Hash 6675f814b94f13f91f1383707b250e36
31452650e8fce2095613a2010799bdb7548bdd51
061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411
GET /images/arrow.gif HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:21:19 GMT
Content-Type: image/gif
Content-Length: 59
Last-Modified: Sun, 14 Apr 2013 07:15:01 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "516a5775-3b"
Expires: Thu, 07 Dec 2023 08:21:19 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
thethateronjus.com/eWJ4TlZWXRs9ayMJIjgbSRogLWcaLh4YBAE1ORRgLyo2LxQXCV46Px1fQXdhSlRBaCYQBkV/cAoWGTojCl9JaD8XBBdzcA9fSWBlTUxLenhJRA1zZ18WCC8xRFNePiINDkV/YUlTS31kTVpMfW9L
172.67.149.212204 No Content 0 B URL GET HTTP/2 thethateronjus.com/eWJ4TlZWXRs9ayMJIjgbSRogLWcaLh4YBAE1ORRgLyo2LxQXCV46Px1fQXdhSlRBaCYQBkV/cAoWGTojCl9JaD8XBBdzcA9fSWBlTUxLenhJRA1zZ18WCC8xRFNePiINDkV/YUlTS31kTVpMfW9L
IP 172.67.149.212:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectthethateronjus.com
Fingerprint82:8D:02:28:9C:46:8E:23:CC:97:0B:83:3E:AA:C0:6D:6A:0B:B1:5C
ValidityMon, 27 Nov 2023 16:41:03 GMT - Sun, 25 Feb 2024 16:41:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eWJ4TlZWXRs9ayMJIjgbSRogLWcaLh4YBAE1ORRgLyo2LxQXCV46Px1fQXdhSlRBaCYQBkV/cAoWGTojCl9JaD8XBBdzcA9fSWBlTUxLenhJRA1zZ18WCC8xRFNePiINDkV/YUlTS31kTVpMfW9L HTTP/1.1
Host: thethateronjus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 30 Nov 2023 08:21:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRJ9t2A0YLe0vIJOC%2BJvKK9qxnU6KTORW2oDEHAY6dtXElqcuBn1gb7EXYb9Vivmq%2BsbjVQCfG4OTIUyerLPlnrQE2Ye1ygFcVrrqaZIPvMPAiEYYezSad%2Fyo4FUdA5aw%2B0kpOw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1ad1feb5ab4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
atherthishinhe.com/MUUxVUlQJ1I4dlB4U3M8QykMcHt3YAMTLUR1QSAtATZVOSRLIx82JV4wVTM7XitFeydUMRRnD3kTXC0mVS58ZAhGHGAzCngDdRA9BycAIStgDUEiC1k2axkaaxd+FABWH1syB3cBXmULZy1gGzBGDGcAE10KVmUOdB0EIgpgHGczJFUOcgcAWSQAPQZwL3xgCwAQdBswUiByMj5cC2NlD2QBaGYcYBBrGh0JBHMXLVwfciUtZg1/LxFdLVQbDQkGdRciAQ9kOShjLAE8Gmc1djYkawZmEwdGA3Q5KGMvYHB7dwRdYAprKGQgHWQXSxklQSZkZghkFmd4OXYIYhcDZj9VLBNdKXYHJEE/aTkuYw9bAAFzdH8tDHdwaAd6fyhpAyF5H1wHKnUtCS0ERip5ESRrLno5JXYhXz0qZSJ/cHtzH0ZzI0IqXyV0YTFSZR1UJ0g3IAE
54.230.111.27200 OK 1.2 kB URL GET HTTP/2 atherthishinhe.com/MUUxVUlQJ1I4dlB4U3M8QykMcHt3YAMTLUR1QSAtATZVOSRLIx82JV4wVTM7XitFeydUMRRnD3kTXC0mVS58ZAhGHGAzCngDdRA9BycAIStgDUEiC1k2axkaaxd+FABWH1syB3cBXmULZy1gGzBGDGcAE10KVmUOdB0EIgpgHGczJFUOcgcAWSQAPQZwL3xgCwAQdBswUiByMj5cC2NlD2QBaGYcYBBrGh0JBHMXLVwfciUtZg1/LxFdLVQbDQkGdRciAQ9kOShjLAE8Gmc1djYkawZmEwdGA3Q5KGMvYHB7dwRdYAprKGQgHWQXSxklQSZkZghkFmd4OXYIYhcDZj9VLBNdKXYHJEE/aTkuYw9bAAFzdH8tDHdwaAd6fyhpAyF5H1wHKnUtCS0ERip5ESRrLno5JXYhXz0qZSJ/cHtzH0ZzI0IqXyV0YTFSZR1UJ0g3IAE
IP 54.230.111.27:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerAmazon
Subjectatherthishinhe.com
Fingerprint24:51:A0:C2:53:EA:9C:3F:AF:A6:4C:DC:B9:E3:2B:B2:B6:EE:3C:93
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3039), with no line terminators
Hash 16b795446169b183942f844136787599
456097471f8e1cc92e06222cb8cdcb2d41679294
65f2d8646778b0ab9a572a36efbe58f58a97c53bcc5b8d5dad14f8a0e1224a81
GET /MUUxVUlQJ1I4dlB4U3M8QykMcHt3YAMTLUR1QSAtATZVOSRLIx82JV4wVTM7XitFeydUMRRnD3kTXC0mVS58ZAhGHGAzCngDdRA9BycAIStgDUEiC1k2axkaaxd+FABWH1syB3cBXmULZy1gGzBGDGcAE10KVmUOdB0EIgpgHGczJFUOcgcAWSQAPQZwL3xgCwAQdBswUiByMj5cC2NlD2QBaGYcYBBrGh0JBHMXLVwfciUtZg1/LxFdLVQbDQkGdRciAQ9kOShjLAE8Gmc1djYkawZmEwdGA3Q5KGMvYHB7dwRdYAprKGQgHWQXSxklQSZkZghkFmd4OXYIYhcDZj9VLBNdKXYHJEE/aTkuYw9bAAFzdH8tDHdwaAd6fyhpAyF5H1wHKnUtCS0ERip5ESRrLno5JXYhXz0qZSJ/cHtzH0ZzI0IqXyV0YTFSZR1UJ0g3IAE HTTP/1.1
Host: atherthishinhe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1191
date: Thu, 30 Nov 2023 08:21:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mgLVPRpKKpC-spjxICHuL416pKIRD2swN4L12yfChrANSqI8gKT-4g==
X-Firefox-Spdy: h2
thethateronjus.com/VDRMRkV7Cy81eAVYGg0IEQE0JB0zcCkOHydXKy5gZnIoAQdxBgoEK2ASOC8haQ11cXFkDGo2LDAJfX5jJ0AtMjAnCX1gLDpSI3tjIgl9aHV6BmJyYyEJfWAxJFUre3RyRDgyKWkFe3Z0Zwd+cn1gAH5w
172.67.149.212204 No Content 0 B URL GET HTTP/2 thethateronjus.com/VDRMRkV7Cy81eAVYGg0IEQE0JB0zcCkOHydXKy5gZnIoAQdxBgoEK2ASOC8haQ11cXFkDGo2LDAJfX5jJ0AtMjAnCX1gLDpSI3tjIgl9aHV6BmJyYyEJfWAxJFUre3RyRDgyKWkFe3Z0Zwd+cn1gAH5w
IP 172.67.149.212:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectthethateronjus.com
Fingerprint82:8D:02:28:9C:46:8E:23:CC:97:0B:83:3E:AA:C0:6D:6A:0B:B1:5C
ValidityMon, 27 Nov 2023 16:41:03 GMT - Sun, 25 Feb 2024 16:41:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VDRMRkV7Cy81eAVYGg0IEQE0JB0zcCkOHydXKy5gZnIoAQdxBgoEK2ASOC8haQ11cXFkDGo2LDAJfX5jJ0AtMjAnCX1gLDpSI3tjIgl9aHV6BmJyYyEJfWAxJFUre3RyRDgyKWkFe3Z0Zwd+cn1gAH5w HTTP/1.1
Host: thethateronjus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 30 Nov 2023 08:21:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WfNcQVgUtduB4%2BVYvMyh3LJNLnlPiB6EppbegRNiBpSkis1DfyY6NRpZ%2F0c6YdZmPZ0EjXRAuJto3NcdD8uu6GFlBb6UJUsgz7NBJAaSl09%2FDuVdTe%2Bmr%2FAbpOpT9aTgQOuBck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1ad207bd7b4f7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
