upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe
51.91.30.159 296 B URL upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a90c339b50772d6f52458d711362b1a7
1055303e3e50f943040c56f3a1a831bf478946d1
17ce5beef5e4057bd90be213f05ee2df50159a25874d545b837a56ac5c902506
GET /download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe HTTP/1.1
Host: upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 01 Oct 2023 15:30:41 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 296
Connection: keep-alive
Keep-Alive: timeout=5
Location: http://www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe
www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe
51.91.30.159 0 B URL www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe
IP 51.91.30.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 01 Oct 2023 15:30:41 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
Location: https://www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe
www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe
51.91.30.159 407 B URL www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (407), with no line terminators
Hash 707dc6cbfe54fd6ab76546ec0b5a0833
c143c1cef5c821ff608980c4a01e8b6fffd657a5
062fff1068cc062e0f55ad96cb69e9ce0c685d7a0757daa8a1a167d08f3a5da4
GET /download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 01 Oct 2023 15:30:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 407
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe
51.91.30.159 407 B URL www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (407), with no line terminators
Hash 707dc6cbfe54fd6ab76546ec0b5a0833
c143c1cef5c821ff608980c4a01e8b6fffd657a5
062fff1068cc062e0f55ad96cb69e9ce0c685d7a0757daa8a1a167d08f3a5da4
GET /download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 01 Oct 2023 15:30:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 407
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
51.91.30.159200 OK 9.0 kB URL User Request GET HTTP/1.1 www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
IP 51.91.30.159:443
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4526)
Hash efd8e33f6eb41dfdf15d25d9e61fb8d9
e5ebf60bacf8ef68f6976e9b3a1b270ff06e18b0
7cdde50b5f4d1b5e46e39b6f5af368abba37db95cb709245cbbb919e3686b725
GET /files/15705788/IObitUninstaller13.1.0.3.exe.html HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 01 Oct 2023 15:30:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8967
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sun, 01 Oct 2023 18:30:42 +0300
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
Set-Cookie: lng=eng; expires=Sun, 29-Oct-2023 15:30:42 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None
Content-Encoding: gzip
www.upload.ee/static/ubr__style.css
51.91.30.159200 OK 2.9 kB URL GET HTTP/1.1 www.upload.ee/static/ubr__style.css
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (591), with CRLF line terminators
Hash 3ba04e290212b44bcca8f10a60a4e879
a9b021c9019bdbb28250836039b2372a1b4d0f0f
f618b1c7be10c3203620d44c6f323be5b61ac10e67588d96cb69988b3173c7d2
GET /static/ubr__style.css HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Cookie: lng=eng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 01 Oct 2023 15:30:42 GMT
Content-Type: text/css
Last-Modified: Fri, 04 Oct 2013 10:02:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"524e9233-25a0"
Expires: Sun, 08 Oct 2023 15:30:42 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip
www.upload.ee/js/js__file_upload.js
51.91.30.159200 OK 27 kB URL GET HTTP/1.1 www.upload.ee/js/js__file_upload.js
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (1853)
Hash 617f6d5a2744bc8c02e3d2c67544bd68
f57c068257c8bc85644d3be1e845c36506cd4625
62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658
GET /js/js__file_upload.js HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Cookie: lng=eng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 01 Oct 2023 15:30:42 GMT
Content-Type: application/javascript
Content-Length: 27351
Last-Modified: Thu, 07 May 2020 19:13:28 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "5eb45dd8-6ad7"
Expires: Sun, 08 Oct 2023 15:30:42 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Accept-Ranges: bytes
www.googletagmanager.com/gtag/js?id=UA-6703115-1
142.250.74.168200 OK 52 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-6703115-1
IP 142.250.74.168:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (2213)
Hash d2d038b273f54567938620307b35a1b8
204dba403203cfc32a4257181cee13048bf9a90d
74df85da93e069523c0f1744365ce10d71e2882ed58df0796e966a49b933227f
GET /gtag/js?id=UA-6703115-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 01 Oct 2023 15:30:42 GMT
expires: Sun, 01 Oct 2023 15:30:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51645
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
du0pud0sdlmzf.cloudfront.net/?dupud=997369
143.204.42.211200 OK 118 kB URL GET HTTP/2 du0pud0sdlmzf.cloudfront.net/?dupud=997369
IP 143.204.42.211:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 118 kB (117740 bytes)
Hash b1b68b9b203d8b4eeab291bbd2e19b27
1f72977383b07fe18709b7c6312ba4f62e6d0f29
47477ddffc70e1ef9c6063ee7de7d9ea879973982d2e33df51c77c4956f3c499
GET /?dupud=997369 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 117740
date: Sun, 01 Oct 2023 15:30:38 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CVmiSjqZHyg841IP4GJT08XGzDyGZYU9ALt6337M1Rb9kOG-mOjcqw==
age: 4
X-Firefox-Spdy: h2
www.upload.ee/images/dl_.png
51.91.30.159200 OK 1.9 kB URL GET HTTP/1.1 www.upload.ee/images/dl_.png
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type PNG image data, 154 x 32, 8-bit colormap, non-interlaced\012- data
Hash f3e8f284a4e98cdb91b6abfc142d94a4
fa9e618c2f56bea752ddd7e45a372c5539dadda9
2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882
