Report - upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe

Report Overview

Submitted URL
upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe
IP
51.91.30.159
ASN
#16276 OVH SAS
Submitted
2023-10-01 15:31:02
Access
public
Website Title
UPLOAD.EE - IObitUninstaller13.1.0.3.exe - Download
Final URL
www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
du0pud0sdlmzf.cloudfront.net	unknown	2008-04-25	2023-08-24	2023-10-01	1.7 kB	120 kB	143.204.42.211
ngsinspiringtga.info	unknown	unknown	No data	No data	3.8 kB	6.9 kB	108.157.214.81
accounts.google.com	81	1997-09-15	2016-03-20	2023-09-30	3.7 kB	10 kB	142.250.74.109
pogothere.xyz	unknown	2022-08-22	2022-09-04	2023-10-01	840 B	105 kB	188.114.97.1
serving.bepolite.eu	unknown	unknown	2017-01-29	2023-10-01	3.3 kB	2.5 kB	212.47.222.20
static.bepolite.eu	unknown	unknown	2017-01-29	2023-10-01	878 B	179 kB	212.47.222.20
banner.hookusbookus.com	unknown	2018-09-12	2021-10-05	2023-09-30	19 kB	414 kB	3.127.176.57
dskwugy0u6y9l.cloudfront.net	unknown	2008-04-25	2021-11-03	2023-09-30	3.0 kB	382 kB	143.204.42.211
upload.ee	450367	2010-07-04	2015-01-15	2023-10-01	533 B	593 B	51.91.30.159
www.upload.ee	981196	2010-07-04	2012-05-24	2023-10-01	4.6 kB	46 kB	51.91.30.159
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-10-01	875 B	139 kB	142.250.74.168
umoughtcallm.com	unknown	2023-08-27	2023-09-13	2023-09-13	2.1 kB	2.4 kB	104.21.74.25
banner-server.hookusbookus.com	unknown	2018-09-12	2023-01-24	2023-09-30	998 B	48 kB	3.127.176.57

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-10-01 15:30:54	high	54.37.238.86	Client IP	ET POLICY PE EXE or DLL Windows file download HTTP

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	1.6 kB	2023-05-06	2024-07-27
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21:43 Last Seen2024-07-27 02:00:14 Times Seen23778 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	static.bepolite.eu/scripts/saresponsive.js	177 kB	2023-09-19	2023-10-02
Pretty URL static.bepolite.eu/scripts/saresponsive.js IP 212.47.222.20 ASN #3327 CITIC Telecom CPC Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-19 12:20:21 Last Seen2023-10-02 07:31:20 Times Seen30 Hash 636b4ad7f97aa55c2242b396fe3e9f44 b4d6aae9e6f3de7fb4478f9ee5e12a8141bb02ba 54f7e44d9e8b65978b3753e157c4a3c9c338645fcc31429f6c49aca5e4bd1c62 Loading...

	banner.hookusbookus.com/config/config.js?v=1	75 B	2023-03-13	2023-12-29
Pretty URL banner.hookusbookus.com/config/config.js?v=1 IP 3.127.176.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:46:56 Last Seen2023-12-29 10:47:32 Times Seen1278 Hash ee16e21326dec006274a554647c4d759 8e4389c35e12ea6d1e4d7214c174fda343047865 5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f Loading...

	banner.hookusbookus.com/assets/js/jquery.min.js	90 kB	2023-03-07	2024-07-27
Pretty URL banner.hookusbookus.com/assets/js/jquery.min.js IP 3.127.176.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-07-27 03:57:39 Times Seen170933 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html	14 B	2023-03-09	2024-07-27
Pretty URL www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html IP 51.91.30.159 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 23:09:39 Last Seen2024-07-27 00:52:32 Times Seen2312 Hash 48e07e6b9e60fc36f21db6b71bf0b4b1 fb4085cc0058779b28e5c366a2b92cf242399c2f 3cbdc71216bd0aa119c93b4c5213941e9972e26ef16b3386c7c9cb32bcc60d64 Loading...

	du0pud0sdlmzf.cloudfront.net/?dupud=997369	363 kB	2023-10-01	2023-10-01
Pretty URL du0pud0sdlmzf.cloudfront.net/?dupud=997369 IP 143.204.42.211 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-01 17:31:09 Last Seen2023-10-01 17:31:09 Times Seen2 Hash b1b68b9b203d8b4eeab291bbd2e19b27 1f72977383b07fe18709b7c6312ba4f62e6d0f29 47477ddffc70e1ef9c6063ee7de7d9ea879973982d2e33df51c77c4956f3c499 Loading...

	unknown	88 B	2023-10-01	2023-10-01
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-10-01 17:31:09 Last Seen2023-10-01 17:31:09 Times Seen1 Hash 7bca11780e9637a5d6df6f0bd38c18dd bf7c35e8de8ae83b012f9ead616c7f4e7de28225 fabf7377dffbea545e61ff47dd42a5c69ffc562118c80db322aad27a14aff8ef Loading...

	serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=2868570&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15705788%2F02b0e99845eb1da0194b%2Fiobituninstaller13.1.0.3.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15705788%2FIObitUninstaller13.1.0.3.exe.html&rnd=1696174243195	6.3 kB	2023-10-01	2023-10-01
Pretty URL serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=2868570&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15705788%2F02b0e99845eb1da0194b%2Fiobituninstaller13.1.0.3.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15705788%2FIObitUninstaller13.1.0.3.exe.html&rnd=1696174243195 IP 212.47.222.20 ASN #3327 CITIC Telecom CPC Netherlands B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-01 17:31:09 Last Seen2023-10-01 17:31:09 Times Seen2 Hash 113023eadc252dedb35f3844633f5652 da90160659d127dd2ca9ca2986a6a71c54411f8b 9e578752240a7b53f4f702826e1b4cbc6dfd5167e483a104a792056547fa11fb Loading...

	www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html	57 B	2023-03-09	2024-07-27
Pretty URL www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html IP 51.91.30.159 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 23:09:39 Last Seen2024-07-27 00:52:32 Times Seen2311 Hash 63fa78e3d4ae4b7fc4cf5126264cb75e 65657518c61173b8205d4fb68aabfae6ae7270a0 a31d904d1ab6191632f68d0b375b622e4699c6e840f99ce53699df5d9f77ef6a Loading...

	www.upload.ee/js/js__file_upload.js	27 kB	2023-03-09	2023-10-14
Pretty URL www.upload.ee/js/js__file_upload.js IP 51.91.30.159 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:09:39 Last Seen2023-10-14 14:45:24 Times Seen2298 Hash 617f6d5a2744bc8c02e3d2c67544bd68 f57c068257c8bc85644d3be1e845c36506cd4625 62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658 Loading...

	www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html	155 B	2023-03-09	2024-07-27
Pretty URL www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html IP 51.91.30.159 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 23:09:39 Last Seen2024-07-27 00:52:32 Times Seen2314 Hash ba71a86056b5c9ef37b625aade54337e 4769c2a07aa71c342dcb06dfa2950cff7ecae40f 65d96ab8cd224643e09a693cdc8fa0b76eb9c6cfe0a4be8b797136ca83a305c0 Loading...

	www.googletagmanager.com/gtag/js?id=UA-6703115-1	134 kB	2023-10-01	2023-10-01
Pretty URL www.googletagmanager.com/gtag/js?id=UA-6703115-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-01 17:31:09 Last Seen2023-10-01 17:31:09 Times Seen2 Hash d2d038b273f54567938620307b35a1b8 204dba403203cfc32a4257181cee13048bf9a90d 74df85da93e069523c0f1744365ce10d71e2882ed58df0796e966a49b933227f Loading...

	www.upload.ee/files/15705788/sandbox%20eval%20code	128 B	2023-05-06	2024-07-27
Pretty URL www.upload.ee/files/15705788/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21:43 Last Seen2024-07-27 02:00:14 Times Seen23933 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	www.upload.ee/files/15705788/sandbox%20eval%20code	147 B	2023-04-11	2024-07-27
Pretty URL www.upload.ee/files/15705788/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-07-27 03:57:12 Times Seen385006 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c	247 kB	2023-10-01	2023-10-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-01 17:31:09 Last Seen2023-10-01 17:31:09 Times Seen2 Hash 1ee9a4e92178fae8d02a1a80e5003480 759bb721d851360b41a0f412a9cfed3cf33d65ae 52361e86efc0f15810ec50b3ff107f2e7856182e7f18e7580dd56459873adfc5 Loading...

	banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner	0 B	2023-03-07	2024-07-27
Pretty URL banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner IP 3.127.176.57 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-07-27 03:58:32 Times Seen41184518 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	128 B	2023-10-01	2023-10-01
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-10-01 17:31:09 Last Seen2023-10-01 17:31:09 Times Seen1 Hash 5dc1028167210f17630829bfc6339162 a6196f972b1739e98fcc4399c7d9f0b164fcac19 5fd11579bbc4a3d84bdb29ace6064af9cc16393b43c6cfc456fada732a531a98 Loading...

	unknown	125 B	2023-10-01	2023-10-01
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-10-01 17:31:09 Last Seen2023-10-01 17:31:09 Times Seen1 Hash 5315e49f12dbe3f930fbf34a6edb86de 48a4fd72885bb924961a817f4ae6e09058b9a4a3 c8deef05f94a3810aa1ad7de7d1b823eec5571c0f715e479910a9e4edd399a23 Loading...

	www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html	1.6 kB	2023-03-09	2023-12-29
Pretty URL www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html IP 51.91.30.159 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 23:09:39 Last Seen2023-12-29 10:47:32 Times Seen1376 Hash bada815b0add3317d69cbff824573d6b 60ebc2061d3dbf196d418b6802aa0d971b7bc189 f2fe3c2dc65244420df6fc8efd959211c4ef3d9f76e2a3c530b4a3163138d92b Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-07-27
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-07-27 03:57:12 Times Seen384355 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

HTTP Transactions (60)