atherthishinhe.com/dXNkYm0UEQcPUhROBkQYBx9ZR18zVlYkCQBDFBcJRQAADgAPFUoBARoGAAQfGh0QTAMQB0FQKz8mCVcXIR8DGiwnQws4FCw7IlEjHRJVDiUTHiZSLzQyDCwEPyc0CgY2PSYWIT8gAyclNhA8KSkdOiYYPE0RVVc7PBkPWi4gRgsyOQI9MAxUUEEmLxoaIQdQFUU0HCgXOydUNyocOlQvXQExJyVcTSsIOFUUOws4KhwyXDI/HjIFUB0cMiUGHxQeLgQ8RzELBlxFCwVQHRw0Ng0KFx4+Ljw0C107K0E/ASUVRiswJB8UHi0BLyIHFidcTDcBUTccIVVPN00SIDchMDAxUQlEBFUEKh0ZPAkjUEEiAyo7PzU6WVBBJi0VAiQvJg4EIFQnJBQkLgA1LUZBUC8/QiohSx8ACwwdSD4zOAsASw8SOwcnPRIH
54.230.111.27200 OK 1.2 kB URL GET HTTP/2 atherthishinhe.com/dXNkYm0UEQcPUhROBkQYBx9ZR18zVlYkCQBDFBcJRQAADgAPFUoBARoGAAQfGh0QTAMQB0FQKz8mCVcXIR8DGiwnQws4FCw7IlEjHRJVDiUTHiZSLzQyDCwEPyc0CgY2PSYWIT8gAyclNhA8KSkdOiYYPE0RVVc7PBkPWi4gRgsyOQI9MAxUUEEmLxoaIQdQFUU0HCgXOydUNyocOlQvXQExJyVcTSsIOFUUOws4KhwyXDI/HjIFUB0cMiUGHxQeLgQ8RzELBlxFCwVQHRw0Ng0KFx4+Ljw0C107K0E/ASUVRiswJB8UHi0BLyIHFidcTDcBUTccIVVPN00SIDchMDAxUQlEBFUEKh0ZPAkjUEEiAyo7PzU6WVBBJi0VAiQvJg4EIFQnJBQkLgA1LUZBUC8/QiohSx8ACwwdSD4zOAsASw8SOwcnPRIH
IP 54.230.111.27:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerAmazon
Subjectatherthishinhe.com
Fingerprint24:51:A0:C2:53:EA:9C:3F:AF:A6:4C:DC:B9:E3:2B:B2:B6:EE:3C:93
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators
Hash 68eedd3d61129a473c8417a0e1934e2f
a07087e0aa66627c7701024ad7994fe67dddd69a
50d5d3b3b4a943300f41959b0efc572133eb063c13688a109bdc59a8c28a3908
GET /dXNkYm0UEQcPUhROBkQYBx9ZR18zVlYkCQBDFBcJRQAADgAPFUoBARoGAAQfGh0QTAMQB0FQKz8mCVcXIR8DGiwnQws4FCw7IlEjHRJVDiUTHiZSLzQyDCwEPyc0CgY2PSYWIT8gAyclNhA8KSkdOiYYPE0RVVc7PBkPWi4gRgsyOQI9MAxUUEEmLxoaIQdQFUU0HCgXOydUNyocOlQvXQExJyVcTSsIOFUUOws4KhwyXDI/HjIFUB0cMiUGHxQeLgQ8RzELBlxFCwVQHRw0Ng0KFx4+Ljw0C107K0E/ASUVRiswJB8UHi0BLyIHFidcTDcBUTccIVVPN00SIDchMDAxUQlEBFUEKh0ZPAkjUEEiAyo7PzU6WVBBJi0VAiQvJg4EIFQnJBQkLgA1LUZBUC8/QiohSx8ACwwdSD4zOAsASw8SOwcnPRIH HTTP/1.1
Host: atherthishinhe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Thu, 30 Nov 2023 08:21:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gzrp135400Du5kPVIj7ylhivoz054Zx1qeSfnBVEPKFDptWzG-ovAQ==
X-Firefox-Spdy: h2
thethateronjus.com/Qm9kSXptUAc6RycDA3ouFxs0Kx0mVwIMAjIuPBtMEQITAR4KX0I9EyZSXXBNdl5QbworC1l4XDEbBT0PMVJVbxMsCQt0XDRSVWdJdkFXfVRySRF0S2QbFCgdf15COQ42A1l4TXJeV3pIdldQfU1w
172.67.149.212204 No Content 0 B URL GET HTTP/3 thethateronjus.com/Qm9kSXptUAc6RycDA3ouFxs0Kx0mVwIMAjIuPBtMEQITAR4KX0I9EyZSXXBNdl5QbworC1l4XDEbBT0PMVJVbxMsCQt0XDRSVWdJdkFXfVRySRF0S2QbFCgdf15COQ42A1l4TXJeV3pIdldQfU1w
IP 172.67.149.212:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectthethateronjus.com
Fingerprint82:8D:02:28:9C:46:8E:23:CC:97:0B:83:3E:AA:C0:6D:6A:0B:B1:5C
ValidityMon, 27 Nov 2023 16:41:03 GMT - Sun, 25 Feb 2024 16:41:02 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Qm9kSXptUAc6RycDA3ouFxs0Kx0mVwIMAjIuPBtMEQITAR4KX0I9EyZSXXBNdl5QbworC1l4XDEbBT0PMVJVbxMsCQt0XDRSVWdJdkFXfVRySRF0S2QbFCgdf15COQ42A1l4TXJeV3pIdldQfU1w HTTP/1.1
Host: thethateronjus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 30 Nov 2023 08:21:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvESNFZQwuh%2FOrQaHP9t6EwLYGJlAUqIv47w%2B%2FmCXpPBvUNJtOK9AGTzvu4X%2FdkGLr2YEcrZ8UI84atE6Do7UD0E5av6fwhjcGFdWYuwVf8Iq1FEkaImfY%2FRO4kMxFxMB0822eU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1ad211971b4ee-OSL
alt-svc: h3=":443"; ma=86400
atherthishinhe.com/Y2xzam8CDhAHUAJREUwaEQBOT10lSUEsCxZcAx8LUx8XBgIZCl0JAwwZFwwdDAIHRAEGGFZYKRo/OxpZNgYyGCkxPUMuFRQ4OwdXKQ8mWyA6GyEfKiIHSjIFCyQ4Pgs3JCArXiI0AE9dJSIbXis0L0ddKlA+NicHViQqAjYIKws7Xic7RwwpJyk9DzkUDj0GJVI4Hx0CMi8QOD0aLjYlPgQ1OCw6ES8LDl8xPx8iKRldOCM9Ojs+EjlVPDZTVyIrQiM8DRw7Iz0yCSM/DFQ0QwIGOwYLDDwkJTEPKTEnFx0iKDRDAgYxFTY/OyQ1JQ8VCwoqKy4UODZHWlAtBBoJMCs5KT8PVTkvGCVYJ1s9CiskWyYwBiU8JBspJQ4YKiMgLx8JLTsCIzABPjwKCAMQJV8qGDsoOhIqKwVXMF46LDUIHBAgGFJZVQAcDAIDVzwGDyYwIDAnBCYLMgQVKwY
54.230.111.27200 OK 1.2 kB URL GET HTTP/2 atherthishinhe.com/Y2xzam8CDhAHUAJREUwaEQBOT10lSUEsCxZcAx8LUx8XBgIZCl0JAwwZFwwdDAIHRAEGGFZYKRo/OxpZNgYyGCkxPUMuFRQ4OwdXKQ8mWyA6GyEfKiIHSjIFCyQ4Pgs3JCArXiI0AE9dJSIbXis0L0ddKlA+NicHViQqAjYIKws7Xic7RwwpJyk9DzkUDj0GJVI4Hx0CMi8QOD0aLjYlPgQ1OCw6ES8LDl8xPx8iKRldOCM9Ojs+EjlVPDZTVyIrQiM8DRw7Iz0yCSM/DFQ0QwIGOwYLDDwkJTEPKTEnFx0iKDRDAgYxFTY/OyQ1JQ8VCwoqKy4UODZHWlAtBBoJMCs5KT8PVTkvGCVYJ1s9CiskWyYwBiU8JBspJQ4YKiMgLx8JLTsCIzABPjwKCAMQJV8qGDsoOhIqKwVXMF46LDUIHBAgGFJZVQAcDAIDVzwGDyYwIDAnBCYLMgQVKwY
IP 54.230.111.27:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerAmazon
Subjectatherthishinhe.com
Fingerprint24:51:A0:C2:53:EA:9C:3F:AF:A6:4C:DC:B9:E3:2B:B2:B6:EE:3C:93
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3050), with no line terminators
Hash b80f4b2bd545a84a809c73e67a04e7d6
b79368f05dab85e5c5f25f8d50817016dc8bd858
d888d849fcdd797da9cb1a3abb89f94e571d74b8f016624b7e76a64ac7144ea2
