{"report_id":"95e2d494-113a-4acd-8cbb-b0d82e34790e","version":6,"status":"done","tags":[],"date":"2023-10-14T12:45:23Z","url":{"schema":"http","addr":"upload.ee/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe","fqdn":"upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"final":{"url":{"schema":"https","addr":"www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"title":"UPLOAD.EE - ________________________________________________.pdf.exe - Download"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T20:02:51Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"serving.bepolite.eu","ip":{"addr":"212.47.222.20","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2017-01-29 19:42:29","last_seen":"2023-10-14 03:27:58","alert_count":0,"request_count":4,"received_data":2495,"sent_data":3302,"comment":"","tags":null,"fingerprints":null},{"fqdn":"forgotingolstono.com","ip":{"addr":"65.9.55.104","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2023-09-30","domain_rank":0,"first_seen":"2023-10-13 02:46:24","last_seen":"2023-10-13 17:47:15","alert_count":0,"request_count":5,"received_data":6899,"sent_data":3756,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":75,"first_seen":"2013-05-22 04:07:37","last_seen":"2023-10-13 23:31:20","alert_count":0,"request_count":2,"received_data":137051,"sent_data":875,"comment":"","tags":null,"fingerprints":null},{"fqdn":"du0pud0sdlmzf.cloudfront.net","ip":{"addr":"143.204.42.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2023-08-24 12:49:59","last_seen":"2023-10-14 03:27:57","alert_count":0,"request_count":4,"received_data":120721,"sent_data":2392,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dskwugy0u6y9l.cloudfront.net","ip":{"addr":"143.204.42.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2021-11-03 13:00:09","last_seen":"2023-10-13 17:56:33","alert_count":0,"request_count":6,"received_data":373080,"sent_data":2980,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.pki.goog","ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2016-06-13","domain_rank":175,"first_seen":"2018-07-01 08:43:07","last_seen":"2023-10-13 18:12:02","alert_count":0,"request_count":5,"received_data":3497,"sent_data":1665,"comment":"","tags":null,"fingerprints":null},{"fqdn":"banner-server.hookusbookus.com","ip":{"addr":"3.65.16.162","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2018-09-12","domain_rank":0,"first_seen":"2023-01-24 15:19:09","last_seen":"2023-10-13 17:56:33","alert_count":0,"request_count":2,"received_data":48624,"sent_data":998,"comment":"","tags":null,"fingerprints":null},{"fqdn":"blicatedlitytl.info","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2023-10-04","domain_rank":0,"first_seen":"2023-10-12 11:51:50","last_seen":"2023-10-13 17:05:24","alert_count":0,"request_count":4,"received_data":3678,"sent_data":2157,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.upload.ee","ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"domain_registered":"2010-07-04","domain_rank":981196,"first_seen":"2012-05-24 10:39:37","last_seen":"2023-10-14 03:27:56","alert_count":3,"request_count":9,"received_data":46538,"sent_data":5033,"comment":"","tags":null,"fingerprints":null},{"fqdn":"accounts.google.com","ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":81,"first_seen":"2016-03-20 13:44:49","last_seen":"2023-10-14 01:59:48","alert_count":0,"request_count":6,"received_data":10597,"sent_data":3678,"comment":"","tags":null,"fingerprints":null},{"fqdn":"static.bepolite.eu","ip":{"addr":"212.47.222.20","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2017-01-29 06:13:55","last_seen":"2023-10-13 17:56:32","alert_count":0,"request_count":2,"received_data":179155,"sent_data":866,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.r2m02.amazontrust.com","ip":{"addr":"143.204.48.16","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2007-05-11","domain_rank":0,"first_seen":"2022-10-12 16:01:39","last_seen":"2023-10-14 01:07:33","alert_count":0,"request_count":2,"received_data":1884,"sent_data":680,"comment":"","tags":null,"fingerprints":null},{"fqdn":"banner.hookusbookus.com","ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2018-09-12","domain_rank":0,"first_seen":"2021-10-05 06:31:23","last_seen":"2023-10-13 17:56:32","alert_count":0,"request_count":12,"received_data":286230,"sent_data":15751,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pogothere.xyz","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2022-08-22","domain_rank":0,"first_seen":"2022-09-04 21:11:25","last_seen":"2023-10-13 15:29:31","alert_count":0,"request_count":2,"received_data":182642,"sent_data":840,"comment":"","tags":null,"fingerprints":null},{"fqdn":"upload.ee","ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"domain_registered":"2010-07-04","domain_rank":450367,"first_seen":"2015-01-15 12:52:19","last_seen":"2023-10-13 07:32:09","alert_count":0,"request_count":1,"received_data":649,"sent_data":561,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"","description":"","date":"2023-10-14T12:45:04Z","timestamp":1697287504,"ip_dst":{"addr":"51.91.30.159","port":80,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"ip_src":{"addr":"Client IP","port":46086,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING SUSPICIOUS *.pdf.exe in HTTP URL","source":"{\"timestamp\":\"2023-10-14T12:45:04.918889+0000\",\"flow_id\":530718594706020,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.179\",\"src_port\":46086,\"dest_ip\":\"51.91.30.159\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"exe.no.referer\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2013476,\"rev\":3,\"signature\":\"ET HUNTING SUSPICIOUS *.pdf.exe in HTTP URL\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"created_at\":[\"2011_08_26\"],\"former_category\":[\"POLICY\"],\"updated_at\":[\"2020_04_20\"]}},\"http\":{\"hostname\":\"www.upload.ee\",\"url\":\"/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://www.upload.ee/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":755,\"bytes_toclient\":581,\"start\":\"2023-10-14T12:45:04.862820+0000\"}}"}]}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"48e07e6b9e60fc36f21db6b71bf0b4b1","sha1":"fb4085cc0058779b28e5c366a2b92cf242399c2f","sha256":"3cbdc71216bd0aa119c93b4c5213941e9972e26ef16b3386c7c9cb32bcc60d64","sha512":"10187db826a6c668fff87f61e2468ecaf94b9a87475115b9718c9458f75281581aa84a3001fad9d5a1c48ba75a443d03da26fdf243fdc1e964770fb12b140178","ssdeep":"","tlshash":"ae60000030f00000c3c3003000c00030000003000cc00303000300c03000c00ccf0300","size":14,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2026-04-22T19:39:47.356233Z","times_seen":3582,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/scripts/saresponsive.js","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.20","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b966d35075632aae6108d54928c2ae9","sha1":"c76f1c7ab28ade483e7a852c049eeb5bddaf4e5e","sha256":"da22da01f20d28d9171f8107e155ca01f9811d6abcd3b64dbeb832ec6c34578e","sha512":"94a815a1978744d0e4084813cf6dcbdbab67220ff313a90221766f8ad9c8a3e2d38a46b83a12ae42c41759ff7d9d2a2e9a686196d5290540c2a8eb9d8e2e5c8c","ssdeep":"3072:y4J+03jL5TCOauTwDhFdnCVQNLa98HrPevC2eYCLaISE92oa:40zEOQR+iLa98HrgreYCvSE9K","tlshash":"ea0418d57b8e381787a632a980ff014ef17dd2f6a1094875f09894a06db8a1d13b7f6c","size":176966,"data":"","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-26T19:30:47Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"9f870cb995161d14a893cf73bfddea86","sha1":"3ea5449ca952b020651056d28eb5ba37e6e2c95e","sha256":"fdba9ca260e20c812954301a2e3bb4a416680951e2816e7eab8f302dcb785420","sha512":"0ccc7e67aead4384aaaf63dca829391b3ba75e122578520c61f404c0d2b5015b86d0924c41eab08d445a305b9e817bb78e1ce6d6a3d32e74693b2e6b81ab1c90","ssdeep":"","tlshash":"c9b00264dafa05463c0041b42160419154800021f846a24160042065997620b6066006","size":125,"data":"","first_seen":"2024-08-21T04:44:50.77109Z","last_seen":"2024-08-21T04:44:50.77109Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/config/config.js?v=1","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee16e21326dec006274a554647c4d759","sha1":"8e4389c35e12ea6d1e4d7214c174fda343047865","sha256":"5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f","sha512":"a239a8e81f283185fdb6793b9d85b0418d876138414aab138425f356942648542372165bd3faac525d4538dd308467a432492efe6f3efc402ef3029b33d1ebb4","ssdeep":"","tlshash":"4ea012f3818884730728057185d738249f0da14444618184626814026008221511252c","size":75,"data":"","first_seen":"2023-03-13T06:46:56Z","last_seen":"2024-08-21T08:57:42.304883Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/js/js__file_upload.js","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"617f6d5a2744bc8c02e3d2c67544bd68","sha1":"f57c068257c8bc85644d3be1e845c36506cd4625","sha256":"62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658","sha512":"9ff6156bbd9bfda93a5b39322b72b0f6caeca3e0acc0b66319f5d429bf7fb5fe4ec87cd3711618029fea339a7b1ea7b548d468fad7c4e91ba4e82b7f0f0cc890","ssdeep":"768:c1vyzvE5keq96s7jR29qxFJuuGBs98dSx1yU+9acoR13knV96Qx8VDJR:b+qP7jR29eFJuuGBs98dSx1yU+9at6VM","tlshash":"98c2f893778684a489da157e259e03ca7634c4536d0ea840fc6ccce8ae74f89907bf7d","size":27351,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2023-10-14T14:45:24Z","times_seen":96,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49\u0026l=dataLayer\u0026cx=c","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef27c597ccaf33e722ffdcd513f17002","sha1":"764aef01a880e0b06c77c2dfe1578ce7adf28bd7","sha256":"b4d3659751f74592880d5de7ca9e24027e37af32df56748291bda52a60b8dd77","sha512":"03b81eefdca34c64463f537ee2148f4691684b44101bcb516e750db1630e29534134958c0d23c7f19b2b2038d7a7029e844a646466e3fb7c5bae0f75a8f089dc","ssdeep":"6144:uH89ESkcyZhoRwofDgUt4UEwfCsVtV0RmaD:uuZkcyZh2EwfCsfVwD","tlshash":"0c3409d973c3706682a7b479503f014ba5bb6da2b44ccca8f189c9d02e74a99417bf7c","size":246407,"data":"","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15806824/sandbox%20eval%20code","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"69c02be3f74421ae2f1156f2b810e043a2c62b015ae7c402f00e003f2440fea4eee1e8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-06T13:45:44.807998Z","times_seen":847707,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/js/adsbygoogle.js","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e9e391ad98fbe1b2de0b7b4fa9ca904","sha1":"21d7771223e8286a06ad878af425094a40de32b5","sha256":"1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69","sha512":"defa1ba5ce4193014a4657fe394734634087d66c9db8024778ea2c3a59be02e38e0077725c7d000ff7046bea23070594f8942446c6068b4032d329d0716532b0","ssdeep":"","tlshash":"f63197075511c5fa022195d6ea7a3e2e61337628523440a8f238f23b23770cbf3d1abd","size":1648,"data":"","first_seen":"2023-05-06T01:21:43Z","last_seen":"2026-05-06T13:41:14.121879Z","times_seen":70973,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"4e227b7ae311d06ee48a730c28c03f69","sha1":"bf7ffe2148b3ed42252b508ef9e786c7862a7a55","sha256":"ae1f1e8ac79ecbe7435e423d24bf2fc55ad70c9d365bbe61bf1bb127b57a9e62","sha512":"37785f4d88c5351a755e56f19a0dfa0eaa2ef6b9ed3aa3e4052fbde7c837d57ecf537354b4b612bcb836fe9d044ca98ea040c3e137ffb9a7cb66f88fd73580c6","ssdeep":"","tlshash":"f5b00258cc1847491d5506b7110600a559ca8523d8408a7575400868047a00b308244c","size":93,"data":"","first_seen":"2024-08-21T04:44:50.77337Z","last_seen":"2024-08-21T04:44:50.77337Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"63fa78e3d4ae4b7fc4cf5126264cb75e","sha1":"65657518c61173b8205d4fb68aabfae6ae7270a0","sha256":"a31d904d1ab6191632f68d0b375b622e4699c6e840f99ce53699df5d9f77ef6a","sha512":"84a1432bf021cfe79ca89727eabd12fc350317b89e20986f12393d7b25df94e424ec561aafb41922db622d4cd2eb4af54d6ae0ddab57d0d3bbdb8c8a9d698034","ssdeep":"","tlshash":"4d90222820800200c20080303003220f80e8200b28800088000002800232030022388e","size":57,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2026-04-19T05:56:09.148505Z","times_seen":3533,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba71a86056b5c9ef37b625aade54337e","sha1":"4769c2a07aa71c342dcb06dfa2950cff7ecae40f","sha256":"65d96ab8cd224643e09a693cdc8fa0b76eb9c6cfe0a4be8b797136ca83a305c0","sha512":"e115753c5b2d6cbecba098a1efc800f3b04e17610b6e509e81aa0bb637e4f7d74b1c9c79d89e7e4bf7204d7607a8ba490b44adf1719b6a20bb96e3819e55fdc4","ssdeep":"","tlshash":"d9c02b89210e0c7190f733808f3fbd01f4122364a4d05c33484e23058e20f27d358910","size":155,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2026-03-28T13:29:03.445604Z","times_seen":3495,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:gr5xyIhZ6pQ/d/bTQcFeqZVxNnR36Hc9lDJlQC8dA9Sa5fLtUB5roNiEP:gr58IhZ6pg/bTXVx9t689fN8INtEONig","tlshash":"7ea1cd9b39e650310332bfe91bfaa559b22937605220c161be0c915b7399233d3e1bec","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-06T13:45:44.812597Z","times_seen":846045,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"c10d6934603f7004750ffeddc2a6db26","sha1":"63a443e3cc8cae5ac448e171c63c355fb4ae31bc","sha256":"d29433aef2d4f80d28e7f9273a140b617c623ee9d11da38792f2a682e94b4327","sha512":"e82c3e2e885cf6b3e1cf86174fd58f94073aa76a686fa790201b122a5412aa0b304224ebbd9cffb8e1e54d45a52445c36ca63dce69adbd89777525d21dd8b308","ssdeep":"","tlshash":"e2b00258cc1847491d5506b7110600a559ca8523d8408a7575400868047a00b308244c","size":90,"data":"","first_seen":"2024-08-21T04:44:50.776419Z","last_seen":"2024-08-21T04:44:50.776419Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15806824/sandbox%20eval%20code","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"23c336606ee3a6d444b305153fa0e2e2","sha1":"473a2111970ae2a94b373e656d20c4bd4184