	URL	IP	Response	Size
	upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe	51.91.30.159		296 B
URL upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe IP 51.91.30.159:0 ASN #16276 OVH SAS File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size 296 B (296 bytes) Hash a90c339b50772d6f52458d711362b1a7 1055303e3e50f943040c56f3a1a831bf478946d1 17ce5beef5e4057bd90be213f05ee2df50159a25874d545b837a56ac5c902506 HTTP Headers GET /download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe HTTP/1.1 Host: upload.ee User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 301 Moved Permanently Server: nginx Date: Sun, 01 Oct 2023 15:30:41 GMT Content-Type: text/html; charset=iso-8859-1 Content-Length: 296 Connection: keep-alive Keep-Alive: timeout=5 Location: http://www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe`

	www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe	51.91.30.159		0 B
URL www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe IP 51.91.30.159:0 ASN #16276 OVH SAS File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe HTTP/1.1 Host: www.upload.ee User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 302 Found Server: nginx Date: Sun, 01 Oct 2023 15:30:41 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: keep-alive Keep-Alive: timeout=5 Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1 Location: https://www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe`

	www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe	51.91.30.159		407 B
URL www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe IP 51.91.30.159:0 ASN #16276 OVH SAS File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (407), with no line terminators Size 407 B (407 bytes) Hash 707dc6cbfe54fd6ab76546ec0b5a0833 c143c1cef5c821ff608980c4a01e8b6fffd657a5 062fff1068cc062e0f55ad96cb69e9ce0c685d7a0757daa8a1a167d08f3a5da4 HTTP Headers GET /download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe HTTP/1.1 Host: www.upload.ee User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 404 Not Found Server: nginx Date: Sun, 01 Oct 2023 15:30:42 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 407 Connection: keep-alive Keep-Alive: timeout=5 Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1 P3P: CP="CAO PSA OUR"`

	www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe	51.91.30.159		407 B
URL www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe IP 51.91.30.159:0 ASN #16276 OVH SAS File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (407), with no line terminators Size 407 B (407 bytes) Hash 707dc6cbfe54fd6ab76546ec0b5a0833 c143c1cef5c821ff608980c4a01e8b6fffd657a5 062fff1068cc062e0f55ad96cb69e9ce0c685d7a0757daa8a1a167d08f3a5da4 HTTP Headers GET /download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe HTTP/1.1 Host: www.upload.ee User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/1.1 404 Not Found Server: nginx Date: Sun, 01 Oct 2023 15:30:42 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 407 Connection: keep-alive Keep-Alive: timeout=5 Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1 P3P: CP="CAO PSA OUR"`

	www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html	51.91.30.159	200 OK	9.0 kB
URL User Request GET HTTP/1.1 www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html IP 51.91.30.159:443 ASN #16276 OVH SAS Certificate IssuerDigiCert, Inc. Subjectwww.upload.ee Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4 ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4526) Size 9.0 kB (8967 bytes) Hash efd8e33f6eb41dfdf15d25d9e61fb8d9 e5ebf60bacf8ef68f6976e9b3a1b270ff06e18b0 7cdde50b5f4d1b5e46e39b6f5af368abba37db95cb709245cbbb919e3686b725 HTTP Headers GET /files/15705788/IObitUninstaller13.1.0.3.exe.html HTTP/1.1 Host: www.upload.ee User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/download/15705788/02b0e99845eb1da0194b/iobituninstaller13.1.0.3.exe Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache HTTP/1.1 200 OK Server: nginx Date: Sun, 01 Oct 2023 15:30:42 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 8967 Connection: keep-alive Keep-Alive: timeout=20 Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Sun, 01 Oct 2023 18:30:42 +0300 Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Strict-Transport-Security: max-age=31536000 X-XSS-Protection: 1 P3P: CP="CAO PSA OUR" Set-Cookie: lng=eng; expires=Sun, 29-Oct-2023 15:30:42 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None Content-Encoding: gzip

	www.upload.ee/static/ubr__style.css	51.91.30.159	200 OK	2.9 kB
URL GET HTTP/1.1 www.upload.ee/static/ubr__style.css IP 51.91.30.159:443 ASN #16276 OVH SAS Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerDigiCert, Inc. Subjectwww.upload.ee Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4 ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT File type ASCII text, with very long lines (591), with CRLF line terminators Size 2.9 kB (2880 bytes) Hash 3ba04e290212b44bcca8f10a60a4e879 a9b021c9019bdbb28250836039b2372a1b4d0f0f f618b1c7be10c3203620d44c6f323be5b61ac10e67588d96cb69988b3173c7d2 HTTP Headers `GET /static/ubr__style.css HTTP/1.1 Host: www.upload.ee User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Cookie: lng=eng Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sun, 01 Oct 2023 15:30:42 GMT Content-Type: text/css Last-Modified: Fri, 04 Oct 2013 10:02:27 GMT Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=20 ETag: W/"524e9233-25a0" Expires: Sun, 08 Oct 2023 15:30:42 GMT Cache-Control: max-age=604800 Vary: Accept-Encoding Content-Encoding: gzip`

	www.upload.ee/js/js__file_upload.js	51.91.30.159	200 OK	27 kB
URL GET HTTP/1.1 www.upload.ee/js/js__file_upload.js IP 51.91.30.159:443 ASN #16276 OVH SAS Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerDigiCert, Inc. Subjectwww.upload.ee Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4 ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT File type Unicode text, UTF-8 text, with very long lines (1853) Size 27 kB (27351 bytes) Hash 617f6d5a2744bc8c02e3d2c67544bd68 f57c068257c8bc85644d3be1e845c36506cd4625 62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658 HTTP Headers `GET /js/js__file_upload.js HTTP/1.1 Host: www.upload.ee User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Cookie: lng=eng Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sun, 01 Oct 2023 15:30:42 GMT Content-Type: application/javascript Content-Length: 27351 Last-Modified: Thu, 07 May 2020 19:13:28 GMT Connection: keep-alive Keep-Alive: timeout=20 ETag: "5eb45dd8-6ad7" Expires: Sun, 08 Oct 2023 15:30:42 GMT Cache-Control: max-age=604800 Vary: Accept-Encoding Accept-Ranges: bytes`

	www.googletagmanager.com/gtag/js?id=UA-6703115-1	142.250.74.168	200 OK	52 kB
URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-6703115-1 IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18 ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT File type ASCII text, with very long lines (2213) Size 52 kB (51645 bytes) Hash d2d038b273f54567938620307b35a1b8 204dba403203cfc32a4257181cee13048bf9a90d 74df85da93e069523c0f1744365ce10d71e2882ed58df0796e966a49b933227f HTTP Headers `GET /gtag/js?id=UA-6703115-1 HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 01 Oct 2023 15:30:42 GMT expires: Sun, 01 Oct 2023 15:30:42 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 51645 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	du0pud0sdlmzf.cloudfront.net/?dupud=997369	143.204.42.211	200 OK	118 kB
URL GET HTTP/2 du0pud0sdlmzf.cloudfront.net/?dupud=997369 IP 143.204.42.211:443 ASN #16509 AMAZON-02 Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type Unicode text, UTF-8 text, with very long lines (15948) Size 118 kB (117740 bytes) Hash b1b68b9b203d8b4eeab291bbd2e19b27 1f72977383b07fe18709b7c6312ba4f62e6d0f29 47477ddffc70e1ef9c6063ee7de7d9ea879973982d2e33df51c77c4956f3c499 HTTP Headers `GET /?dupud=997369 HTTP/1.1 Host: du0pud0sdlmzf.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-length: 117740 date: Sun, 01 Oct 2023 15:30:38 GMT access-control-allow-origin: * cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform content-encoding: gzip pragma: no-cache x-cache: Hit from cloudfront via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: CVmiSjqZHyg841IP4GJT08XGzDyGZYU9ALt6337M1Rb9kOG-mOjcqw== age: 4 X-Firefox-Spdy: h2`

	www.upload.ee/images/dl_.png	51.91.30.159	200 OK	1.9 kB
URL GET HTTP/1.1 www.upload.ee/images/dl_.png IP 51.91.30.159:443 ASN #16276 OVH SAS Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerDigiCert, Inc. Subjectwww.upload.ee Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4 ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT File type PNG image data, 154 x 32, 8-bit colormap, non-interlaced\012- data Size 1.9 kB (1900 bytes) Hash f3e8f284a4e98cdb91b6abfc142d94a4 fa9e618c2f56bea752ddd7e45a372c5539dadda9 2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882 HTTP Headers `GET /images/dl_.png HTTP/1.1 Host: www.upload.ee User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Cookie: lng=eng Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sun, 01 Oct 2023 15:30:42 GMT Content-Type: image/png Content-Length: 1900 Last-Modified: Thu, 01 Dec 2016 09:37:27 GMT Connection: keep-alive Keep-Alive: timeout=20 ETag: "583fef57-76c" Expires: Sun, 08 Oct 2023 15:30:42 GMT Cache-Control: max-age=604800 Accept-Ranges: bytes`

	www.upload.ee/images/arrow.gif	51.91.30.159	200 OK	59 B
URL GET HTTP/1.1 www.upload.ee/images/arrow.gif IP 51.91.30.159:443 ASN #16276 OVH SAS Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerDigiCert, Inc. Subjectwww.upload.ee Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4 ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT File type GIF image data, version 89a, 6 x 9\012- data Size 59 B (59 bytes) Hash 6675f814b94f13f91f1383707b250e36 31452650e8fce2095613a2010799bdb7548bdd51 061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411 HTTP Headers `GET /images/arrow.gif HTTP/1.1 Host: www.upload.ee User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Cookie: lng=eng Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sun, 01 Oct 2023 15:30:42 GMT Content-Type: image/gif Content-Length: 59 Last-Modified: Sun, 14 Apr 2013 07:15:01 GMT Connection: keep-alive Keep-Alive: timeout=20 ETag: "516a5775-3b" Expires: Sun, 08 Oct 2023 15:30:42 GMT Cache-Control: max-age=604800 Accept-Ranges: bytes`