GET /Y2xzam8CDhAHUAJREUwaEQBOT10lSUEsCxZcAx8LUx8XBgIZCl0JAwwZFwwdDAIHRAEGGFZYKRo/OxpZNgYyGCkxPUMuFRQ4OwdXKQ8mWyA6GyEfKiIHSjIFCyQ4Pgs3JCArXiI0AE9dJSIbXis0L0ddKlA+NicHViQqAjYIKws7Xic7RwwpJyk9DzkUDj0GJVI4Hx0CMi8QOD0aLjYlPgQ1OCw6ES8LDl8xPx8iKRldOCM9Ojs+EjlVPDZTVyIrQiM8DRw7Iz0yCSM/DFQ0QwIGOwYLDDwkJTEPKTEnFx0iKDRDAgYxFTY/OyQ1JQ8VCwoqKy4UODZHWlAtBBoJMCs5KT8PVTkvGCVYJ1s9CiskWyYwBiU8JBspJQ4YKiMgLx8JLTsCIzABPjwKCAMQJV8qGDsoOhIqKwVXMF46LDUIHBAgGFJZVQAcDAIDVzwGDyYwIDAnBCYLMgQVKwY HTTP/1.1
Host: atherthishinhe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1201
date: Thu, 30 Nov 2023 08:21:20 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EfasPO4Ui9LiYrvT90hTjtXU5DMM7VHTxUMBVv1acl0AbLXiPRmxOQ==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
142.250.74.168200 OK 86 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (3034)
Hash 182c0870743c36c71c01002b3f016da4
f35184a8ca4d6f12cdc1d4be50372668391ea875
600e1f75884bf3f9f6d9b498c49ef6d242f9b90113e18e6591a280a5679318e7
GET /gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 08:21:20 GMT
expires: Thu, 30 Nov 2023 08:21:20 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85864
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.upload.ee/favicon.ico
51.91.30.159200 OK 1.2 kB URL GET HTTP/1.1 www.upload.ee/favicon.ico
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f299cf2e651c19e48d27900ced493ccb
c2d1086d517d7a26292e0d7b32da7c55b166c23b
115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1
GET /favicon.ico HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Nov 2023 08:21:20 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 16 Dec 2008 17:17:25 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "4947e2a5-47e"
Expires: Thu, 07 Dec 2023 08:21:20 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
atherthishinhe.com/utx?cb=hQdPn3KQfyGK&top=www.upload.ee&tid=997369
54.230.111.27204 No Content 0 B URL GET HTTP/2 atherthishinhe.com/utx?cb=hQdPn3KQfyGK&top=www.upload.ee&tid=997369
IP 54.230.111.27:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerAmazon
Subjectatherthishinhe.com
Fingerprint24:51:A0:C2:53:EA:9C:3F:AF:A6:4C:DC:B9:E3:2B:B2:B6:EE:3C:93
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=hQdPn3KQfyGK&top=www.upload.ee&tid=997369 HTTP/1.1
Host: atherthishinhe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 30 Nov 2023 08:21:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 30 Nov 2023 08:22:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qaI4Bh9lOtn0zendkPGq49d5sPbs0OtAMnmh9NJwwH1D-FQan1xurQ==
X-Firefox-Spdy: h2
du0pud0sdlmzf.cloudfront.net/HVmxodkM1AwYQfCIFDEt6b1tbQHpwBhsZLSZROAIgZjgNFDo0BVhQNywIVUZlOg0GEX5wCQYVfmdKCRIha1hOAjM5B1UENyceCgwmNR0FUDY3UQUZOT8ABBdmZCpdWHNzXlheND8CDBk0JUlaRi0iSVpGcmZCWFNwFElaRjQ/Al5CZmUuTURzLlpcU3AUSV-pGMSBJWzdyZllGRmpzXlgRJjUHB1NxEF5YR3NmXVhHZmRcDh8xMwoHDmZkKllGdnhcTgN+Zw
143.204.42.48 610 B URL du0pud0sdlmzf.cloudfront.net/HVmxodkM1AwYQfCIFDEt6b1tbQHpwBhsZLSZROAIgZjgNFDo0BVhQNywIVUZlOg0GEX5wCQYVfmdKCRIha1hOAjM5B1UENyceCgwmNR0FUDY3UQUZOT8ABBdmZCpdWHNzXlheND8CDBk0JUlaRi0iSVpGcmZCWFNwFElaRjQ/Al5CZmUuTURzLlpcU3AUSV-pGMSBJWzdyZllGRmpzXlgRJjUHB1NxEF5YR3NmXVhHZmRcDh8xMwoHDmZkKllGdnhcTgN+Zw
IP 143.204.42.48:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (867), with no line terminators
Hash c8317fd6c6d99286c221727badfbc020
b08201c7e353952d998d0ca62529cdc2c59a6cc5
c361201eba963887834924306f497234fca55d884040060875789a5475901911
GET /HVmxodkM1AwYQfCIFDEt6b1tbQHpwBhsZLSZROAIgZjgNFDo0BVhQNywIVUZlOg0GEX5wCQYVfmdKCRIha1hOAjM5B1UENyceCgwmNR0FUDY3UQUZOT8ABBdmZCpdWHNzXlheND8CDBk0JUlaRi0iSVpGcmZCWFNwFElaRjQ/Al5CZmUuTURzLlpcU3AUSV-pGMSBJWzdyZllGRmpzXlgRJjUHB1NxEF5YR3NmXVhHZmRcDh8xMwoHDmZkKllGdnhcTgN+Zw HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://atherthishinhe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 610
date: Thu, 30 Nov 2023 08:21:20 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TnnEJnuM9GSnv1xo7fVBQ9P3iTT6_eqns2UdO8WrxVhKC78DXG9Fag==
X-Firefox-Spdy: h2
du0pud0sdlmzf.cloudfront.net/JUm5zTlgxAR0oZyYHF3Nha1lHfmB0BAAhNiJTPhkCNBtLJSgEHCcXKDhIBzQ8b15VIjk8CU5oPTwNTn9+MwoRc2x0GxJzNT0UGiI0M0tBCG18XlZ8aHoZGiA8PRkAa2piAAdramJfQ2Bod10xa2piGRogbmZLQAx9YF4LeGx3XTFramIcBWtrE19De3ZiR1-Z8aDULECU3d1w1fGhjXkN/aGNLQX4+OxwWKDcqS0EIaWJbXX5+J1NC
143.204.42.48 195 B URL du0pud0sdlmzf.cloudfront.net/JUm5zTlgxAR0oZyYHF3Nha1lHfmB0BAAhNiJTPhkCNBtLJSgEHCcXKDhIBzQ8b15VIjk8CU5oPTwNTn9+MwoRc2x0GxJzNT0UGiI0M0tBCG18XlZ8aHoZGiA8PRkAa2piAAdramJfQ2Bod10xa2piGRogbmZLQAx9YF4LeGx3XTFramIcBWtrE19De3ZiR1-Z8aDULECU3d1w1fGhjXkN/aGNLQX4+OxwWKDcqS0EIaWJbXX5+J1NC
IP 143.204.42.48:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash d15137c2195720a63a1aecfc93c5c7a5
0273035c7f0ce45bab71aad937fdebfd8976acbe
a4b6f608c1768b2892394d9e2b4df3d91e2306395a6a3e80c3be1ad2eb7ce758
GET /JUm5zTlgxAR0oZyYHF3Nha1lHfmB0BAAhNiJTPhkCNBtLJSgEHCcXKDhIBzQ8b15VIjk8CU5oPTwNTn9+MwoRc2x0GxJzNT0UGiI0M0tBCG18XlZ8aHoZGiA8PRkAa2piAAdramJfQ2Bod10xa2piGRogbmZLQAx9YF4LeGx3XTFramIcBWtrE19De3ZiR1-Z8aDULECU3d1w1fGhjXkN/aGNLQX4+OxwWKDcqS0EIaWJbXX5+J1NC HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://atherthishinhe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 195
date: Thu, 30 Nov 2023 08:21:20 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 06827j1m2WCdA_eJ2F-LOCjAqAG5WZ5HM16J3AHgH020Ca1kvDAF3g==
X-Firefox-Spdy: h2
du0pud0sdlmzf.cloudfront.net/ySHp6UjArFRQ0DzwTHm8JcU1OYwRuEAk9XjhHKTdTHSA1AXs/Nh4DWC47E3REMh5HYhYkGxQ1DW4fFDENeVwbNlJ1TlwmQCcRRyBEOQgYKFUrCxd0RSlHFz1KIRYWMxV6PE98AG1ISnpHIRQePUc7X0hiXjxfSGIBeFRKdwMKX0hiRyEUTGYVezhfYAAwTE-53AwpfSGJCPl9JEwF4T1RiGW1ISjVVKxEVdwIOSEpjAHhLSmMVekocO0ItHBUqFXo8S2IFZkpcJw15
143.204.42.48 575 B URL du0pud0sdlmzf.cloudfront.net/ySHp6UjArFRQ0DzwTHm8JcU1OYwRuEAk9XjhHKTdTHSA1AXs/Nh4DWC47E3REMh5HYhYkGxQ1DW4fFDENeVwbNlJ1TlwmQCcRRyBEOQgYKFUrCxd0RSlHFz1KIRYWMxV6PE98AG1ISnpHIRQePUc7X0hiXjxfSGIBeFRKdwMKX0hiRyEUTGYVezhfYAAwTE-53AwpfSGJCPl9JEwF4T1RiGW1ISjVVKxEVdwIOSEpjAHhLSmMVekocO0ItHBUqFXo8S2IFZkpcJw15
IP 143.204.42.48:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (804), with no line terminators
Hash 2ed66b01c37e5b657001ab267da62ca7
50e0c24e9197e0e082000ab815c73ad0ea70f176
e9be11e270378324409410d4273c8f77009b0f6879b27b70c771cd9d3b62bc7d
GET /ySHp6UjArFRQ0DzwTHm8JcU1OYwRuEAk9XjhHKTdTHSA1AXs/Nh4DWC47E3REMh5HYhYkGxQ1DW4fFDENeVwbNlJ1TlwmQCcRRyBEOQgYKFUrCxd0RSlHFz1KIRYWMxV6PE98AG1ISnpHIRQePUc7X0hiXjxfSGIBeFRKdwMKX0hiRyEUTGYVezhfYAAwTE-53AwpfSGJCPl9JEwF4T1RiGW1ISjVVKxEVdwIOSEpjAHhLSmMVekocO0ItHBUqFXo8S2IFZkpcJw15 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://atherthishinhe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 575
date: Thu, 30 Nov 2023 08:21:20 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eqptJkjdegmFwgSPkv6Pfde3FnaeXjILYCRi6U9B8U0KuVDoLygYdA==
X-Firefox-Spdy: h2
atherthishinhe.com/utx?cb=9NvfjlbgbZSF&top=www.upload.ee&tid=997414
54.230.111.27204 No Content 0 B URL GET HTTP/2 atherthishinhe.com/utx?cb=9NvfjlbgbZSF&top=www.upload.ee&tid=997414
IP 54.230.111.27:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerAmazon
Subjectatherthishinhe.com
Fingerprint24:51:A0:C2:53:EA:9C:3F:AF:A6:4C:DC:B9:E3:2B:B2:B6:EE:3C:93
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 25 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=9NvfjlbgbZSF&top=www.upload.ee&tid=997414 HTTP/1.1
Host: atherthishinhe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 30 Nov 2023 08:21:20 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Thu, 30 Nov 2023 08:22:20 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jxIZNSwZGDCcJiZz2xXZAAbwqGnFfENwH_C5uTRXERGZLizY3OUaNA==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
64.233.161.84302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 64.233.161.84:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:jQsKsbuJozeRPeCfGyQKSnjSboWwtw:M3M8MqlLF1Q109hO; Expires=Sat, 29-Nov-2025 08:21:20 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 30 Nov 2023 08:21:20 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp30p7Xnpcs2fAolZXEBVZwfqjqJkQYNWaOQ8wX6GNrE0Gl0f9uZZ-9qFlUs2gxy1L-fNYbbzw
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce-wgLuNl1ChYN3bwZiRhUTYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
64.233.161.84302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 64.233.161.84:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:2EyokpB0IHDSc6qMIW2_b0MScuHECg:31rDKxFCwVwi_Csy; Expires=Sat, 29-Nov-2025 08:21:20 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 30 Nov 2023 08:21:20 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1JWKeYgkaASsS3HVoM-Dikv2-LM39tZgSWuCU1LzHzkGcUbpQ2Cip9T4mbGsEmAS4PhRpe4Q
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-UM6rSiMYKXmo9z0frUX56g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
thethateronjus.com/popunder.gif
172.67.149.212200 OK 438 B URL GET HTTP/3 thethateronjus.com/popunder.gif
IP 172.67.149.212:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectthethateronjus.com
Fingerprint82:8D:02:28:9C:46:8E:23:CC:97:0B:83:3E:AA:C0:6D:6A:0B:B1:5C
ValidityMon, 27 Nov 2023 16:41:03 GMT - Sun, 25 Feb 2024 16:41:02 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash faf7dbbf3b6dd2718814870849e81fe3
367a5500a7c0f9034b124a8e5d06d327406ad7e5
e97bd162a26443eadf4f39735859954e76a5295f4074ca641d26a5945dde8ee1
GET /popunder.gif HTTP/1.1
Host: thethateronjus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 30 Nov 2023 08:21:20 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 25025
last-modified: Thu, 30 Nov 2023 01:24:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vw2Ri7QeHU2Dvb9njWgzFCwKogEgBTqcFs5E2c0Cp%2B3lfrGGJebXYU%2FcSCY%2FZwppdy0%2F5TAXoADg5uzKaxfOg6dIleIl9MKXT5a6iihpxl9xHf3b6b6fX0uop6LNnhxn%2FXwo7mA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1ad24dcf8b4ee-OSL
alt-svc: h3=":443"; ma=86400
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1JWKeYgkaASsS3HVoM-Dikv2-LM39tZgSWuCU1LzHzkGcUbpQ2Cip9T4mbGsEmAS4PhRpe4Q
64.233.161.84302 Found 405 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1JWKeYgkaASsS3HVoM-Dikv2-LM39tZgSWuCU1LzHzkGcUbpQ2Cip9T4mbGsEmAS4PhRpe4Q
IP 64.233.161.84:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (398)