GET /images/dl_.png HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 01 Oct 2023 15:30:42 GMT
Content-Type: image/png
Content-Length: 1900
Last-Modified: Thu, 01 Dec 2016 09:37:27 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "583fef57-76c"
Expires: Sun, 08 Oct 2023 15:30:42 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.upload.ee/images/arrow.gif
51.91.30.159200 OK 59 B URL GET HTTP/1.1 www.upload.ee/images/arrow.gif
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 6 x 9\012- data
Hash 6675f814b94f13f91f1383707b250e36
31452650e8fce2095613a2010799bdb7548bdd51
061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411
GET /images/arrow.gif HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 01 Oct 2023 15:30:42 GMT
Content-Type: image/gif
Content-Length: 59
Last-Modified: Sun, 14 Apr 2013 07:15:01 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "516a5775-3b"
Expires: Sun, 08 Oct 2023 15:30:42 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
umoughtcallm.com/WE82em53cFUJUwJ8dE4/DTdTKCttfVA8NBEefixYDQp8OwsQHhAOBzxyD0NZa3kPXB4xKwtLSCs7Vw4bK3IHXAc2KVlHSC5yB1RdbGEFTkBoaUNHX347RhsJZX4QChosIwtLWGF5B01aansFSFhh
104.21.74.25204 No Content 0 B URL GET HTTP/2 umoughtcallm.com/WE82em53cFUJUwJ8dE4/DTdTKCttfVA8NBEefixYDQp8OwsQHhAOBzxyD0NZa3kPXB4xKwtLSCs7Vw4bK3IHXAc2KVlHSC5yB1RdbGEFTkBoaUNHX347RhsJZX4QChosIwtLWGF5B01aansFSFhh
IP 104.21.74.25:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectumoughtcallm.com
Fingerprint6B:57:1E:F0:AE:98:F4:49:BE:13:72:49:EB:A1:C6:42:13:78:FE:7D
ValidityWed, 13 Sep 2023 06:21:16 GMT - Tue, 12 Dec 2023 06:21:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WE82em53cFUJUwJ8dE4/DTdTKCttfVA8NBEefixYDQp8OwsQHhAOBzxyD0NZa3kPXB4xKwtLSCs7Vw4bK3IHXAc2KVlHSC5yB1RdbGEFTkBoaUNHX347RhsJZX4QChosIwtLWGF5B01aansFSFhh HTTP/1.1
Host: umoughtcallm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sun, 01 Oct 2023 15:30:43 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLeemevshnZwC8FpjaVf6rms5iQcl3KgGBS9NALsq7c%2FL%2BsVRwHZaLGBx%2FXSDfJttMahjjJTAxuP260XO2%2FOiocmBwQoG44AnV1o9rWFgd12aIeTSgWT9XohNQeP2DGSWcCB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80f5bf9a396db529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
umoughtcallm.com/b2hQSllAVzM5ZAwtJzMDAiIULz4hDgd6H1cpPAw4PgY7CwxeKXY+MAtVaXNuW1hobCkGDG17YUkbJCstGhtte38GBjYlZEkebXt3X0ZiZG1JHW17fxsYMS1kXk4gPi0DVWF8YFlZZ35rW1tjemk
104.21.74.25204 No Content 0 B URL GET HTTP/2 umoughtcallm.com/b2hQSllAVzM5ZAwtJzMDAiIULz4hDgd6H1cpPAw4PgY7CwxeKXY+MAtVaXNuW1hobCkGDG17YUkbJCstGhtte38GBjYlZEkebXt3X0ZiZG1JHW17fxsYMS1kXk4gPi0DVWF8YFlZZ35rW1tjemk
IP 104.21.74.25:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectumoughtcallm.com
Fingerprint6B:57:1E:F0:AE:98:F4:49:BE:13:72:49:EB:A1:C6:42:13:78:FE:7D
ValidityWed, 13 Sep 2023 06:21:16 GMT - Tue, 12 Dec 2023 06:21:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b2hQSllAVzM5ZAwtJzMDAiIULz4hDgd6H1cpPAw4PgY7CwxeKXY+MAtVaXNuW1hobCkGDG17YUkbJCstGhtte38GBjYlZEkebXt3X0ZiZG1JHW17fxsYMS1kXk4gPi0DVWF8YFlZZ35rW1tjemk HTTP/1.1
Host: umoughtcallm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 01 Oct 2023 15:30:43 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gk9X%2BebGyApYyzNiZYy4vG8ke7XtDr5jyoGtnA2HiU0yndZ%2Fcc7RsIkxihzu94ubWDQw6CmogJGe2IRNAKT09vCzl9vNkRwwyEmyjWvMftQF0JC3KcTTzzgPmdlSHOuQHKCl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80f5bf9a4987b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ngsinspiringtga.info/N09wNW9WLRNYUFZyEhMaRSNNEF1xakJzC0J/AEALBzwUWQJNKV5WA1g6FFMdWCEEGwFSO1UHKUMYNlEZYwcxAiB2CgFhFkBqQncsBAk6bDh1LRZwBxJ9MmU9QCU4XAdGHzMFJHM1SBBddSkaBTV2CRN0PWAoKmY7UAQgch9RLhhCWngeGE05XX9FcSdxDRZfNnsDGwQcVB0fQTtjGkRzPGIsPnE1fCkabxtSGUlFPlonVQcpcXxBdwlgHgRUOn0gP0I2Xg0jdxZvFwd8NnAKB1AEZXYqdl5HHh1SA3AYHHEoYBUWUTkCIBZeHxJ9MmQrDzY0dgxRKSdgH1EkMkU1BmJJDD5wIwltN0AYPWY6fAQYDQhUI0B+PmAjHWQ3Txg8Yh9SaRpGAFk/TWYOTRgYZF16DicNIwJ/Pg
108.157.214.81200 OK 1.2 kB URL GET HTTP/2 ngsinspiringtga.info/N09wNW9WLRNYUFZyEhMaRSNNEF1xakJzC0J/AEALBzwUWQJNKV5WA1g6FFMdWCEEGwFSO1UHKUMYNlEZYwcxAiB2CgFhFkBqQncsBAk6bDh1LRZwBxJ9MmU9QCU4XAdGHzMFJHM1SBBddSkaBTV2CRN0PWAoKmY7UAQgch9RLhhCWngeGE05XX9FcSdxDRZfNnsDGwQcVB0fQTtjGkRzPGIsPnE1fCkabxtSGUlFPlonVQcpcXxBdwlgHgRUOn0gP0I2Xg0jdxZvFwd8NnAKB1AEZXYqdl5HHh1SA3AYHHEoYBUWUTkCIBZeHxJ9MmQrDzY0dgxRKSdgH1EkMkU1BmJJDD5wIwltN0AYPWY6fAQYDQhUI0B+PmAjHWQ3Txg8Yh9SaRpGAFk/TWYOTRgYZF16DicNIwJ/Pg
IP 108.157.214.81:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerAmazon
Subjectngsinspiringtga.info
Fingerprint8F:D1:EA:F4:FC:7C:FD:A1:B1:85:31:87:C9:EB:31:40:B8:07:E8:C3
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3005), with no line terminators
Hash 4dba8b6bd3b82bd48d964d04237ca905
b8477b0333e3c5ec87774cf5774d7b4363acc226
2b2c7e58900838d5cd32165c7c2a486fd65f916470aa0b254fca1992e07d6c4a
GET /N09wNW9WLRNYUFZyEhMaRSNNEF1xakJzC0J/AEALBzwUWQJNKV5WA1g6FFMdWCEEGwFSO1UHKUMYNlEZYwcxAiB2CgFhFkBqQncsBAk6bDh1LRZwBxJ9MmU9QCU4XAdGHzMFJHM1SBBddSkaBTV2CRN0PWAoKmY7UAQgch9RLhhCWngeGE05XX9FcSdxDRZfNnsDGwQcVB0fQTtjGkRzPGIsPnE1fCkabxtSGUlFPlonVQcpcXxBdwlgHgRUOn0gP0I2Xg0jdxZvFwd8NnAKB1AEZXYqdl5HHh1SA3AYHHEoYBUWUTkCIBZeHxJ9MmQrDzY0dgxRKSdgH1EkMkU1BmJJDD5wIwltN0AYPWY6fAQYDQhUI0B+PmAjHWQ3Txg8Yh9SaRpGAFk/TWYOTRgYZF16DicNIwJ/Pg HTTP/1.1
Host: ngsinspiringtga.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1163
date: Sun, 01 Oct 2023 15:30:43 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: ARoTCfK-9KuTj7IVDyyCYS9ftSOq9HOx3f2T4mhSWOYM3y7D8SxDmA==
X-Firefox-Spdy: h2
umoughtcallm.com/UmUxb0x9WlIccQEJZyQCPgEJDRQ5JmhcJD4AVjUiMVd/Sn4QJFwiaiYMVVJ1a1IFXnh0FVgLcWNDQhstJhBCUn10DF8JI29DR1J9fFYFQX9mSwFJOW9UFxs8MwIMXmoiEUUDcWNTCFl9ZVEDW39hVAY
104.21.74.25204 No Content 0 B URL GET HTTP/2 umoughtcallm.com/UmUxb0x9WlIccQEJZyQCPgEJDRQ5JmhcJD4AVjUiMVd/Sn4QJFwiaiYMVVJ1a1IFXnh0FVgLcWNDQhstJhBCUn10DF8JI29DR1J9fFYFQX9mSwFJOW9UFxs8MwIMXmoiEUUDcWNTCFl9ZVEDW39hVAY
IP 104.21.74.25:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectumoughtcallm.com
Fingerprint6B:57:1E:F0:AE:98:F4:49:BE:13:72:49:EB:A1:C6:42:13:78:FE:7D
ValidityWed, 13 Sep 2023 06:21:16 GMT - Tue, 12 Dec 2023 06:21:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UmUxb0x9WlIccQEJZyQCPgEJDRQ5JmhcJD4AVjUiMVd/Sn4QJFwiaiYMVVJ1a1IFXnh0FVgLcWNDQhstJhBCUn10DF8JI29DR1J9fFYFQX9mSwFJOW9UFxs8MwIMXmoiEUUDcWNTCFl9ZVEDW39hVAY HTTP/1.1
Host: umoughtcallm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 01 Oct 2023 15:30:43 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3IAo6grIBqX3t%2F7H5VyHcw2EFn2%2B%2FdjPTa%2FT6CmhjaUM5cyXm1zHA50m5LvOxLVVyr3ta2S8OG5c6FNb9BQOem1r4vL%2BTtdAtkLrYZao2iPaZ2X%2BUE4R7b3Uoc%2BABgDPiFL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80f5bf9a99dcb529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ngsinspiringtga.info/aGFFcWUJAyYcWglcJ1cQGg14VFcuRHc3AR1RNQQBWBIhHQgSB2sSCQcUIRcXBw8xXwsNFWBDIz47Ej8fMlMuNiEqUQcnDS0qA0AVOTkDIy0+DXQ1JjkgDDMdPgQLGAojKhc8IyIGNjwhEAoyPiYuJwcJVSY2Az8zKxYiPSctVAc1JBsgER0/OCMEEjc/DXQ1Ix8sDDAJDy0NMwY8IhcgMy4jNjw3OTgCJyQPLAYgUS4iFDsyPjJ8IDE9LwYmVD4tBkA/MTADMB05DTEnIRAODzknWSYUJwY6ORMkFj03dDAwLCcGJlQ9MwckLwkrAzshMAohJzYETB8nMjkoAjQkHyYUNyBZNxMdMD1RCyYyPjMCIDMLMQEzID8gFCgBOgoAGTIuMxYpMwwxADdQK0cvAgoGEXg0KAstNQckCggpGzI5JQ
108.157.214.81200 OK 1.2 kB URL GET HTTP/2 ngsinspiringtga.info/aGFFcWUJAyYcWglcJ1cQGg14VFcuRHc3AR1RNQQBWBIhHQgSB2sSCQcUIRcXBw8xXwsNFWBDIz47Ej8fMlMuNiEqUQcnDS0qA0AVOTkDIy0+DXQ1JjkgDDMdPgQLGAojKhc8IyIGNjwhEAoyPiYuJwcJVSY2Az8zKxYiPSctVAc1JBsgER0/OCMEEjc/DXQ1Ix8sDDAJDy0NMwY8IhcgMy4jNjw3OTgCJyQPLAYgUS4iFDsyPjJ8IDE9LwYmVD4tBkA/MTADMB05DTEnIRAODzknWSYUJwY6ORMkFj03dDAwLCcGJlQ9MwckLwkrAzshMAohJzYETB8nMjkoAjQkHyYUNyBZNxMdMD1RCyYyPjMCIDMLMQEzID8gFCgBOgoAGTIuMxYpMwwxADdQK0cvAgoGEXg0KAstNQckCggpGzI5JQ
IP 108.157.214.81:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerAmazon
Subjectngsinspiringtga.info
Fingerprint8F:D1:EA:F4:FC:7C:FD:A1:B1:85:31:87:C9:EB:31:40:B8:07:E8:C3
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators
Hash 9373b3c71ebdd7eec9338c60b9601957
b6f11927f1f3276a016ff41d01596b9c9c3ac83d
106d9df0eb78bb39e905044a4e72c0456e9cb2b511dceb43f3ebf128c3a446ec
GET /aGFFcWUJAyYcWglcJ1cQGg14VFcuRHc3AR1RNQQBWBIhHQgSB2sSCQcUIRcXBw8xXwsNFWBDIz47Ej8fMlMuNiEqUQcnDS0qA0AVOTkDIy0+DXQ1JjkgDDMdPgQLGAojKhc8IyIGNjwhEAoyPiYuJwcJVSY2Az8zKxYiPSctVAc1JBsgER0/OCMEEjc/DXQ1Ix8sDDAJDy0NMwY8IhcgMy4jNjw3OTgCJyQPLAYgUS4iFDsyPjJ8IDE9LwYmVD4tBkA/MTADMB05DTEnIRAODzknWSYUJwY6ORMkFj03dDAwLCcGJlQ9MwckLwkrAzshMAohJzYETB8nMjkoAjQkHyYUNyBZNxMdMD1RCyYyPjMCIDMLMQEzID8gFCgBOgoAGTIuMxYpMwwxADdQK0cvAgoGEXg0KAstNQckCggpGzI5JQ HTTP/1.1
Host: ngsinspiringtga.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1175
date: Sun, 01 Oct 2023 15:30:43 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: zUKNYcdT5oFEeh1NNixY_HKvXrUYX3ttVh4aMSTmgK3uezuDRgt91g==
X-Firefox-Spdy: h2
ngsinspiringtga.info/N29iaW1WDQEEUlZSAE8YRQNfTF9xSlAvCUJfEhwJBxwGBQBNCUwKAVgaBg8fWAEWRwNSG0dbK14LJ1ADeQUFMSR2AzMrGnYCIx4edTs6ATh2LiQ6J2U9OD8KZRYyPCMGIRUkSAUpNQUeUiAOUEgFLQA/JAAnNCArZSgJJTsGNjYKBnE7NAEJTjkKKzdyLFMILF9bIzkaXwsgOxpQKVIROHYWCTw/cSkxJgpuIzQ7HgYrDhk4cTgSPw52XgMPXX4qIS8aBDkFCgllGFMqL3YIOyMKWyszLysOOVJdLGYHIDssX14qLTh+KiEoNAI+BT9YZTdbDCp2BwYIARo6JTEVchwmLwZTPQUFO3UIDiwLBjYlKjtxVjRYL2UtCwYvYDogOwtkKioqOGEHNBEveTw6XUtdHA0HHQo1FyQuezcOCgdCVyo8
108.157.214.81200 OK 1.2 kB URL GET HTTP/2 ngsinspiringtga.info/N29iaW1WDQEEUlZSAE8YRQNfTF9xSlAvCUJfEhwJBxwGBQBNCUwKAVgaBg8fWAEWRwNSG0dbK14LJ1ADeQUFMSR2AzMrGnYCIx4edTs6ATh2LiQ6J2U9OD8KZRYyPCMGIRUkSAUpNQUeUiAOUEgFLQA/JAAnNCArZSgJJTsGNjYKBnE7NAEJTjkKKzdyLFMILF9bIzkaXwsgOxpQKVIROHYWCTw/cSkxJgpuIzQ7HgYrDhk4cTgSPw52XgMPXX4qIS8aBDkFCgllGFMqL3YIOyMKWyszLysOOVJdLGYHIDssX14qLTh+KiEoNAI+BT9YZTdbDCp2BwYIARo6JTEVchwmLwZTPQUFO3UIDiwLBjYlKjtxVjRYL2UtCwYvYDogOwtkKioqOGEHNBEveTw6XUtdHA0HHQo1FyQuezcOCgdCVyo8
IP 108.157.214.81:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerAmazon
Subjectngsinspiringtga.info
Fingerprint8F:D1:EA:F4:FC:7C:FD:A1:B1:85:31:87:C9:EB:31:40:B8:07:E8:C3
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3022), with no line terminators
Hash 48f359a0c5ae5d7ad432ea9800f32533
408fa00e7ebce4ac8c42af8476500ba5b14e47e0
1ab0d14ef18801d3d58bb84b7e4d04de9d6938072df41b3d2669b5f4d16b5eba
GET /N29iaW1WDQEEUlZSAE8YRQNfTF9xSlAvCUJfEhwJBxwGBQBNCUwKAVgaBg8fWAEWRwNSG0dbK14LJ1ADeQUFMSR2AzMrGnYCIx4edTs6ATh2LiQ6J2U9OD8KZRYyPCMGIRUkSAUpNQUeUiAOUEgFLQA/JAAnNCArZSgJJTsGNjYKBnE7NAEJTjkKKzdyLFMILF9bIzkaXwsgOxpQKVIROHYWCTw/cSkxJgpuIzQ7HgYrDhk4cTgSPw52XgMPXX4qIS8aBDkFCgllGFMqL3YIOyMKWyszLysOOVJdLGYHIDssX14qLTh+KiEoNAI+BT9YZTdbDCp2BwYIARo6JTEVchwmLwZTPQUFO3UIDiwLBjYlKjtxVjRYL2UtCwYvYDogOwtkKioqOGEHNBEveTw6XUtdHA0HHQo1FyQuezcOCgdCVyo8 HTTP/1.1
Host: ngsinspiringtga.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1174
date: Sun, 01 Oct 2023 15:30:43 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: FZ4WKz6iQVvbZYZUwzY2w2h6k-hvp_JdRmBIOmRCgMi8sO2cPymiHg==
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
142.250.74.168200 OK 86 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (3034)
Hash 1ee9a4e92178fae8d02a1a80e5003480
759bb721d851360b41a0f412a9cfed3cf33d65ae
52361e86efc0f15810ec50b3ff107f2e7856182e7f18e7580dd56459873adfc5
GET /gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 01 Oct 2023 15:30:43 GMT
expires: Sun, 01 Oct 2023 15:30:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.upload.ee/favicon.ico
51.91.30.159200 OK 1.2 kB URL GET HTTP/1.1 www.upload.ee/favicon.ico
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f299cf2e651c19e48d27900ced493ccb
c2d1086d517d7a26292e0d7b32da7c55b166c23b
115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1
GET /favicon.ico HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 01 Oct 2023 15:30:43 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 16 Dec 2008 17:17:25 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "4947e2a5-47e"
Expires: Sun, 08 Oct 2023 15:30:43 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
ngsinspiringtga.info/utx?cb=8Vk4iGfgwgWM&top=www.upload.ee&tid=997414
108.157.214.81204 No Content 0 B URL GET HTTP/2 ngsinspiringtga.info/utx?cb=8Vk4iGfgwgWM&top=www.upload.ee&tid=997414
IP 108.157.214.81:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerAmazon
Subjectngsinspiringtga.info
Fingerprint8F:D1:EA:F4:FC:7C:FD:A1:B1:85:31:87:C9:EB:31:40:B8:07:E8:C3
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=8Vk4iGfgwgWM&top=www.upload.ee&tid=997414 HTTP/1.1
Host: ngsinspiringtga.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 01 Oct 2023 15:30:43 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 01 Oct 2023 15:31:43 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: SpgW5tKO65iJJG942GvU52TCxtJd6VWchbzARq_ktnWlkJGaLkhWTg==
X-Firefox-Spdy: h2
ngsinspiringtga.info/utx?cb=MQN4nTVauf9h&top=www.upload.ee&tid=997369
108.157.214.81204 No Content 0 B URL GET HTTP/2 ngsinspiringtga.info/utx?cb=MQN4nTVauf9h&top=www.upload.ee&tid=997369
IP 108.157.214.81:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerAmazon
Subjectngsinspiringtga.info
Fingerprint8F:D1:EA:F4:FC:7C:FD:A1:B1:85:31:87:C9:EB:31:40:B8:07:E8:C3
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=MQN4nTVauf9h&top=www.upload.ee&tid=997369 HTTP/1.1
Host: ngsinspiringtga.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sun, 01 Oct 2023 15:30:43 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 01 Oct 2023 15:31:43 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: a3DgJa0Q15XiX2QWLD1W1mwGQM5Mg74JJykt1UD0GCvlXZkZQ4rvOQ==
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:s-iEEgZlqPXhr4BzaT0Qb5Zv4evyew:637mC25MMgP5kfx6; Expires=Tue, 30-Sep-2025 15:30:43 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Oct 2023 15:30:43 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhd4smffQSX34pg4tH0Bn-XTrT4aibTaAsYK5PiFIhEBnAmflg3hL6YTJUCA_PEZNQag6B6fPQ
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-0CKDNvqwjGiDMQYYezbkOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:7mq5sdPK_6mKxwCcc5Dj-9_EEIiHnw:cQ9ARRnQBb1mdq6u; Expires=Tue, 30-Sep-2025 15:30:43 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Oct 2023 15:30:43 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhdqDsrSg3X559siD04yj936F-Z5QiZhG-tPpgCdkOv2DXmws-IFccDkwUS_HTe1e-__5G2CCg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-JocQcFrhuOMkQn7ueGtIsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
du0pud0sdlmzf.cloudfront.net/tWFdvTHA7OAEqTyw+C3FJYWBbfEh+PRwjHihqPC0KDz8+fj0ZAFcARWgZSTgKPGpfahw5OQhxVj05DHFBfjYLLk1scRotTTU4FSUcNDZKfjZteV9pQmh/F31BfWQtaUJoOwYiBSByXXwIYGEwekR9ZC1pQmglGWlDGWZfdV5ofkp+QD8yDCcffWUpfkBpZ1-99QGlyXXwWMSUKKh8gcl0KQWlmQXxWLWpe
143.204.42.211 197 B URL du0pud0sdlmzf.cloudfront.net/tWFdvTHA7OAEqTyw+C3FJYWBbfEh+PRwjHihqPC0KDz8+fj0ZAFcARWgZSTgKPGpfahw5OQhxVj05DHFBfjYLLk1scRotTTU4FSUcNDZKfjZteV9pQmh/F31BfWQtaUJoOwYiBSByXXwIYGEwekR9ZC1pQmglGWlDGWZfdV5ofkp+QD8yDCcffWUpfkBpZ1-99QGlyXXwWMSUKKh8gcl0KQWlmQXxWLWpe
IP 143.204.42.211:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 0ade410d496f47be9d5ddd249176d164
3174b845e360abba7f606213ec6f1f5537286cc7
83e2d41d9bb96618a78508698a3090c4b6efd5641a03d2cfcf55447bbfeae21b
GET /tWFdvTHA7OAEqTyw+C3FJYWBbfEh+PRwjHihqPC0KDz8+fj0ZAFcARWgZSTgKPGpfahw5OQhxVj05DHFBfjYLLk1scRotTTU4FSUcNDZKfjZteV9pQmh/F31BfWQtaUJoOwYiBSByXXwIYGEwekR9ZC1pQmglGWlDGWZfdV5ofkp+QD8yDCcffWUpfkBpZ1-99QGlyXXwWMSUKKh8gcl0KQWlmQXxWLWpe HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ngsinspiringtga.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 197
date: Sun, 01 Oct 2023 15:30:43 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wb-R7WkoefCCPbI563h0qGsnhXKKmDyA3nATkhFBXRgBrF1T8WQTlw==
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
188.114.97.1200 OK 103 kB IP 188.114.97.1:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 103 kB (102978 bytes)
Hash 0d5ddcb5a1dbd9c3d4ba9fa67093f231
81acf1e4c7888c59d33dbefedb67b2ff87f7ce6f
65db2b8f4ed5f79a828b1006a974cb6cb7513db2a8b1fd3fcc94318ea08351da
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:43 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4
last-modified: Sun, 01 Oct 2023 15:30:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WD6yTjP9Jj%2BBJ85ZCRv6BiZhCoH4rCBc5IKmhixVx5LtT0QRsXZ0gAbXCgKsW23aMoGavD7pWdH%2FTv1eUHnaGuRbhiEqiG%2BhlysVNvFb1RcUXYToNg5207qr%2FBINYCVj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80f5bf9d3e7fb511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
du0pud0sdlmzf.cloudfront.net/idE9nNjgXIAlQBwAmAwsBTXhUAAFSJRRZVgRyPUN1NwM/WlseOl9+bVI7HVIFRGkLV1YTckFTVhdyVhBZEC1aAh4APwhdBRwgF0xUAykURFFSOgYLVRs1DlpUFWpVcA1af0IECFw3VgcdRw1CBAgYJglDQFF9V04AQhBRAh1HDUIECAY5QgV5RX9eGAhdal-UGXxEsDFkdRglVBglEf1YGCVF9V1BRBioBWUBRfSEHCUVhVxBNSX4
143.204.42.211 612 B URL du0pud0sdlmzf.cloudfront.net/idE9nNjgXIAlQBwAmAwsBTXhUAAFSJRRZVgRyPUN1NwM/WlseOl9+bVI7HVIFRGkLV1YTckFTVhdyVhBZEC1aAh4APwhdBRwgF0xUAykURFFSOgYLVRs1DlpUFWpVcA1af0IECFw3VgcdRw1CBAgYJglDQFF9V04AQhBRAh1HDUIECAY5QgV5RX9eGAhdal-UGXxEsDFkdRglVBglEf1YGCVF9V1BRBioBWUBRfSEHCUVhVxBNSX4
IP 143.204.42.211:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (865), with no line terminators
Hash 878647b3eea35a8b876779a9396cbe90
fdf178a3aa4f040a9fcd6db27624899f2f655d87
f54cfcd5ab010e1c0a5e464c4ec204a14a79b909048b6088769a6f3891c6ee9d
GET /idE9nNjgXIAlQBwAmAwsBTXhUAAFSJRRZVgRyPUN1NwM/WlseOl9+bVI7HVIFRGkLV1YTckFTVhdyVhBZEC1aAh4APwhdBRwgF0xUAykURFFSOgYLVRs1DlpUFWpVcA1af0IECFw3VgcdRw1CBAgYJglDQFF9V04AQhBRAh1HDUIECAY5QgV5RX9eGAhdal-UGXxEsDFkdRglVBglEf1YGCVF9V1BRBioBWUBRfSEHCUVhVxBNSX4 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ngsinspiringtga.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 612
date: Sun, 01 Oct 2023 15:30:43 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YOpTsrbMD5sIvWV-KjeBOb2_05a4DkVwMGkmBtsbRxHu3yo2o1GMpw==
X-Firefox-Spdy: h2
pogothere.xyz/
188.114.97.1200 OK 427 B IP 188.114.97.1:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 2013f7aea82eefc270d8067e9b33583a
72757862de030b85a42824ec521e808ae97faf78
f51b0dfed650e807eed4d047247e93dc99eb7e6ccec631eeb26b86fadfa64195
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:43 GMT
content-type: text/plain
set-cookie: csu=328729571545837@1@1696174243; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3cTp7PCt62auxnIS65W0Z3Ua7DaClAY7DI7qjGxBxzEhJzp4S0%2F3AKLDQBfMQQApa4CPwNTjZoF5r5UVlz6bdCRP8%2FWxrSog4YkvyZEWMj2TmUvEZl193iJT5P%2BheCp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80f5bf9d5ea1b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhd4smffQSX34pg4tH0Bn-XTrT4aibTaAsYK5PiFIhEBnAmflg3hL6YTJUCA_PEZNQag6B6fPQ
142.250.74.109302 Found 406 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhd4smffQSX34pg4tH0Bn-XTrT4aibTaAsYK5PiFIhEBnAmflg3hL6YTJUCA_PEZNQag6B6fPQ
IP 142.250.74.109:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (399)
Hash 1c05e4274284a87e7ca1ce0bbd2da8e1
b1487a1b9f54eb8574e37ea404389f875a860c02
fdf4b0c0fff69cb6d04cd6f0f75927d265b8ddddf822400eaaa61f13c2d4fec4
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhd4smffQSX34pg4tH0Bn-XTrT4aibTaAsYK5PiFIhEBnAmflg3hL6YTJUCA_PEZNQag6B6fPQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:OaWM39k98yKHvn5kJpF-guX8QLFY4w:_T9dwj_bf7xFy3V3;Path=/;Expires=Tue, 30-Sep-2025 15:30:43 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Oct 2023 15:30:43 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcivxvhKCqwd822L_hSFdS3dhSq_f7FayhDeHy9QrvOL5Zhz490GMrjnn31THuBC1GDEV08kg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1929837430%3A1696174243829605&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-8epdiLO-kazQ1TaGMOL3fA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 406
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=2868570&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15705788%2F02b0e99845eb1da0194b%2Fiobituninstaller13.1.0.3.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15705788%2FIObitUninstaller13.1.0.3.exe.html&rnd=1696174243195
212.47.222.20 1.4 kB URL GET serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=2868570&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15705788%2F02b0e99845eb1da0194b%2Fiobituninstaller13.1.0.3.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15705788%2FIObitUninstaller13.1.0.3.exe.html&rnd=1696174243195
IP 212.47.222.20:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type ASCII text, with very long lines (394)
Hash 113023eadc252dedb35f3844633f5652
da90160659d127dd2ca9ca2986a6a71c54411f8b
9e578752240a7b53f4f702826e1b4cbc6dfd5167e483a104a792056547fa11fb
GET /script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=2868570&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15705788%2F02b0e99845eb1da0194b%2Fiobituninstaller13.1.0.3.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15705788%2FIObitUninstaller13.1.0.3.exe.html&rnd=1696174243195 HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private, must-revalidate, max-age=0
vary: accept-encoding
content-encoding: gzip
content-type: text/plain;charset=ISO-8859-1
date: Sun, 01 Oct 2023 15:30:42 GMT
set-cookie: bepolite_id=543c20d10543a6af41ef733e93e6d94a; Max-Age=7776000; Expires=Sat, 30-Dec-2023 15:30:43 GMT; SameSite=None; Secure
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 620483321
age: 0
accept-ranges: bytes
content-length: 1449
X-Firefox-Spdy: h2
static.bepolite.eu/scripts/saresponsive.js
212.47.222.20200 OK 177 kB URL GET HTTP/2 static.bepolite.eu/scripts/saresponsive.js
IP 212.47.222.20:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type ASCII text, with very long lines (32077), with CRLF line terminators
Size 177 kB (176967 bytes)
Hash 636b4ad7f97aa55c2242b396fe3e9f44
b4d6aae9e6f3de7fb4478f9ee5e12a8141bb02ba
54f7e44d9e8b65978b3753e157c4a3c9c338645fcc31429f6c49aca5e4bd1c62
GET /scripts/saresponsive.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "2214182483"
last-modified: Sun, 17 Sep 2023 21:45:34 GMT
content-length: 176967
date: Sun, 01 Oct 2023 15:30:44 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 620931560
age: 0
X-Firefox-Spdy: h2
banner.hookusbookus.com/config/config.js?v=1
3.127.176.57200 OK 75 B URL GET HTTP/2 banner.hookusbookus.com/config/config.js?v=1
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
Hash ee16e21326dec006274a554647c4d759
8e4389c35e12ea6d1e4d7214c174fda343047865
5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f
GET /config/config.js?v=1 HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: application/javascript
content-length: 75
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
etag: "63cfe903-4b"
accept-ranges: bytes
X-Firefox-Spdy: h2
banner.hookusbookus.com/config/config.js?v=1
3.127.176.57200 OK 75 B URL GET HTTP/2 banner.hookusbookus.com/config/config.js?v=1
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
Hash ee16e21326dec006274a554647c4d759
8e4389c35e12ea6d1e4d7214c174fda343047865
5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f
GET /config/config.js?v=1 HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: application/javascript
content-length: 75
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
etag: "63cfe903-4b"
accept-ranges: bytes
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/css/index_300x600.css
3.127.176.57200 OK 10 kB URL GET HTTP/2 banner.hookusbookus.com/assets/css/index_300x600.css
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 254e2abcefc2cee15a2439522d981a9e
52ee38e443a89218baab22e3bd41ce6b3830bee8
8d753b4d97ae7e2c86df8ba8f25a76a13536a1a9f17a97d6343e79da89207a2d
GET /assets/css/index_300x600.css HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: text/css
server: nginx/1.15.12
last-modified: Mon, 05 Jul 2021 19:56:59 GMT
vary: Accept-Encoding
etag: W/"60e3640b-1c4f"
content-encoding: gzip
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/css/index_1000x200.css
3.127.176.57200 OK 54 kB URL GET HTTP/2 banner.hookusbookus.com/assets/css/index_1000x200.css
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 8204d572a785d41b6f1f9f4bf7ec0a05
b71dc5d09c4c05d667172cd113871dac5ad8c9b6
bdc70b44e923fa4c9b46f38df55e726b1ff22bd5c9d0d384b8dadc3bea67e954
GET /assets/css/index_1000x200.css HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: text/css
server: nginx/1.15.12
last-modified: Fri, 17 Dec 2021 08:13:58 GMT
vary: Accept-Encoding
etag: W/"61bc46c6-1301"
content-encoding: gzip
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/fonts/greycliff-cf-bold.woff
3.127.176.57200 OK 53 kB URL GET HTTP/2 banner.hookusbookus.com/assets/fonts/greycliff-cf-bold.woff
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 53208, version 1.500\012- data
Hash c03dece8ec0635406a35b888337dca8f
b72706815dccadd44dba1693ed8865b41782b14f
092416b2a5cbe9f6596ff7ee177db702262c64326231a3664a34a65c861601b1
GET /assets/fonts/greycliff-cf-bold.woff HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_300x600.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: font/woff
content-length: 53208
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-cfd8"
accept-ranges: bytes
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/cG1bEB3nZo9dBelViWmV.jpg
143.204.42.211421 Misdirected Request 66 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/cG1bEB3nZo9dBelViWmV.jpg
IP 143.204.42.211:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash 7cec3a9fd00d4d6ec1b1aa7adbf4c31d
554920ade5bff12c44b7c631977e7b9938e75b9d
3ec3f0e6b1d9f68d5f17ccf3b318ed1f719aefc6e9faffba763e789fe30ac0ae
GET /hotelliveeb/images/general/1/cG1bEB3nZo9dBelViWmV.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 421 Misdirected Request
server: CloudFront
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: text/html
content-length: 1003
x-cache: Error from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: d2jULz_T4QjGCsb5kLPmoB6l0kyyGY2KX8s2mPzF4jaKJSxI3NCp_Q==
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
3.127.176.57200 OK 53 kB URL GET HTTP/2 banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 53104, version 1.500\012- data
Hash 4f5975fe17a8ca74963be0165ff6a443
4bca2ab6c3da2b6ae09602601adeac22e7a90381
5b8f98e0c93afef19bd64c3dea2a16d60dc1574e5a4a79b788ef03b9eb3c22df
GET /assets/fonts/greycliff-cf-regular.woff HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: font/woff
content-length: 53104
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-cf70"
accept-ranges: bytes
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/I3Qfj8e7MckxIXbz78mw.jpg
143.204.42.153200 OK 56 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/I3Qfj8e7MckxIXbz78mw.jpg
IP 143.204.42.153:443
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\012- data
Hash cddd4b220dbfd2c4641572afbcc3bbf9
2bf3de058bcb45d5a133c9e768a4e8fcdb6ec6c8
54c4a1b842c44277f35ff895c7be82711edf0591dd660744d3e18c3a62f236ce
GET /hotelliveeb/images/general/1/I3Qfj8e7MckxIXbz78mw.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 55749
date: Sun, 01 Oct 2023 09:27:27 GMT
last-modified: Mon, 20 Dec 2021 05:01:30 GMT
etag: "cddd4b220dbfd2c4641572afbcc3bbf9"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aITklef4PEBdlKJbmRO9TBQhl5dfBsqqXn3qBIUcijVLgbwhYZ1nnA==
age: 21799
X-Firefox-Spdy: h2
static.bepolite.eu/files/close-gray.png
212.47.222.20200 OK 1.5 kB URL GET HTTP/2 static.bepolite.eu/files/close-gray.png
IP 212.47.222.20:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 41d9676ab94bece3f7a549b4769ddbe2
521f14490fc57fea51e2e5bf00e2299dce51561b
c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34
GET /files/close-gray.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1971769258"
last-modified: Fri, 08 Apr 2022 18:07:56 GMT
content-length: 1497
date: Sun, 01 Oct 2023 15:30:45 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 620931596
age: 0
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.20200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.20:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=543c20d10543a6af41ef733e93e6d94a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sun, 01 Oct 2023 15:30:44 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 620678732
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.20200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.20:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=543c20d10543a6af41ef733e93e6d94a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sun, 01 Oct 2023 15:30:43 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 620756835
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
212.47.222.20200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
IP 212.47.222.20:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=543c20d10543a6af41ef733e93e6d94a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sun, 01 Oct 2023 15:30:46 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 619271668
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/JdZmoWeiiQlpfMAuIIeC.jpg
143.204.42.153200 OK 61 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/JdZmoWeiiQlpfMAuIIeC.jpg
IP 143.204.42.153:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x195, components 3\012- data
Hash dd86bfb4bf775c862d2c4ce6c31b29b5
94119b0ecc2ae1f9fa98a98eb6c416622ef14547
de5103951b90a9ed1ba44af9919079bed54e32ab4c61d849d19c672ef26e0bca
GET /hotelliveeb/images/general/1/JdZmoWeiiQlpfMAuIIeC.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 60807
date: Sun, 01 Oct 2023 00:33:08 GMT
last-modified: Mon, 20 Dec 2021 05:01:37 GMT
etag: "dd86bfb4bf775c862d2c4ce6c31b29b5"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: znp-Vz0RNQOG25ng6AhUFI4_CW81_TM2pY-WOWEppxHkfPV7nVGXDQ==
age: 53864
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/7sIRHZVsYjhTLoQfwnHk.jpg
143.204.42.153200 OK 71 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/7sIRHZVsYjhTLoQfwnHk.jpg
IP 143.204.42.153:443
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\012- data
Hash b9c2ea2f74718e60952202d98e335b5a
f31b685ba8b5076a30685213e88752d9121a3038
ce1b765529b6c323d2617cf71aebcb0a66427d174bf120ee2e51347899e0b99f
GET /hotelliveeb/images/general/1/7sIRHZVsYjhTLoQfwnHk.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 70599
date: Sun, 01 Oct 2023 09:29:56 GMT
last-modified: Mon, 20 Dec 2021 05:01:22 GMT
etag: "b9c2ea2f74718e60952202d98e335b5a"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ldTisPuPWkjMcOTcETqKG1Ir_NdwjXOOqImEx600vP19e4PUzA7NvA==
age: 21656
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/HjxOLhjZEQyPnav9dHrj.jpg
143.204.42.153 57 kB URL dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/HjxOLhjZEQyPnav9dHrj.jpg
IP 143.204.42.153:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\012- data
Hash 20aaa6f29edd9dce33552181dc676ba0
0512d87061d36db8bbd791c5b1b067dd842c46d0
02f8c580705952f669b75916fc53398ec26075a1cc0e68970f1b2f5267d321a5
GET /hotelliveeb/images/general/1/HjxOLhjZEQyPnav9dHrj.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 57347
date: Sun, 01 Oct 2023 09:55:19 GMT
last-modified: Mon, 20 Dec 2021 05:01:21 GMT
etag: "20aaa6f29edd9dce33552181dc676ba0"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bvEl_U0dhhnRgLKxJMK3vG1iD_xPeIt0Q55AeNsf0KrzSLphojI--g==
age: 20139
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/8AONEdzkafdoJBBRUtdU.jpg
143.204.42.153 70 kB URL dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/8AONEdzkafdoJBBRUtdU.jpg
IP 143.204.42.153:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash 8d1b1efda140df77d53e910d3bc5cdac
9d237234bb7354565f782388804d7d0363642cce
e95a8dd1f692b9bf322c854ec1679930bcd968dc0ac51f8c5e2ae3d5659cf7b0
GET /hotelliveeb/images/general/1/8AONEdzkafdoJBBRUtdU.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 69470
last-modified: Wed, 14 Dec 2022 11:00:06 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 01 Oct 2023 15:30:58 GMT
etag: "8d1b1efda140df77d53e910d3bc5cdac"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hLys76NLyOeilP-g3ZWtk1-dzL1mYgCESJC1EMdeodNdn5uaSGEd_Q==
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVheCZI5WAU3MgPQLeDPA386QHZtrqLnYZ6nmmvJzjcrXe97Y7ngvemSr6LiUULBO1aAhW-jM9Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940469195%3A1696174243817620&theme=glif
142.250.74.109403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVheCZI5WAU3MgPQLeDPA386QHZtrqLnYZ6nmmvJzjcrXe97Y7ngvemSr6LiUULBO1aAhW-jM9Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940469195%3A1696174243817620&theme=glif
IP 142.250.74.109:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVheCZI5WAU3MgPQLeDPA386QHZtrqLnYZ6nmmvJzjcrXe97Y7ngvemSr6LiUULBO1aAhW-jM9Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940469195%3A1696174243817620&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Oct 2023 15:30:43 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-ZWVjxUqMB3OLJpt1Iuzoiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
3.127.176.57200 OK 6.0 kB URL GET HTTP/2 banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 3.127.176.57:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6210), with no line terminators
Hash b2c258a8d77db021c8f33f8e84dba71b
c453e30dac638f4e1b897309fe32db795d540f80
2d1065201a188a85c1a7d0a3ee130f5a8dc4e60db8fe221fb2081e77222e5a9f
GET /index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:44 GMT
content-type: text/html
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
vary: Accept-Encoding
etag: W/"63cfe903-1781"
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcivxvhKCqwd822L_hSFdS3dhSq_f7FayhDeHy9QrvOL5Zhz490GMrjnn31THuBC1GDEV08kg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1929837430%3A1696174243829605&theme=glif
142.250.74.109403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcivxvhKCqwd822L_hSFdS3dhSq_f7FayhDeHy9QrvOL5Zhz490GMrjnn31THuBC1GDEV08kg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1929837430%3A1696174243829605&theme=glif
IP 142.250.74.109:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcivxvhKCqwd822L_hSFdS3dhSq_f7FayhDeHy9QrvOL5Zhz490GMrjnn31THuBC1GDEV08kg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1929837430%3A1696174243829605&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Oct 2023 15:30:43 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-qmnYMT9X-YplhHnQ7yQKLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
banner.hookusbookus.com/assets/image/svg/hb-logo.svg
3.127.176.57200 OK 15 kB URL GET HTTP/2 banner.hookusbookus.com/assets/image/svg/hb-logo.svg
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15333), with no line terminators
Hash bf6baf947f924bf8d67e947a025def06
9ac9fccb0351b41c1545714153ed5fa2c4bfef3a
64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e
GET /assets/image/svg/hb-logo.svg HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: image/svg+xml
server: nginx/1.15.12
last-modified: Mon, 05 Jul 2021 19:56:59 GMT
vary: Accept-Encoding
etag: W/"60e3640b-3be5"
content-encoding: gzip
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/svg/hb-logo.svg
3.127.176.57200 OK 15 kB URL GET HTTP/2 banner.hookusbookus.com/assets/image/svg/hb-logo.svg
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15333), with no line terminators
Hash bf6baf947f924bf8d67e947a025def06
9ac9fccb0351b41c1545714153ed5fa2c4bfef3a
64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e
GET /assets/image/svg/hb-logo.svg HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: image/svg+xml
server: nginx/1.15.12
last-modified: Mon, 05 Jul 2021 19:56:59 GMT
vary: Accept-Encoding
etag: W/"60e3640b-3be5"
content-encoding: gzip
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/prices-bg-3.png
3.127.176.57200 OK 2.4 kB URL GET HTTP/2 banner.hookusbookus.com/assets/image/prices-bg-3.png
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type PNG image data, 250 x 118, 8-bit/color RGBA, non-interlaced\012- data
Hash ef56eff9c1246b25c0088c156116ae05
21f5a8245443365c960a196d005277a3c5ef4709
be624625b85909d1b549672c0a13b167751f842e035c3156f1d5e4a1b677ce54
GET /assets/image/prices-bg-3.png HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: image/png
content-length: 2442
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-98a"
accept-ranges: bytes
X-Firefox-Spdy: h2
banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
3.127.176.57200 OK 6.0 kB URL GET HTTP/2 banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 3.127.176.57:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6183), with no line terminators
Hash e6203b2e0919f42103d8a3367bbc9b32
08d251797a13b125ec05294116373d90493045dd
e893c3c55f767327f9d5723610d23852fc9f34827dda3bd918575f75f5ef6e0b
GET /index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:44 GMT
content-type: text/html
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
vary: Accept-Encoding
etag: W/"63cfe903-1761"
content-encoding: gzip
X-Firefox-Spdy: h2
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhdqDsrSg3X559siD04yj936F-Z5QiZhG-tPpgCdkOv2DXmws-IFccDkwUS_HTe1e-__5G2CCg
142.250.74.109302 Found 0 B URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhdqDsrSg3X559siD04yj936F-Z5QiZhG-tPpgCdkOv2DXmws-IFccDkwUS_HTe1e-__5G2CCg
IP 142.250.74.109:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhdqDsrSg3X559siD04yj936F-Z5QiZhG-tPpgCdkOv2DXmws-IFccDkwUS_HTe1e-__5G2CCg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:kiQk5CRN8BpcHoc54B0o_hqmKLThhQ:_dGcyLUe6DJoJtFX;Path=/;Expires=Tue, 30-Sep-2025 15:30:43 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 01 Oct 2023 15:30:43 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVheCZI5WAU3MgPQLeDPA386QHZtrqLnYZ6nmmvJzjcrXe97Y7ngvemSr6LiUULBO1aAhW-jM9Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940469195%3A1696174243817620&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-c2FNy4VAbQzzOEzqy8ML-g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 399
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
3.127.176.57200 OK 24 kB URL GET HTTP/2 banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /package-feed?language=et_ee&utmSource=allmedia HTTP/1.1
Host: banner-server.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://banner.hookusbookus.com
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: application/json
access-control-allow-origin: https://banner.hookusbookus.com
access-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate
access-control-allow-credentials: true
access-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/js/jquery.min.js
3.127.176.57200 OK 90 kB URL GET HTTP/2 banner.hookusbookus.com/assets/js/jquery.min.js
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /assets/js/jquery.min.js HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: application/javascript
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
vary: Accept-Encoding
etag: W/"608123af-15d84"
content-encoding: gzip
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/svg/hb-logo.svg
3.127.176.57200 OK 15 kB URL GET HTTP/2 banner.hookusbookus.com/assets/image/svg/hb-logo.svg
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15333), with no line terminators
Hash bf6baf947f924bf8d67e947a025def06
9ac9fccb0351b41c1545714153ed5fa2c4bfef3a
64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e
GET /assets/image/svg/hb-logo.svg HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: image/svg+xml
server: nginx/1.15.12
last-modified: Mon, 05 Jul 2021 19:56:59 GMT
vary: Accept-Encoding
etag: W/"60e3640b-3be5"
content-encoding: gzip
X-Firefox-Spdy: h2
banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
3.127.176.57200 OK 24 kB URL GET HTTP/2 banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /package-feed?language=et_ee&utmSource=allmedia HTTP/1.1
Host: banner-server.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://banner.hookusbookus.com
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: application/json
access-control-allow-origin: https://banner.hookusbookus.com
access-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate
access-control-allow-credentials: true
access-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
X-Firefox-Spdy: h2
umoughtcallm.com/popunder.gif
104.21.74.25200 OK 35 B URL GET HTTP/3 umoughtcallm.com/popunder.gif
IP 104.21.74.25:443
Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectumoughtcallm.com
Fingerprint6B:57:1E:F0:AE:98:F4:49:BE:13:72:49:EB:A1:C6:42:13:78:FE:7D
ValidityWed, 13 Sep 2023 06:21:16 GMT - Tue, 12 Dec 2023 06:21:15 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /popunder.gif HTTP/1.1
Host: umoughtcallm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 01 Oct 2023 15:30:43 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 2627
last-modified: Sun, 01 Oct 2023 14:46:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwYl6FT0j9PmA4QmY%2FuCGAvP01%2Fit%2B9%2FeOnrQyzZeKMkJHNbUXrT9TXp0UQEJtFE8dgfXbbfB03diWg5iBYqXA8%2F5WbT0C8UMGYlwRFTIVlRdTGw7hIsXhDzW9oIgS8REwL3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80f5bf9f09485694-OSL
alt-svc: h3=":443"; ma=86400
banner.hookusbookus.com/assets/js/jquery.min.js
3.127.176.57200 OK 90 kB URL GET HTTP/2 banner.hookusbookus.com/assets/js/jquery.min.js
IP 3.127.176.57:443
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /assets/js/jquery.min.js HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 01 Oct 2023 15:30:45 GMT
content-type: application/javascript
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
vary: Accept-Encoding
etag: W/"608123af-15d84"
content-encoding: gzip
X-Firefox-Spdy: h2