	umoughtcallm.com/WE82em53cFUJUwJ8dE4/DTdTKCttfVA8NBEefixYDQp8OwsQHhAOBzxyD0NZa3kPXB4xKwtLSCs7Vw4bK3IHXAc2KVlHSC5yB1RdbGEFTkBoaUNHX347RhsJZX4QChosIwtLWGF5B01aansFSFhh	104.21.74.25	204 No Content	0 B
URL GET HTTP/2 umoughtcallm.com/WE82em53cFUJUwJ8dE4/DTdTKCttfVA8NBEefixYDQp8OwsQHhAOBzxyD0NZa3kPXB4xKwtLSCs7Vw4bK3IHXAc2KVlHSC5yB1RdbGEFTkBoaUNHX347RhsJZX4QChosIwtLWGF5B01aansFSFhh IP 104.21.74.25:443 ASN #13335 CLOUDFLARENET Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerGoogle Trust Services LLC Subjectumoughtcallm.com Fingerprint6B:57:1E:F0:AE:98:F4:49:BE:13:72:49:EB:A1:C6:42:13:78:FE:7D ValidityWed, 13 Sep 2023 06:21:16 GMT - Tue, 12 Dec 2023 06:21:15 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /WE82em53cFUJUwJ8dE4/DTdTKCttfVA8NBEefixYDQp8OwsQHhAOBzxyD0NZa3kPXB4xKwtLSCs7Vw4bK3IHXAc2KVlHSC5yB1RdbGEFTkBoaUNHX347RhsJZX4QChosIwtLWGF5B01aansFSFhh HTTP/1.1 Host: umoughtcallm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 204 No Content date: Sun, 01 Oct 2023 15:30:43 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLeemevshnZwC8FpjaVf6rms5iQcl3KgGBS9NALsq7c%2FL%2BsVRwHZaLGBx%2FXSDfJttMahjjJTAxuP260XO2%2FOiocmBwQoG44AnV1o9rWFgd12aIeTSgWT9XohNQeP2DGSWcCB"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 80f5bf9a396db529-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	umoughtcallm.com/b2hQSllAVzM5ZAwtJzMDAiIULz4hDgd6H1cpPAw4PgY7CwxeKXY+MAtVaXNuW1hobCkGDG17YUkbJCstGhtte38GBjYlZEkebXt3X0ZiZG1JHW17fxsYMS1kXk4gPi0DVWF8YFlZZ35rW1tjemk	104.21.74.25	204 No Content	0 B
URL GET HTTP/2 umoughtcallm.com/b2hQSllAVzM5ZAwtJzMDAiIULz4hDgd6H1cpPAw4PgY7CwxeKXY+MAtVaXNuW1hobCkGDG17YUkbJCstGhtte38GBjYlZEkebXt3X0ZiZG1JHW17fxsYMS1kXk4gPi0DVWF8YFlZZ35rW1tjemk IP 104.21.74.25:443 ASN #13335 CLOUDFLARENET Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerGoogle Trust Services LLC Subjectumoughtcallm.com Fingerprint6B:57:1E:F0:AE:98:F4:49:BE:13:72:49:EB:A1:C6:42:13:78:FE:7D ValidityWed, 13 Sep 2023 06:21:16 GMT - Tue, 12 Dec 2023 06:21:15 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /b2hQSllAVzM5ZAwtJzMDAiIULz4hDgd6H1cpPAw4PgY7CwxeKXY+MAtVaXNuW1hobCkGDG17YUkbJCstGhtte38GBjYlZEkebXt3X0ZiZG1JHW17fxsYMS1kXk4gPi0DVWF8YFlZZ35rW1tjemk HTTP/1.1 Host: umoughtcallm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 204 No Content date: Sun, 01 Oct 2023 15:30:43 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gk9X%2BebGyApYyzNiZYy4vG8ke7XtDr5jyoGtnA2HiU0yndZ%2Fcc7RsIkxihzu94ubWDQw6CmogJGe2IRNAKT09vCzl9vNkRwwyEmyjWvMftQF0JC3KcTTzzgPmdlSHOuQHKCl"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 80f5bf9a4987b529-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ngsinspiringtga.info/N09wNW9WLRNYUFZyEhMaRSNNEF1xakJzC0J/AEALBzwUWQJNKV5WA1g6FFMdWCEEGwFSO1UHKUMYNlEZYwcxAiB2CgFhFkBqQncsBAk6bDh1LRZwBxJ9MmU9QCU4XAdGHzMFJHM1SBBddSkaBTV2CRN0PWAoKmY7UAQgch9RLhhCWngeGE05XX9FcSdxDRZfNnsDGwQcVB0fQTtjGkRzPGIsPnE1fCkabxtSGUlFPlonVQcpcXxBdwlgHgRUOn0gP0I2Xg0jdxZvFwd8NnAKB1AEZXYqdl5HHh1SA3AYHHEoYBUWUTkCIBZeHxJ9MmQrDzY0dgxRKSdgH1EkMkU1BmJJDD5wIwltN0AYPWY6fAQYDQhUI0B+PmAjHWQ3Txg8Yh9SaRpGAFk/TWYOTRgYZF16DicNIwJ/Pg	108.157.214.81	200 OK	1.2 kB
URL GET HTTP/2 ngsinspiringtga.info/N09wNW9WLRNYUFZyEhMaRSNNEF1xakJzC0J/AEALBzwUWQJNKV5WA1g6FFMdWCEEGwFSO1UHKUMYNlEZYwcxAiB2CgFhFkBqQncsBAk6bDh1LRZwBxJ9MmU9QCU4XAdGHzMFJHM1SBBddSkaBTV2CRN0PWAoKmY7UAQgch9RLhhCWngeGE05XX9FcSdxDRZfNnsDGwQcVB0fQTtjGkRzPGIsPnE1fCkabxtSGUlFPlonVQcpcXxBdwlgHgRUOn0gP0I2Xg0jdxZvFwd8NnAKB1AEZXYqdl5HHh1SA3AYHHEoYBUWUTkCIBZeHxJ9MmQrDzY0dgxRKSdgH1EkMkU1BmJJDD5wIwltN0AYPWY6fAQYDQhUI0B+PmAjHWQ3Txg8Yh9SaRpGAFk/TWYOTRgYZF16DicNIwJ/Pg IP 108.157.214.81:443 ASN #16509 AMAZON-02 Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerAmazon Subjectngsinspiringtga.info Fingerprint8F:D1:EA:F4:FC:7C:FD:A1:B1:85:31:87:C9:EB:31:40:B8:07:E8:C3 ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3005), with no line terminators Size 1.2 kB (1163 bytes) Hash 4dba8b6bd3b82bd48d964d04237ca905 b8477b0333e3c5ec87774cf5774d7b4363acc226 2b2c7e58900838d5cd32165c7c2a486fd65f916470aa0b254fca1992e07d6c4a HTTP Headers GET /N09wNW9WLRNYUFZyEhMaRSNNEF1xakJzC0J/AEALBzwUWQJNKV5WA1g6FFMdWCEEGwFSO1UHKUMYNlEZYwcxAiB2CgFhFkBqQncsBAk6bDh1LRZwBxJ9MmU9QCU4XAdGHzMFJHM1SBBddSkaBTV2CRN0PWAoKmY7UAQgch9RLhhCWngeGE05XX9FcSdxDRZfNnsDGwQcVB0fQTtjGkRzPGIsPnE1fCkabxtSGUlFPlonVQcpcXxBdwlgHgRUOn0gP0I2Xg0jdxZvFwd8NnAKB1AEZXYqdl5HHh1SA3AYHHEoYBUWUTkCIBZeHxJ9MmQrDzY0dgxRKSdgH1EkMkU1BmJJDD5wIwltN0AYPWY6fAQYDQhUI0B+PmAjHWQ3Txg8Yh9SaRpGAFk/TWYOTRgYZF16DicNIwJ/Pg HTTP/1.1 Host: ngsinspiringtga.info User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK content-type: text/html content-length: 1163 date: Sun, 01 Oct 2023 15:30:43 GMT server: openresty/1.17.8.2 cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" content-encoding: gzip accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-cache: Miss from cloudfront via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P1 x-amz-cf-id: ARoTCfK-9KuTj7IVDyyCYS9ftSOq9HOx3f2T4mhSWOYM3y7D8SxDmA== X-Firefox-Spdy: h2

	umoughtcallm.com/UmUxb0x9WlIccQEJZyQCPgEJDRQ5JmhcJD4AVjUiMVd/Sn4QJFwiaiYMVVJ1a1IFXnh0FVgLcWNDQhstJhBCUn10DF8JI29DR1J9fFYFQX9mSwFJOW9UFxs8MwIMXmoiEUUDcWNTCFl9ZVEDW39hVAY	104.21.74.25	204 No Content	0 B
URL GET HTTP/2 umoughtcallm.com/UmUxb0x9WlIccQEJZyQCPgEJDRQ5JmhcJD4AVjUiMVd/Sn4QJFwiaiYMVVJ1a1IFXnh0FVgLcWNDQhstJhBCUn10DF8JI29DR1J9fFYFQX9mSwFJOW9UFxs8MwIMXmoiEUUDcWNTCFl9ZVEDW39hVAY IP 104.21.74.25:443 ASN #13335 CLOUDFLARENET Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerGoogle Trust Services LLC Subjectumoughtcallm.com Fingerprint6B:57:1E:F0:AE:98:F4:49:BE:13:72:49:EB:A1:C6:42:13:78:FE:7D ValidityWed, 13 Sep 2023 06:21:16 GMT - Tue, 12 Dec 2023 06:21:15 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /UmUxb0x9WlIccQEJZyQCPgEJDRQ5JmhcJD4AVjUiMVd/Sn4QJFwiaiYMVVJ1a1IFXnh0FVgLcWNDQhstJhBCUn10DF8JI29DR1J9fFYFQX9mSwFJOW9UFxs8MwIMXmoiEUUDcWNTCFl9ZVEDW39hVAY HTTP/1.1 Host: umoughtcallm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 204 No Content date: Sun, 01 Oct 2023 15:30:43 GMT access-control-allow-origin: * cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3IAo6grIBqX3t%2F7H5VyHcw2EFn2%2B%2FdjPTa%2FT6CmhjaUM5cyXm1zHA50m5LvOxLVVyr3ta2S8OG5c6FNb9BQOem1r4vL%2BTtdAtkLrYZao2iPaZ2X%2BUE4R7b3Uoc%2BABgDPiFL"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 80f5bf9a99dcb529-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	ngsinspiringtga.info/aGFFcWUJAyYcWglcJ1cQGg14VFcuRHc3AR1RNQQBWBIhHQgSB2sSCQcUIRcXBw8xXwsNFWBDIz47Ej8fMlMuNiEqUQcnDS0qA0AVOTkDIy0+DXQ1JjkgDDMdPgQLGAojKhc8IyIGNjwhEAoyPiYuJwcJVSY2Az8zKxYiPSctVAc1JBsgER0/OCMEEjc/DXQ1Ix8sDDAJDy0NMwY8IhcgMy4jNjw3OTgCJyQPLAYgUS4iFDsyPjJ8IDE9LwYmVD4tBkA/MTADMB05DTEnIRAODzknWSYUJwY6ORMkFj03dDAwLCcGJlQ9MwckLwkrAzshMAohJzYETB8nMjkoAjQkHyYUNyBZNxMdMD1RCyYyPjMCIDMLMQEzID8gFCgBOgoAGTIuMxYpMwwxADdQK0cvAgoGEXg0KAstNQckCggpGzI5JQ	108.157.214.81	200 OK	1.2 kB
URL GET HTTP/2 ngsinspiringtga.info/aGFFcWUJAyYcWglcJ1cQGg14VFcuRHc3AR1RNQQBWBIhHQgSB2sSCQcUIRcXBw8xXwsNFWBDIz47Ej8fMlMuNiEqUQcnDS0qA0AVOTkDIy0+DXQ1JjkgDDMdPgQLGAojKhc8IyIGNjwhEAoyPiYuJwcJVSY2Az8zKxYiPSctVAc1JBsgER0/OCMEEjc/DXQ1Ix8sDDAJDy0NMwY8IhcgMy4jNjw3OTgCJyQPLAYgUS4iFDsyPjJ8IDE9LwYmVD4tBkA/MTADMB05DTEnIRAODzknWSYUJwY6ORMkFj03dDAwLCcGJlQ9MwckLwkrAzshMAohJzYETB8nMjkoAjQkHyYUNyBZNxMdMD1RCyYyPjMCIDMLMQEzID8gFCgBOgoAGTIuMxYpMwwxADdQK0cvAgoGEXg0KAstNQckCggpGzI5JQ IP 108.157.214.81:443 ASN #16509 AMAZON-02 Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerAmazon Subjectngsinspiringtga.info Fingerprint8F:D1:EA:F4:FC:7C:FD:A1:B1:85:31:87:C9:EB:31:40:B8:07:E8:C3 ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators Size 1.2 kB (1175 bytes) Hash 9373b3c71ebdd7eec9338c60b9601957 b6f11927f1f3276a016ff41d01596b9c9c3ac83d 106d9df0eb78bb39e905044a4e72c0456e9cb2b511dceb43f3ebf128c3a446ec HTTP Headers GET /aGFFcWUJAyYcWglcJ1cQGg14VFcuRHc3AR1RNQQBWBIhHQgSB2sSCQcUIRcXBw8xXwsNFWBDIz47Ej8fMlMuNiEqUQcnDS0qA0AVOTkDIy0+DXQ1JjkgDDMdPgQLGAojKhc8IyIGNjwhEAoyPiYuJwcJVSY2Az8zKxYiPSctVAc1JBsgER0/OCMEEjc/DXQ1Ix8sDDAJDy0NMwY8IhcgMy4jNjw3OTgCJyQPLAYgUS4iFDsyPjJ8IDE9LwYmVD4tBkA/MTADMB05DTEnIRAODzknWSYUJwY6ORMkFj03dDAwLCcGJlQ9MwckLwkrAzshMAohJzYETB8nMjkoAjQkHyYUNyBZNxMdMD1RCyYyPjMCIDMLMQEzID8gFCgBOgoAGTIuMxYpMwwxADdQK0cvAgoGEXg0KAstNQckCggpGzI5JQ HTTP/1.1 Host: ngsinspiringtga.info User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK content-type: text/html content-length: 1175 date: Sun, 01 Oct 2023 15:30:43 GMT server: openresty/1.17.8.2 cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" content-encoding: gzip accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-cache: Miss from cloudfront via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P1 x-amz-cf-id: zUKNYcdT5oFEeh1NNixY_HKvXrUYX3ttVh4aMSTmgK3uezuDRgt91g== X-Firefox-Spdy: h2