Hash 617deb543e2748edc3516aa2c9571de3
3ca94b3d2ae939e789ab44b6bab21b6a5c60ad88
7110f2818b5d1aa118240fa5a466f7ed4af04359522811609f1b7e208a8e7221
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp1JWKeYgkaASsS3HVoM-Dikv2-LM39tZgSWuCU1LzHzkGcUbpQ2Cip9T4mbGsEmAS4PhRpe4Q HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:XOPjd46-xsKI3aHJM0V25JlGT3YZDw:6LLNdlh1KMJmssrT;Path=/;Expires=Sat, 29-Nov-2025 08:21:20 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 30 Nov 2023 08:21:20 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1yW11iud3VBlo-OX_BFQ2k9XVBDI9D6JLRUgO4Flw0Rhy6nJHzOhOxe8wnwJhKqWgnfsP1MA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940441313%3A1701332480837306&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-xN7dM1M2MUt3kCFeKIn1kQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 405
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3MxGnIk8fueZ_nWgqXWPeg6v_hZWtUsPARl2QLbGLk6J4wx47FVwPaIiFhEhcBT0NEc1wSjw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S520809337%3A1701332480825442&theme=glif
64.233.161.84403 Forbidden 2.8 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3MxGnIk8fueZ_nWgqXWPeg6v_hZWtUsPARl2QLbGLk6J4wx47FVwPaIiFhEhcBT0NEc1wSjw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S520809337%3A1701332480825442&theme=glif
IP 64.233.161.84:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1656)
Hash c7ce2848a0a3ed13c05d4271b0d60745
3d0c617d6d0686bed66fcb25df15831dc5bf45c7
184ec35ddae5a3fe6ef980df1a4789bd9ff758df529198dd6204c2141dbff388
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3MxGnIk8fueZ_nWgqXWPeg6v_hZWtUsPARl2QLbGLk6J4wx47FVwPaIiFhEhcBT0NEc1wSjw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S520809337%3A1701332480825442&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 30 Nov 2023 08:21:20 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: script-src 'nonce--qtQB04q1S-GMdSO8wVP8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1yW11iud3VBlo-OX_BFQ2k9XVBDI9D6JLRUgO4Flw0Rhy6nJHzOhOxe8wnwJhKqWgnfsP1MA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940441313%3A1701332480837306&theme=glif
64.233.161.84403 Forbidden 178 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1yW11iud3VBlo-OX_BFQ2k9XVBDI9D6JLRUgO4Flw0Rhy6nJHzOhOxe8wnwJhKqWgnfsP1MA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940441313%3A1701332480837306&theme=glif
IP 64.233.161.84:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type gzip compressed data, max compression\012- data
Size 178 kB (177805 bytes)
Hash 81450b00e818c7d998791d20f3b8db38
74c891f34a3232e2c3f0eeaed836eacdfe5289ae
b06387aef169e4714c255dc23d3f3d0e0437a1537f757345669aacadc3ef08a2
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp1yW11iud3VBlo-OX_BFQ2k9XVBDI9D6JLRUgO4Flw0Rhy6nJHzOhOxe8wnwJhKqWgnfsP1MA&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940441313%3A1701332480837306&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 30 Nov 2023 08:21:20 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-_zx8CETzNHAjfq2wj5upSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
212.47.222.22200 OK 3.7 kB URL GET HTTP/2 static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash da6d58785ddc3deabcc64ffa3306ad2c
71a598693a285ca7778ce44e4ece9cb323d6b655
b857d80b8cb90627e3ec8d93679fee73904c21fe16f91075c5f5130de5a5decb
GET /banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
etag: "165543778"
last-modified: Mon, 13 Nov 2023 09:31:43 GMT
content-length: 3724
date: Thu, 30 Nov 2023 08:21:02 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1008240749
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/e2c97f3f-0fae-4437-8657-aa3b535f3d55/Suhtekonto_loed_SmartAd_300x250px.gif
212.47.222.22200 OK 82 kB URL GET HTTP/2 static.bepolite.eu/banners/e2c97f3f-0fae-4437-8657-aa3b535f3d55/Suhtekonto_loed_SmartAd_300x250px.gif
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
File type GIF image data, version 89a, 300 x 250\012- data
Hash a949f482be94887952caa03149f5a68b
cd22daeff031d5e3676c318aae159ff62c501b6e
f75cf331baac3f586c6f74d61c6ba43631bb4b5c44247ab894329efdf40bfbc7
GET /banners/e2c97f3f-0fae-4437-8657-aa3b535f3d55/Suhtekonto_loed_SmartAd_300x250px.gif HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
accept-ranges: bytes
etag: "2687111619"
last-modified: Sat, 11 Nov 2023 15:54:24 GMT
content-length: 81507
date: Thu, 30 Nov 2023 08:21:02 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1007630042
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.js
212.47.222.22200 OK 14 kB URL GET HTTP/2 static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.js
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
File type ASCII text, with very long lines (2725)
Hash 335fa1aee91e68a1653a699c81a19387
4d1bb75923e8764a8724928139258073c8614ff2
49146e080ed39a44667bbcde487f06a95afabb129d7e50270f6e0a8cdca5cbd8
GET /banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "1290098069"
last-modified: Mon, 13 Nov 2023 09:31:43 GMT
content-length: 14457
date: Thu, 30 Nov 2023 08:20:34 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1007306581
age: 0
X-Firefox-Spdy: h2
static.bepolite.eu/files/close-gray.png
212.47.222.22200 OK 1.5 kB URL GET HTTP/2 static.bepolite.eu/files/close-gray.png
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 41d9676ab94bece3f7a549b4769ddbe2
521f14490fc57fea51e2e5bf00e2299dce51561b
c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34
GET /files/close-gray.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "801691811"
last-modified: Fri, 08 Apr 2022 18:07:56 GMT
content-length: 1497
date: Thu, 30 Nov 2023 08:21:02 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1004730420
age: 0
X-Firefox-Spdy: h2
pogothere.xyz/
172.67.220.203200 OK 28 B IP 172.67.220.203:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 02a59d3304fede60ff71fecaaa96b158
20d2dd36be502894fbfbb351afda1f8cd3930b32
c933d2428056a05bc8dc53714f6e621a30d966f96c12b4b79674dbd082bd122d
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:21:20 GMT
content-type: text/plain
set-cookie: csu=176358453021345@1@1701332480; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtLRIxnDjcxeVZy5Lo5ITAQ8Zt76TNL7gDh0o3VfJEPHn9vcamPTVq57YsqVlTwXM667NUbWUtrgERsezmCfMh74AXk9NrKAI%2Fw5s6j%2FfRRFkI8H60qobOQ9D%2FYsv04n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e1ad239a6d5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
banner.hookusbookus.com/config/config.js?v=1
3.72.173.230200 OK 75 B URL GET HTTP/2 banner.hookusbookus.com/config/config.js?v=1
IP 3.72.173.230:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
Hash ee16e21326dec006274a554647c4d759
8e4389c35e12ea6d1e4d7214c174fda343047865
5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f
GET /config/config.js?v=1 HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:21:22 GMT
content-type: application/javascript
content-length: 75
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
etag: "63cfe903-4b"
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/bg.jpg
212.47.222.22200 OK 47 kB URL GET HTTP/2 static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/bg.jpg
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x200, components 3\012- data
Hash cf343169f4184ff26048c861b5efe570
396e7fbf33ddc35a71a3a95130c2a1fdf5e2926f
e0f4c8053aefc630484c7e0c9f799cfe95609af9898023dd2ea03b2ec84545e6
GET /banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/bg.jpg HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
accept-ranges: bytes
etag: "1241256753"
last-modified: Mon, 13 Nov 2023 09:31:43 GMT
content-length: 47147
date: Thu, 30 Nov 2023 08:20:35 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1007596969
age: 0
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.22200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=c4bb311e0c5195194062e0c4071832e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 30 Nov 2023 08:21:01 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 954007111
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.22200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=c4bb311e0c5195194062e0c4071832e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 30 Nov 2023 08:21:02 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1006784301
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/btn.png
212.47.222.22200 OK 1.0 kB URL GET HTTP/2 static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/btn.png
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
File type PNG image data, 185 x 57, 8-bit colormap, non-interlaced\012- data
Hash 859e8c9e9542e249ddc00ad8a8ec1af4
4160e991d3a5b2ade733f7cbfe8e6a6994563f5f
13f7e7ace92b00983af007b7109ace91dc99b4116ec7c0390f86f8993ceeb7ca
GET /banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/btn.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2177685621"
last-modified: Mon, 13 Nov 2023 09:31:43 GMT
content-length: 1039
date: Thu, 30 Nov 2023 08:20:35 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1006050850
age: 0
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/prices-bg-3.png
3.72.173.230200 OK 2.4 kB URL GET HTTP/2 banner.hookusbookus.com/assets/image/prices-bg-3.png
IP 3.72.173.230:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type PNG image data, 250 x 118, 8-bit/color RGBA, non-interlaced\012- data
Hash ef56eff9c1246b25c0088c156116ae05
21f5a8245443365c960a196d005277a3c5ef4709
be624625b85909d1b549672c0a13b167751f842e035c3156f1d5e4a1b677ce54
GET /assets/image/prices-bg-3.png HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:21:22 GMT
content-type: image/png
content-length: 2442
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-98a"
accept-ranges: bytes
X-Firefox-Spdy: h2
code.createjs.com/1.0.0/createjs.min.js
184.51.252.169200 OK 84 kB URL GET HTTP/2 code.createjs.com/1.0.0/createjs.min.js
IP 184.51.252.169:443
ASN #20940 Akamai International B.V.
Requested by https://static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerDigiCert Inc
Subjecttls.adobe.com
Fingerprint88:F9:45:0C:5A:A4:E6:B9:EF:07:7C:61:9A:07:71:F4:3F:EA:30:FF
ValidityWed, 08 Feb 2023 00:00:00 GMT - Sun, 10 Mar 2024 23:59:59 GMT
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 9f25916aa19fb451f7d864b4b2770cc8
a37a7a1df06bd76756351cbc7c730191968d9fe0
35b71f950b0a179efcdbd1c243f34be6e2b40d4d93c83ea2409a9b90f57e7b8e
GET /1.0.0/createjs.min.js HTTP/1.1
Host: code.createjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Apache
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=900
expires: Thu, 30 Nov 2023 08:36:22 GMT
date: Thu, 30 Nov 2023 08:21:22 GMT
x-n: S
X-Firefox-Spdy: h2
static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/txt_02.png
212.47.222.22200 OK 7.4 kB URL GET HTTP/2 static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/txt_02.png
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
File type PNG image data, 1000 x 200, 8-bit colormap, non-interlaced\012- data
Hash 2f14b5419176e8ace8db09c13c779de0
f78e6d3652388bd9d11592cb455f8716367a713e
429a2cae11849a99cfb017edabe148f98ca1c518b8ea4c6761c823350dd43468
GET /banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/txt_02.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "570164334"
last-modified: Mon, 13 Nov 2023 09:31:43 GMT
content-length: 7372
date: Thu, 30 Nov 2023 08:20:35 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1007822251
age: 0
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/js/jquery.min.js
3.72.173.230200 OK 84 kB URL GET HTTP/2 banner.hookusbookus.com/assets/js/jquery.min.js
IP 3.72.173.230:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 0916059107c0f58599101f895170bff8
46ec4413262e861f4ec1de96c6a677ff2734064d
7885bf57f3c92cab8c85714717e0eee788ca93008abaaee93ed3d0481825ca3b
GET /assets/js/jquery.min.js HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:21:22 GMT
content-type: application/javascript
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
vary: Accept-Encoding
etag: W/"608123af-15d84"
content-encoding: gzip
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/siAdbm36aJT4SbFwxrl2.jpg
143.204.42.48421 Misdirected Request 46 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/siAdbm36aJT4SbFwxrl2.jpg
IP 143.204.42.48:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash 91451d1ec57ce1bc7c4c8ca7bddec42f
45745a127deca1d09ce6b76ad6fc61098a40d488
acbf223b98dddada08e0b403986fc5f7bfd8c360d6c63cd50cafc3fc5540979d
GET /hotelliveeb/images/general/1/siAdbm36aJT4SbFwxrl2.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 421 Misdirected Request
server: CloudFront
date: Thu, 30 Nov 2023 08:21:22 GMT
content-type: text/html
content-length: 1003
x-cache: Error from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xRIWS6RG2ST9N54JX0AX2yU94MAcVQByvXzws-M5R7Vyt61v0b-3IA==
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1Hem65c1ZC2gWemDeqNrElnxl9ksBZ-pDJqoew9hcRWxAmHTvQh5f4NjjY5NvRVSfa5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
212.47.222.22200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1Hem65c1ZC2gWemDeqNrElnxl9ksBZ-pDJqoew9hcRWxAmHTvQh5f4NjjY5NvRVSfa5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1Hem65c1ZC2gWemDeqNrElnxl9ksBZ-pDJqoew9hcRWxAmHTvQh5f4NjjY5NvRVSfa5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=c4bb311e0c5195194062e0c4071832e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 30 Nov 2023 08:20:40 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1003172397
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
212.47.222.22200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=c4bb311e0c5195194062e0c4071832e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 30 Nov 2023 08:21:03 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 999385611
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
212.47.222.22200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=c4bb311e0c5195194062e0c4071832e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 30 Nov 2023 08:21:03 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1006892261
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/BUqiDJaVFSzS3FKZH4Jb.jpg
143.204.42.153200 OK 61 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/BUqiDJaVFSzS3FKZH4Jb.jpg
IP 143.204.42.153:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash ae20017cb814683d3e74045dac714bae
1edaf029fb4bd033faa11e712e8aa0f500559902
8e1a0c042ea2ee4c9c9be94d2b24c898dbe1d8dd1c65240b2801f710b017517e
GET /hotelliveeb/images/general/1/BUqiDJaVFSzS3FKZH4Jb.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 60703
date: Wed, 29 Nov 2023 22:47:55 GMT
last-modified: Mon, 20 Dec 2021 05:01:39 GMT
etag: "ae20017cb814683d3e74045dac714bae"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lqDkhtJQQHr81S8vCdu4c6-5fQhwiPWBMZxDUe5vyXdupoJoEOKPbw==
age: 34413
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/lU1CCsbClhoCcQVCEPs0.jpg
143.204.42.153 54 kB URL dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/lU1CCsbClhoCcQVCEPs0.jpg
IP 143.204.42.153:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash b3b22d6e79dafefaa41378e4a839bc95
48743634f4b28f1f25ecae8d265b33251f7acda0
6706b47055fc6abbaf44b8396451996598f462a751e77dff73321b53b38f3e0b
GET /hotelliveeb/images/general/1/lU1CCsbClhoCcQVCEPs0.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 54424
date: Wed, 29 Nov 2023 19:05:34 GMT
last-modified: Mon, 30 May 2022 08:30:09 GMT
etag: "b3b22d6e79dafefaa41378e4a839bc95"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aclT81SsK9lXmp9t3_6bTZhuVdc8GOiXJon662GS0p7y91vzsppjcA==
age: 47761
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp30p7Xnpcs2fAolZXEBVZwfqjqJkQYNWaOQ8wX6GNrE0Gl0f9uZZ-9qFlUs2gxy1L-fNYbbzw
64.233.161.84302 Found 0 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp30p7Xnpcs2fAolZXEBVZwfqjqJkQYNWaOQ8wX6GNrE0Gl0f9uZZ-9qFlUs2gxy1L-fNYbbzw
IP 64.233.161.84:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp30p7Xnpcs2fAolZXEBVZwfqjqJkQYNWaOQ8wX6GNrE0Gl0f9uZZ-9qFlUs2gxy1L-fNYbbzw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:7RTzvnVFAQQIFuy5mYOQQXQXudeFcQ:PwLY7yEgSAxNvgFu;Path=/;Expires=Sat, 29-Nov-2025 08:21:20 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 30 Nov 2023 08:21:20 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3MxGnIk8fueZ_nWgqXWPeg6v_hZWtUsPARl2QLbGLk6J4wx47FVwPaIiFhEhcBT0NEc1wSjw&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S520809337%3A1701332480825442&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-SqpviFFMzA_fb7155st_fw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 403
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
banner.hookusbookus.com/assets/css/index_1000x200.css
3.72.173.230200 OK 4.9 kB URL GET HTTP/2 banner.hookusbookus.com/assets/css/index_1000x200.css
IP 3.72.173.230:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (5152), with no line terminators
Hash bbea28c29e42d59be2f13c38e8eb0845
b93e2ad2b20ab7d449a672afc091dc413695c606
62990b77849d8b95ca831a9f630cfda48af5be340a3f1e5aa4ee5792a37e4e76
GET /assets/css/index_1000x200.css HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:21:22 GMT
content-type: text/css
server: nginx/1.15.12
last-modified: Fri, 17 Dec 2021 08:13:58 GMT
vary: Accept-Encoding
etag: W/"61bc46c6-1301"
content-encoding: gzip
X-Firefox-Spdy: h2
static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/txt_01.png
212.47.222.22200 OK 20 kB URL GET HTTP/2 static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/txt_01.png
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
File type PNG image data, 1000 x 200, 8-bit colormap, non-interlaced\012- data
Hash a36b3ea328a3f44899012ecc18bb109a
99be8db7753361e84a1b5887ca8f896d94f71225
06236a238a8326607dee531ec9c99fa1589aef20f1c0377d95951faa20728008
GET /banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/txt_01.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/4e965271-b6d9-42a2-be0b-0c19eef5bf34/jalla_1000x200_est.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.jallacasino.ee%252Fet%252F%253Futm_source%253Dsmartad%2526utm_medium%253Dbanner%2526utm_term%253D%2526utm_content%253Dbannerid%2526utm_campaign%253Dbigwin&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2_yO3sN6hWu6NZKgnjyvAkhniUYHufE9LTLN0si-sLKDE9BqKuqnZTrC51sRFb15Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F4e965271-b6d9-42a2-be0b-0c19eef5bf34%2Fjalla_1000x200_est.html&clink=https%3A%2F%2Fwww.jallacasino.ee%2Fet%2F%3Futm_source%3Dsmartad%26utm_medium%3Dbanner%26utm_term%3D%26utm_content%3Dbannerid%26utm_campaign%3Dbigwin&banner_id=9b7f0734a74042b4b2ef5622a083c71150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1338277461"
last-modified: Mon, 13 Nov 2023 09:31:43 GMT
content-length: 20279
date: Thu, 30 Nov 2023 08:20:35 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1006784310
age: 0
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
3.72.173.230200 OK 53 kB URL GET HTTP/2 banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
IP 3.72.173.230:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 53104, version 1.500\012- data
Hash 4f5975fe17a8ca74963be0165ff6a443
4bca2ab6c3da2b6ae09602601adeac22e7a90381
5b8f98e0c93afef19bd64c3dea2a16d60dc1574e5a4a79b788ef03b9eb3c22df
GET /assets/fonts/greycliff-cf-regular.woff HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:21:22 GMT
content-type: font/woff
content-length: 53104
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-cf70"
accept-ranges: bytes
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1Hem65c1ZC2gWemDeqNrElnxl9ksBZ-pDJqoew9hcRWxAmHTvQh5f4NjjY5NvRVSfa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.22200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1Hem65c1ZC2gWemDeqNrElnxl9ksBZ-pDJqoew9hcRWxAmHTvQh5f4NjjY5NvRVSfa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1Hem65c1ZC2gWemDeqNrElnxl9ksBZ-pDJqoew9hcRWxAmHTvQh5f4NjjY5NvRVSfa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=c4bb311e0c5195194062e0c4071832e2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 0
date: Thu, 30 Nov 2023 08:20:38 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1006050841
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.67.220.203200 OK 102 kB IP 172.67.220.203:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:21:20 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5694
last-modified: Thu, 30 Nov 2023 06:46:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3oPt%2BczCMLZRr99MDYzTFeq5z1LZicqqBifANaruSZwbflMGl0Ou9HRk9zXBfAjF1cPyifHQK0bK0sOnavX0yALArvQU5WNnT6jxaB%2B02J9Y7%2FmvkDe6pnce8YEoB5Jx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1ad23499b5694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
3.72.173.230200 OK 25 kB URL GET HTTP/2 banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
IP 3.72.173.230:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /package-feed?language=et_ee&utmSource=allmedia HTTP/1.1
Host: banner-server.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://banner.hookusbookus.com
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:21:22 GMT
content-type: application/json
access-control-allow-origin: https://banner.hookusbookus.com
access-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate
access-control-allow-credentials: true
access-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
X-Firefox-Spdy: h2
static.bepolite.eu/scripts/saresponsive.js
212.47.222.22200 OK 177 kB URL GET HTTP/2 static.bepolite.eu/scripts/saresponsive.js
IP 212.47.222.22:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
Size 177 kB (177002 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/saresponsive.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "3171122304"
last-modified: Thu, 26 Oct 2023 21:13:25 GMT
content-length: 177002
date: Thu, 30 Nov 2023 08:21:01 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1007306560
age: 0
X-Firefox-Spdy: h2
banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
3.72.173.230200 OK 6.0 kB URL GET HTTP/2 banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 3.72.173.230:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6210), with no line terminators
Hash b2c258a8d77db021c8f33f8e84dba71b
c453e30dac638f4e1b897309fe32db795d540f80
2d1065201a188a85c1a7d0a3ee130f5a8dc4e60db8fe221fb2081e77222e5a9f
GET /index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:21:22 GMT
content-type: text/html
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
vary: Accept-Encoding
etag: W/"63cfe903-1781"
content-encoding: gzip
X-Firefox-Spdy: h2
serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=1760132&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F13008892%2Fa4c70a2b65651deedf8b%2FUltraISO_9.7.5.3716_Portable_Oneindir.com.zip&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F13008892%2FUltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html%3Fmsg%3Dsess_error&rnd=1701332484372
0.0.0.0 0 B URL GET serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=1760132&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F13008892%2Fa4c70a2b65651deedf8b%2FUltraISO_9.7.5.3716_Portable_Oneindir.com.zip&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F13008892%2FUltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html%3Fmsg%3Dsess_error&rnd=1701332484372
IP 0.0.0.0:0
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9
ValidityFri, 03 Nov 2023 22:07:14 GMT - Thu, 01 Feb 2024 22:07:13 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=1760132&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F13008892%2Fa4c70a2b65651deedf8b%2FUltraISO_9.7.5.3716_Portable_Oneindir.com.zip&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F13008892%2FUltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html%3Fmsg%3Dsess_error&rnd=1701332484372 HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private, must-revalidate, max-age=0
vary: accept-encoding
content-encoding: gzip
content-type: text/plain;charset=ISO-8859-1
date: Thu, 30 Nov 2023 08:20:38 GMT
set-cookie: bepolite_id=c4bb311e0c5195194062e0c4071832e2; Max-Age=7776000; Expires=Wed, 28-Feb-2024 08:20:39 GMT; SameSite=None; Secure
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 1007659617
age: 0
accept-ranges: bytes
content-length: 1977
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/svg/hb-logo.svg
3.72.173.230200 OK 15 kB URL GET HTTP/2 banner.hookusbookus.com/assets/image/svg/hb-logo.svg
IP 3.72.173.230:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF5VHof5pWecNrkz0pVrznljiO6zkE7ejxMdkS6Ib3k0UfqLfMW4_YEEbuEhwHKWy9BmbaYkW_hExzT5JyC3kaayqUi_KAuMAtiu3NpaSvqBE4M30mIEOzdj6AHnklP7uTQiPwRFw1hEw2JZbR7PIDv7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-36qxw8Ul2_rwVcuvzsLUipOtuW_QN7J6fUO08VJfhiOKqJKd716KUrG_T0DJ_T5D_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=550ae091e6d342dc802fe77be54e2ed650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15333), with no line terminators
Hash bf6baf947f924bf8d67e947a025def06
9ac9fccb0351b41c1545714153ed5fa2c4bfef3a
64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e
GET /assets/image/svg/hb-logo.svg HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:21:22 GMT
content-type: image/svg+xml
server: nginx/1.15.12
last-modified: Mon, 05 Jul 2021 19:56:59 GMT
vary: Accept-Encoding
etag: W/"60e3640b-3be5"
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.67.220.203200 OK 102 kB IP 172.67.220.203:443
Requested by https://www.upload.ee/files/13008892/UltraISO_9.7.5.3716_Portable_Oneindir.com.zip.html?msg=sess_error
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 30 Nov 2023 08:21:20 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 5694
last-modified: Thu, 30 Nov 2023 06:46:26 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=De%2F87ycJcyUrQHvoe6EoGcUyGTSJgom86kfT5g92m%2B3%2BFskFfLUVDZOUzohb4NcYeizPC6bBxA0ulRP9clWtarb3CIdJKhKohL12mp6OsreqmNxO%2F%2BrtHYZ4g5eGreg%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e1ad239a6a5694-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2