d703","sha256":"305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60","sha512":"ab0470885483545a0306733fa3a067239e299e0b47d35f9769a763f65ba5e9d928ee364a66f9e577499ab0c452f34dc7a3a48a774ce3d09e56fd88d1989e84ba","ssdeep":"","tlshash":"bbc02b137750017d2f1016b0b9009003a1c923005eb78001f006001f2040eae88dc180","size":128,"data":"","first_seen":"2023-05-06T01:21:43Z","last_seen":"2026-05-06T13:41:14.120754Z","times_seen":72897,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-6703115-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"023ed83b6fb6226619f05b805018e589","sha1":"e8a75f37029a265eaf7834355e11ed048d7e66a5","sha256":"06732e5fd5730b83f6b339925836c185d0dfba15e4c957eceb127226cf4d1008","sha512":"29456881592383024a217a1c12b8526210c73af5fded5a80df250bc29bb407aacde3ef0c2bee657109714cb5d555bcab0d4b446aaf1bbb02696939adfe9370e0","ssdeep":"1536:D/olbY7OkiLpp41Mo+0oZW0p5NrPBt/YGiqMh7h0e7jiWOI2yyV5h9EPPA+m:D/o1Y7Okil6xMZW0eG9aF0e7jiWz6","tlshash":"fcd3f9d9b3977126c2a3b4b8553f010bf17a6e92f84cdc94e246c9c42eb86990177f6c","size":133123,"data":"","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c\u0026type=direct\u0026page_id=5957645\u0026screen_width=1280\u0026screen_height=1024\u0026os=Linux%20x86_64\u0026refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15806824%2F3e00354f03e01db085e3%2F________________________________________________.pdf.exe\u0026pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15806824%2F________________________________________________.pdf.exe.html%3Fmsg%3Dsess_error\u0026rnd=1697287505936","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.20","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"introduction_type":"scriptElement","is_inline":false,"md5":"d4076d40af1802ebd961294601eac743","sha1":"2be74c232d6fefb56242e60b0ef86410842d5d0a","sha256":"d064be1df55daa38e43e159bacf942bbe27637055ca87818ad9937d429272736","sha512":"67b539048c19c8b8f7bb35c55206a044b8089fae7585e3c600362c6784a20f56847605c8c46a99685e96e69b841acad461b76a6359245e72fc9835f196a9e315","ssdeep":"192:JMmEXVC2MELhTELhBELh8ELhPELhvbTELTELBEL8ELPEL30:CmEFmQtQ/Q6QlQpTQTQBQ8QPQk","tlshash":"dfd14258cf8db0281d7074222baf68d4608df674b54e1d75e94f48b368de6a22cc5b28","size":6302,"data":"","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"bada815b0add3317d69cbff824573d6b","sha1":"60ebc2061d3dbf196d418b6802aa0d971b7bc189","sha256":"f2fe3c2dc65244420df6fc8efd959211c4ef3d9f76e2a3c530b4a3163138d92b","sha512":"ebebfda077663be98ce77e2cd5423a0714b98afd3e733b59e81eb93b8fad64d788707761de91ed96d6cbe281cd96b11641a77532c41ae95a08944e1987070463","ssdeep":"","tlshash":"a43140f4ab7d64a498be210d633cf38fa46d60373c431c43ad5e55e41a71e2f0523a96","size":1636,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2024-08-21T09:18:42.71122Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/js/jquery.min.js","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-05-06T13:46:41.563916Z","times_seen":233745,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/?dupud=997369","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"835c66a219b8db32c7745e18d1c7bc1d","sha1":"8e37c73d337fb5c667e012eef654915731c82844","sha256":"001ff158f01e354a46664a7177434056e1fe3960e40deaebcaf9e0591e760143","sha512":"a33d6eb0058365757bf8a5d696ef08b01e8475a7e76501489097c9796775aced72838b725c788b9ee1492f9dbe31d955962de36832d775e79a9e2b20458e583e","ssdeep":"6144:WShLAyB2hrfVkE103N+wIShLAyB2hrfVhw:Wi0yYh7VLg0ri0yYh7Ve","tlshash":"37743b89be523869836374b640ff124e723f4669b8084dd4b49ad4d06db8d4943bffac","size":362684,"data":"","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"e5bf0f9277baab8d32b240c23ff1d991","sha1":"9f1d4eac8c08c53c47fd9b17b75661f6ae3e534b","sha256":"4a275c3a658406720fa98140b15f4d5ca56c4eeafdb21de95baea82db74d4fd1","sha512":"526cb16ed1dea19ef9f0df849c497c130519e4b9447279a4b55b40ad357b0e6b0055bf93fd5cba89ff1b7add2a61f252cbfd20090d013c677ccd8c38d8fc40bd","ssdeep":"","tlshash":"62b00264dafa05463c0041b42160419154800021f846a24160042065997620b6066006","size":128,"data":"","first_seen":"2024-08-21T04:44:50.779352Z","last_seen":"2024-08-21T04:44:50.779352Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"http","addr":"upload.ee/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe","fqdn":"upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:04.803600637Z","timestamp":1697287504803,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe HTTP/1.1\r\nHost: upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx\r\nDate: Sat, 14 Oct 2023 12:45:04 GMT\r\nContent-Type: text/html; charset=iso-8859-1\r\nContent-Length: 324\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nLocation: http://www.upload.ee/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":324,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"3167abdee8ca90a571ae52f000054c38","sha1":"7cc15b6c5c25f4a13744335003245ceb801653e1","sha256":"191b4a0cd017b71439e722ec2567b924361ac63cc94b67ddf9ea4f7eb97a5fb0","sha512":"5257ac3d7cdf23ecadf5559c528377bd967f6f84249821762e96fae12731c16dcf2ea807293608a2df6711a75ac434edb1263dbb475161b0377cd0beec65fe1e","ssdeep":"","tlshash":"1de0ebbc930220d0e043b73074c320be781a00f2e68248ea12e76846d05d132488b1db","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:04.919399816Z","timestamp":1697287504919,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx\r\nDate: Sat, 14 Oct 2023 12:45:04 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 0\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nLocation: https://www.upload.ee/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2023-10-14T12:45:04Z","timestamp":1697287504,"ip_dst":{"addr":"51.91.30.159","port":80,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"ip_src":{"addr":"10.70.215.179","port":46086,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING SUSPICIOUS *.pdf.exe in HTTP URL","source":"{\"timestamp\":\"2023-10-14T12:45:04.918889+0000\",\"flow_id\":530718594706020,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.179\",\"src_port\":46086,\"dest_ip\":\"51.91.30.159\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"exe.no.referer\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2013476,\"rev\":3,\"signature\":\"ET HUNTING SUSPICIOUS *.pdf.exe in HTTP URL\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"created_at\":[\"2011_08_26\"],\"former_category\":[\"POLICY\"],\"updated_at\":[\"2020_04_20\"]}},\"http\":{\"hostname\":\"www.upload.ee\",\"url\":\"/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://www.upload.ee/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":755,\"bytes_toclient\":581,\"start\":\"2023-10-14T12:45:04.862820+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:05.050669974Z","timestamp":1697287505050,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Sat, 14 Oct 2023 12:45:04 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 493\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nP3P: CP=\"CAO PSA OUR\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":493,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (493), with no line terminators","md5":"0e48f440400150ce925233793ee8028d","sha1":"ab7d99ea429d2295630dd33ed5ab825f00c41f85","sha256":"f8c6e0d40d93a79b41a565e4723f9afc387dc0c33ac56c89900cdc890d37091e","sha512":"27711fac268578c6d929f39279e0bd6d28a887f6580e2bd64da294b339c0cd3aa067d568bc230eb41978a04bea479eccb588f5f87e24dec34c4fead331e973e3","ssdeep":"","tlshash":"2df02b9f0c11e94bd61130b0a4f3f14d3c9a822bed645d50a4c0047a43d8baacc413a5","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":2,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2023-10-14T12:45:04Z","timestamp":1697287504,"ip_dst":{"addr":"51.91.30.159","port":80,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"ip_src":{"addr":"10.70.215.179","port":46086,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING SUSPICIOUS *.pdf.exe in HTTP URL","source":"{\"timestamp\":\"2023-10-14T12:45:04.918889+0000\",\"flow_id\":530718594706020,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.179\",\"src_port\":46086,\"dest_ip\":\"51.91.30.159\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"exe.no.referer\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2013476,\"rev\":3,\"signature\":\"ET HUNTING SUSPICIOUS *.pdf.exe in HTTP URL\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"created_at\":[\"2011_08_26\"],\"former_category\":[\"POLICY\"],\"updated_at\":[\"2020_04_20\"]}},\"http\":{\"hostname\":\"www.upload.ee\",\"url\":\"/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://www.upload.ee/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":755,\"bytes_toclient\":581,\"start\":\"2023-10-14T12:45:04.862820+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:05.325666246Z","timestamp":1697287505325,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Sat, 14 Oct 2023 12:45:04 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 493\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nP3P: CP=\"CAO PSA OUR\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":493,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (493), with no line terminators","md5":"0e48f440400150ce925233793ee8028d","sha1":"ab7d99ea429d2295630dd33ed5ab825f00c41f85","sha256":"f8c6e0d40d93a79b41a565e4723f9afc387dc0c33ac56c89900cdc890d37091e","sha512":"27711fac268578c6d929f39279e0bd6d28a887f6580e2bd64da294b339c0cd3aa067d568bc230eb41978a04bea479eccb588f5f87e24dec34c4fead331e973e3","ssdeep":"","tlshash":"2df02b9f0c11e94bd61130b0a4f3f14d3c9a822bed645d50a4c0047a43d8baacc413a5","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":2,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"","description":"","date":"2023-10-14T12:45:04Z","timestamp":1697287504,"ip_dst":{"addr":"51.91.30.159","port":80,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"ip_src":{"addr":"10.70.215.179","port":46086,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET HUNTING SUSPICIOUS *.pdf.exe in HTTP URL","source":"{\"timestamp\":\"2023-10-14T12:45:04.918889+0000\",\"flow_id\":530718594706020,\"in_iface\":\"lxdbr0\",\"event_type\":\"alert\",\"src_ip\":\"10.70.215.179\",\"src_port\":46086,\"dest_ip\":\"51.91.30.159\",\"dest_port\":80,\"proto\":\"TCP\",\"metadata\":{\"flowbits\":[\"exe.no.referer\"]},\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2013476,\"rev\":3,\"signature\":\"ET HUNTING SUSPICIOUS *.pdf.exe in HTTP URL\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"created_at\":[\"2011_08_26\"],\"former_category\":[\"POLICY\"],\"updated_at\":[\"2020_04_20\"]}},\"http\":{\"hostname\":\"www.upload.ee\",\"url\":\"/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe\",\"http_user_agent\":\"Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"https://www.upload.ee/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe\",\"length\":0},\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":755,\"bytes_toclient\":581,\"start\":\"2023-10-14T12:45:04.862820+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-10-14T12:45:05.649Z","timestamp":1697287505649,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /files/15806824/________________________________________________.pdf.exe.html?msg=sess_error HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/download/15806824/3e00354f03e01db085e3/________________________________________________.pdf.exe\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Oct 2023 12:45:05 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 8997\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nExpires: Mon, 26 Jul 1997 05:00:00 GMT\r\nLast-Modified: Sat, 14 Oct 2023 15:45:05 +0300\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nP3P: CP=\"CAO PSA OUR\"\r\nSet-Cookie: lng=eng; expires=Sat, 11-Nov-2023 12:45:05 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8997,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (4526)","md5":"0a7dde10d2a9f8cc3f3ed69fe6f5a455","sha1":"2dddb2854936fe2e75cea0e5447685eab8dc7635","sha256":"8940677b89e96360afcfd95bb483a4fbf25ad11ddbd78d1251692fba13a4d617","sha512":"6634185d95ce369450913b573f8054dc3e7072a173d7f170c11f70b91a6993eef2939575683c76af5b5a3b948e8262cc900be17f0bacfe91498dbb268d915aef","ssdeep":"384:roJylIn7xpYwuu504YOeHYFDRzhU3E8+UUKIz40qohoKGr3eBizEm+C:roJCIn7XY20tGDRzh4E8+UUKIz40qohm","tlshash":"ba921971118ee82e8654b0b5e237fe9dacc774afc7400884e46b28b7a5c5fa46d311f9","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/static/ubr__style.css","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:05.778Z","timestamp":1697287505778,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /static/ubr__style.css HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error\r\nCookie: lng=eng\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Oct 2023 12:45:05 GMT\r\nContent-Type: text/css\r\nLast-Modified: Fri, 04 Oct 2013 10:02:27 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: W/\"524e9233-25a0\"\r\nExpires: Sat, 21 Oct 2023 12:45:05 GMT\r\nCache-Control: max-age=604800\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2880,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (591), with CRLF line terminators","md5":"3ba04e290212b44bcca8f10a60a4e879","sha1":"a9b021c9019bdbb28250836039b2372a1b4d0f0f","sha256":"f618b1c7be10c3203620d44c6f323be5b61ac10e67588d96cb69988b3173c7d2","sha512":"e3bd31605e6fc62195a3b7372d23456ab192418758888b7eba73dd2c5f6cc145feab8ed478c0ddcf9e7660b0840ee6a91bf807ac5a90a323a5cc4c8978d7bc57","ssdeep":"192:82jAySjuE174K/B4kxWnInnHGYaN4OI56pYgp+:ejj2K/B4annc66pYgM","tlshash":"f012b672d29a202eb1afc0baf051fa9e3d54908bd4539775f96636b5cac10e53337708","first_seen":"2023-04-05T06:15:55Z","last_seen":"2023-10-14T14:45:24Z","times_seen":94,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:05.842113805Z","timestamp":1697287505842,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Sat, 14 Oct 2023 12:45:05 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"d5105c9f385f75ff22d1aa413ee100f1","sha1":"21412d86e92c7afb22c777c607f688ad8e769061","sha256":"2545d1da23fdcd3a8ebd00a316c06af7f6d74fbefcc6202bc768808a91cbc944","sha512":"51119c5d7315bcf9b7de1cba487917e4d3c4a95d8bd5f0699916c0bf92ecac5cb7f251f1202d2c648f25e84b857a586c98d75b24c92512928c135e7c282c0737","ssdeep":"","tlshash":"bff0dc2f1c6b9c12eb2f9414af64a6e83652a10828de1342fcf45af841022f56cd4288","first_seen":"2023-10-13T18:00:55Z","last_seen":"2023-10-14T22:45:54Z","times_seen":1256,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/js/js__file_upload.js","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:05.780Z","timestamp":1697287505780,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /js/js__file_upload.js HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error\r\nCookie: lng=eng\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Oct 2023 12:45:05 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 27351\r\nLast-Modified: Thu, 07 May 2020 19:13:28 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"5eb45dd8-6ad7\"\r\nExpires: Sat, 21 Oct 2023 12:45:05 GMT\r\nCache-Control: max-age=604800\r\nVary: Accept-Encoding\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27351,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (1853)","md5":"617f6d5a2744bc8c02e3d2c67544bd68","sha1":"f57c068257c8bc85644d3be1e845c36506cd4625","sha256":"62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658","sha512":"9ff6156bbd9bfda93a5b39322b72b0f6caeca3e0acc0b66319f5d429bf7fb5fe4ec87cd3711618029fea339a7b1ea7b548d468fad7c4e91ba4e82b7f0f0cc890","ssdeep":"768:c1vyzvE5keq96s7jR29qxFJuuGBs98dSx1yU+9acoR13knV96Qx8VDJR:b+qP7jR29eFJuuGBs98dSx1yU+9at6VM","tlshash":"98c2f893778684a489da157e259e03ca7634c4536d0ea840fc6ccce8ae74f89907bf7d","first_seen":"2023-03-09T23:09:39Z","last_seen":"2023-10-14T14:45:24Z","times_seen":96,"resource_available":true,"data":null}},"time_used":70,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":28,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/images/arrow.gif","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:05.785Z","timestamp":1697287505785,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /images/arrow.gif HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error\r\nCookie: lng=eng\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Oct 2023 12:45:05 GMT\r\nContent-Type: image/gif\r\nContent-Length: 59\r\nLast-Modified: Sun, 14 Apr 2013 07:15:01 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"516a5775-3b\"\r\nExpires: Sat, 21 Oct 2023 12:45:05 GMT\r\nCache-Control: max-age=604800\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":59,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 6 x 9\\012- data","md5":"6675f814b94f13f91f1383707b250e36","sha1":"31452650e8fce2095613a2010799bdb7548bdd51","sha256":"061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411","sha512":"d232d7337ef45394ddeb09894a7aec31363ef026299bd047d49dc46975757da192136b03531ab7be451a4d28ce8e3250a9538f94c6ae38347537de00192e9c62","ssdeep":"","tlshash":"3fa0020295b4c144c80411761c58815056027226858e175736bc7722ec498a17152121","first_seen":"2023-04-30T19:35:34Z","last_seen":"2026-04-22T19:39:47.346755Z","times_seen":3575,"resource_available":false,"data":null}},"time_used":199,"timings":{"blocked":66,"dns":1,"connect":44,"send":0,"wait":28,"receive":0,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/images/dl_.png","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:05.781Z","timestamp":1697287505781,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /images/dl_.png HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error\r\nCookie: lng=eng\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Oct 2023 12:45:05 GMT\r\nContent-Type: image/png\r\nContent-Length: 1900\r\nLast-Modified: Thu, 01 Dec 2016 09:37:27 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"583fef57-76c\"\r\nExpires: Sat, 21 Oct 2023 12:45:05 GMT\r\nCache-Control: max-age=604800\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1900,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 154 x 32, 8-bit colormap, non-interlaced\\012- data","md5":"f3e8f284a4e98cdb91b6abfc142d94a4","sha1":"fa9e618c2f56bea752ddd7e45a372c5539dadda9","sha256":"2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882","sha512":"e3d0865ac754c5956d7636635dd87df016e893a20c3292b0918b26305e4ebe3515a7498cff2e1902155de884b9fcfca8ec7a01d8a5ab5053b6ad62c914781144","ssdeep":"","tlshash":"6241398ffcfc75dc437e002a1a943806266692c471a4a7382b5108be2d4270f4224e66","first_seen":"2023-04-30T19:35:34Z","last_seen":"2026-04-22T19:39:47.345276Z","times_seen":3575,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":70,"dns":0,"connect":44,"send":0,"wait":28,"receive":0,"ssl":34},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-6703115-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:05.786Z","timestamp":1697287505786,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 18 Sep 2023 08:19:25 GMT","end":"Mon, 11 Dec 2023 08:19:24 GMT"},"fingerprint":{"sha1":"54:FD:04:1B:2E:C7:46:95:DD:15:A3:A0:3F:CE:7F:03:02:53:36:8F","sha256":"F8:F9:06:54:14:65:BD:06:3E:F5:28:93:55:4E:6D:97:E0:49:77:DE:22:E7:39:A5:50:C1:A3:46:6E:D7:39:EE"}}},"request":{"raw":"GET /gtag/js?id=UA-6703115-1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 14 Oct 2023 12:45:05 GMT\r\nexpires: Sat, 14 Oct 2023 12:45:05 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 50838\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":50838,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (2213)","md5":"023ed83b6fb6226619f05b805018e589","sha1":"e8a75f37029a265eaf7834355e11ed048d7e66a5","sha256":"06732e5fd5730b83f6b339925836c185d0dfba15e4c957eceb127226cf4d1008","sha512":"29456881592383024a217a1c12b8526210c73af5fded5a80df250bc29bb407aacde3ef0c2bee657109714cb5d555bcab0d4b446aaf1bbb02696939adfe9370e0","ssdeep":"1536:D/olbY7OkiLpp41Mo+0oZW0p5NrPBt/YGiqMh7h0e7jiWOI2yyV5h9EPPA+m:D/o1Y7Okil6xMZW0eG9aF0e7jiWz6","tlshash":"fcd3f9d9b3977126c2a3b4b8553f010bf17a6e92f84cdc94e246c9c42eb86990177f6c","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":true,"data":null}},"time_used":191,"timings":{"blocked":60,"dns":1,"connect":9,"send":0,"wait":24,"receive":12,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/?dupud=997369","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:05.787Z","timestamp":1697287505787,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /?dupud=997369 HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 117753\r\ndate: Sat, 14 Oct 2023 12:45:05 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform\r\ncontent-encoding: gzip\r\npragma: no-cache\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: rLt2N6lljgEdZAzwMA_8-Xx7mYpC54j7RFYnVpqi71sxhsBPRwJD6w==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":117753,"size_decoded":0,"mime_type":"text/plain","magic":"Unicode text, UTF-8 text, with very long lines (15948)","md5":"835c66a219b8db32c7745e18d1c7bc1d","sha1":"8e37c73d337fb5c667e012eef654915731c82844","sha256":"001ff158f01e354a46664a7177434056e1fe3960e40deaebcaf9e0591e760143","sha512":"a33d6eb0058365757bf8a5d696ef08b01e8475a7e76501489097c9796775aced72838b725c788b9ee1492f9dbe31d955962de36832d775e79a9e2b20458e583e","ssdeep":"6144:WShLAyB2hrfVkE103N+wIShLAyB2hrfVhw:Wi0yYh7VLg0ri0yYh7Ve","tlshash":"37743b89be523869836374b640ff124e723f4669b8084dd4b49ad4d06db8d4943bffac","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":2,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":26,"dns":2,"connect":2,"send":0,"wait":113,"receive":5,"ssl":52},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:05.969821829Z","timestamp":1697287505969,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Sat, 14 Oct 2023 12:45:05 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"d5105c9f385f75ff22d1aa413ee100f1","sha1":"21412d86e92c7afb22c777c607f688ad8e769061","sha256":"2545d1da23fdcd3a8ebd00a316c06af7f6d74fbefcc6202bc768808a91cbc944","sha512":"51119c5d7315bcf9b7de1cba487917e4d3c4a95d8bd5f0699916c0bf92ecac5cb7f251f1202d2c648f25e84b857a586c98d75b24c92512928c135e7c282c0737","ssdeep":"","tlshash":"bff0dc2f1c6b9c12eb2f9414af64a6e83652a10828de1342fcf45af841022f56cd4288","first_seen":"2023-10-13T18:00:55Z","last_seen":"2023-10-14T22:45:54Z","times_seen":1256,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49\u0026l=dataLayer\u0026cx=c","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.028Z","timestamp":1697287506028,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 18 Sep 2023 08:19:25 GMT","end":"Mon, 11 Dec 2023 08:19:24 GMT"},"fingerprint":{"sha1":"54:FD:04:1B:2E:C7:46:95:DD:15:A3:A0:3F:CE:7F:03:02:53:36:8F","sha256":"F8:F9:06:54:14:65:BD:06:3E:F5:28:93:55:4E:6D:97:E0:49:77:DE:22:E7:39:A5:50:C1:A3:46:6E:D7:39:EE"}}},"request":{"raw":"GET /gtag/js?id=G-LT9YQX0N49\u0026l=dataLayer\u0026cx=c HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 14 Oct 2023 12:45:05 GMT\r\nexpires: Sat, 14 Oct 2023 12:45:05 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 85031\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":85031,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"ASCII text, with very long lines (3034)","md5":"ef27c597ccaf33e722ffdcd513f17002","sha1":"764aef01a880e0b06c77c2dfe1578ce7adf28bd7","sha256":"b4d3659751f74592880d5de7ca9e24027e37af32df56748291bda52a60b8dd77","sha512":"03b81eefdca34c64463f537ee2148f4691684b44101bcb516e750db1630e29534134958c0d23c7f19b2b2038d7a7029e844a646466e3fb7c5bae0f75a8f089dc","ssdeep":"6144:uH89ESkcyZhoRwofDgUt4UEwfCsVtV0RmaD:uuZkcyZh2EwfCsfVwD","tlshash":"0c3409d973c3706682a7b479503f014ba5bb6da2b44ccca8f189c9d02e74a99417bf7c","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":true,"data":null}},"time_used":46,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blicatedlitytl.info/NzJJN1gYDSpEZWIDD0ABTV4ubQ1TagpaAl5gD1QIbV8ffQ9AQW9DMVMPcA5vBARwESheVnQGfkRGKEMtRA94ETFZVCYKfkEPeBlrAxx6A3YHFDwKaRFGOVY/CgNvRyxDXnQGbg4Few9vAgJ/BmgD","fqdn":"blicatedlitytl.info","domain":"blicatedlitytl.info","tld":"info"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.111Z","timestamp":1697287506111,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blicatedlitytl.info","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 12 Oct 2023 08:51:17 GMT","end":"Wed, 10 Jan 2024 08:51:16 GMT"},"fingerprint":{"sha1":"C4:A3:7B:D1:18:B2:B1:F5:7E:A8:42:31:5C:03:85:97:D4:91:7B:EE","sha256":"92:B1:B1:63:0D:02:08:F5:0A:8B:DA:81:C6:0F:B2:D8:58:2A:D3:06:25:C7:0D:81:66:E2:AF:D1:CB:9D:55:70"}}},"request":{"raw":"GET /NzJJN1gYDSpEZWIDD0ABTV4ubQ1TagpaAl5gD1QIbV8ffQ9AQW9DMVMPcA5vBARwESheVnQGfkRGKEMtRA94ETFZVCYKfkEPeBlrAxx6A3YHFDwKaRFGOVY/CgNvRyxDXnQGbg4Few9vAgJ/BmgD HTTP/1.1\r\nHost: blicatedlitytl.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 14 Oct 2023 12:45:05 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=uodk0yIbIb8GC7lRD6fj51g4yuk%2F1F8V0tedOYzQMVJIdCYPtvXJGy8TWXYnORGj%2BRf10ByszlcVkEaAqBpsOhQ1E4OMQNVgucrzwjSyRu%2F%2Bvg6vzIFmAMLbui6HhbcByOlM4Y6z\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 815feadd58c05689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":155,"timings":{"blocked":13,"dns":1,"connect":1,"send":0,"wait":126,"receive":0,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blicatedlitytl.info/aG9lRU1HUAY2cA06AXEoPCUkJn0cIyR1eBE7MAALPCczDh45LkMxJAxSXHx6XF9dYz0BC1h0dU4cESQ5HRxYdGsBAQMqcE4ZWHRjWEFXa3lOGlh0axwfBCJwWUkVMTkEUlRzdF9dXXJ4WFlUdn8","fqdn":"blicatedlitytl.info","domain":"blicatedlitytl.info","tld":"info"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.135Z","timestamp":1697287506135,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blicatedlitytl.info","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 12 Oct 2023 08:51:17 GMT","end":"Wed, 10 Jan 2024 08:51:16 GMT"},"fingerprint":{"sha1":"C4:A3:7B:D1:18:B2:B1:F5:7E:A8:42:31:5C:03:85:97:D4:91:7B:EE","sha256":"92:B1:B1:63:0D:02:08:F5:0A:8B:DA:81:C6:0F:B2:D8:58:2A:D3:06:25:C7:0D:81:66:E2:AF:D1:CB:9D:55:70"}}},"request":{"raw":"GET /aG9lRU1HUAY2cA06AXEoPCUkJn0cIyR1eBE7MAALPCczDh45LkMxJAxSXHx6XF9dYz0BC1h0dU4cESQ5HRxYdGsBAQMqcE4ZWHRjWEFXa3lOGlh0axwfBCJwWUkVMTkEUlRzdF9dXXJ4WFlUdn8 HTTP/1.1\r\nHost: blicatedlitytl.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 14 Oct 2023 12:45:05 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=9UzKwe4pU9g1aHNUTnukkmuu%2BHOdUTMrQ5uBDRj%2FlGQwWM4ANg0rxvjw4Iu4CwneVI%2B8WLQs9L7sQqroxkUfEJFOJiu77PoV0WFwdwaJVKI4eKyfPBAUH5UUa%2BEdGdZs4JM3RzPW\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 815feadd68c95689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":124,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"forgotingolstono.com/cjI0aGsTUFcFVBMPVk4eAF4JTVk0FwYuDwcCRB0PQkFQBAYIVBoLBx1HUA4ZHVxARgUXRhFaLTZmciERP15lHjskA2EJERUFYh9SBlZjPSowdQUZJDdwUCcBCkRVWDpAe2cMWhRjYScPN1Z9JSM0W3I+X0N7Xj0kNHZxASYjBnALAkIAYTlSFVNdMi8qZg0QJEJCdjgSJ1lmWCocflo6LCcAXwA7J15WJygzSHIPKiFXbB8vNABuUA4ZQXAyPB5aVzoPH1RwXQoqcXFYDwV3dyQjIFlWKTkVU2MuEzQAblAiN2dsMhxDWHUfH0RUfBs8M3VlGiVDH3YyJEBeUww6MFlSPyI2cwY6UhZFcSsmG2dTPgcjBXogCDBWcz5SK0oEKwgYXkIpDFRYRwcFAg9sHgkfR3InOjA","fqdn":"forgotingolstono.com","domain":"forgotingolstono.com","tld":"com"},"ip":{"addr":"65.9.55.104","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.129Z","timestamp":1697287506129,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"forgotingolstono.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Wed, 04 Oct 2023 00:00:00 GMT","end":"Sat, 02 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7C:16:DA:EA:ED:10:BC:84:3B:B8:08:EE:1E:92:2A:DE:2F:F7:70:02","sha256":"99:E7:22:01:A0:76:29:F6:E5:A2:FF:81:84:1E:9A:88:6E:F2:95:27:E2:97:51:1D:E4:7E:E1:57:63:05:13:36"}}},"request":{"raw":"GET /cjI0aGsTUFcFVBMPVk4eAF4JTVk0FwYuDwcCRB0PQkFQBAYIVBoLBx1HUA4ZHVxARgUXRhFaLTZmciERP15lHjskA2EJERUFYh9SBlZjPSowdQUZJDdwUCcBCkRVWDpAe2cMWhRjYScPN1Z9JSM0W3I+X0N7Xj0kNHZxASYjBnALAkIAYTlSFVNdMi8qZg0QJEJCdjgSJ1lmWCocflo6LCcAXwA7J15WJygzSHIPKiFXbB8vNABuUA4ZQXAyPB5aVzoPH1RwXQoqcXFYDwV3dyQjIFlWKTkVU2MuEzQAblAiN2dsMhxDWHUfH0RUfBs8M3VlGiVDH3YyJEBeUww6MFlSPyI2cwY6UhZFcSsmG2dTPgcjBXogCDBWcz5SK0oEKwgYXkIpDFRYRwcFAg9sHgkfR3InOjA HTTP/1.1\r\nHost: forgotingolstono.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 1168\r\ndate: Sat, 14 Oct 2023 12:45:05 GMT\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\ncontent-encoding: gzip\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN54-C1\r\nx-amz-cf-id: N5Tlmu-O9DKbgIkoaFPc9HtQrLhLufffRXI7jr7PthRWvZ49eR4RtQ==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1168,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators","md5":"90d864146b03d868855dd1ff08859612","sha1":"c2f0310f61e2ccd2689353712bcf6eb2871c83d8","sha256":"bc552291792436b8818d9569c778e11c106307c3ba4313171ba39f0d81b94a91","sha512":"377307fc9b887b990bc9946b81662aa38f82cb6faaeafae2fdb83768dcb220cd28a6f456ec2f9a492cb4e2197a1dfa6b51460c7a9f6dad242a7e4bf4c9f4a563","ssdeep":"","tlshash":"6f510e8d34f3a08282f26065413bb59afa385a91934cdb14863d97bcbd305e9a357f4c","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":180,"timings":{"blocked":30,"dns":0,"connect":10,"send":0,"wait":120,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blicatedlitytl.info/dlVhMHFZagJDTCQAWGkmMjEZVTYGJCNoI0E0DEczEmZYQhM3FEdEGBJoWAlGQmRVFgEfMVwBVwUhAEQEBWhQFhgYMw4NVwBoUB5CQntSBF9GcxQNQFAhEVEWS2RHQAUCOVwBR09iUwhGQ2VXAURF","fqdn":"blicatedlitytl.info","domain":"blicatedlitytl.info","tld":"info"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.168Z","timestamp":1697287506168,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blicatedlitytl.info","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 12 Oct 2023 08:51:17 GMT","end":"Wed, 10 Jan 2024 08:51:16 GMT"},"fingerprint":{"sha1":"C4:A3:7B:D1:18:B2:B1:F5:7E:A8:42:31:5C:03:85:97:D4:91:7B:EE","sha256":"92:B1:B1:63:0D:02:08:F5:0A:8B:DA:81:C6:0F:B2:D8:58:2A:D3:06:25:C7:0D:81:66:E2:AF:D1:CB:9D:55:70"}}},"request":{"raw":"GET /dlVhMHFZagJDTCQAWGkmMjEZVTYGJCNoI0E0DEczEmZYQhM3FEdEGBJoWAlGQmRVFgEfMVwBVwUhAEQEBWhQFhgYMw4NVwBoUB5CQntSBF9GcxQNQFAhEVEWS2RHQAUCOVwBR09iUwhGQ2VXAURF HTTP/1.1\r\nHost: blicatedlitytl.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 14 Oct 2023 12:45:05 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Mcw8UnP1nAvOrBSx6zX0fb0rXWw4MEKpzpk6%2FxmP3nwi2E%2FVz%2BzSxSiI8EbTOXc4jViKNW6fjjaMb0hm29FJRR7JRk6NlKEpNRXSCZhKKL1ahtAJWtkFpBGkPJH1BvXye5P8TUwt\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 815feadd98fc5689-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"forgotingolstono.com/SFFCQlYpMyEvaSlsIGQjOj1/Z2QOdHAEMj1hMjcyeCImLjsyN2whOickJiQkJz82bDgtJWdwECUECi4iGmEpOBAvHComPxkAARomPzAXdwwsP3NwEzBlLQgvChQIKm4wGQEDOwE4NioCJCEqEgUnNRcKMj4BACUSARkQcB4JHCkmEQ43BgEbOjMXcxoFKylnZA4ULgMjBRIPERQMFHsLMScBGxYhMAMDAzkFKykUFxsLMRs8cQgjGjp5AnNzIAUGBAsFAAAOJgM8NQk7F21jAAYUHjgncBcKBxoHARI6cwsyCSVzEWd4YBJxAAMdChhjKQcmJjQlKSsRB2U+Kwk8OwYRCgMYCCkuNSxiLioFHikrJ2QJNwAGAzsfKhsAET8xFQUOKXAYZAo3BQomfHcoMTkmIX8JDjAdGwkzKmB1dQ","fqdn":"forgotingolstono.com","domain":"forgotingolstono.com","tld":"com"},"ip":{"addr":"65.9.55.104","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.176Z","timestamp":1697287506176,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"forgotingolstono.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Wed, 04 Oct 2023 00:00:00 GMT","end":"Sat, 02 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7C:16:DA:EA:ED:10:BC:84:3B:B8:08:EE:1E:92:2A:DE:2F:F7:70:02","sha256":"99:E7:22:01:A0:76:29:F6:E5:A2:FF:81:84:1E:9A:88:6E:F2:95:27:E2:97:51:1D:E4:7E:E1:57:63:05:13:36"}}},"request":{"raw":"GET /SFFCQlYpMyEvaSlsIGQjOj1/Z2QOdHAEMj1hMjcyeCImLjsyN2whOickJiQkJz82bDgtJWdwECUECi4iGmEpOBAvHComPxkAARomPzAXdwwsP3NwEzBlLQgvChQIKm4wGQEDOwE4NioCJCEqEgUnNRcKMj4BACUSARkQcB4JHCkmEQ43BgEbOjMXcxoFKylnZA4ULgMjBRIPERQMFHsLMScBGxYhMAMDAzkFKykUFxsLMRs8cQgjGjp5AnNzIAUGBAsFAAAOJgM8NQk7F21jAAYUHjgncBcKBxoHARI6cwsyCSVzEWd4YBJxAAMdChhjKQcmJjQlKSsRB2U+Kwk8OwYRCgMYCCkuNSxiLioFHikrJ2QJNwAGAzsfKhsAET8xFQUOKXAYZAo3BQomfHcoMTkmIX8JDjAdGwkzKmB1dQ HTTP/1.1\r\nHost: forgotingolstono.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 1170\r\ndate: Sat, 14 Oct 2023 12:45:05 GMT\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\ncontent-encoding: gzip\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN54-C1\r\nx-amz-cf-id: O-Vy7srqMq6-fWpwLf2DdaJmWPY02J6ELLDqnmCDlf4IYXCCYkX7Ew==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1170,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (3017), with no line terminators","md5":"2d0c2a940960b05ffe97171605ea4a50","sha1":"8e26aab16193ad335353006784bafe61c2ff517f","sha256":"06ed706acd5e8abea6abbd9f6bd1240a292d889b13cdb2d872625a8541e93034","sha512":"7f5497bcac0ed3076a0ad3dd1511f70007c884babf2ef9a9b8ad77cfe99ccfaea2efbf4caa5ed2d53cde5f7011b7ac297ec474ec0f0793f2ff5b2f28359a5a2b","ssdeep":"","tlshash":"6951008d34f3a082c2b2b065412bb59afa285a95838ccf14867c96bcbc715ed6317f4c","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"forgotingolstono.com/R2tQa0MmCTMGfCZWMk02NQdtTnEBTmItJzJbIB4ndxg0By49DX4ILygeNA0xKAUkRS0iH3VZBSI9GBtyCVo3WAUVHwIxOgY/FTozLwkFWgEFWRISBgYxCSUqFSMYPHsKOzlaBQMBIygOPg9oDSoGKhU6MygIODIWED9pGxsFKQokcSsnBVoafyU7DwECOGBaET8DCSIpdzwXPRl+MToTAgA8OBMQAj42IgQRJwUqEiYIBQMFEBEVXQcwWwMKLhYoBDoGDzI7XhIFKSATEAI9FictASEeKhkoCQY5BQ8FYQYQLyEDJDl/PQUqFiIxOxsGBVk4BxAsRgE4Iio6MyMGElIdAxYJLj0EEBRbASwnKjkzKgI3G3YBMCgFIFYrHz86PHN+CAYiEQw","fqdn":"forgotingolstono.com","domain":"forgotingolstono.com","tld":"com"},"ip":{"addr":"65.9.55.104","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.156Z","timestamp":1697287506156,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"forgotingolstono.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Wed, 04 Oct 2023 00:00:00 GMT","end":"Sat, 02 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7C:16:DA:EA:ED:10:BC:84:3B:B8:08:EE:1E:92:2A:DE:2F:F7:70:02","sha256":"99:E7:22:01:A0:76:29:F6:E5:A2:FF:81:84:1E:9A:88:6E:F2:95:27:E2:97:51:1D:E4:7E:E1:57:63:05:13:36"}}},"request":{"raw":"GET /R2tQa0MmCTMGfCZWMk02NQdtTnEBTmItJzJbIB4ndxg0By49DX4ILygeNA0xKAUkRS0iH3VZBSI9GBtyCVo3WAUVHwIxOgY/FTozLwkFWgEFWRISBgYxCSUqFSMYPHsKOzlaBQMBIygOPg9oDSoGKhU6MygIODIWED9pGxsFKQokcSsnBVoafyU7DwECOGBaET8DCSIpdzwXPRl+MToTAgA8OBMQAj42IgQRJwUqEiYIBQMFEBEVXQcwWwMKLhYoBDoGDzI7XhIFKSATEAI9FictASEeKhkoCQY5BQ8FYQYQLyEDJDl/PQUqFiIxOxsGBVk4BxAsRgE4Iio6MyMGElIdAxYJLj0EEBRbASwnKjkzKgI3G3YBMCgFIFYrHz86PHN+CAYiEQw HTTP/1.1\r\nHost: forgotingolstono.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 1155\r\ndate: Sat, 14 Oct 2023 12:45:05 GMT\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\ncontent-encoding: gzip\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN54-C1\r\nx-amz-cf-id: kgb9nc1MkVtClwc6TV_CdzMhl7_Z1cpnhAS1xWLr6cIiyGBJmDzqHg==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1155,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (2998), with no line terminators","md5":"53bde85d543e5c8943995fd02e4d865a","sha1":"a0b11aca2c042bb49b2ca680199369526ded0aee","sha256":"256b30cc3092381b7347f6063db389c72e8d454507fe0b2092aa8e103df6c2d3","sha512":"8c932716c8bf7f91a8e6dac72d0ba3ed34025504e357691a583618d50099a005305210af86bc946b58fbae6ec82aa2f662438ffccb20f7ecdabb54aebd4b0e5b","ssdeep":"","tlshash":"3c51018d34f3b0c282b26024457bb59afa389a91834cdb14863d96bcbd715dd6317f4c","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":147,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/favicon.ico","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.450Z","timestamp":1697287506450,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error\r\nCookie: lng=eng; _ga_LT9YQX0N49=GS1.1.1697287506.1.0.1697287506.0.0.0; _ga=GA1.1.1077689330.1697287506\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 14 Oct 2023 12:45:05 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 1150\r\nLast-Modified: Tue, 16 Dec 2008 17:17:25 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"4947e2a5-47e\"\r\nExpires: Sat, 21 Oct 2023 12:45:05 GMT\r\nCache-Control: max-age=604800\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\\012- data","md5":"f299cf2e651c19e48d27900ced493ccb","sha1":"c2d1086d517d7a26292e0d7b32da7c55b166c23b","sha256":"115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1","sha512":"b46341bfbac50f48afcd2a4e34910901d722ce72f9f34f809916103e01d7ebc11bce15a28bf6449efd49ab9dfef1f84a94e3ad775cbe52d5822996674124b104","ssdeep":"","tlshash":"6921fea2f747de24d05a027081978e195686ee563199204b711c7d6e782e5504435237","first_seen":"2023-04-30T19:35:34Z","last_seen":"2026-04-22T19:39:47.352104Z","times_seen":3622,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:06.533038867Z","timestamp":1697287506533,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Sat, 14 Oct 2023 12:45:05 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"d8e27c7b4a1060947a263e7c75e5523a","sha1":"8ea1015eb1f1ca8c7e0632aeafa90eb13eac85db","sha256":"1d16478e5b9c722c6b162abba263fcaf3c94c9595d3fe5b70abf943515f44af5","sha512":"476db6af43b006195284df0d5d673c96ffcbc9d41ed5a1f6fcd05a5385372a273d2ef8f25d2bc2f5d3b329e5d25e482ffc2d28c71932e77e4c20c75753b5790f","ssdeep":"","tlshash":"8cf0dc4b1cf97022dda9dd3d5306d71c3a0438220d548644bce892dd4a8f0ee78aca48","first_seen":"2023-10-13T18:02:38Z","last_seen":"2023-10-14T22:55:19Z","times_seen":388,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:06.552082059Z","timestamp":1697287506552,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Sat, 14 Oct 2023 12:45:05 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 472\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":472,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"d8e27c7b4a1060947a263e7c75e5523a","sha1":"8ea1015eb1f1ca8c7e0632aeafa90eb13eac85db","sha256":"1d16478e5b9c722c6b162abba263fcaf3c94c9595d3fe5b70abf943515f44af5","sha512":"476db6af43b006195284df0d5d673c96ffcbc9d41ed5a1f6fcd05a5385372a273d2ef8f25d2bc2f5d3b329e5d25e482ffc2d28c71932e77e4c20c75753b5790f","ssdeep":"","tlshash":"8cf0dc4b1cf97022dda9dd3d5306d71c3a0438220d548644bce892dd4a8f0ee78aca48","first_seen":"2023-10-13T18:02:38Z","last_seen":"2023-10-14T22:55:19Z","times_seen":388,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"forgotingolstono.com/utx?cb=jaYtGh5zZaJa\u0026top=www.upload.ee\u0026tid=997369","fqdn":"forgotingolstono.com","domain":"forgotingolstono.com","tld":"com"},"ip":{"addr":"65.9.55.104","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.456Z","timestamp":1697287506456,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"forgotingolstono.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Wed, 04 Oct 2023 00:00:00 GMT","end":"Sat, 02 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7C:16:DA:EA:ED:10:BC:84:3B:B8:08:EE:1E:92:2A:DE:2F:F7:70:02","sha256":"99:E7:22:01:A0:76:29:F6:E5:A2:FF:81:84:1E:9A:88:6E:F2:95:27:E2:97:51:1D:E4:7E:E1:57:63:05:13:36"}}},"request":{"raw":"GET /utx?cb=jaYtGh5zZaJa\u0026top=www.upload.ee\u0026tid=997369 HTTP/1.1\r\nHost: forgotingolstono.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 14 Oct 2023 12:45:05 GMT\r\nserver: openresty/1.17.8.2\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.upload.ee\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\nset-cookie: ut=x; Expires=Sat, 14 Oct 2023 12:46:05 GMT; Max-Age=60\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN54-C1\r\nx-amz-cf-id: pNYlp9g893bB7k69_TlXBWQJz93VhE7G77_yheQeHzYIzOj2cb9QUw==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":120,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"forgotingolstono.com/utx?cb=QYaHRduxN7FZ\u0026top=www.upload.ee\u0026tid=997414","fqdn":"forgotingolstono.com","domain":"forgotingolstono.com","tld":"com"},"ip":{"addr":"65.9.55.104","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.460Z","timestamp":1697287506460,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"forgotingolstono.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Wed, 04 Oct 2023 00:00:00 GMT","end":"Sat, 02 Nov 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7C:16:DA:EA:ED:10:BC:84:3B:B8:08:EE:1E:92:2A:DE:2F:F7:70:02","sha256":"99:E7:22:01:A0:76:29:F6:E5:A2:FF:81:84:1E:9A:88:6E:F2:95:27:E2:97:51:1D:E4:7E:E1:57:63:05:13:36"}}},"request":{"raw":"GET /utx?cb=QYaHRduxN7FZ\u0026top=www.upload.ee\u0026tid=997414 HTTP/1.1\r\nHost: forgotingolstono.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 14 Oct 2023 12:45:05 GMT\r\nserver: openresty/1.17.8.2\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.upload.ee\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\nset-cookie: ut=x; Expires=Sat, 14 Oct 2023 12:46:05 GMT; Max-Age=60\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 2f7792bdc67f7953e2dce93aea1bb9ee.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN54-C1\r\nx-amz-cf-id: pOMF8vV70mCnPIf60_mzHMXnv9PlOnanB_SzvtIP7NRb_X57_lB4Yg==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":142,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=mail","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.434Z","timestamp":1697287506434,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 18 Sep 2023 08:25:15 GMT","end":"Mon, 11 Dec 2023 08:25:14 GMT"},"fingerprint":{"sha1":"4A:5A:3C:9D:EC:4D:02:20:DE:B6:76:11:1C:40:B5:78:E9:AA:A6:0D","sha256":"51:BA:50:4C:F2:9A:2F:20:01:39:38:BC:D8:A0:74:99:3C:E6:0D:65:02:FB:EC:38:03:39:D4:6C:44:85:4B:39"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=mail HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:fzYFWmSbR3MTYhZdf-Inyjb6K09xkQ:4jSMugoaAFbLg7SP; Expires=Mon, 13-Oct-2025 12:45:06 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 14 Oct 2023 12:45:06 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026ifkv=AVQVeyy5q02F8XRV9t2nRJPugmj1345P3_TO359JloHjxcEhcmj8kvna_uKdpsWUi3J9_NHMgi24\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy: unsafe-none\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy: script-src 'nonce-avditLSepPDaPnSt4iV3HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":418,"timings":{"blocked":187,"dns":0,"connect":8,"send":0,"wait":31,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.437Z","timestamp":1697287506437,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 18 Sep 2023 08:25:15 GMT","end":"Mon, 11 Dec 2023 08:25:14 GMT"},"fingerprint":{"sha1":"4A:5A:3C:9D:EC:4D:02:20:DE:B6:76:11:1C:40:B5:78:E9:AA:A6:0D","sha256":"51:BA:50:4C:F2:9A:2F:20:01:39:38:BC:D8:A0:74:99:3C:E6:0D:65:02:FB:EC:38:03:39:D4:6C:44:85:4B:39"}}},"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:I3aHdCEJpTZX69gBRJREcil5kPjn0Q:R8m9SMJCkWnsKtYS; Expires=Mon, 13-Oct-2025 12:45:06 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 14 Oct 2023 12:45:06 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AVQVeyy1iSS-8SsPL0cUhMPzsG2iHaghp6jJNHP1OIJCezaaIieAv4CVfm6JNp0P3yH1T_PGUBn1\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncross-origin-opener-policy: unsafe-none\r\ncontent-security-policy: script-src 'nonce-MuzfxCch9_qclXLGUiqkrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\ncross-origin-resource-policy: cross-origin\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":479,"timings":{"blocked":194,"dns":0,"connect":10,"send":0,"wait":77,"receive":0,"ssl":195},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/DTFIzMlQvPV1Uazg7Vw9tdWUABG1qOEBdOjxva0Q2ISd1fQUOdEdIMHFiFV41IjUOFDEiMQ4Dci02UQ9gaiZDXT9xO0pBPyUkR0AnLnRGU2khPUlbOCAzFgASeXwDF2Z8eksDZWlhcRdmfD5aXCE0dwECLHRkbARgaWFxF2Z8IEUXZw1jAwt6fHsWAGQrN1-BZO2lgdQBkfWIDA2R9dwECMiUgVlQ7NHcBdGV9Yx0CcjlvAg","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:06.770122774Z","timestamp":1697287506770,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /DTFIzMlQvPV1Uazg7Vw9tdWUABG1qOEBdOjxva0Q2ISd1fQUOdEdIMHFiFV41IjUOFDEiMQ4Dci02UQ9gaiZDXT9xO0pBPyUkR0AnLnRGU2khPUlbOCAzFgASeXwDF2Z8eksDZWlhcRdmfD5aXCE0dwECLHRkbARgaWFxF2Z8IEUXZw1jAwt6fHsWAGQrN1-BZO2lgdQBkfWIDA2R9dwECMiUgVlQ7NHcBdGV9Yx0CcjlvAg HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://forgotingolstono.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 607\r\ndate: Sat, 14 Oct 2023 12:45:06 GMT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: A4NwmWBwEJD-AgQ0JKF3BpVJfjXfY6SV2_NRLDsITjhizxlBq1ACYA==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":607,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (865), with no line terminators","md5":"535eac842ce1367c744b6ed6eb62a627","sha1":"f8309051dfc2395d1761fb67e862b52b32a7396c","sha256":"9afc5ca3a225276154b37e7908387731186a238003b7cfa8c0d9da013de3319c","sha512":"101b7e087d444b5821835b4d4839a7d47b9a956d4f5624c9abca4d8a43ea5fdc5f06f2c4059d057e6b4ea5bae42f9ef1d0e4acd075a0d85a9027857cd4874976","ssdeep":"","tlshash":"6411007afd94851424669656a7b6f0e48218a4dc40fa076e55a217016e08d2f8f40615","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026ifkv=AVQVeyy5q02F8XRV9t2nRJPugmj1345P3_TO359JloHjxcEhcmj8kvna_uKdpsWUi3J9_NHMgi24","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.724Z","timestamp":1697287506724,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 18 Sep 2023 08:25:15 GMT","end":"Mon, 11 Dec 2023 08:25:14 GMT"},"fingerprint":{"sha1":"4A:5A:3C:9D:EC:4D:02:20:DE:B6:76:11:1C:40:B5:78:E9:AA:A6:0D","sha256":"51:BA:50:4C:F2:9A:2F:20:01:39:38:BC:D8:A0:74:99:3C:E6:0D:65:02:FB:EC:38:03:39:D4:6C:44:85:4B:39"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026ifkv=AVQVeyy5q02F8XRV9t2nRJPugmj1345P3_TO359JloHjxcEhcmj8kvna_uKdpsWUi3J9_NHMgi24 HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:ZSuFHrS6yKMJPPipaqx03CswhpK66Q:8S4e8KpLuCI4xJSe;Path=/;Expires=Mon, 13-Oct-2025 12:45:06 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 14 Oct 2023 12:45:06 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyyjVcxSHfMtKIBIXodBhYI0La_JFI6OstKk9rKOZcBjnYRbrtqB3ky150goj7M8i5JlBXSc\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S2013448058%3A1697287506133814\u0026theme=glif\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: script-src 'nonce-b4SCxxHzJUJRGSUFp2-WhQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 402\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":402,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (393)","md5":"68ac9fa6b926ba0998141cd78591efed","sha1":"fd7c10b4c583f9bf3e730c6889abb8fb584fd706","sha256":"47da1b000ed1c0e584aeee575015bd821b16a192cd3b412d7c7622402b880f29","sha512":"8943104754093dcc02b59db90030a7d2e3bec1131b4465c4d68ddae1064f43d528bd48f3731b2386584055f8e4267334189b1b109a225f2996a6faa2bd9ee8ab","ssdeep":"","tlshash":"0ef0c06e9c8600aa955364f5d024749c487838243dc6b5a971e2671941c1837112a6f3","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AVQVeyy1iSS-8SsPL0cUhMPzsG2iHaghp6jJNHP1OIJCezaaIieAv4CVfm6JNp0P3yH1T_PGUBn1","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.730Z","timestamp":1697287506730,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 18 Sep 2023 08:25:15 GMT","end":"Mon, 11 Dec 2023 08:25:14 GMT"},"fingerprint":{"sha1":"4A:5A:3C:9D:EC:4D:02:20:DE:B6:76:11:1C:40:B5:78:E9:AA:A6:0D","sha256":"51:BA:50:4C:F2:9A:2F:20:01:39:38:BC:D8:A0:74:99:3C:E6:0D:65:02:FB:EC:38:03:39:D4:6C:44:85:4B:39"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AVQVeyy1iSS-8SsPL0cUhMPzsG2iHaghp6jJNHP1OIJCezaaIieAv4CVfm6JNp0P3yH1T_PGUBn1 HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:m9suuh-0LLJxpapvrTh-ajKwNkkQKA:wCdb4it7YCjUzk_z;Path=/;Expires=Mon, 13-Oct-2025 12:45:06 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 14 Oct 2023 12:45:06 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyx6dnSLzTmEKZaXm0Jza2mJ3_pV0fmbdc0fDDOiGvtRPUzFV7zeSA30AaNwG63qB1De1UrB\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S1980345350%3A1697287506141131\u0026theme=glif\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-security-policy: script-src 'nonce-LH0KshytOoFrXaY_cQJa9g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 405\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":405,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (397)","md5":"6289efc8af7c5bff3b8552578db9d2c6","sha1":"0aedc20f6aaec4827943345e29bc0d825604d064","sha256":"92680d167d50bc8eca0acf253b76bc8956489a7a8b7c3e3cda7961cc1e26c3ab","sha512":"4b6350fd665f47933697dee90931653b837dd8be1eaddb026d8b473afbba79e0d946dc69a08c565876265c308646b1ea8456f9b4c21f43eee65bd168ca2a7537","ssdeep":"","tlshash":"16f0c06e884608ed69833cf5a024b54c447468b93ac6e8bcb0e3b71141d483711016f2","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/mUHltR0kzFgMhdiQQCXpwaU5Zdn12Ex4oJyBEJh8xHCAmIithTlphPSodUHdvPBgDIHR2HAMkdGFfDCMrbU1LMzk/ElAuMCMSBDE9IgoPYTwxRAAoMzkVASZsYj9YaXl1S11vMWFISHQLdUtdKyA+DBVie2ABVXEWZk1IdAt1S101P3VKLHZ5aVddbmxiSQ-oiKjsWSHUPYklcd3lhSVxie2AfBDUsNhYVYnsWSFx2Z2BfGHp4","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:06.814684609Z","timestamp":1697287506814,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /mUHltR0kzFgMhdiQQCXpwaU5Zdn12Ex4oJyBEJh8xHCAmIithTlphPSodUHdvPBgDIHR2HAMkdGFfDCMrbU1LMzk/ElAuMCMSBDE9IgoPYTwxRAAoMzkVASZsYj9YaXl1S11vMWFISHQLdUtdKyA+DBVie2ABVXEWZk1IdAt1S101P3VKLHZ5aVddbmxiSQ-oiKjsWSHUPYklcd3lhSVxie2AfBDUsNhYVYnsWSFx2Z2BfGHp4 HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://forgotingolstono.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 574\r\ndate: Sat, 14 Oct 2023 12:45:06 GMT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: wnSmI0l3PHJfI--9HTncFIoWnSrSBSnOB9tIARt0_yKmtOgLGpv8rQ==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":574,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (799), with no line terminators","md5":"b245c0ce6daaf127efe51cb4b23f3829","sha1":"bf74038af3644f409dccc4d58a10da3d4c77d181","sha256":"e4706421e17e23f25bd9c408dbdcb07535e6f26b826b5ac2ef4e291e15dcf4ff","sha512":"b22f4c41bb45034b7da1533bcb69c5d0187bcf80bd0efb2346c18a5de3d09b9362d615ca2fecd231c2c34985aa67ff0e9a1c910d35a18c50fbb7b8db5f508c35","ssdeep":"","tlshash":"3601417afc80c45074a76a0ad77af08cc21ca4cca0f30fbe42a627811f4ca6a4b007a5","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/eVHp1N1g3FRtRZyATEQphbU1BB2ByEAZYNiRHHW8MPi1FDjsCMyd8fiAAEQpochYUWT9pXBBZO2lLU1Y8NkdBES01RxhYIj0WGVZ9ZjxAGWhxSEUfIGVLUAQacUhFWzE6Dw0SamQCTQEHYk5QBBpxSEVFLnFJNAZobVRFHn1mShJSOz8VUAUeZkpEB2hlSk-QSamQcHEU9MhUNEmoSS0QGdmRcAApp","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:06.824171331Z","timestamp":1697287506824,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /eVHp1N1g3FRtRZyATEQphbU1BB2ByEAZYNiRHHW8MPi1FDjsCMyd8fiAAEQpochYUWT9pXBBZO2lLU1Y8NkdBES01RxhYIj0WGVZ9ZjxAGWhxSEUfIGVLUAQacUhFWzE6Dw0SamQCTQEHYk5QBBpxSEVFLnFJNAZobVRFHn1mShJSOz8VUAUeZkpEB2hlSk-QSamQcHEU9MhUNEmoSS0QGdmRcAApp HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://forgotingolstono.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 191\r\ndate: Sat, 14 Oct 2023 12:45:06 GMT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: kbMZxwaturw5-2gvF_1-3gCUROZ6u278g64H3uesr03BnyBIh8qLTA==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":191,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"933b0e3bdf79513fffbf7088a1c19843","sha1":"6b501eba9c8cf38561e94aa4bde72936d6f4d927","sha256":"4a0c931a9a7aaedde13a8b553af963d1313fb57cdf438afcf43ff702b4b5c4f4","sha512":"df008adc643cb7a68da92b0f2cdbb075a60e4ab8871fcfc8e67d86f4d4d3e44241e08fc0d27eccddb65e3ff54f5b3d189c00cb48c05b5dc44e441b819940093a","ssdeep":"","tlshash":"add02230abd0119428230b4f287826e48bd886d816a3013b84332b53260bc0acfec18b","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.pki.goog/gts1c3","fqdn":"ocsp.pki.goog","domain":"pki.goog","tld":"goog"},"ip":{"addr":"142.250.74.131","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:06.825336825Z","timestamp":1697287506825,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST /gts1c3 HTTP/1.1\r\nHost: ocsp.pki.goog\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nDate: Sat, 14 Oct 2023 12:45:06 GMT\r\nCache-Control: public, max-age=14400\r\nServer: ocsp_responder\r\nContent-Length: 471\r\nX-XSS-Protection: 0\r\nX-Frame-Options: SAMEORIGIN\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"a91da8e035e4b10b219053969ff4ab86","sha1":"976b8deaf7501df2c923383087106a823e7a0859","sha256":"008adc1696a4aa427606743795c5de301921946a3d2887c7a7817dcc6fc16ba5","sha512":"f8a5a0e817b501b7f29eadcdfec815d289075f67365901323235c50647b487ca7925db8872d35231b60c4a58c4d3ef08b42a9420399ce568563b12c00f9b298f","ssdeep":"","tlshash":"6ff0dc4c0e762e82aeaecd655fa830603106b50c55fb01e62cf897ea8815af72c1c255","first_seen":"2023-10-13T18:03:22Z","last_seen":"2023-10-14T22:58:03Z","times_seen":1275,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"blicatedlitytl.info/popunder.gif","fqdn":"blicatedlitytl.info","domain":"blicatedlitytl.info","tld":"info"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.828Z","timestamp":1697287506828,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blicatedlitytl.info","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Thu, 12 Oct 2023 08:51:17 GMT","end":"Wed, 10 Jan 2024 08:51:16 GMT"},"fingerprint":{"sha1":"C4:A3:7B:D1:18:B2:B1:F5:7E:A8:42:31:5C:03:85:97:D4:91:7B:EE","sha256":"92:B1:B1:63:0D:02:08:F5:0A:8B:DA:81:C6:0F:B2:D8:58:2A:D3:06:25:C7:0D:81:66:E2:AF:D1:CB:9D:55:70"}}},"request":{"raw":"GET /popunder.gif HTTP/1.1\r\nHost: blicatedlitytl.info\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:06 GMT\r\ncontent-type: image/gif\r\naccess-control-allow-origin: *\r\npragma: public\r\ncache-control: public, max-age=604800, immutable\r\ncf-cache-status: HIT\r\nage: 129435\r\nlast-modified: Fri, 13 Oct 2023 00:47:51 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=yDu5lfyHmR3tRmfRmG6R8l5%2FlebGJ8v0sRUox1l6nu3DioP5jPJU%2F5B4k8iLFu7A5TooaVkg4pHa%2FG1EGI%2FDlEV28d9zBC%2FjYIgKcMl333sim%2BU%2FkzTshT8n2iIovMAGssDb1CB8\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 815feae1aab20b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1345,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"ab49b5331a22d69b463850d9ee8d2b93","sha1":"460c434e7bb150b3eb2b71b687d50a648bdc404d","sha256":"994a1c7ce4ecd83ace3d0fe4834ad092b538dbf23e691a8a85f004feaec15401","sha512":"d79bc2896ea3c5a9bbb725170e99e708a55d27a63213361df7a7cb01af66bcc17772acdb29bc85f41f50d8ab8a875a70c5465ee853c7718e2041eef5873453e2","ssdeep":"","tlshash":"","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c\u0026type=direct\u0026page_id=5957645\u0026screen_width=1280\u0026screen_height=1024\u0026os=Linux%20x86_64\u0026refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15806824%2F3e00354f03e01db085e3%2F________________________________________________.pdf.exe\u0026pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15806824%2F________________________________________________.pdf.exe.html%3Fmsg%3Dsess_error\u0026rnd=1697287505936","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.20","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:07.228Z","timestamp":1697287507228,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Sep 2023 21:06:47 GMT","end":"Sun, 03 Dec 2023 21:06:46 GMT"},"fingerprint":{"sha1":"B7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD","sha256":"E6:B8:D8:CD:C4:AF:99:B8:FE:AA:BC:4E:7A:2B:BA:32:A0:C0:A7:49:70:CE:35:CA:6C:01:D2:B9:1A:97:CD:30"}}},"request":{"raw":"GET /script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c\u0026type=direct\u0026page_id=5957645\u0026screen_width=1280\u0026screen_height=1024\u0026os=Linux%20x86_64\u0026refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15806824%2F3e00354f03e01db085e3%2F________________________________________________.pdf.exe\u0026pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15806824%2F________________________________________________.pdf.exe.html%3Fmsg%3Dsess_error\u0026rnd=1697287505936 HTTP/1.1\r\nHost: serving.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: private, must-revalidate, max-age=0\r\nvary: accept-encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/plain;charset=ISO-8859-1\r\ndate: Sat, 14 Oct 2023 12:45:03 GMT\r\nset-cookie: bepolite_id=da8a7788dcf65c9a7f323047af5ce75f; Max-Age=7776000; Expires=Fri, 12-Jan-2024 12:45:04 GMT; SameSite=None; Secure\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 771976392\r\nage: 0\r\naccept-ranges: bytes\r\ncontent-length: 1447\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1447,"size_decoded":0,"mime_type":"","magic":"ASCII text, with very long lines (394)","md5":"d4076d40af1802ebd961294601eac743","sha1":"2be74c232d6fefb56242e60b0ef86410842d5d0a","sha256":"d064be1df55daa38e43e159bacf942bbe27637055ca87818ad9937d429272736","sha512":"67b539048c19c8b8f7bb35c55206a044b8089fae7585e3c600362c6784a20f56847605c8c46a99685e96e69b841acad461b76a6359245e72fc9835f196a9e315","ssdeep":"192:JMmEXVC2MELhTELhBELh8ELhPELhvbTELTELBEL8ELPEL30:CmEFmQtQ/Q6QlQpTQTQBQ8QPQk","tlshash":"dfd14258cf8db0281d7074222baf68d4608df674b54e1d75e94f48b368de6a22cc5b28","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":true,"data":null}},"time_used":390,"timings":{"blocked":113,"dns":26,"connect":14,"send":0,"wait":159,"receive":0,"ssl":75},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/scripts/saresponsive.js","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.20","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:07.634Z","timestamp":1697287507634,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Sep 2023 21:06:47 GMT","end":"Sun, 03 Dec 2023 21:06:46 GMT"},"fingerprint":{"sha1":"B7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD","sha256":"E6:B8:D8:CD:C4:AF:99:B8:FE:AA:BC:4E:7A:2B:BA:32:A0:C0:A7:49:70:CE:35:CA:6C:01:D2:B9:1A:97:CD:30"}}},"request":{"raw":"GET /scripts/saresponsive.js HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\naccept-ranges: bytes\r\netag: \"3434174309\"\r\nlast-modified: Mon, 09 Oct 2023 23:05:33 GMT\r\ncontent-length: 176966\r\ndate: Sat, 14 Oct 2023 12:45:04 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 771778901\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":176966,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (32077), with CRLF line terminators","md5":"8b966d35075632aae6108d54928c2ae9","sha1":"c76f1c7ab28ade483e7a852c049eeb5bddaf4e5e","sha256":"da22da01f20d28d9171f8107e155ca01f9811d6abcd3b64dbeb832ec6c34578e","sha512":"94a815a1978744d0e4084813cf6dcbdbab67220ff313a90221766f8ad9c8a3e2d38a46b83a12ae42c41759ff7d9d2a2e9a686196d5290540c2a8eb9d8e2e5c8c","ssdeep":"3072:y4J+03jL5TCOauTwDhFdnCVQNLa98HrPevC2eYCLaISE92oa:40zEOQR+iLa98HrgreYCvSE9K","tlshash":"ea0418d57b8e381787a632a980ff014ef17dd2f6a1094875f09894a06db8a1d13b7f6c","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-26T19:30:47Z","times_seen":6,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.r2m02.amazontrust.com/","fqdn":"ocsp.r2m02.amazontrust.com","domain":"amazontrust.com","tld":"com"},"ip":{"addr":"143.204.48.16","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:07.876064122Z","timestamp":1697287507876,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.r2m02.amazontrust.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nContent-Length: 471\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=7200\r\nDate: Sat, 14 Oct 2023 12:45:07 GMT\r\nLast-Modified: Sat, 14 Oct 2023 11:39:50 GMT\r\nServer: ECAcc (ska/F7A3)\r\nX-Cache: Miss from cloudfront\r\nVia: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: OSL50-C1\r\nX-Amz-Cf-Id: s1Dr6dnkK5JzbbIdVe-hMt8_3H5MSasZu9X5Pw-P-6ED2RsynTLUxw==\r\nAge: 3918\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"9fea3fbafccb29672734c4139285ce05","sha1":"0e57b6bc927afac69190eb9097086f45e9426141","sha256":"4e4a4aaa687773bdb3a1d84a1d2ecb19be426ce5bb97566d60e1d6a62d297075","sha512":"824c733e998fda23864979e4d4b9991113ce73665624b95a1947dbc76d3eeedea319d96cdaa89cca14c94e3dc4590d3b768e197793dcfa432eac153bd7cdafa8","ssdeep":"","tlshash":"15f054d4004bac86790c0ce8864b4e2c301ba042e84044827bf467d10845e338d6c468","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.r2m02.amazontrust.com/","fqdn":"ocsp.r2m02.amazontrust.com","domain":"amazontrust.com","tld":"com"},"ip":{"addr":"143.204.48.16","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:07.883202556Z","timestamp":1697287507883,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.r2m02.amazontrust.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 83\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/ocsp-response\r\nContent-Length: 471\r\nConnection: keep-alive\r\nAccept-Ranges: bytes\r\nCache-Control: max-age=7200\r\nDate: Sat, 14 Oct 2023 12:45:07 GMT\r\nLast-Modified: Sat, 14 Oct 2023 11:27:17 GMT\r\nServer: ECAcc (ska/F6AF)\r\nX-Cache: Miss from cloudfront\r\nVia: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)\r\nX-Amz-Cf-Pop: OSL50-C1\r\nX-Amz-Cf-Id: E3jToGnvLmIwYoWB0laq6Vi3RuOGgHjDxRYSrklRgsA537bfCTbiSA==\r\nAge: 4670\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":471,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"9fea3fbafccb29672734c4139285ce05","sha1":"0e57b6bc927afac69190eb9097086f45e9426141","sha256":"4e4a4aaa687773bdb3a1d84a1d2ecb19be426ce5bb97566d60e1d6a62d297075","sha512":"824c733e998fda23864979e4d4b9991113ce73665624b95a1947dbc76d3eeedea319d96cdaa89cca14c94e3dc4590d3b768e197793dcfa432eac153bd7cdafa8","ssdeep":"","tlshash":"15f054d4004bac86790c0ce8864b4e2c301ba042e84044827bf467d10845e338d6c468","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:07.781Z","timestamp":1697287507781,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: text/html\r\nserver: nginx/1.15.12\r\nlast-modified: Tue, 24 Jan 2023 14:19:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63cfe903-1761\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1857,"size_decoded":0,"mime_type":"text/html","magic":"gzip compressed data, from Unix\\012- data","md5":"273086ce8c5683ccaeb002d5ced7f104","sha1":"3f71e54c72be9dc0a37f0d9f0d14d906d505c883","sha256":"7a08afd923a3ac3a29f93c8a19fca4b2314aa11ac17c64896121cf385f7a65f4","sha512":"b329c6b30774cf8277bdf1fa4a31ceb45f46ef601ec1e4f5b6e77307d5ddfe6914dfdbc28a362939db3e6196653248e787b7de6ef1ffab6add08b83c9379383a","ssdeep":"","tlshash":"39312b73f24334613a40473498cb67195af6981412e4e98c87e1ce10e7c6f30d8f0272","first_seen":"2023-09-08T19:15:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":4,"resource_available":false,"data":null}},"time_used":232,"timings":{"blocked":103,"dns":0,"connect":26,"send":0,"wait":26,"receive":0,"ssl":74},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/config/config.js?v=1","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.037Z","timestamp":1697287508037,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /config/config.js?v=1 HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 75\r\nserver: nginx/1.15.12\r\nlast-modified: Tue, 24 Jan 2023 14:19:47 GMT\r\netag: \"63cfe903-4b\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":75,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"ee16e21326dec006274a554647c4d759","sha1":"8e4389c35e12ea6d1e4d7214c174fda343047865","sha256":"5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f","sha512":"a239a8e81f283185fdb6793b9d85b0418d876138414aab138425f356942648542372165bd3faac525d4538dd308467a432492efe6f3efc402ef3029b33d1ebb4","ssdeep":"","tlshash":"4ea012f3818884730728057185d738249f0da14444618184626814026008221511252c","first_seen":"2023-03-13T06:46:56Z","last_seen":"2024-08-21T08:57:42.304883Z","times_seen":97,"resource_available":true,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:07.768Z","timestamp":1697287507768,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: text/html\r\nserver: nginx/1.15.12\r\nlast-modified: Tue, 24 Jan 2023 14:19:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63cfe903-1781\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":34220,"size_decoded":0,"mime_type":"text/html","magic":"gzip compressed data, from Unix\\012- data","md5":"7a8791d904ecdc6900ef7baf37f5cfb9","sha1":"02a82923b042f279cc135be8ea866ce8f5ffade0","sha256":"3cea4effb8b545cd80ebc0799ff835aee9d8dd055d613a9600cc3154230f3ee7","sha512":"8a77c9f5108e73cd93f29262189e1246f258a44359f97cdd10c02894e9112e31916c6a5b2daf7f39a3199c3d7fad3164b91b3fc04645e7fd644ea1c6eb39f6a9","ssdeep":"768:SnsAmJTKwYe553dX668JDy6CngqNLTLuoO5hB25FwH9n:SaJWwx5j66gD7CnXNAFn","tlshash":"75e2f16a17f8d74086941a717b7fe3102cc29ec36df2e0128dc5e5a0b1bdc1a1ae75a6","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":108,"dns":0,"connect":26,"send":0,"wait":27,"receive":0,"ssl":80},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pogothere.xyz/","fqdn":"pogothere.xyz","domain":"pogothere.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.457Z","timestamp":1697287506457,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Tue, 28 Feb 2023 00:00:00 GMT","end":"Tue, 27 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB","sha256":"09:91:FB:E4:53:65:EC:A7:C4:6B:EB:F6:E2:94:A5:09:45:6F:FC:DC:B1:B4:E4:67:80:61:7A:EE:7F:81:DD:45"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pogothere.xyz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:05 GMT\r\ncontent-type: text/plain\r\nset-cookie: csu=2190800103046914@1@1697287505; Max-Age=31104000; Secure; SameSite=None\r\naccess-control-allow-origin: https://www.upload.ee\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: X-Requested-With, content-type\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=FEN20x68gyRcDxy6pCLA%2BmEe0vb0fRIB%2BRGMSV5YcAzX9RY3QwO%2Bia8DIMkjuf9pNDbR%2F2RzjWQdoYt1TbI982YyovLt7AZI0Q36bN6AdVY6sNOjOJkD9MoPQNxol5%2BH\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 815feadfb96b568a-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"cee22c8e5a48e4c2c259486de8585ada","sha1":"6c71cff185b6aefb758f7077c371049221d84d62","sha256":"88f2de5d7e408cd97c1e3bab5f1be2cb43cc98e23430448bb3ce4da5c16fe287","sha512":"10c384af46b684ab2ce4facdf5205452f04b66b350372f7d9a00d5dd9ede3a73173d2dfbc94b9182ca774e83bc320d10519544b4642d12cbc57ea30595a22b44","ssdeep":"","tlshash":"aa8000a0a3320e03a300cb800000be0a02c208be0083082a028ab00208a8cb8b000c30","first_seen":"2023-10-14T14:45:24Z","last_seen":"2023-10-14T14:45:24Z","times_seen":1,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":66,"dns":2,"connect":9,"send":0,"wait":121,"receive":0,"ssl":59},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/css/index_1000x200.css","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.019Z","timestamp":1697287508019,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/css/index_1000x200.css HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: text/css\r\nserver: nginx/1.15.12\r\nlast-modified: Fri, 17 Dec 2021 08:13:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"61bc46c6-1301\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1146,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"67ddcfb5d01d94b3bb85e8b2be771d9e","sha1":"f73cdadc08a8ce4ce25b65ffb725a8169d56ed97","sha256":"f519050dc3dbc3ef03af0cdb62960d8b4c9060f431a8feacdf015bacbd24e7ef","sha512":"e809492c934eb06913d05b34bb49e9c58872ace3d75425c914429ee6322b87026292c0b91cd18ca0df19ece20d7b91ab28cd0f8c7939cf091e4fa5ea264b8460","ssdeep":"96:n9d6pePSZKtpS1CSBKZFbJs+3iI/f5XH2u1FmjBkyv3Cj59NtTVYNJ:9sTAXPLbt5JvvIxP","tlshash":"f2a111504a2b3546b812486a37d63f041b9d3013314fce153bacaa9d8ff99d9c05dbdd","first_seen":"2023-04-05T06:51:29Z","last_seen":"2023-10-14T14:45:24Z","times_seen":4,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/image/prices-bg-3.png","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.152Z","timestamp":1697287508152,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/image/prices-bg-3.png HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/assets/css/index_1000x200.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: image/png\r\ncontent-length: 2442\r\nserver: nginx/1.15.12\r\nlast-modified: Thu, 22 Apr 2021 07:20:15 GMT\r\netag: \"608123af-98a\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2442,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 118, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ef56eff9c1246b25c0088c156116ae05","sha1":"21f5a8245443365c960a196d005277a3c5ef4709","sha256":"be624625b85909d1b549672c0a13b167751f842e035c3156f1d5e4a1b677ce54","sha512":"10b48f3e266b0ec278b3dd880afe7bcc5b86ee40cd76293a6dfb9bc647780a7e95e366bec96ee1765aebea41307bfcca30aef7f14256addea31f047b132dfc24","ssdeep":"","tlshash":"9e510a0666a5109da0c37ee32c475c58cf302363618066ddd77fa5dd68a2885bf81b89","first_seen":"2023-05-01T00:43:07Z","last_seen":"2024-08-21T08:57:42.312691Z","times_seen":76,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.375Z","timestamp":1697287508375,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/fonts/greycliff-cf-regular.woff HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/assets/css/index_300x600.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: font/woff\r\ncontent-length: 53104\r\nserver: nginx/1.15.12\r\nlast-modified: Thu, 22 Apr 2021 07:20:15 GMT\r\netag: \"608123af-cf70\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":53104,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 53104, version 1.500\\012- data","md5":"4f5975fe17a8ca74963be0165ff6a443","sha1":"4bca2ab6c3da2b6ae09602601adeac22e7a90381","sha256":"5b8f98e0c93afef19bd64c3dea2a16d60dc1574e5a4a79b788ef03b9eb3c22df","sha512":"6ca6fb1d1845ac2cbd2510fb8882193fa8c800f2dea37b680fed0780f6d50a08258eccda0ef52495d2af346c32866c3a34a7ceefb7448af211b1b4ef6a7585da","ssdeep":"1536:YkREtZ1LgzQ0J3ysMpc4EcDFBxfknCHWCFJqjQmt:os/MCLaMCCQg","tlshash":"2c3302610f0d0d77da5499ed2a6ee7fa6a03c4300e83036578da63e1a6637bcc7341e9","first_seen":"2023-05-01T00:43:07Z","last_seen":"2024-08-21T08:57:42.307464Z","times_seen":94,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/fonts/greycliff-cf-bold.woff","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.234Z","timestamp":1697287508234,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/fonts/greycliff-cf-bold.woff HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/assets/css/index_300x600.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: font/woff\r\ncontent-length: 53208\r\nserver: nginx/1.15.12\r\nlast-modified: Thu, 22 Apr 2021 07:20:15 GMT\r\netag: \"608123af-cfd8\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":53208,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 53208, version 1.500\\012- data","md5":"c03dece8ec0635406a35b888337dca8f","sha1":"b72706815dccadd44dba1693ed8865b41782b14f","sha256":"092416b2a5cbe9f6596ff7ee177db702262c64326231a3664a34a65c861601b1","sha512":"dbdd29503b0afeca12cfdd19339ea718874676e3bed1cab043ffd0cef412be4fd22cc217633d340378dcc67fa15bc32246b53c04401c3f2986eea52c81507e9c","ssdeep":"","tlshash":"","first_seen":"2023-08-12T19:04:02Z","last_seen":"2023-10-26T19:30:47Z","times_seen":45,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":26,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/js/jquery.min.js","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.014Z","timestamp":1697287508014,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/js/jquery.min.js HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: application/javascript\r\nserver: nginx/1.15.12\r\nlast-modified: Thu, 22 Apr 2021 07:20:15 GMT\r\nvary: Accept-Encoding\r\netag: W/\"608123af-15d84\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":84054,"size_decoded":0,"mime_type":"application/javascript","magic":"gzip compressed data, from Unix\\012- data","md5":"0916059107c0f58599101f895170bff8","sha1":"46ec4413262e861f4ec1de96c6a677ff2734064d","sha256":"7885bf57f3c92cab8c85714717e0eee788ca93008abaaee93ed3d0481825ca3b","sha512":"c89c9a44cc3bf14e2ccea24ec08cd7c4853c832c2759c969e67ad335a9b459d9c5e185a63b1c0360ad3e903b2a8c6a38054a8e6ff5be9acde8597c7e49165a78","ssdeep":"1536:uJWwx5j66gD7CnXNABkREtZ1LgzQ0J3ysMpc4EcDFBxfknCHWCFJqjQmt:hf29Avs/MCLaMCCQg","tlshash":"dc8312220f4d4e55c7549afa3a3ee3b51c43c8510ed35261acc6a2f0e2bbd79ca741e9","first_seen":"2023-05-09T19:55:20Z","last_seen":"2023-11-30T09:21:39Z","times_seen":14,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pogothere.xyz/asd100.bin","fqdn":"pogothere.xyz","domain":"pogothere.xyz","tld":"xyz"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.457Z","timestamp":1697287506457,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Tue, 28 Feb 2023 00:00:00 GMT","end":"Tue, 27 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB","sha256":"09:91:FB:E4:53:65:EC:A7:C4:6B:EB:F6:E2:94:A5:09:45:6F:FC:DC:B1:B4:E4:67:80:61:7A:EE:7F:81:DD:45"}}},"request":{"raw":"GET /asd100.bin HTTP/1.1\r\nHost: pogothere.xyz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:05 GMT\r\ncontent-type: binary/octet-stream\r\naccess-control-allow-origin: https://www.upload.ee\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: X-Requested-With, content-type\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nage: 4697\r\nlast-modified: Sat, 14 Oct 2023 11:26:48 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=KehKOrRQRmqCeJfAOWdZFevTZhhMHUEK5F3rHNk%2BwDC1ELM9DS8fRGzYDtjlwJQLKz%2FslV3oErpzGLouHuH4Rr71gbn%2B%2FxfbxI5iPLS3yH3X%2BR7hbPW0CnRQJqFJQynX\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 815feadfc97e568a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":180956,"size_decoded":0,"mime_type":"binary/octet-stream","magic":"data","md5":"c1ee3f08c34f6108ed7fd2d7cd0a70e2","sha1":"22ecc2416a9fee70747a7378df20918fdf9db87c","sha256":"ff433dbc389fb45df3102d6e2471a8a86316442b6aa3cd0c3abd15fb6f374558","sha512":"af78ac17115aa51f4e8cea33b1b761cad3f262a44063622002d85c0d3336e8562a2c7db90921dabb2ecec89c154cfa2efd1a532f51ccf1219c2ca9e7f0765e90","ssdeep":"1536:M34jbHlqhJww9cVyKUlepyc65CqSC2/5QA3QyrxfCLjqJRh7uxbM:B/w2LH65xSC2/n3QFLoRh7CM","tlshash":"0f04020ec2538cf9c2eee1f861f459b24190cf1d5e82a46fac6d6b46cc403d79352d55","first_seen":"2023-10-14T14:45:25Z","last_seen":"2023-10-14T14:45:25Z","times_seen":1,"resource_available":false,"data":null}},"time_used":157,"timings":{"blocked":62,"dns":6,"connect":1,"send":0,"wait":12,"receive":0,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/I3Qfj8e7MckxIXbz78mw.jpg","fqdn":"dskwugy0u6y9l.cloudfront.net","domain":"dskwugy0u6y9l.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.479Z","timestamp":1697287508479,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /hotelliveeb/images/general/1/I3Qfj8e7MckxIXbz78mw.jpg HTTP/1.1\r\nHost: dskwugy0u6y9l.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 55749\r\ndate: Sat, 14 Oct 2023 04:58:10 GMT\r\nlast-modified: Mon, 20 Dec 2021 05:01:30 GMT\r\netag: \"cddd4b220dbfd2c4641572afbcc3bbf9\"\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: pnm8li5ltaoXFJtgn76cRLaDvbE04st2heXy9Z0bydBpJzdJtBZ_3w==\r\nage: 28018\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55749,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\\012- data","md5":"cddd4b220dbfd2c4641572afbcc3bbf9","sha1":"2bf3de058bcb45d5a133c9e768a4e8fcdb6ec6c8","sha256":"54c4a1b842c44277f35ff895c7be82711edf0591dd660744d3e18c3a62f236ce","sha512":"f3b27fa6dedf0a3cebf322352535ea42f81cc7ff9184b289f9e317deca1dd53a50f65b308fc67606acd21b0ce032da5095de0ae613c1d81fe069d678cb725c20","ssdeep":"","tlshash":"","first_seen":"2023-09-08T18:24:21Z","last_seen":"2023-10-26T19:30:47Z","times_seen":14,"resource_available":false,"data":null}},"time_used":26,"timings":{"blocked":11,"dns":1,"connect":1,"send":0,"wait":2,"receive":2,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.20","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:09.571Z","timestamp":1697287509571,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Sep 2023 21:06:47 GMT","end":"Sun, 03 Dec 2023 21:06:46 GMT"},"fingerprint":{"sha1":"B7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD","sha256":"E6:B8:D8:CD:C4:AF:99:B8:FE:AA:BC:4E:7A:2B:BA:32:A0:C0:A7:49:70:CE:35:CA:6C:01:D2:B9:1A:97:CD:30"}}},"request":{"raw":"GET /event?key=FYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1\r\nHost: serving.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nCookie: bepolite_id=da8a7788dcf65c9a7f323047af5ce75f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 0\r\ndate: Sat, 14 Oct 2023 12:45:01 GMT\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 772756240\r\nage: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":56,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/9XFTBsexLSaW6Uk3nCoS.jpg","fqdn":"dskwugy0u6y9l.cloudfront.net","domain":"dskwugy0u6y9l.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:14.375Z","timestamp":1697287514375,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /hotelliveeb/images/general/1/9XFTBsexLSaW6Uk3nCoS.jpg HTTP/1.1\r\nHost: dskwugy0u6y9l.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 59129\r\ndate: Sat, 14 Oct 2023 04:29:29 GMT\r\nlast-modified: Mon, 20 Dec 2021 05:01:50 GMT\r\netag: \"2bc0042405de1b87297ef3b0e699e446\"\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: YwY3Ymt2AtBbyn00oxU4_s3B6kXy0kMrM7yO5bAmzl_L7pFmEGaYcw==\r\nage: 29745\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":59129,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\\012- data","md5":"2bc0042405de1b87297ef3b0e699e446","sha1":"1c6098f9283395ff9ebf1f5710a61243a1998947","sha256":"4848bddd5f564c6e0bf254cc2dd163d73618504f83a6c35e48a2938901d93a83","sha512":"0c825b4703b8a5c1e9949951192394914dd295ac025c90a1120ae0e1950e0da3b1b8f1ce28e43e6076e483f802fe0811593d07e49dc782666ee2c08c3eba8a26","ssdeep":"","tlshash":"","first_seen":"2023-05-01T06:18:22Z","last_seen":"2024-08-21T07:18:50.59606Z","times_seen":17,"resource_available":false,"data":null}},"time_used":5,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":3,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/oG5Bqap65444rLcqquQa.jpg","fqdn":"dskwugy0u6y9l.cloudfront.net","domain":"dskwugy0u6y9l.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:14.481Z","timestamp":1697287514481,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /hotelliveeb/images/general/1/oG5Bqap65444rLcqquQa.jpg HTTP/1.1\r\nHost: dskwugy0u6y9l.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 64849\r\ndate: Sat, 14 Oct 2023 02:28:04 GMT\r\nlast-modified: Mon, 20 Dec 2021 05:01:31 GMT\r\netag: \"49688fe10aabd3ce26a753fad3679808\"\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: kytLX2_bjt942GRGrjWvRlz5-NMLVIN_4bi5PKTSYif4VIJ_L5dx1w==\r\nage: 37030\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":64849,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\\012- data","md5":"49688fe10aabd3ce26a753fad3679808","sha1":"35274032cba8b28f17220044efdbba33cbd91c76","sha256":"83fb199373c46198bc088046e7607f4b3ea091c5713e5ddd0fc4f293b44b551c","sha512":"1e295f2ee428c117a155b42741114e0c3913a9252e2bf24fc576e108d2324f9990e3c46f2d8b2234905ba03cf0be7129fb5556a518c0f8757d9d558202e3fd34","ssdeep":"","tlshash":"","first_seen":"2023-08-27T15:03:07Z","last_seen":"2023-10-26T19:30:47Z","times_seen":12,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/nPEAWYJLUSat8p4TwADQ.jpg","fqdn":"dskwugy0u6y9l.cloudfront.net","domain":"dskwugy0u6y9l.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:20.388879882Z","timestamp":1697287520388,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /hotelliveeb/images/general/1/nPEAWYJLUSat8p4TwADQ.jpg HTTP/1.1\r\nHost: dskwugy0u6y9l.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 62663\r\ndate: Fri, 13 Oct 2023 15:01:53 GMT\r\nlast-modified: Mon, 20 Dec 2021 05:01:37 GMT\r\netag: \"9d39df13669f4b0a37f1ec935fcf07c1\"\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: 7qSsFM6H8du-czf7fgPHFkY2zIjcTEcKe9OxaCajOeETr5qZE3VPVQ==\r\nage: 78207\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":62663,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\\012- data","md5":"9d39df13669f4b0a37f1ec935fcf07c1","sha1":"bee556a5a2eb792bc07095365d7ce55e0f20c488","sha256":"c4ae0112f49b2e7eec621163661ab594d1deab9e18f27dfe9c37f212d5292ebd","sha512":"58c361be946b21cfd4ec5dbafdc075f7df4a46f84af84b49deee1f65caa67fbc4107c95571919f7383203541cdd725eab62ee59e57fc377903cecf5df0935cef","ssdeep":"","tlshash":"","first_seen":"2023-05-02T13:47:26Z","last_seen":"2023-12-14T11:47:25Z","times_seen":12,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/WvgxKP0SMkf1q8doIfVx.jpg","fqdn":"dskwugy0u6y9l.cloudfront.net","domain":"dskwugy0u6y9l.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-10-14T12:45:20.489039767Z","timestamp":1697287520489,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /hotelliveeb/images/general/1/WvgxKP0SMkf1q8doIfVx.jpg HTTP/1.1\r\nHost: dskwugy0u6y9l.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 55100\r\ndate: Sat, 14 Oct 2023 07:49:04 GMT\r\nlast-modified: Mon, 30 May 2022 08:30:07 GMT\r\netag: \"f78794f15a38b390907d0d2792bb5c46\"\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: UU9DC_SRi3PVOyBvCd1YPRoIHLwQgVUV_Mu_lfp-0fyBmDAgFPKZ0Q==\r\nage: 17776\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":55100,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\\012- data","md5":"f78794f15a38b390907d0d2792bb5c46","sha1":"a1f9f0df4a365570b950a8b3337fc7c637d5a3a3","sha256":"143e196eb854308bbe9e4a937ab5878287c42325e5878cc8ae4d91d4c2c930a6","sha512":"0664bf8ad1b512eae551b589b2a5bf2211db2c3257bb4b2e220ff08b56876d82f5685cfe9fe36b4efa2e6ca61ebec0f122dc7f29d6573946fbcc6bbd62eb5374","ssdeep":"768:C7HrK6kguz0lXlbBJxpuZtZQIQPhaFsPNbcPwUswzkFnpwDNSGWXKr:CjrK6uy5LxTtPGlwUhyn+9yKr","tlshash":"ce33f1f60dc81b51c085b3485d8206654a95e73f3b42b9ce9bd46fa8d41c3963462f22","first_seen":"2023-09-09T19:30:55Z","last_seen":"2023-10-26T19:30:47Z","times_seen":8,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/files/close-gray.png","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.20","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:08.086Z","timestamp":1697287508086,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Sep 2023 21:06:47 GMT","end":"Sun, 03 Dec 2023 21:06:46 GMT"},"fingerprint":{"sha1":"B7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD","sha256":"E6:B8:D8:CD:C4:AF:99:B8:FE:AA:BC:4E:7A:2B:BA:32:A0:C0:A7:49:70:CE:35:CA:6C:01:D2:B9:1A:97:CD:30"}}},"request":{"raw":"GET /files/close-gray.png HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\netag: \"732411054\"\r\nlast-modified: Fri, 08 Apr 2022 18:07:56 GMT\r\ncontent-length: 1497\r\ndate: Sat, 14 Oct 2023 12:45:00 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 773368714\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1497,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\\012- data","md5":"41d9676ab94bece3f7a549b4769ddbe2","sha1":"521f14490fc57fea51e2e5bf00e2299dce51561b","sha256":"c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34","sha512":"9988bd18d13f38d3bfe107d116c28f896b9965de6ca0949905f47901965a356d621c1ec4b1a573dfb0ed753ccc270015419b24729b767de2d5210a73b2c3daaf","ssdeep":"","tlshash":"5d31f7f3e40c4ba3d57313928a6a7184ada3d5f230014014fcc9a90c966cf0eeaee253","first_seen":"2023-04-30T19:35:34Z","last_seen":"2024-08-21T09:18:42.702606Z","times_seen":112,"resource_available":false,"data":null}},"time_used":17,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner-server.hookusbookus.com/package-feed?language=et_ee\u0026utmSource=allmedia","fqdn":"banner-server.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"3.65.16.162","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.245Z","timestamp":1697287508245,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /package-feed?language=et_ee\u0026utmSource=allmedia HTTP/1.1\r\nHost: banner-server.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://banner.hookusbookus.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: https://banner.hookusbookus.com\r\naccess-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE\r\naccess-control-max-age: 3600\r\naccess-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: DENY\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23569,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":420,"timings":{"blocked":197,"dns":1,"connect":25,"send":0,"wait":26,"receive":0,"ssl":167},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyyjVcxSHfMtKIBIXodBhYI0La_JFI6OstKk9rKOZcBjnYRbrtqB3ky150goj7M8i5JlBXSc\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S2013448058%3A1697287506133814\u0026theme=glif","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.851Z","timestamp":1697287506851,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 18 Sep 2023 08:19:26 GMT","end":"Mon, 11 Dec 2023 08:19:25 GMT"},"fingerprint":{"sha1":"09:1E:68:9F:BD:40:4B:47:8D:AC:BE:FE:EF:35:D6:52:C1:A0:EC:9F","sha256":"B2:35:F7:C5:69:49:0F:2B:2B:86:1D:22:37:E3:03:33:7F:E4:5A:80:FF:EC:55:DC:14:0A:BD:A6:9E:84:3D:51"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyyjVcxSHfMtKIBIXodBhYI0La_JFI6OstKk9rKOZcBjnYRbrtqB3ky150goj7M8i5JlBXSc\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S2013448058%3A1697287506133814\u0026theme=glif HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 14 Oct 2023 12:45:06 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-hVuSrqdQXxF6RcIBx8RtRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.20","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:08.063Z","timestamp":1697287508063,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Sep 2023 21:06:47 GMT","end":"Sun, 03 Dec 2023 21:06:46 GMT"},"fingerprint":{"sha1":"B7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD","sha256":"E6:B8:D8:CD:C4:AF:99:B8:FE:AA:BC:4E:7A:2B:BA:32:A0:C0:A7:49:70:CE:35:CA:6C:01:D2:B9:1A:97:CD:30"}}},"request":{"raw":"GET /event?key=FYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1\r\nHost: serving.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nCookie: bepolite_id=da8a7788dcf65c9a7f323047af5ce75f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 0\r\ndate: Sat, 14 Oct 2023 12:45:00 GMT\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 772662375\r\nage: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":57,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":57,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.20","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:08.089Z","timestamp":1697287508089,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Mon, 04 Sep 2023 21:06:47 GMT","end":"Sun, 03 Dec 2023 21:06:46 GMT"},"fingerprint":{"sha1":"B7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD","sha256":"E6:B8:D8:CD:C4:AF:99:B8:FE:AA:BC:4E:7A:2B:BA:32:A0:C0:A7:49:70:CE:35:CA:6C:01:D2:B9:1A:97:CD:30"}}},"request":{"raw":"GET /event?key=FYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1\r\nHost: serving.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nCookie: bepolite_id=da8a7788dcf65c9a7f323047af5ce75f\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 0\r\ndate: Sat, 14 Oct 2023 12:45:00 GMT\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 773531436\r\nage: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner-server.hookusbookus.com/package-feed?language=et_ee\u0026utmSource=allmedia","fqdn":"banner-server.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"3.65.16.162","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.226Z","timestamp":1697287508226,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /package-feed?language=et_ee\u0026utmSource=allmedia HTTP/1.1\r\nHost: banner-server.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://banner.hookusbookus.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: https://banner.hookusbookus.com\r\naccess-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE\r\naccess-control-max-age: 3600\r\naccess-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: DENY\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23569,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":89,"dns":0,"connect":25,"send":0,"wait":27,"receive":0,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/image/svg/hb-logo.svg","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.039Z","timestamp":1697287508039,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/image/svg/hb-logo.svg HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: image/svg+xml\r\nserver: nginx/1.15.12\r\nlast-modified: Mon, 05 Jul 2021 19:56:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e3640b-3be5\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15333,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (15333), with no line terminators","md5":"bf6baf947f924bf8d67e947a025def06","sha1":"9ac9fccb0351b41c1545714153ed5fa2c4bfef3a","sha256":"64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e","sha512":"b47cc80c2dc4ffc838ec2cbdedca7e5e9edbaf2bea1160a6c557dba9e87e0fd1254648c52a43a4a10d03ee628d2e0564e486fdbe8bfe3e475d37adc5b33a980e","ssdeep":"192:ZPLfC5XdoQgFzFRCNPJVtTOPKFh5zVDxaxb2+9RktWJTvpWB3eGSEDD4iko1kykd:Ze5VC/MpP59xR/O0SFiV1Qd","tlshash":"73627ac6237093cca9ddd89fbf25e558901b64bbb9f7d8c14a9f8b09988b894f704c10","first_seen":"2023-05-01T00:43:07Z","last_seen":"2024-08-21T08:36:49.306758Z","times_seen":69,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/image/svg/hb-logo.svg","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.149Z","timestamp":1697287508149,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/image/svg/hb-logo.svg HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/assets/css/index_1000x200.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: image/svg+xml\r\nserver: nginx/1.15.12\r\nlast-modified: Mon, 05 Jul 2021 19:56:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e3640b-3be5\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15333,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (15333), with no line terminators","md5":"bf6baf947f924bf8d67e947a025def06","sha1":"9ac9fccb0351b41c1545714153ed5fa2c4bfef3a","sha256":"64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e","sha512":"b47cc80c2dc4ffc838ec2cbdedca7e5e9edbaf2bea1160a6c557dba9e87e0fd1254648c52a43a4a10d03ee628d2e0564e486fdbe8bfe3e475d37adc5b33a980e","ssdeep":"192:ZPLfC5XdoQgFzFRCNPJVtTOPKFh5zVDxaxb2+9RktWJTvpWB3eGSEDD4iko1kykd:Ze5VC/MpP59xR/O0SFiV1Qd","tlshash":"73627ac6237093cca9ddd89fbf25e558901b64bbb9f7d8c14a9f8b09988b894f704c10","first_seen":"2023-05-01T00:43:07Z","last_seen":"2024-08-21T08:36:49.306758Z","times_seen":69,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyx6dnSLzTmEKZaXm0Jza2mJ3_pV0fmbdc0fDDOiGvtRPUzFV7zeSA30AaNwG63qB1De1UrB\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S1980345350%3A1697287506141131\u0026theme=glif","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15806824/________________________________________________.pdf.exe.html?msg=sess_error","date":"2023-10-14T12:45:06.863Z","timestamp":1697287506863,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 18 Sep 2023 08:19:26 GMT","end":"Mon, 11 Dec 2023 08:19:25 GMT"},"fingerprint":{"sha1":"09:1E:68:9F:BD:40:4B:47:8D:AC:BE:FE:EF:35:D6:52:C1:A0:EC:9F","sha256":"B2:35:F7:C5:69:49:0F:2B:2B:86:1D:22:37:E3:03:33:7F:E4:5A:80:FF:EC:55:DC:14:0A:BD:A6:9E:84:3D:51"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyx6dnSLzTmEKZaXm0Jza2mJ3_pV0fmbdc0fDDOiGvtRPUzFV7zeSA30AaNwG63qB1De1UrB\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S1980345350%3A1697287506141131\u0026theme=glif HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 14 Oct 2023 12:45:06 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncontent-security-policy: script-src 'nonce-6jF4PCyHhggjC048-2hfKQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-06T13:45:52.642927Z","times_seen":14737748,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/css/index_300x600.css","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.038Z","timestamp":1697287508038,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/css/index_300x600.css HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: text/css\r\nserver: nginx/1.15.12\r\nlast-modified: Mon, 05 Jul 2021 19:56:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e3640b-1c4f\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7247,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (7402), with no line terminators","md5":"ef4576b025213d57cd958c234d61a8a1","sha1":"5dd8d741efe63291e503bb6bf23e603c810b9030","sha256":"69478abb1501f6c8fb03f774621b5f0275d59f55b3fc4f24d95bade9e277efdb","sha512":"5ff68d00b34c558285b994681e319b9e97ca62af0a91bdc308094c4db61609d3bcf328fbd9e17e61d31ab7ac82cb1b913d2a1a8da0bd0cf2b1c09fc6aae910b0","ssdeep":"96:0gvLPOoPF/XfJdOeUccRwXtReYPR85epDyTNUS20Ox:ddqRWPRQe0I","tlshash":"4ce1612098c73038f4239ed773f51b245589304760631f6a72ee9b6bcf6e499404e7ae","first_seen":"2023-08-12T19:04:02Z","last_seen":"2023-10-26T19:30:47Z","times_seen":29,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/uKEQ3VnYU3XSxSyNM64d.jpg","fqdn":"dskwugy0u6y9l.cloudfront.net","domain":"dskwugy0u6y9l.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.89","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.372Z","timestamp":1697287508372,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Thu, 08 Dec 2022 00:00:00 GMT","end":"Thu, 07 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"BA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB","sha256":"0E:61:DC:91:28:A6:D0:1C:35:83:E4:6C:B8:71:E9:59:0C:A7:63:6F:3B:39:4E:60:B9:10:FD:B2:49:E9:04:65"}}},"request":{"raw":"GET /hotelliveeb/images/general/1/uKEQ3VnYU3XSxSyNM64d.jpg HTTP/1.1\r\nHost: dskwugy0u6y9l.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 421 Misdirected Request\r\nserver: CloudFront\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: text/html\r\ncontent-length: 1003\r\nx-cache: Error from cloudfront\r\nvia: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: Q4i9kKdracKnyWqPH5K8mH2Y42RRObDKLCFUWt4eoDgUH6OunJQH4g==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"421","status_text":"Misdirected Request","fingerprints":null,"data":{"size":72949,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\\012- data","md5":"bf36e0bf265a935a340671b4d66f2e01","sha1":"71eacdd355861fa4500b9961d4fcd24b81aa87e4","sha256":"8e6b881322ec75b0070fe04c905f40284ddc3806fdb6253cce210d544c8a0c19","sha512":"4f64fd2121b3807180dc71b74b34dfdaee6ac8d9b80b720b44d49b60185afe5b79c9220072669ddcca31d5e4950f62281fd6d4f8d91073e23e6090f441201966","ssdeep":"1536:MbHlqhJww9cVyKUlepyc65CqSC2/5QA3QyrxfCLjqJRh7uxbM:Gw2LH65xSC2/n3QFLoRh7CM","tlshash":"2663020fc6834cf9c2dee1e861b458b242e4cb1d6f82a46fac596757c8403d79357d45","first_seen":"2023-04-05T22:04:11Z","last_seen":"2023-11-29T21:37:51Z","times_seen":14,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":76,"dns":1,"connect":0,"send":15,"wait":-1,"receive":19,"ssl":9},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/image/svg/hb-logo.svg","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"35.157.243.110","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-10-14T12:45:08.212Z","timestamp":1697287508212,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /assets/image/svg/hb-logo.svg HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0_g7mBChKH4zGlMePdWxfB1uprKuIevvtYx6ed5WKOfMQGugJhxDG8etW06ERbP7lIxzR_X7O580NHQSMYgTO-6jaH6eg1jhpsDQ-VqrNZWG0g5dJVoua9ONo1LKAeBjQ2jsM-gWxoUwRiAGLFWz0Xzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=300\u0026h=600\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 14 Oct 2023 12:45:07 GMT\r\ncontent-type: image/svg+xml\r\nserver: nginx/1.15.12\r\nlast-modified: Mon, 05 Jul 2021 19:56:59 GMT\r\nvary: Accept-Encoding\r\netag: W/\"60e3640b-3be5\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15333,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (15333), with no line terminators","md5":"bf6baf947f924bf8d67e947a025def06","sha1":"9ac9fccb0351b41c1545714153ed5fa2c4bfef3a","sha256":"64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e","sha512":"b47cc80c2dc4ffc838ec2cbdedca7e5e9edbaf2bea1160a6c557dba9e87e0fd1254648c52a43a4a10d03ee628d2e0564e486fdbe8bfe3e475d37adc5b33a980e","ssdeep":"192:ZPLfC5XdoQgFzFRCNPJVtTOPKFh5zVDxaxb2+9RktWJTvpWB3eGSEDD4iko1kykd:Ze5VC/MpP59xR/O0SFiV1Qd","tlshash":"73627ac6237093cca9ddd89fbf25e558901b64bbb9f7d8c14a9f8b09988b894f704c10","first_seen":"2023-05-01T00:43:07Z","last_seen":"2024-08-21T08:36:49.306758Z","times_seen":69,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}