	ngsinspiringtga.info/N29iaW1WDQEEUlZSAE8YRQNfTF9xSlAvCUJfEhwJBxwGBQBNCUwKAVgaBg8fWAEWRwNSG0dbK14LJ1ADeQUFMSR2AzMrGnYCIx4edTs6ATh2LiQ6J2U9OD8KZRYyPCMGIRUkSAUpNQUeUiAOUEgFLQA/JAAnNCArZSgJJTsGNjYKBnE7NAEJTjkKKzdyLFMILF9bIzkaXwsgOxpQKVIROHYWCTw/cSkxJgpuIzQ7HgYrDhk4cTgSPw52XgMPXX4qIS8aBDkFCgllGFMqL3YIOyMKWyszLysOOVJdLGYHIDssX14qLTh+KiEoNAI+BT9YZTdbDCp2BwYIARo6JTEVchwmLwZTPQUFO3UIDiwLBjYlKjtxVjRYL2UtCwYvYDogOwtkKioqOGEHNBEveTw6XUtdHA0HHQo1FyQuezcOCgdCVyo8	108.157.214.81	200 OK	1.2 kB
URL GET HTTP/2 ngsinspiringtga.info/N29iaW1WDQEEUlZSAE8YRQNfTF9xSlAvCUJfEhwJBxwGBQBNCUwKAVgaBg8fWAEWRwNSG0dbK14LJ1ADeQUFMSR2AzMrGnYCIx4edTs6ATh2LiQ6J2U9OD8KZRYyPCMGIRUkSAUpNQUeUiAOUEgFLQA/JAAnNCArZSgJJTsGNjYKBnE7NAEJTjkKKzdyLFMILF9bIzkaXwsgOxpQKVIROHYWCTw/cSkxJgpuIzQ7HgYrDhk4cTgSPw52XgMPXX4qIS8aBDkFCgllGFMqL3YIOyMKWyszLysOOVJdLGYHIDssX14qLTh+KiEoNAI+BT9YZTdbDCp2BwYIARo6JTEVchwmLwZTPQUFO3UIDiwLBjYlKjtxVjRYL2UtCwYvYDogOwtkKioqOGEHNBEveTw6XUtdHA0HHQo1FyQuezcOCgdCVyo8 IP 108.157.214.81:443 ASN #16509 AMAZON-02 Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerAmazon Subjectngsinspiringtga.info Fingerprint8F:D1:EA:F4:FC:7C:FD:A1:B1:85:31:87:C9:EB:31:40:B8:07:E8:C3 ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3022), with no line terminators Size 1.2 kB (1174 bytes) Hash 48f359a0c5ae5d7ad432ea9800f32533 408fa00e7ebce4ac8c42af8476500ba5b14e47e0 1ab0d14ef18801d3d58bb84b7e4d04de9d6938072df41b3d2669b5f4d16b5eba HTTP Headers GET /N29iaW1WDQEEUlZSAE8YRQNfTF9xSlAvCUJfEhwJBxwGBQBNCUwKAVgaBg8fWAEWRwNSG0dbK14LJ1ADeQUFMSR2AzMrGnYCIx4edTs6ATh2LiQ6J2U9OD8KZRYyPCMGIRUkSAUpNQUeUiAOUEgFLQA/JAAnNCArZSgJJTsGNjYKBnE7NAEJTjkKKzdyLFMILF9bIzkaXwsgOxpQKVIROHYWCTw/cSkxJgpuIzQ7HgYrDhk4cTgSPw52XgMPXX4qIS8aBDkFCgllGFMqL3YIOyMKWyszLysOOVJdLGYHIDssX14qLTh+KiEoNAI+BT9YZTdbDCp2BwYIARo6JTEVchwmLwZTPQUFO3UIDiwLBjYlKjtxVjRYL2UtCwYvYDogOwtkKioqOGEHNBEveTw6XUtdHA0HHQo1FyQuezcOCgdCVyo8 HTTP/1.1 Host: ngsinspiringtga.info User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK content-type: text/html content-length: 1174 date: Sun, 01 Oct 2023 15:30:43 GMT server: openresty/1.17.8.2 cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" content-encoding: gzip accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-cache: Miss from cloudfront via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P1 x-amz-cf-id: FZ4WKz6iQVvbZYZUwzY2w2h6k-hvp_JdRmBIOmRCgMi8sO2cPymiHg== X-Firefox-Spdy: h2

	www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c	142.250.74.168	200 OK	86 kB
URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c IP 142.250.74.168:443 ASN #15169 GOOGLE Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerGoogle Trust Services LLC Subject.google-analytics.com Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18 ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT File type ASCII text, with very long lines (3034) Size 86 kB (85957 bytes) Hash 1ee9a4e92178fae8d02a1a80e5003480 759bb721d851360b41a0f412a9cfed3cf33d65ae 52361e86efc0f15810ec50b3ff107f2e7856182e7f18e7580dd56459873adfc5 HTTP Headers `GET /gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c HTTP/1.1 Host: www.googletagmanager.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * access-control-allow-credentials: true access-control-allow-headers: Cache-Control content-encoding: br vary: Accept-Encoding date: Sun, 01 Oct 2023 15:30:43 GMT expires: Sun, 01 Oct 2023 15:30:43 GMT cache-control: private, max-age=900 strict-transport-security: max-age=31536000; includeSubDomains cross-origin-resource-policy: cross-origin server: Google Tag Manager content-length: 85957 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.upload.ee/favicon.ico	51.91.30.159	200 OK	1.2 kB
URL GET HTTP/1.1 www.upload.ee/favicon.ico IP 51.91.30.159:443 ASN #16276 OVH SAS Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerDigiCert, Inc. Subjectwww.upload.ee Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4 ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size 1.2 kB (1150 bytes) Hash f299cf2e651c19e48d27900ced493ccb c2d1086d517d7a26292e0d7b32da7c55b166c23b 115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1 HTTP Headers `GET /favicon.ico HTTP/1.1 Host: www.upload.ee User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Cookie: lng=eng Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sun, 01 Oct 2023 15:30:43 GMT Content-Type: image/x-icon Content-Length: 1150 Last-Modified: Tue, 16 Dec 2008 17:17:25 GMT Connection: keep-alive Keep-Alive: timeout=20 ETag: "4947e2a5-47e" Expires: Sun, 08 Oct 2023 15:30:43 GMT Cache-Control: max-age=604800 Accept-Ranges: bytes`

	ngsinspiringtga.info/utx?cb=8Vk4iGfgwgWM&top=www.upload.ee&tid=997414	108.157.214.81	204 No Content	0 B
URL GET HTTP/2 ngsinspiringtga.info/utx?cb=8Vk4iGfgwgWM&top=www.upload.ee&tid=997414 IP 108.157.214.81:443 ASN #16509 AMAZON-02 Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerAmazon Subjectngsinspiringtga.info Fingerprint8F:D1:EA:F4:FC:7C:FD:A1:B1:85:31:87:C9:EB:31:40:B8:07:E8:C3 ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /utx?cb=8Vk4iGfgwgWM&top=www.upload.ee&tid=997414 HTTP/1.1 Host: ngsinspiringtga.info User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.upload.ee DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 204 No Content date: Sun, 01 Oct 2023 15:30:43 GMT server: openresty/1.17.8.2 access-control-allow-credentials: true access-control-allow-origin: https://www.upload.ee cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" set-cookie: ut=x; Expires=Sun, 01 Oct 2023 15:31:43 GMT; Max-Age=60 accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-cache: Miss from cloudfront via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P1 x-amz-cf-id: SpgW5tKO65iJJG942GvU52TCxtJd6VWchbzARq_ktnWlkJGaLkhWTg== X-Firefox-Spdy: h2

	ngsinspiringtga.info/utx?cb=MQN4nTVauf9h&top=www.upload.ee&tid=997369	108.157.214.81	204 No Content	0 B
URL GET HTTP/2 ngsinspiringtga.info/utx?cb=MQN4nTVauf9h&top=www.upload.ee&tid=997369 IP 108.157.214.81:443 ASN #16509 AMAZON-02 Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerAmazon Subjectngsinspiringtga.info Fingerprint8F:D1:EA:F4:FC:7C:FD:A1:B1:85:31:87:C9:EB:31:40:B8:07:E8:C3 ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /utx?cb=MQN4nTVauf9h&top=www.upload.ee&tid=997369 HTTP/1.1 Host: ngsinspiringtga.info User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://www.upload.ee DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/2 204 No Content date: Sun, 01 Oct 2023 15:30:43 GMT server: openresty/1.17.8.2 access-control-allow-credentials: true access-control-allow-origin: https://www.upload.ee cache-control: no-store, no-cache, must-revalidate, no-transform pragma: no-cache p3p: CP="NID DSP ALL COR" set-cookie: ut=x; Expires=Sun, 01 Oct 2023 15:31:43 GMT; Max-Age=60 accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List x-cache: Miss from cloudfront via: 1.1 1fb0b89a5ccfb45255b8e8539e256ee2.cloudfront.net (CloudFront) x-amz-cf-pop: ARN56-P1 x-amz-cf-id: a3DgJa0Q15XiX2QWLD1W1mwGQM5Mg74JJykt1UD0GCvlXZkZQ4rvOQ== X-Firefox-Spdy: h2

	accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube	142.250.74.109	302 Found	0 B
URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube IP 142.250.74.109:443 ASN #15169 GOOGLE Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5 ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found content-type: application/binary set-cookie: __Host-GAPS=1:s-iEEgZlqPXhr4BzaT0Qb5Zv4evyew:637mC25MMgP5kfx6; Expires=Tue, 30-Sep-2025 15:30:43 GMT; Path=/; Secure; HttpOnly; Priority=HIGH cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sun, 01 Oct 2023 15:30:43 GMT location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhd4smffQSX34pg4tH0Bn-XTrT4aibTaAsYK5PiFIhEBnAmflg3hL6YTJUCA_PEZNQag6B6fPQ strict-transport-security: max-age=31536000; includeSubDomains accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy: unsafe-none content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-0CKDNvqwjGiDMQYYezbkOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factor=, ch-ua-platform=, ch-ua-platform-version=* cross-origin-resource-policy: cross-origin server: ESF content-length: 0 x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail	142.250.74.109	302 Found	0 B
URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail IP 142.250.74.109:443 ASN #15169 GOOGLE Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerGoogle Trust Services LLC Subjectaccounts.google.com Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5 ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found content-type: application/binary set-cookie: __Host-GAPS=1:7mq5sdPK_6mKxwCcc5Dj-9_EEIiHnw:cQ9ARRnQBb1mdq6u; Expires=Tue, 30-Sep-2025 15:30:43 GMT; Path=/; Secure; HttpOnly; Priority=HIGH cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sun, 01 Oct 2023 15:30:43 GMT location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhdqDsrSg3X559siD04yj936F-Z5QiZhG-tPpgCdkOv2DXmws-IFccDkwUS_HTe1e-__5G2CCg strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-JocQcFrhuOMkQn7ueGtIsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factor=, ch-ua-platform=, ch-ua-platform-version=* accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-resource-policy: cross-origin cross-origin-opener-policy: unsafe-none server: ESF content-length: 0 x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	du0pud0sdlmzf.cloudfront.net/tWFdvTHA7OAEqTyw+C3FJYWBbfEh+PRwjHihqPC0KDz8+fj0ZAFcARWgZSTgKPGpfahw5OQhxVj05DHFBfjYLLk1scRotTTU4FSUcNDZKfjZteV9pQmh/F31BfWQtaUJoOwYiBSByXXwIYGEwekR9ZC1pQmglGWlDGWZfdV5ofkp+QD8yDCcffWUpfkBpZ1-99QGlyXXwWMSUKKh8gcl0KQWlmQXxWLWpe	143.204.42.211		197 B
URL du0pud0sdlmzf.cloudfront.net/tWFdvTHA7OAEqTyw+C3FJYWBbfEh+PRwjHihqPC0KDz8+fj0ZAFcARWgZSTgKPGpfahw5OQhxVj05DHFBfjYLLk1scRotTTU4FSUcNDZKfjZteV9pQmh/F31BfWQtaUJoOwYiBSByXXwIYGEwekR9ZC1pQmglGWlDGWZfdV5ofkp+QD8yDCcffWUpfkBpZ1-99QGlyXXwWMSUKKh8gcl0KQWlmQXxWLWpe IP 143.204.42.211:0 ASN #16509 AMAZON-02 Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type ASCII text, with no line terminators Size 197 B (197 bytes) Hash 0ade410d496f47be9d5ddd249176d164 3174b845e360abba7f606213ec6f1f5537286cc7 83e2d41d9bb96618a78508698a3090c4b6efd5641a03d2cfcf55447bbfeae21b HTTP Headers GET /tWFdvTHA7OAEqTyw+C3FJYWBbfEh+PRwjHihqPC0KDz8+fj0ZAFcARWgZSTgKPGpfahw5OQhxVj05DHFBfjYLLk1scRotTTU4FSUcNDZKfjZteV9pQmh/F31BfWQtaUJoOwYiBSByXXwIYGEwekR9ZC1pQmglGWlDGWZfdV5ofkp+QD8yDCcffWUpfkBpZ1-99QGlyXXwWMSUKKh8gcl0KQWlmQXxWLWpe HTTP/1.1 Host: du0pud0sdlmzf.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ngsinspiringtga.info/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK content-length: 197 date: Sun, 01 Oct 2023 15:30:43 GMT access-control-allow-origin: * cache-control: max-age=31556926 content-encoding: gzip x-cache: Miss from cloudfront via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: wb-R7WkoefCCPbI563h0qGsnhXKKmDyA3nATkhFBXRgBrF1T8WQTlw== X-Firefox-Spdy: h2`

	pogothere.xyz/asd100.bin	188.114.97.1	200 OK	103 kB
URL GET HTTP/2 pogothere.xyz/asd100.bin IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT File type data Size 103 kB (102978 bytes) Hash 0d5ddcb5a1dbd9c3d4ba9fa67093f231 81acf1e4c7888c59d33dbefedb67b2ff87f7ce6f 65db2b8f4ed5f79a828b1006a974cb6cb7513db2a8b1fd3fcc94318ea08351da HTTP Headers `GET /asd100.bin HTTP/1.1 Host: pogothere.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.upload.ee/ Origin: https://www.upload.ee DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:43 GMT content-type: binary/octet-stream access-control-allow-origin: https://www.upload.ee access-control-allow-credentials: true access-control-allow-methods: GET access-control-allow-headers: X-Requested-With, content-type cache-control: max-age=14400 cf-cache-status: HIT age: 4 last-modified: Sun, 01 Oct 2023 15:30:39 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WD6yTjP9Jj%2BBJ85ZCRv6BiZhCoH4rCBc5IKmhixVx5LtT0QRsXZ0gAbXCgKsW23aMoGavD7pWdH%2FTv1eUHnaGuRbhiEqiG%2BhlysVNvFb1RcUXYToNg5207qr%2FBINYCVj"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 80f5bf9d3e7fb511-OSL alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	du0pud0sdlmzf.cloudfront.net/idE9nNjgXIAlQBwAmAwsBTXhUAAFSJRRZVgRyPUN1NwM/WlseOl9+bVI7HVIFRGkLV1YTckFTVhdyVhBZEC1aAh4APwhdBRwgF0xUAykURFFSOgYLVRs1DlpUFWpVcA1af0IECFw3VgcdRw1CBAgYJglDQFF9V04AQhBRAh1HDUIECAY5QgV5RX9eGAhdal-UGXxEsDFkdRglVBglEf1YGCVF9V1BRBioBWUBRfSEHCUVhVxBNSX4	143.204.42.211		612 B
URL du0pud0sdlmzf.cloudfront.net/idE9nNjgXIAlQBwAmAwsBTXhUAAFSJRRZVgRyPUN1NwM/WlseOl9+bVI7HVIFRGkLV1YTckFTVhdyVhBZEC1aAh4APwhdBRwgF0xUAykURFFSOgYLVRs1DlpUFWpVcA1af0IECFw3VgcdRw1CBAgYJglDQFF9V04AQhBRAh1HDUIECAY5QgV5RX9eGAhdal-UGXxEsDFkdRglVBglEf1YGCVF9V1BRBioBWUBRfSEHCUVhVxBNSX4 IP 143.204.42.211:0 ASN #16509 AMAZON-02 Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type ASCII text, with very long lines (865), with no line terminators Size 612 B (612 bytes) Hash 878647b3eea35a8b876779a9396cbe90 fdf178a3aa4f040a9fcd6db27624899f2f655d87 f54cfcd5ab010e1c0a5e464c4ec204a14a79b909048b6088769a6f3891c6ee9d HTTP Headers GET /idE9nNjgXIAlQBwAmAwsBTXhUAAFSJRRZVgRyPUN1NwM/WlseOl9+bVI7HVIFRGkLV1YTckFTVhdyVhBZEC1aAh4APwhdBRwgF0xUAykURFFSOgYLVRs1DlpUFWpVcA1af0IECFw3VgcdRw1CBAgYJglDQFF9V04AQhBRAh1HDUIECAY5QgV5RX9eGAhdal-UGXxEsDFkdRglVBglEf1YGCVF9V1BRBioBWUBRfSEHCUVhVxBNSX4 HTTP/1.1 Host: du0pud0sdlmzf.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://ngsinspiringtga.info/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK content-length: 612 date: Sun, 01 Oct 2023 15:30:43 GMT access-control-allow-origin: * cache-control: max-age=31556926 content-encoding: gzip x-cache: Miss from cloudfront via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: YOpTsrbMD5sIvWV-KjeBOb2_05a4DkVwMGkmBtsbRxHu3yo2o1GMpw== X-Firefox-Spdy: h2`

	pogothere.xyz/	188.114.97.1	200 OK	427 B
URL GET HTTP/2 pogothere.xyz/ IP 188.114.97.1:443 ASN #13335 CLOUDFLARENET Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT File type ASCII text, with no line terminators Size 427 B (427 bytes) Hash 2013f7aea82eefc270d8067e9b33583a 72757862de030b85a42824ec521e808ae97faf78 f51b0dfed650e807eed4d047247e93dc99eb7e6ccec631eeb26b86fadfa64195 HTTP Headers `GET / HTTP/1.1 Host: pogothere.xyz User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.upload.ee/ Origin: https://www.upload.ee DNT: 1 Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:43 GMT content-type: text/plain set-cookie: csu=328729571545837@1@1696174243; Max-Age=31104000; Secure; SameSite=None access-control-allow-origin: https://www.upload.ee access-control-allow-credentials: true access-control-allow-methods: GET access-control-allow-headers: X-Requested-With, content-type cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3cTp7PCt62auxnIS65W0Z3Ua7DaClAY7DI7qjGxBxzEhJzp4S0%2F3AKLDQBfMQQApa4CPwNTjZoF5r5UVlz6bdCRP8%2FWxrSog4YkvyZEWMj2TmUvEZl193iJT5P%2BheCp"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 80f5bf9d5ea1b511-OSL content-encoding: br alt-svc: h3=":443"; ma=86400 X-Firefox-Spdy: h2

	accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhd4smffQSX34pg4tH0Bn-XTrT4aibTaAsYK5PiFIhEBnAmflg3hL6YTJUCA_PEZNQag6B6fPQ	142.250.74.109	302 Found	406 B
URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhd4smffQSX34pg4tH0Bn-XTrT4aibTaAsYK5PiFIhEBnAmflg3hL6YTJUCA_PEZNQag6B6fPQ IP 142.250.74.109:443 ASN #15169 GOOGLE Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerGoogle Trust Services LLC Subject.google.com FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4 ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (399) Size 406 B (406 bytes) Hash 1c05e4274284a87e7ca1ce0bbd2da8e1 b1487a1b9f54eb8574e37ea404389f875a860c02 fdf4b0c0fff69cb6d04cd6f0f75927d265b8ddddf822400eaaa61f13c2d4fec4 HTTP Headers GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhd4smffQSX34pg4tH0Bn-XTrT4aibTaAsYK5PiFIhEBnAmflg3hL6YTJUCA_PEZNQag6B6fPQ HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.upload.ee/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 302 Found content-type: text/html; charset=UTF-8 set-cookie: __Host-GAPS=1:OaWM39k98yKHvn5kJpF-guX8QLFY4w:_T9dwj_bf7xFy3V3;Path=/;Expires=Tue, 30-Sep-2025 15:30:43 GMT;Secure;HttpOnly;Priority=HIGH x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sun, 01 Oct 2023 15:30:43 GMT location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcivxvhKCqwd822L_hSFdS3dhSq_f7FayhDeHy9QrvOL5Zhz490GMrjnn31THuBC1GDEV08kg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1929837430%3A1696174243829605&theme=glif strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-8epdiLO-kazQ1TaGMOL3fA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 406 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=2868570&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15705788%2F02b0e99845eb1da0194b%2Fiobituninstaller13.1.0.3.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15705788%2FIObitUninstaller13.1.0.3.exe.html&rnd=1696174243195	212.47.222.20		1.4 kB
URL GET serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=2868570&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15705788%2F02b0e99845eb1da0194b%2Fiobituninstaller13.1.0.3.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15705788%2FIObitUninstaller13.1.0.3.exe.html&rnd=1696174243195 IP 212.47.222.20:0 ASN #3327 CITIC Telecom CPC Netherlands B.V. Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerLet's Encrypt Subjectstatic.bepolite.eu FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT File type ASCII text, with very long lines (394) Size 1.4 kB (1449 bytes) Hash 113023eadc252dedb35f3844633f5652 da90160659d127dd2ca9ca2986a6a71c54411f8b 9e578752240a7b53f4f702826e1b4cbc6dfd5167e483a104a792056547fa11fb HTTP Headers GET /script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=2868570&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15705788%2F02b0e99845eb1da0194b%2Fiobituninstaller13.1.0.3.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15705788%2FIObitUninstaller13.1.0.3.exe.html&rnd=1696174243195 HTTP/1.1 Host: serving.bepolite.eu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK cache-control: private, must-revalidate, max-age=0 vary: accept-encoding content-encoding: gzip content-type: text/plain;charset=ISO-8859-1 date: Sun, 01 Oct 2023 15:30:42 GMT set-cookie: bepolite_id=543c20d10543a6af41ef733e93e6d94a; Max-Age=7776000; Expires=Sat, 30-Dec-2023 15:30:43 GMT; SameSite=None; Secure p3p: CP='BePolite does not have a P3P policy' x-varnish: 620483321 age: 0 accept-ranges: bytes content-length: 1449 X-Firefox-Spdy: h2`

	static.bepolite.eu/scripts/saresponsive.js	212.47.222.20	200 OK	177 kB
URL GET HTTP/2 static.bepolite.eu/scripts/saresponsive.js IP 212.47.222.20:443 ASN #3327 CITIC Telecom CPC Netherlands B.V. Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerLet's Encrypt Subjectstatic.bepolite.eu FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT File type ASCII text, with very long lines (32077), with CRLF line terminators Size 177 kB (176967 bytes) Hash 636b4ad7f97aa55c2242b396fe3e9f44 b4d6aae9e6f3de7fb4478f9ee5e12a8141bb02ba 54f7e44d9e8b65978b3753e157c4a3c9c338645fcc31429f6c49aca5e4bd1c62 HTTP Headers `GET /scripts/saresponsive.js HTTP/1.1 Host: static.bepolite.eu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: application/javascript accept-ranges: bytes etag: "2214182483" last-modified: Sun, 17 Sep 2023 21:45:34 GMT content-length: 176967 date: Sun, 01 Oct 2023 15:30:44 GMT cache-control: must-revalidate, private expires: -1 p3p: CP='BePolite does not have a P3P policy' x-varnish: 620931560 age: 0 X-Firefox-Spdy: h2`

	banner.hookusbookus.com/config/config.js?v=1	3.127.176.57	200 OK	75 B
URL GET HTTP/2 banner.hookusbookus.com/config/config.js?v=1 IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type ASCII text Size 75 B (75 bytes) Hash ee16e21326dec006274a554647c4d759 8e4389c35e12ea6d1e4d7214c174fda343047865 5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f HTTP Headers GET /config/config.js?v=1 HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: application/javascript content-length: 75 server: nginx/1.15.12 last-modified: Tue, 24 Jan 2023 14:19:47 GMT etag: "63cfe903-4b" accept-ranges: bytes X-Firefox-Spdy: h2`

	banner.hookusbookus.com/config/config.js?v=1	3.127.176.57	200 OK	75 B
URL GET HTTP/2 banner.hookusbookus.com/config/config.js?v=1 IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type ASCII text Size 75 B (75 bytes) Hash ee16e21326dec006274a554647c4d759 8e4389c35e12ea6d1e4d7214c174fda343047865 5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f HTTP Headers GET /config/config.js?v=1 HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: application/javascript content-length: 75 server: nginx/1.15.12 last-modified: Tue, 24 Jan 2023 14:19:47 GMT etag: "63cfe903-4b" accept-ranges: bytes X-Firefox-Spdy: h2`

	banner.hookusbookus.com/assets/css/index_300x600.css	3.127.176.57	200 OK	10 kB
URL GET HTTP/2 banner.hookusbookus.com/assets/css/index_300x600.css IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type gzip compressed data, from Unix\012- data Size 10 kB (9992 bytes) Hash 254e2abcefc2cee15a2439522d981a9e 52ee38e443a89218baab22e3bd41ce6b3830bee8 8d753b4d97ae7e2c86df8ba8f25a76a13536a1a9f17a97d6343e79da89207a2d HTTP Headers GET /assets/css/index_300x600.css HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: text/css server: nginx/1.15.12 last-modified: Mon, 05 Jul 2021 19:56:59 GMT vary: Accept-Encoding etag: W/"60e3640b-1c4f" content-encoding: gzip X-Firefox-Spdy: h2`

	banner.hookusbookus.com/assets/css/index_1000x200.css	3.127.176.57	200 OK	54 kB
URL GET HTTP/2 banner.hookusbookus.com/assets/css/index_1000x200.css IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type gzip compressed data, from Unix\012- data Size 54 kB (54250 bytes) Hash 8204d572a785d41b6f1f9f4bf7ec0a05 b71dc5d09c4c05d667172cd113871dac5ad8c9b6 bdc70b44e923fa4c9b46f38df55e726b1ff22bd5c9d0d384b8dadc3bea67e954 HTTP Headers GET /assets/css/index_1000x200.css HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: text/css server: nginx/1.15.12 last-modified: Fri, 17 Dec 2021 08:13:58 GMT vary: Accept-Encoding etag: W/"61bc46c6-1301" content-encoding: gzip X-Firefox-Spdy: h2`

	banner.hookusbookus.com/assets/fonts/greycliff-cf-bold.woff	3.127.176.57	200 OK	53 kB
URL GET HTTP/2 banner.hookusbookus.com/assets/fonts/greycliff-cf-bold.woff IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type Web Open Font Format, TrueType, length 53208, version 1.500\012- data Size 53 kB (53208 bytes) Hash c03dece8ec0635406a35b888337dca8f b72706815dccadd44dba1693ed8865b41782b14f 092416b2a5cbe9f6596ff7ee177db702262c64326231a3664a34a65c861601b1 HTTP Headers GET /assets/fonts/greycliff-cf-bold.woff HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/assets/css/index_300x600.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: font/woff content-length: 53208 server: nginx/1.15.12 last-modified: Thu, 22 Apr 2021 07:20:15 GMT etag: "608123af-cfd8" accept-ranges: bytes X-Firefox-Spdy: h2`

	dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/cG1bEB3nZo9dBelViWmV.jpg	143.204.42.211	421 Misdirected Request	66 kB
URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/cG1bEB3nZo9dBelViWmV.jpg IP 143.204.42.211:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data Size 66 kB (65788 bytes) Hash 7cec3a9fd00d4d6ec1b1aa7adbf4c31d 554920ade5bff12c44b7c631977e7b9938e75b9d 3ec3f0e6b1d9f68d5f17ccf3b318ed1f719aefc6e9faffba763e789fe30ac0ae HTTP Headers `GET /hotelliveeb/images/general/1/cG1bEB3nZo9dBelViWmV.jpg HTTP/1.1 Host: dskwugy0u6y9l.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 421 Misdirected Request server: CloudFront date: Sun, 01 Oct 2023 15:30:45 GMT content-type: text/html content-length: 1003 x-cache: Error from cloudfront via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: d2jULz_T4QjGCsb5kLPmoB6l0kyyGY2KX8s2mPzF4jaKJSxI3NCp_Q== X-Firefox-Spdy: h2`

	banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff	3.127.176.57	200 OK	53 kB
URL GET HTTP/2 banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type Web Open Font Format, TrueType, length 53104, version 1.500\012- data Size 53 kB (53104 bytes) Hash 4f5975fe17a8ca74963be0165ff6a443 4bca2ab6c3da2b6ae09602601adeac22e7a90381 5b8f98e0c93afef19bd64c3dea2a16d60dc1574e5a4a79b788ef03b9eb3c22df HTTP Headers GET /assets/fonts/greycliff-cf-regular.woff HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: font/woff content-length: 53104 server: nginx/1.15.12 last-modified: Thu, 22 Apr 2021 07:20:15 GMT etag: "608123af-cf70" accept-ranges: bytes X-Firefox-Spdy: h2`

	dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/I3Qfj8e7MckxIXbz78mw.jpg	143.204.42.153	200 OK	56 kB
URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/I3Qfj8e7MckxIXbz78mw.jpg IP 143.204.42.153:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\012- data Size 56 kB (55749 bytes) Hash cddd4b220dbfd2c4641572afbcc3bbf9 2bf3de058bcb45d5a133c9e768a4e8fcdb6ec6c8 54c4a1b842c44277f35ff895c7be82711edf0591dd660744d3e18c3a62f236ce HTTP Headers `GET /hotelliveeb/images/general/1/I3Qfj8e7MckxIXbz78mw.jpg HTTP/1.1 Host: dskwugy0u6y9l.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK content-type: image/jpeg content-length: 55749 date: Sun, 01 Oct 2023 09:27:27 GMT last-modified: Mon, 20 Dec 2021 05:01:30 GMT etag: "cddd4b220dbfd2c4641572afbcc3bbf9" accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: aITklef4PEBdlKJbmRO9TBQhl5dfBsqqXn3qBIUcijVLgbwhYZ1nnA== age: 21799 X-Firefox-Spdy: h2`

	static.bepolite.eu/files/close-gray.png	212.47.222.20	200 OK	1.5 kB
URL GET HTTP/2 static.bepolite.eu/files/close-gray.png IP 212.47.222.20:443 ASN #3327 CITIC Telecom CPC Netherlands B.V. Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerLet's Encrypt Subjectstatic.bepolite.eu FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data Size 1.5 kB (1497 bytes) Hash 41d9676ab94bece3f7a549b4769ddbe2 521f14490fc57fea51e2e5bf00e2299dce51561b c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34 HTTP Headers `GET /files/close-gray.png HTTP/1.1 Host: static.bepolite.eu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/png accept-ranges: bytes etag: "1971769258" last-modified: Fri, 08 Apr 2022 18:07:56 GMT content-length: 1497 date: Sun, 01 Oct 2023 15:30:45 GMT cache-control: must-revalidate, private expires: -1 p3p: CP='BePolite does not have a P3P policy' x-varnish: 620931596 age: 0 X-Firefox-Spdy: h2`

	serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g	212.47.222.20	200 OK	0 B
URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g IP 212.47.222.20:443 ASN #3327 CITIC Telecom CPC Netherlands B.V. Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerLet's Encrypt Subjectstatic.bepolite.eu FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1 Host: serving.bepolite.eu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Cookie: bepolite_id=543c20d10543a6af41ef733e93e6d94a Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK content-length: 0 date: Sun, 01 Oct 2023 15:30:44 GMT p3p: CP='BePolite does not have a P3P policy' x-varnish: 620678732 age: 0 accept-ranges: bytes X-Firefox-Spdy: h2`

	serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g	212.47.222.20	200 OK	0 B
URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g IP 212.47.222.20:443 ASN #3327 CITIC Telecom CPC Netherlands B.V. Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerLet's Encrypt Subjectstatic.bepolite.eu FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1 Host: serving.bepolite.eu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Cookie: bepolite_id=543c20d10543a6af41ef733e93e6d94a Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK content-length: 0 date: Sun, 01 Oct 2023 15:30:43 GMT p3p: CP='BePolite does not have a P3P policy' x-varnish: 620756835 age: 0 accept-ranges: bytes X-Firefox-Spdy: h2`

	serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA	212.47.222.20	200 OK	0 B
URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA IP 212.47.222.20:443 ASN #3327 CITIC Telecom CPC Netherlands B.V. Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerLet's Encrypt Subjectstatic.bepolite.eu FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /event?key=FYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1 Host: serving.bepolite.eu User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Cookie: bepolite_id=543c20d10543a6af41ef733e93e6d94a Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK content-length: 0 date: Sun, 01 Oct 2023 15:30:46 GMT p3p: CP='BePolite does not have a P3P policy' x-varnish: 619271668 age: 0 accept-ranges: bytes X-Firefox-Spdy: h2`

	dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/JdZmoWeiiQlpfMAuIIeC.jpg	143.204.42.153	200 OK	61 kB
URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/JdZmoWeiiQlpfMAuIIeC.jpg IP 143.204.42.153:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x195, components 3\012- data Size 61 kB (60807 bytes) Hash dd86bfb4bf775c862d2c4ce6c31b29b5 94119b0ecc2ae1f9fa98a98eb6c416622ef14547 de5103951b90a9ed1ba44af9919079bed54e32ab4c61d849d19c672ef26e0bca HTTP Headers `GET /hotelliveeb/images/general/1/JdZmoWeiiQlpfMAuIIeC.jpg HTTP/1.1 Host: dskwugy0u6y9l.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/jpeg content-length: 60807 date: Sun, 01 Oct 2023 00:33:08 GMT last-modified: Mon, 20 Dec 2021 05:01:37 GMT etag: "dd86bfb4bf775c862d2c4ce6c31b29b5" accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: znp-Vz0RNQOG25ng6AhUFI4_CW81_TM2pY-WOWEppxHkfPV7nVGXDQ== age: 53864 X-Firefox-Spdy: h2`

	dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/7sIRHZVsYjhTLoQfwnHk.jpg	143.204.42.153	200 OK	71 kB
URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/7sIRHZVsYjhTLoQfwnHk.jpg IP 143.204.42.153:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\012- data Size 71 kB (70599 bytes) Hash b9c2ea2f74718e60952202d98e335b5a f31b685ba8b5076a30685213e88752d9121a3038 ce1b765529b6c323d2617cf71aebcb0a66427d174bf120ee2e51347899e0b99f HTTP Headers `GET /hotelliveeb/images/general/1/7sIRHZVsYjhTLoQfwnHk.jpg HTTP/1.1 Host: dskwugy0u6y9l.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/jpeg content-length: 70599 date: Sun, 01 Oct 2023 09:29:56 GMT last-modified: Mon, 20 Dec 2021 05:01:22 GMT etag: "b9c2ea2f74718e60952202d98e335b5a" accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: ldTisPuPWkjMcOTcETqKG1Ir_NdwjXOOqImEx600vP19e4PUzA7NvA== age: 21656 X-Firefox-Spdy: h2`

	dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/HjxOLhjZEQyPnav9dHrj.jpg	143.204.42.153		57 kB
URL dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/HjxOLhjZEQyPnav9dHrj.jpg IP 143.204.42.153:0 ASN #16509 AMAZON-02 Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\012- data Size 57 kB (57347 bytes) Hash 20aaa6f29edd9dce33552181dc676ba0 0512d87061d36db8bbd791c5b1b067dd842c46d0 02f8c580705952f669b75916fc53398ec26075a1cc0e68970f1b2f5267d321a5 HTTP Headers `GET /hotelliveeb/images/general/1/HjxOLhjZEQyPnav9dHrj.jpg HTTP/1.1 Host: dskwugy0u6y9l.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/jpeg content-length: 57347 date: Sun, 01 Oct 2023 09:55:19 GMT last-modified: Mon, 20 Dec 2021 05:01:21 GMT etag: "20aaa6f29edd9dce33552181dc676ba0" accept-ranges: bytes server: AmazonS3 x-cache: Hit from cloudfront via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: bvEl_U0dhhnRgLKxJMK3vG1iD_xPeIt0Q55AeNsf0KrzSLphojI--g== age: 20139 X-Firefox-Spdy: h2`

	dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/8AONEdzkafdoJBBRUtdU.jpg	143.204.42.153		70 kB
URL dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/8AONEdzkafdoJBBRUtdU.jpg IP 143.204.42.153:0 ASN #16509 AMAZON-02 Certificate IssuerAmazon Subject.cloudfront.net FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data Size 70 kB (69470 bytes) Hash 8d1b1efda140df77d53e910d3bc5cdac 9d237234bb7354565f782388804d7d0363642cce e95a8dd1f692b9bf322c854ec1679930bcd968dc0ac51f8c5e2ae3d5659cf7b0 HTTP Headers `GET /hotelliveeb/images/general/1/8AONEdzkafdoJBBRUtdU.jpg HTTP/1.1 Host: dskwugy0u6y9l.cloudfront.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` `HTTP/2 200 OK content-type: image/jpeg content-length: 69470 last-modified: Wed, 14 Dec 2022 11:00:06 GMT accept-ranges: bytes server: AmazonS3 date: Sun, 01 Oct 2023 15:30:58 GMT etag: "8d1b1efda140df77d53e910d3bc5cdac" vary: Accept-Encoding x-cache: RefreshHit from cloudfront via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: hLys76NLyOeilP-g3ZWtk1-dzL1mYgCESJC1EMdeodNdn5uaSGEd_Q== X-Firefox-Spdy: h2`

	accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVheCZI5WAU3MgPQLeDPA386QHZtrqLnYZ6nmmvJzjcrXe97Y7ngvemSr6LiUULBO1aAhW-jM9Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940469195%3A1696174243817620&theme=glif	142.250.74.109	403 Forbidden	0 B
URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVheCZI5WAU3MgPQLeDPA386QHZtrqLnYZ6nmmvJzjcrXe97Y7ngvemSr6LiUULBO1aAhW-jM9Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940469195%3A1696174243817620&theme=glif IP 142.250.74.109:443 ASN #15169 GOOGLE Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerGoogle Trust Services LLC Subject.google.com FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4 ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVheCZI5WAU3MgPQLeDPA386QHZtrqLnYZ6nmmvJzjcrXe97Y7ngvemSr6LiUULBO1aAhW-jM9Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940469195%3A1696174243817620&theme=glif HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.upload.ee/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 403 Forbidden content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sun, 01 Oct 2023 15:30:43 GMT vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: script-src 'nonce-ZWVjxUqMB3OLJpt1Iuzoiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi" report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]} permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factor=, ch-ua-platform=, ch-ua-platform-version=* accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner	3.127.176.57	200 OK	6.0 kB
URL GET HTTP/2 banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6210), with no line terminators Size 6.0 kB (6017 bytes) Hash b2c258a8d77db021c8f33f8e84dba71b c453e30dac638f4e1b897309fe32db795d540f80 2d1065201a188a85c1a7d0a3ee130f5a8dc4e60db8fe221fb2081e77222e5a9f HTTP Headers GET /index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:44 GMT content-type: text/html server: nginx/1.15.12 last-modified: Tue, 24 Jan 2023 14:19:47 GMT vary: Accept-Encoding etag: W/"63cfe903-1781" content-encoding: gzip X-Firefox-Spdy: h2`

	accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcivxvhKCqwd822L_hSFdS3dhSq_f7FayhDeHy9QrvOL5Zhz490GMrjnn31THuBC1GDEV08kg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1929837430%3A1696174243829605&theme=glif	142.250.74.109	403 Forbidden	0 B
URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcivxvhKCqwd822L_hSFdS3dhSq_f7FayhDeHy9QrvOL5Zhz490GMrjnn31THuBC1GDEV08kg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1929837430%3A1696174243829605&theme=glif IP 142.250.74.109:443 ASN #15169 GOOGLE Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerGoogle Trust Services LLC Subject.google.com FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4 ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcivxvhKCqwd822L_hSFdS3dhSq_f7FayhDeHy9QrvOL5Zhz490GMrjnn31THuBC1GDEV08kg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1929837430%3A1696174243829605&theme=glif HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.upload.ee/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 403 Forbidden content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sun, 01 Oct 2023 15:30:43 GMT vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site strict-transport-security: max-age=31536000; includeSubDomains content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-qmnYMT9X-YplhHnQ7yQKLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi" accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version permissions-policy: ch-ua-arch=, ch-ua-bitness=, ch-ua-full-version=, ch-ua-full-version-list=, ch-ua-model=, ch-ua-wow64=, ch-ua-form-factor=, ch-ua-platform=, ch-ua-platform-version=* report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]} content-encoding: gzip server: ESF x-xss-protection: 0 x-content-type-options: nosniff alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	banner.hookusbookus.com/assets/image/svg/hb-logo.svg	3.127.176.57	200 OK	15 kB
URL GET HTTP/2 banner.hookusbookus.com/assets/image/svg/hb-logo.svg IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15333), with no line terminators Size 15 kB (15333 bytes) Hash bf6baf947f924bf8d67e947a025def06 9ac9fccb0351b41c1545714153ed5fa2c4bfef3a 64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e HTTP Headers GET /assets/image/svg/hb-logo.svg HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: image/svg+xml server: nginx/1.15.12 last-modified: Mon, 05 Jul 2021 19:56:59 GMT vary: Accept-Encoding etag: W/"60e3640b-3be5" content-encoding: gzip X-Firefox-Spdy: h2`

	banner.hookusbookus.com/assets/image/svg/hb-logo.svg	3.127.176.57	200 OK	15 kB
URL GET HTTP/2 banner.hookusbookus.com/assets/image/svg/hb-logo.svg IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15333), with no line terminators Size 15 kB (15333 bytes) Hash bf6baf947f924bf8d67e947a025def06 9ac9fccb0351b41c1545714153ed5fa2c4bfef3a 64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e HTTP Headers `GET /assets/image/svg/hb-logo.svg HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: image/svg+xml server: nginx/1.15.12 last-modified: Mon, 05 Jul 2021 19:56:59 GMT vary: Accept-Encoding etag: W/"60e3640b-3be5" content-encoding: gzip X-Firefox-Spdy: h2`

	banner.hookusbookus.com/assets/image/prices-bg-3.png	3.127.176.57	200 OK	2.4 kB
URL GET HTTP/2 banner.hookusbookus.com/assets/image/prices-bg-3.png IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type PNG image data, 250 x 118, 8-bit/color RGBA, non-interlaced\012- data Size 2.4 kB (2442 bytes) Hash ef56eff9c1246b25c0088c156116ae05 21f5a8245443365c960a196d005277a3c5ef4709 be624625b85909d1b549672c0a13b167751f842e035c3156f1d5e4a1b677ce54 HTTP Headers `GET /assets/image/prices-bg-3.png HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: image/png content-length: 2442 server: nginx/1.15.12 last-modified: Thu, 22 Apr 2021 07:20:15 GMT etag: "608123af-98a" accept-ranges: bytes X-Firefox-Spdy: h2`

	banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner	3.127.176.57	200 OK	6.0 kB
URL GET HTTP/2 banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6183), with no line terminators Size 6.0 kB (5985 bytes) Hash e6203b2e0919f42103d8a3367bbc9b32 08d251797a13b125ec05294116373d90493045dd e893c3c55f767327f9d5723610d23852fc9f34827dda3bd918575f75f5ef6e0b HTTP Headers GET /index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:44 GMT content-type: text/html server: nginx/1.15.12 last-modified: Tue, 24 Jan 2023 14:19:47 GMT vary: Accept-Encoding etag: W/"63cfe903-1761" content-encoding: gzip X-Firefox-Spdy: h2`

	accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhdqDsrSg3X559siD04yj936F-Z5QiZhG-tPpgCdkOv2DXmws-IFccDkwUS_HTe1e-__5G2CCg	142.250.74.109	302 Found	0 B
URL GET HTTP/3 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhdqDsrSg3X559siD04yj936F-Z5QiZhG-tPpgCdkOv2DXmws-IFccDkwUS_HTe1e-__5G2CCg IP 142.250.74.109:443 ASN #15169 GOOGLE Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerGoogle Trust Services LLC Subject.google.com FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4 ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhdqDsrSg3X559siD04yj936F-Z5QiZhG-tPpgCdkOv2DXmws-IFccDkwUS_HTe1e-__5G2CCg HTTP/1.1 Host: accounts.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://www.upload.ee/ DNT: 1 Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/3 302 Found content-type: text/html; charset=UTF-8 set-cookie: __Host-GAPS=1:kiQk5CRN8BpcHoc54B0o_hqmKLThhQ:_dGcyLUe6DJoJtFX;Path=/;Expires=Tue, 30-Sep-2025 15:30:43 GMT;Secure;HttpOnly;Priority=HIGH x-frame-options: DENY cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sun, 01 Oct 2023 15:30:43 GMT location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVheCZI5WAU3MgPQLeDPA386QHZtrqLnYZ6nmmvJzjcrXe97Y7ngvemSr6LiUULBO1aAhW-jM9Q&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S940469195%3A1696174243817620&theme=glif strict-transport-security: max-age=31536000; includeSubDomains cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk" content-security-policy: script-src 'nonce-c2FNy4VAbQzzOEzqy8ML-g' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]} content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 399 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia	3.127.176.57	200 OK	24 kB
URL GET HTTP/2 banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type Size 24 kB (23527 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /package-feed?language=et_ee&utmSource=allmedia HTTP/1.1 Host: banner-server.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://banner.hookusbookus.com DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: application/json access-control-allow-origin: https://banner.hookusbookus.com access-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE access-control-max-age: 3600 access-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate access-control-allow-credentials: true access-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: 0 x-frame-options: DENY X-Firefox-Spdy: h2

	banner.hookusbookus.com/assets/js/jquery.min.js	3.127.176.57	200 OK	90 kB
URL GET HTTP/2 banner.hookusbookus.com/assets/js/jquery.min.js IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type ASCII text, with very long lines (65451) Size 90 kB (89476 bytes) Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d HTTP Headers GET /assets/js/jquery.min.js HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: application/javascript server: nginx/1.15.12 last-modified: Thu, 22 Apr 2021 07:20:15 GMT vary: Accept-Encoding etag: W/"608123af-15d84" content-encoding: gzip X-Firefox-Spdy: h2`

	banner.hookusbookus.com/assets/image/svg/hb-logo.svg	3.127.176.57	200 OK	15 kB
URL GET HTTP/2 banner.hookusbookus.com/assets/image/svg/hb-logo.svg IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15333), with no line terminators Size 15 kB (15333 bytes) Hash bf6baf947f924bf8d67e947a025def06 9ac9fccb0351b41c1545714153ed5fa2c4bfef3a 64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e HTTP Headers GET /assets/image/svg/hb-logo.svg HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: image/svg+xml server: nginx/1.15.12 last-modified: Mon, 05 Jul 2021 19:56:59 GMT vary: Accept-Encoding etag: W/"60e3640b-3be5" content-encoding: gzip X-Firefox-Spdy: h2`

	banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia	3.127.176.57	200 OK	24 kB
URL GET HTTP/2 banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type Size 24 kB (23527 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /package-feed?language=et_ee&utmSource=allmedia HTTP/1.1 Host: banner-server.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://banner.hookusbookus.com DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: application/json access-control-allow-origin: https://banner.hookusbookus.com access-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE access-control-max-age: 3600 access-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate access-control-allow-credentials: true access-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length x-content-type-options: nosniff x-xss-protection: 1; mode=block cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: 0 x-frame-options: DENY X-Firefox-Spdy: h2

	umoughtcallm.com/popunder.gif	104.21.74.25	200 OK	35 B
URL GET HTTP/3 umoughtcallm.com/popunder.gif IP 104.21.74.25:443 ASN #13335 CLOUDFLARENET Requested by https://www.upload.ee/files/15705788/IObitUninstaller13.1.0.3.exe.html Certificate IssuerGoogle Trust Services LLC Subjectumoughtcallm.com Fingerprint6B:57:1E:F0:AE:98:F4:49:BE:13:72:49:EB:A1:C6:42:13:78:FE:7D ValidityWed, 13 Sep 2023 06:21:16 GMT - Tue, 12 Dec 2023 06:21:15 GMT File type GIF image data, version 89a, 1 x 1\012- data Size 35 B (35 bytes) Hash 28d6814f309ea289f847c69cf91194c6 0f4e929dd5bb2564f7ab9c76338e04e292a42ace 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 HTTP Headers `GET /popunder.gif HTTP/1.1 Host: umoughtcallm.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.upload.ee/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/3 200 OK date: Sun, 01 Oct 2023 15:30:43 GMT content-type: image/gif access-control-allow-origin: * pragma: public cache-control: public, max-age=604800, immutable cf-cache-status: HIT age: 2627 last-modified: Sun, 01 Oct 2023 14:46:56 GMT report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AwYl6FT0j9PmA4QmY%2FuCGAvP01%2Fit%2B9%2FeOnrQyzZeKMkJHNbUXrT9TXp0UQEJtFE8dgfXbbfB03diWg5iBYqXA8%2F5WbT0C8UMGYlwRFTIVlRdTGw7hIsXhDzW9oIgS8REwL3"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare cf-ray: 80f5bf9f09485694-OSL alt-svc: h3=":443"; ma=86400

	banner.hookusbookus.com/assets/js/jquery.min.js	3.127.176.57	200 OK	90 kB
URL GET HTTP/2 banner.hookusbookus.com/assets/js/jquery.min.js IP 3.127.176.57:443 ASN #16509 AMAZON-02 Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Certificate IssuerAmazon Subject.hookusbookus.com FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT File type ASCII text, with very long lines (65451) Size 90 kB (89476 bytes) Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d HTTP Headers GET /assets/js/jquery.min.js HTTP/1.1 Host: banner.hookusbookus.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: /* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF1gr_FLPDzvDfW7XiGhBy-KkE853WNJwUFMYmGn2oWREsPHUBx7Qjveoi6VxGGCKV5MdectzUTWTXR1L_4pdIHTt2aqnvZ2jALO3Ld5dRaSZgWsGzKPlYYBisI8Ogd5XJjhklBmhUlIzF_NPyWTUmpvzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK date: Sun, 01 Oct 2023 15:30:45 GMT content-type: application/javascript server: nginx/1.15.12 last-modified: Thu, 22 Apr 2021 07:20:15 GMT vary: Accept-Encoding etag: W/"608123af-15d84" content-encoding: gzip X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash