401 B URL www.upload.ee/download/15711713/7288fe0425531d939f77/Client.exe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (401), with no line terminators
Hash 97801f6d7935fb5e630ade59374ade64
c5f1777ec694eb7bce45bac9f48b2d7371bc9ddc
57fb5dc14ec6802b172959704e191b8016635d8d360521011e6ef5037c132dd7
GET /download/15711713/7288fe0425531d939f77/Client.exe HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 22 Sep 2023 03:11:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 401
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
401 B URL www.upload.ee/download/15711713/7288fe0425531d939f77/Client.exe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (401), with no line terminators
Hash 97801f6d7935fb5e630ade59374ade64
c5f1777ec694eb7bce45bac9f48b2d7371bc9ddc
57fb5dc14ec6802b172959704e191b8016635d8d360521011e6ef5037c132dd7
GET /download/15711713/7288fe0425531d939f77/Client.exe HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 22 Sep 2023 03:11:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 401
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
GET www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
200 OK 9.0 kB URL User Request GET HTTP/1.1 www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
IP
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4526)
Hash 67be4e3a05b4b8c88fe09c1014d6d30e
1195274a60f32c00751ef9e900be495619b051c9
eef88c7755fdb739c23172bf694581c23c5d5058c47bedf8d327f41562da8fca
GET /files/15711713/Client.exe.html?msg=sess_error HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/download/15711713/7288fe0425531d939f77/Client.exe
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 22 Sep 2023 03:11:43 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8982
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 22 Sep 2023 06:11:43 +0300
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
Set-Cookie: lng=eng; expires=Fri, 20-Oct-2023 03:11:43 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None
Content-Encoding: gzip
GET www.upload.ee/static/ubr__style.css
200 OK 2.9 kB URL GET HTTP/1.1 www.upload.ee/static/ubr__style.css
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (591), with CRLF line terminators
Hash 3ba04e290212b44bcca8f10a60a4e879
a9b021c9019bdbb28250836039b2372a1b4d0f0f
f618b1c7be10c3203620d44c6f323be5b61ac10e67588d96cb69988b3173c7d2
GET /static/ubr__style.css HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 22 Sep 2023 03:11:43 GMT
Content-Type: text/css
Last-Modified: Fri, 04 Oct 2013 10:02:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"524e9233-25a0"
Expires: Fri, 29 Sep 2023 03:11:43 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip
GET du0pud0sdlmzf.cloudfront.net/?dupud=997369
200 OK 118 kB URL GET HTTP/2 du0pud0sdlmzf.cloudfront.net/?dupud=997369
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 118 kB (117742 bytes)
Hash 1c08c036ca41650b733ec1837af328fd
99463eba24bd64945aa06b4dbb7f13d991a03e19
f22ae22dedba7fac2d485ff7c71955be01240da3b253201ff74d33fa82192a97
GET /?dupud=997369 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 117742
date: Fri, 22 Sep 2023 03:08:31 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bnr_WwOo95uhLtTrNxxjl8rJMkVbKTxKFu29_0sA5EcfkHXOHHnHWw==
age: 192
X-Firefox-Spdy: h2
GET www.upload.ee/js/js__file_upload.js
200 OK 27 kB URL GET HTTP/1.1 www.upload.ee/js/js__file_upload.js
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (1853)
Hash 617f6d5a2744bc8c02e3d2c67544bd68
f57c068257c8bc85644d3be1e845c36506cd4625
62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658
GET /js/js__file_upload.js HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 22 Sep 2023 03:11:43 GMT
Content-Type: application/javascript
Content-Length: 27351
Last-Modified: Thu, 07 May 2020 19:13:28 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "5eb45dd8-6ad7"
Expires: Fri, 29 Sep 2023 03:11:43 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Accept-Ranges: bytes
GET www.upload.ee/images/dl_.png
200 OK 1.9 kB URL GET HTTP/1.1 www.upload.ee/images/dl_.png
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type PNG image data, 154 x 32, 8-bit colormap, non-interlaced\012- data
Hash f3e8f284a4e98cdb91b6abfc142d94a4
fa9e618c2f56bea752ddd7e45a372c5539dadda9
2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882
GET /images/dl_.png HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 22 Sep 2023 03:11:43 GMT
Content-Type: image/png
Content-Length: 1900
Last-Modified: Thu, 01 Dec 2016 09:37:27 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "583fef57-76c"
Expires: Fri, 29 Sep 2023 03:11:43 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
GET www.upload.ee/images/arrow.gif
200 OK 59 B URL GET HTTP/1.1 www.upload.ee/images/arrow.gif
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 6 x 9\012- data
Hash 6675f814b94f13f91f1383707b250e36
31452650e8fce2095613a2010799bdb7548bdd51
061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411
GET /images/arrow.gif HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 22 Sep 2023 03:11:43 GMT
Content-Type: image/gif
Content-Length: 59
Last-Modified: Sun, 14 Apr 2013 07:15:01 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "516a5775-3b"
Expires: Fri, 29 Sep 2023 03:11:43 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
472 B IP
Hash 1d04b1c39a52ae81423392b3328cf91f
53311c7b36bd1e229219f087085ec7b36643b06b
39fd511387b1d969a8e34f6027e3acd55fe97adce73cf6fe2f2d3d4eb1423e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 03:11:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET www.googletagmanager.com/gtag/js?id=UA-6703115-1
200 OK 52 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-6703115-1
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File type ASCII text, with very long lines (2213)
Hash 351a869011be7e3d71a60210cdce9c82
dc999c52d1b2e9c7ab98f60ca525cbe11207acbb
1562705cdcacb05d81df793f7b8a2d47951bcb9d611c390a634cd33c9ea209f7
GET /gtag/js?id=UA-6703115-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 22 Sep 2023 03:11:43 GMT
expires: Fri, 22 Sep 2023 03:11:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
472 B IP
Hash 1d04b1c39a52ae81423392b3328cf91f
53311c7b36bd1e229219f087085ec7b36643b06b
39fd511387b1d969a8e34f6027e3acd55fe97adce73cf6fe2f2d3d4eb1423e06
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 03:11:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET wdownthreerfdfg.com/SVZvZ3NmaQwUThwTBwogJwQFAh8DbzswFz4DJy0wEA4XNhUcD0kTGi1rVl5EfWZXQQMgMlJWS28lGwYHPCVSVlUgOAkITm8gUlZdeXhdSUdvI1JWVT0mDgBOeHAfEwcla15RSnxlWlVAeWVWVkc
204 No Content 0 B URL GET HTTP/2 wdownthreerfdfg.com/SVZvZ3NmaQwUThwTBwogJwQFAh8DbzswFz4DJy0wEA4XNhUcD0kTGi1rVl5EfWZXQQMgMlJWS28lGwYHPCVSVlUgOAkITm8gUlZdeXhdSUdvI1JWVT0mDgBOeHAfEwcla15RSnxlWlVAeWVWVkc
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectwdownthreerfdfg.com
Fingerprint01:C6:73:D9:51:19:6F:F8:8D:B0:27:C4:23:40:83:57:46:92:ED:67
ValidityWed, 13 Sep 2023 06:26:23 GMT - Tue, 12 Dec 2023 06:26:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /SVZvZ3NmaQwUThwTBwogJwQFAh8DbzswFz4DJy0wEA4XNhUcD0kTGi1rVl5EfWZXQQMgMlJWS28lGwYHPCVSVlUgOAkITm8gUlZdeXhdSUdvI1JWVT0mDgBOeHAfEwcla15RSnxlWlVAeWVWVkc HTTP/1.1
Host: wdownthreerfdfg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 22 Sep 2023 03:11:43 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cX6RoBAjkdLrTjXY7Nn61Eu4mpEoyiQ4R9z3Cqw8HL4c%2Fd7HocDzRvDhZt5MSDtFkBLs1awFLSrrll1XCdubqFYP8NV36DCphdh%2F9p25f7smtYwf0TNo6SjeO8f0M59glonhgnmd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a75cba2ffc56a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET wdownthreerfdfg.com/MXhKVzUeRykkCGBKcyFWZRQyDwQAOw4fc1Uuehp4Uj4iNGRWOWwjXFVFc24CAk5zcUVYHHdmE0IMKyNAQkV7cVxfHiVqE0dFe3kGBVZ5YxsBXj9qBBcMOjZSDElsJ0FFFHdmAwhNeWIHAkh5bw0E
204 No Content 0 B URL GET HTTP/2 wdownthreerfdfg.com/MXhKVzUeRykkCGBKcyFWZRQyDwQAOw4fc1Uuehp4Uj4iNGRWOWwjXFVFc24CAk5zcUVYHHdmE0IMKyNAQkV7cVxfHiVqE0dFe3kGBVZ5YxsBXj9qBBcMOjZSDElsJ0FFFHdmAwhNeWIHAkh5bw0E
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectwdownthreerfdfg.com
Fingerprint01:C6:73:D9:51:19:6F:F8:8D:B0:27:C4:23:40:83:57:46:92:ED:67
ValidityWed, 13 Sep 2023 06:26:23 GMT - Tue, 12 Dec 2023 06:26:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MXhKVzUeRykkCGBKcyFWZRQyDwQAOw4fc1Uuehp4Uj4iNGRWOWwjXFVFc24CAk5zcUVYHHdmE0IMKyNAQkV7cVxfHiVqE0dFe3kGBVZ5YxsBXj9qBBcMOjZSDElsJ0FFFHdmAwhNeWIHAkh5bw0E HTTP/1.1
Host: wdownthreerfdfg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 22 Sep 2023 03:11:43 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqu5R8J5FPRRdkmOrUZVinD1ZE1wQBe%2F6W2ziOsSANmvpUNOblTk0BRIRyaUadOyDLywntGLF7njVI8kzm2qyLzbdcEJmPlcZAR7EEmFP7LOaOP6voMguJu0D93SXW33ETWzBcIN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a75cba2ffb56a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET inuedidgmapla.com/cE44eHARLFsVTxFzWl4FAiIFXUI2awo+FAV+SA0UQD1cFB0KKBYbHB87XB4CHyBMVh4VOh1KNhMAUxxFKhluLjsyLXwvGzk7cC4YEwoLOjslf08pPCEhcztAKnh+EiE6K0EUOjQkCRAUJAB8PSUHJGo+JjQZUSEoMSJfKTkYLX8vMRQmfzk1OA0LNhY1HG4iPDUfdT4cMTt9HzUgH1E5IyE2eiAVGB9zMEFIPH4pIjEMeT49I39tLBQlInYwIRR8YD4pHgsLLjozH0AhPRcIeS4HKWsKPiEmAw45OD4tbhETJCptEyg1NnZIPzYcbjxCHARsPTE1KkBVRDEMVEgfKAhbEjI4KnEuJiUGXEgYMRhPIRg1DFs5JTMpeik2FDlcExglHU8iGDQIUC1WGj1XFgBNIWkUPR5+UyAnQgQ
200 OK 1.2 kB URL GET HTTP/2 inuedidgmapla.com/cE44eHARLFsVTxFzWl4FAiIFXUI2awo+FAV+SA0UQD1cFB0KKBYbHB87XB4CHyBMVh4VOh1KNhMAUxxFKhluLjsyLXwvGzk7cC4YEwoLOjslf08pPCEhcztAKnh+EiE6K0EUOjQkCRAUJAB8PSUHJGo+JjQZUSEoMSJfKTkYLX8vMRQmfzk1OA0LNhY1HG4iPDUfdT4cMTt9HzUgH1E5IyE2eiAVGB9zMEFIPH4pIjEMeT49I39tLBQlInYwIRR8YD4pHgsLLjozH0AhPRcIeS4HKWsKPiEmAw45OD4tbhETJCptEyg1NnZIPzYcbjxCHARsPTE1KkBVRDEMVEgfKAhbEjI4KnEuJiUGXEgYMRhPIRg1DFs5JTMpeik2FDlcExglHU8iGDQIUC1WGj1XFgBNIWkUPR5+UyAnQgQ
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerAmazon
Subjectinuedidgmapla.com
Fingerprint52:F1:1A:D5:BD:11:01:8A:F6:AD:36:16:5B:F7:77:F5:E9:CC:E4:FE
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3017), with no line terminators
Hash 2fec6b26f7f0754c45a9004d81193b62
b1c0922e2ce2055400846bfd3defd75a6d9bf5fc
89452db8de559b0f50513718ce6dc9e7b016a67ee1944c6c20b0bf95c285bb24
GET /cE44eHARLFsVTxFzWl4FAiIFXUI2awo+FAV+SA0UQD1cFB0KKBYbHB87XB4CHyBMVh4VOh1KNhMAUxxFKhluLjsyLXwvGzk7cC4YEwoLOjslf08pPCEhcztAKnh+EiE6K0EUOjQkCRAUJAB8PSUHJGo+JjQZUSEoMSJfKTkYLX8vMRQmfzk1OA0LNhY1HG4iPDUfdT4cMTt9HzUgH1E5IyE2eiAVGB9zMEFIPH4pIjEMeT49I39tLBQlInYwIRR8YD4pHgsLLjozH0AhPRcIeS4HKWsKPiEmAw45OD4tbhETJCptEyg1NnZIPzYcbjxCHARsPTE1KkBVRDEMVEgfKAhbEjI4KnEuJiUGXEgYMRhPIRg1DFs5JTMpeik2FDlcExglHU8iGDQIUC1WGj1XFgBNIWkUPR5+UyAnQgQ HTTP/1.1
Host: inuedidgmapla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1172
date: Fri, 22 Sep 2023 03:11:43 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1a8662d51ed58f0336021036df8bf88a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: WrEeduf0vkl3Jp0DLtKT224hmhN25H5u7ZHMZI_EDhoPJBXTVZTuaA==
X-Firefox-Spdy: h2
GET inuedidgmapla.com/amVTUk8LBzA/cAtYMXQ6GAlud30sQGEUKx9VIycrWhY3PiIQA30xIwUQNzQ9BQsnfCEPEXZgCRIzFzU3MFYwYRlbXREBDCg3BQQ/JQcCagk8VWorGgEsGhUcOyMGKBYrICQQeS43FicHATA3F30BLBUlPD0qP2oCOzcaZBgdHQQHGzwGBmM/LgY4Yx49DTxlHgYCHxU1PwESKwkpADQ1GjwwN2oeKycEByIOUxUUGSIqFRQpLwJqKgwNIDUGfSALEWMBOT9gPRo8MDA/GwI3BhwiPywQFyMiAwFiCzwdEioYWwoaByIwQGEQDlsBFAgODSQFYhUSJjR/CigtOggrPBI0Aiw7FWAEJDAJFTUJKCQ+OQVMDyA9IRpYMQM4LV0YOCkQ
200 OK 1.2 kB URL GET HTTP/2 inuedidgmapla.com/amVTUk8LBzA/cAtYMXQ6GAlud30sQGEUKx9VIycrWhY3PiIQA30xIwUQNzQ9BQsnfCEPEXZgCRIzFzU3MFYwYRlbXREBDCg3BQQ/JQcCagk8VWorGgEsGhUcOyMGKBYrICQQeS43FicHATA3F30BLBUlPD0qP2oCOzcaZBgdHQQHGzwGBmM/LgY4Yx49DTxlHgYCHxU1PwESKwkpADQ1GjwwN2oeKycEByIOUxUUGSIqFRQpLwJqKgwNIDUGfSALEWMBOT9gPRo8MDA/GwI3BhwiPywQFyMiAwFiCzwdEioYWwoaByIwQGEQDlsBFAgODSQFYhUSJjR/CigtOggrPBI0Aiw7FWAEJDAJFTUJKCQ+OQVMDyA9IRpYMQM4LV0YOCkQ
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerAmazon
Subjectinuedidgmapla.com
Fingerprint52:F1:1A:D5:BD:11:01:8A:F6:AD:36:16:5B:F7:77:F5:E9:CC:E4:FE
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2991), with no line terminators
Hash de61afe380ff9cdb191046085d653c5b
5794446c8438fbf85643bda68002a0d28e850fde
f53bf6924f41c95ecdba64ebc2552d18f73957687d6268af87c4e946696e50f9
GET /amVTUk8LBzA/cAtYMXQ6GAlud30sQGEUKx9VIycrWhY3PiIQA30xIwUQNzQ9BQsnfCEPEXZgCRIzFzU3MFYwYRlbXREBDCg3BQQ/JQcCagk8VWorGgEsGhUcOyMGKBYrICQQeS43FicHATA3F30BLBUlPD0qP2oCOzcaZBgdHQQHGzwGBmM/LgY4Yx49DTxlHgYCHxU1PwESKwkpADQ1GjwwN2oeKycEByIOUxUUGSIqFRQpLwJqKgwNIDUGfSALEWMBOT9gPRo8MDA/GwI3BhwiPywQFyMiAwFiCzwdEioYWwoaByIwQGEQDlsBFAgODSQFYhUSJjR/CigtOggrPBI0Aiw7FWAEJDAJFTUJKCQ+OQVMDyA9IRpYMQM4LV0YOCkQ HTTP/1.1
Host: inuedidgmapla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1151
date: Fri, 22 Sep 2023 03:11:43 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1a8662d51ed58f0336021036df8bf88a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: fe3Trk5uYeZY7TNt31gEj5_GDvPanOrW8TWdG2JAmnL6iHI1nqsxLg==
X-Firefox-Spdy: h2
GET wdownthreerfdfg.com/YlhHaFNNZyQbbgY1ficCNyADPz0OayFYHTU9dABlMDQ3XjA6CWEcOgZlflFkVmlzTiMLPHpZdREsJhwmEWV2TjoMPihVdRRldkZgVnZ0XH1SfjJVYkQsNwk0X2lhGCcWNHpZZVttdF1hUWh0UWdT
204 No Content 0 B URL GET HTTP/2 wdownthreerfdfg.com/YlhHaFNNZyQbbgY1ficCNyADPz0OayFYHTU9dABlMDQ3XjA6CWEcOgZlflFkVmlzTiMLPHpZdREsJhwmEWV2TjoMPihVdRRldkZgVnZ0XH1SfjJVYkQsNwk0X2lhGCcWNHpZZVttdF1hUWh0UWdT
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectwdownthreerfdfg.com
Fingerprint01:C6:73:D9:51:19:6F:F8:8D:B0:27:C4:23:40:83:57:46:92:ED:67
ValidityWed, 13 Sep 2023 06:26:23 GMT - Tue, 12 Dec 2023 06:26:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /YlhHaFNNZyQbbgY1ficCNyADPz0OayFYHTU9dABlMDQ3XjA6CWEcOgZlflFkVmlzTiMLPHpZdREsJhwmEWV2TjoMPihVdRRldkZgVnZ0XH1SfjJVYkQsNwk0X2lhGCcWNHpZZVttdF1hUWh0UWdT HTTP/1.1
Host: wdownthreerfdfg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 22 Sep 2023 03:11:43 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtBqTjxzMYs5oXPyPf5%2BYpuOkCQ1vPsbEYMDn0cpy2gL3ZV8KozB2d4RMBjpmTwgLCYY8kpRrsfVaq5qVIZThlsiWG4WuiwQepntW1j5GQirE1o7pHlGGMWqvu6W8x%2BbXuKUg70S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a75cba681e56a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET inuedidgmapla.com/Uzh6QUwyWhksczIFGGc5IVRHZH4VHUgHKCYICjQoY0seLSEpXlQiIDxNHic+PFYObyI2TF9zCmtrPTY0HQoRMw1iASgXJiR+LBA8AlssMgoRVEs0DjhyIwM2O2occXwlXjx4egFqHTUKPwk7BTtqcygUfB1cLDYUBE8dLA8kTygFDwpoPgAWA3MrKRgQVEs0CxZ+IwAiBn4rLQkScQ0pLgJPTisfOGotFw8GfClweBVyO3EZEWtDeB00fSkWfzt9KRAWCloseDYWVA51DRVQIAkIEXI7Ni8BWzwxORJuSzUUYHUpFn80XSg5BjJ7LHEOF1MedR4BFSsHGwAAMBQgJH8YF3lgeiwteQt5PwYbC1QwADswaDMTeQZtKxg7AGk0ORsbVB4JOzdoKhcJEh4QMiM9SEcPNhUMSQo+Il0ALTs1fw
200 OK 1.2 kB URL GET HTTP/2 inuedidgmapla.com/Uzh6QUwyWhksczIFGGc5IVRHZH4VHUgHKCYICjQoY0seLSEpXlQiIDxNHic+PFYObyI2TF9zCmtrPTY0HQoRMw1iASgXJiR+LBA8AlssMgoRVEs0DjhyIwM2O2occXwlXjx4egFqHTUKPwk7BTtqcygUfB1cLDYUBE8dLA8kTygFDwpoPgAWA3MrKRgQVEs0CxZ+IwAiBn4rLQkScQ0pLgJPTisfOGotFw8GfClweBVyO3EZEWtDeB00fSkWfzt9KRAWCloseDYWVA51DRVQIAkIEXI7Ni8BWzwxORJuSzUUYHUpFn80XSg5BjJ7LHEOF1MedR4BFSsHGwAAMBQgJH8YF3lgeiwteQt5PwYbC1QwADswaDMTeQZtKxg7AGk0ORsbVB4JOzdoKhcJEh4QMiM9SEcPNhUMSQo+Il0ALTs1fw
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerAmazon
Subjectinuedidgmapla.com
Fingerprint52:F1:1A:D5:BD:11:01:8A:F6:AD:36:16:5B:F7:77:F5:E9:CC:E4:FE
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators
Hash 2bb17355f26b76b652864c4019eff66c
b62437783a66b9266a2ca65f0dcd4d63bb70163a
42820cbf51586f0b9827701464608065e51736864b812d2564596da660856401
GET /Uzh6QUwyWhksczIFGGc5IVRHZH4VHUgHKCYICjQoY0seLSEpXlQiIDxNHic+PFYObyI2TF9zCmtrPTY0HQoRMw1iASgXJiR+LBA8AlssMgoRVEs0DjhyIwM2O2occXwlXjx4egFqHTUKPwk7BTtqcygUfB1cLDYUBE8dLA8kTygFDwpoPgAWA3MrKRgQVEs0CxZ+IwAiBn4rLQkScQ0pLgJPTisfOGotFw8GfClweBVyO3EZEWtDeB00fSkWfzt9KRAWCloseDYWVA51DRVQIAkIEXI7Ni8BWzwxORJuSzUUYHUpFn80XSg5BjJ7LHEOF1MedR4BFSsHGwAAMBQgJH8YF3lgeiwteQt5PwYbC1QwADswaDMTeQZtKxg7AGk0ORsbVB4JOzdoKhcJEh4QMiM9SEcPNhUMSQo+Il0ALTs1fw HTTP/1.1
Host: inuedidgmapla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1178
date: Fri, 22 Sep 2023 03:11:43 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1a8662d51ed58f0336021036df8bf88a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: yKeJrXW3NMH09HpXarteKilqcUVm4e0fimGG1u2cj23AYFO8PhqDSQ==
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
200 OK 86 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintE6:F7:82:C1:10:AC:08:76:A1:97:70:B7:56:B7:EF:92:30:BA:1E:12
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File type ASCII text, with very long lines (3034)
Hash c2ddb545c9a18bb834643a26d90fc11e
55955ea9ad82ee6d02d490ea3cd4d3335f9b7201
74e78e16229fe2b33139ca0d6de0f7976c1e2f0ed41d00cb07e6f1ba10628a78
GET /gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 22 Sep 2023 03:11:44 GMT
expires: Fri, 22 Sep 2023 03:11:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85821
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.upload.ee/favicon.ico
200 OK 1.2 kB URL GET HTTP/1.1 www.upload.ee/favicon.ico
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f299cf2e651c19e48d27900ced493ccb
c2d1086d517d7a26292e0d7b32da7c55b166c23b
115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1
GET /favicon.ico HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 22 Sep 2023 03:11:44 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 16 Dec 2008 17:17:25 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "4947e2a5-47e"
Expires: Fri, 29 Sep 2023 03:11:44 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
472 B IP
Hash 7340032ec8d5c036030ae8748270d5d4
da35b85467e9ad3e7abccb828a2706866ed39afa
26d364948fbc9b83d52ca9520f09789cb32e0e8592808acd90c4163171048043
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 03:11:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET inuedidgmapla.com/utx?cb=TIV64Re2PVTS&top=www.upload.ee&tid=997369
204 No Content 0 B URL GET HTTP/2 inuedidgmapla.com/utx?cb=TIV64Re2PVTS&top=www.upload.ee&tid=997369
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerAmazon
Subjectinuedidgmapla.com
Fingerprint52:F1:1A:D5:BD:11:01:8A:F6:AD:36:16:5B:F7:77:F5:E9:CC:E4:FE
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=TIV64Re2PVTS&top=www.upload.ee&tid=997369 HTTP/1.1
Host: inuedidgmapla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 22 Sep 2023 03:11:44 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 22 Sep 2023 03:12:44 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1a8662d51ed58f0336021036df8bf88a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: qafszxeRuWbhLCZYLuZpvP2XlhRM9q-CRAUWhTmgD0ixuFZcMGLMwA==
X-Firefox-Spdy: h2
GET inuedidgmapla.com/utx?cb=8BbPFEqD8mzz&top=www.upload.ee&tid=997414
204 No Content 0 B URL GET HTTP/2 inuedidgmapla.com/utx?cb=8BbPFEqD8mzz&top=www.upload.ee&tid=997414
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerAmazon
Subjectinuedidgmapla.com
Fingerprint52:F1:1A:D5:BD:11:01:8A:F6:AD:36:16:5B:F7:77:F5:E9:CC:E4:FE
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=8BbPFEqD8mzz&top=www.upload.ee&tid=997414 HTTP/1.1
Host: inuedidgmapla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 22 Sep 2023 03:11:44 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 22 Sep 2023 03:12:44 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 1a8662d51ed58f0336021036df8bf88a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: qYYLyJsCWmujup5bbikA8xG1Ybe0b_IRpHDUhzu5NO4quBQ-uA7mTQ==
X-Firefox-Spdy: h2
472 B IP
Hash 7340032ec8d5c036030ae8748270d5d4
da35b85467e9ad3e7abccb828a2706866ed39afa
26d364948fbc9b83d52ca9520f09789cb32e0e8592808acd90c4163171048043
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 03:11:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint75:5C:17:06:78:FB:DD:37:D1:56:96:14:FC:26:4B:66:26:5F:D9:9D
ValidityMon, 14 Aug 2023 08:23:05 GMT - Mon, 06 Nov 2023 08:23:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:nzkwEOhx-K9_MwksPfoP5Ym9Wfbz8g:esqXPPbVGdeh8f27; Expires=Sun, 21-Sep-2025 03:11:44 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 22 Sep 2023 03:11:44 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhcF1Tq9eYOjBwFBOr35EHeATNu0dVej-U2gXmpt2bYjMJqlfFZj1IubSKip30jccNbNEAjbfA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-SbbfKTmbEKFrcha7p5TXZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint75:5C:17:06:78:FB:DD:37:D1:56:96:14:FC:26:4B:66:26:5F:D9:9D
ValidityMon, 14 Aug 2023 08:23:05 GMT - Mon, 06 Nov 2023 08:23:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:yLi3-zawsRs_EOje8DabIAMLdW0juA:6E_b9wXTksovjf3F; Expires=Sun, 21-Sep-2025 03:11:44 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 22 Sep 2023 03:11:44 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVheTYxAcCuxHh04n7HL3ja4__Z_PZJSLLW8Y1oDpioVQkXYyTJb0hYZQ25kGEjYYUjXua7CbGg
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-jofb0-85Ea_Ljhip-v2N1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
471 B IP
Hash 592a801b77f88de399f499779ecea360
458c4e9b9125d81b343ba4bf7c34e7d6bcd141ef
cfbe885789fa7031cf494c91dccc4a6524c01223f358392a70010c488a1e7ec6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 22 Sep 2023 03:11:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
192 B URL du0pud0sdlmzf.cloudfront.net/xVDgxZ3c3V18BSCBRVVpObQ8FV09yUkIIGSQFUzYAEwB6DREuHkUdE2kIFwsWOl8MQRI6WwxWUTVcU1pDck1QWho7QlgLGzUdAyFCeggUVUd8QABWUmd6FFVHOFFfEg9xCgEfT2JnB1NSZ3oUVUcmThRUNmUICElHfR0DVxAxW1oIUmZ+A1dGZAgAV0ZxCg-EBHiZdVwgPcQp3VkZlFgFBAmkJ
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 65a07494624004b585145a64ab2d29b4
cef93c18637380a85cc4fecc523907f120095679
b4f3684112bd9d54d61b677603a08dd104b8607fe4d0c6c95e8f3a2a83c84fe4
GET /xVDgxZ3c3V18BSCBRVVpObQ8FV09yUkIIGSQFUzYAEwB6DREuHkUdE2kIFwsWOl8MQRI6WwxWUTVcU1pDck1QWho7QlgLGzUdAyFCeggUVUd8QABWUmd6FFVHOFFfEg9xCgEfT2JnB1NSZ3oUVUcmThRUNmUICElHfR0DVxAxW1oIUmZ+A1dGZAgAV0ZxCg-EBHiZdVwgPcQp3VkZlFgFBAmkJ HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inuedidgmapla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 192
date: Fri, 22 Sep 2023 03:11:44 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4E1JiOdRMSWHtyvIvLINrmH3uuLF-F1QKnDlio8GoTCYrX7g7EWQIg==
X-Firefox-Spdy: h2
608 B URL du0pud0sdlmzf.cloudfront.net/cNkd5ZWVVKBcDWkIuHVhcD3BKU1wQLQoKC0Z6FjQJeylJDj1hdTNDEUwjRFVDWiYXAlgQIhcGWAdhGAEHC3NfERVZLEQMFlAuEgEPQiASQxBXehQKH18rFQRABAFMS1UTdUlNHQd2XFYnE3VJCQxYMgFAVwY/QVM6AHNcVicTdUkXExN0OFRVD2lJTEAEdx-4ABl0oXFcjBHdIVVUHd0hAVwYhEBcAUCgBQFdwdkhUSwZhDFhU
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (863), with no line terminators
Hash aa1cbd029a0be41e75b10db6d2ece293
8cde014a6497240f2ff755e6639a4c9ea14ae2aa
ac803fdd0c91b2b1c27dcce1f11edfc00abfef55ef7a8bb7fce764f3e4a366be
GET /cNkd5ZWVVKBcDWkIuHVhcD3BKU1wQLQoKC0Z6FjQJeylJDj1hdTNDEUwjRFVDWiYXAlgQIhcGWAdhGAEHC3NfERVZLEQMFlAuEgEPQiASQxBXehQKH18rFQRABAFMS1UTdUlNHQd2XFYnE3VJCQxYMgFAVwY/QVM6AHNcVicTdUkXExN0OFRVD2lJTEAEdx-4ABl0oXFcjBHdIVVUHd0hAVwYhEBcAUCgBQFdwdkhUSwZhDFhU HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inuedidgmapla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 608
date: Fri, 22 Sep 2023 03:11:44 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WNgwiWrWYl1GCMJBabY1S3FFv6u53K_zkKG05MxXvO-XvSvyLlX3DQ==
X-Firefox-Spdy: h2
576 B URL du0pud0sdlmzf.cloudfront.net/8SGwxN2krA19RVjwFVQpQcVsFBl1uBkJYBzhRf00vfF96RRgtFl1ADw9KRU0NdVwXWwgmCwwRDCYPDAZPKQhTCl1uGEFYAnUFQlEAIwhbQw4jSkRWVCUDS14FJA0UBS99QgESW3hESQZYbV9zElt4AFhZHDBJAwcRcFpuAV1tX3MSW3geRxJaCV0BDkd4RR-QFWS8JUlwGbV53BVl5XAEGWXlJAwcPIR5UUQYwSQNxWHldHwdPPVEA
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (798), with no line terminators
Hash f501a4be78d3fc505ece1564da50e028
72b845243fce9799cd45114748430ce2e8724f82
7b5388ce912963d5ada2a627e4e5398a6728f9760f937bce1f628ad0daa6f2d0
GET /8SGwxN2krA19RVjwFVQpQcVsFBl1uBkJYBzhRf00vfF96RRgtFl1ADw9KRU0NdVwXWwgmCwwRDCYPDAZPKQhTCl1uGEFYAnUFQlEAIwhbQw4jSkRWVCUDS14FJA0UBS99QgESW3hESQZYbV9zElt4AFhZHDBJAwcRcFpuAV1tX3MSW3geRxJaCV0BDkd4RR-QFWS8JUlwGbV53BVl5XAEGWXlJAwcPIR5UUQYwSQNxWHldHwdPPVEA HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://inuedidgmapla.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 576
date: Fri, 22 Sep 2023 03:11:44 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: p4407BqSSqxL8lbyyXBcTRTEoOtXDlmHJxAVCXkQh-HrTizOHeUFJQ==
X-Firefox-Spdy: h2
GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhcF1Tq9eYOjBwFBOr35EHeATNu0dVej-U2gXmpt2bYjMJqlfFZj1IubSKip30jccNbNEAjbfA
302 Found 403 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhcF1Tq9eYOjBwFBOr35EHeATNu0dVej-U2gXmpt2bYjMJqlfFZj1IubSKip30jccNbNEAjbfA
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint75:5C:17:06:78:FB:DD:37:D1:56:96:14:FC:26:4B:66:26:5F:D9:9D
ValidityMon, 14 Aug 2023 08:23:05 GMT - Mon, 06 Nov 2023 08:23:04 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (395)
Hash 124f8f8bca46bd2aa4a76874f06a5d75
dc8211f40d1a94e9e99cdd42318107d4a6f11f93
20a2db0d9dc30cf28a37253585d1bec28dd1d558c2ba99f9d614f17088f1af2c
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhcF1Tq9eYOjBwFBOr35EHeATNu0dVej-U2gXmpt2bYjMJqlfFZj1IubSKip30jccNbNEAjbfA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:QhmetfD7WP4zsOMmBG3ehVNkCdfTQg:v962lukptcfNnkv5;Path=/;Expires=Sun, 21-Sep-2025 03:11:44 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 22 Sep 2023 03:11:44 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhftrYBM7EsVfvfi9g4qrJY1IUHxl05-kIcJIM8LI8ZoBFcpFgoNg0ZyylXRPc6WtwwWh-Hhqg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2064003721%3A1695352304345994&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-khN-XPFikH8_0E8oupgm9w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 403
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVheTYxAcCuxHh04n7HL3ja4__Z_PZJSLLW8Y1oDpioVQkXYyTJb0hYZQ25kGEjYYUjXua7CbGg
302 Found 406 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVheTYxAcCuxHh04n7HL3ja4__Z_PZJSLLW8Y1oDpioVQkXYyTJb0hYZQ25kGEjYYUjXua7CbGg
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint75:5C:17:06:78:FB:DD:37:D1:56:96:14:FC:26:4B:66:26:5F:D9:9D
ValidityMon, 14 Aug 2023 08:23:05 GMT - Mon, 06 Nov 2023 08:23:04 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (399)
Hash 715637af43c0d04b44c1ab3bb5f4a157
7feab4dc014b7a486eed55a135ac703b509d3425
ec766d0e1b5dfdcd612de7cd56f4ad189dd113524fa873da0767569610a172b0
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVheTYxAcCuxHh04n7HL3ja4__Z_PZJSLLW8Y1oDpioVQkXYyTJb0hYZQ25kGEjYYUjXua7CbGg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:HR9yMwKpsuHx60pv2NiKZZui597MbA:9CHZ4PBq53WNd6_S;Path=/;Expires=Sun, 21-Sep-2025 03:11:44 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 22 Sep 2023 03:11:44 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdC6Qoas0BHQv4O2f3ZQ9KH2u-Vzaotn3aDKlkv9Vm-GDaGnvpobkeHTmgzGwEKSWvUY_b1rg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1745305461%3A1695352304406342&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-BlvPtHoRLKSYCfeacvtaWg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 406
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdC6Qoas0BHQv4O2f3ZQ9KH2u-Vzaotn3aDKlkv9Vm-GDaGnvpobkeHTmgzGwEKSWvUY_b1rg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1745305461%3A1695352304406342&theme=glif
403 Forbidden 2.6 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdC6Qoas0BHQv4O2f3ZQ9KH2u-Vzaotn3aDKlkv9Vm-GDaGnvpobkeHTmgzGwEKSWvUY_b1rg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1745305461%3A1695352304406342&theme=glif
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5A:48:5B:27:A7:FB:0B:D6:63:83:8E:8E:80:DB:29:B7:2C:72:A8:8E
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1656)
Hash 76507c614d3dfb2fe8008557a5915d43
58f14aa6fd373d561bf3b548e5a25e0a1ccf44f0
93a49a441b68c75e518d2e2ede24e760d2a321355b0fbb473376110a71f5b353
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdC6Qoas0BHQv4O2f3ZQ9KH2u-Vzaotn3aDKlkv9Vm-GDaGnvpobkeHTmgzGwEKSWvUY_b1rg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1745305461%3A1695352304406342&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 22 Sep 2023 03:11:44 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-LrFko4jrG2aSpLtEfxTk2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhftrYBM7EsVfvfi9g4qrJY1IUHxl05-kIcJIM8LI8ZoBFcpFgoNg0ZyylXRPc6WtwwWh-Hhqg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2064003721%3A1695352304345994&theme=glif
403 Forbidden 178 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhftrYBM7EsVfvfi9g4qrJY1IUHxl05-kIcJIM8LI8ZoBFcpFgoNg0ZyylXRPc6WtwwWh-Hhqg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2064003721%3A1695352304345994&theme=glif
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5A:48:5B:27:A7:FB:0B:D6:63:83:8E:8E:80:DB:29:B7:2C:72:A8:8E
ValidityMon, 14 Aug 2023 08:16:28 GMT - Mon, 06 Nov 2023 08:16:27 GMT
File type gzip compressed data, max compression\012- data
Size 178 kB (177774 bytes)
Hash 959d429c8e06e2cb59bd273e28f998a0
da66bc531cc9bb47b3f8d5c41915234323df48ab
b17c5e93b2882c3bfdc4ca2403b11340aadca4a39d6d22ef40f81776ef7ac23c
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhftrYBM7EsVfvfi9g4qrJY1IUHxl05-kIcJIM8LI8ZoBFcpFgoNg0ZyylXRPc6WtwwWh-Hhqg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2064003721%3A1695352304345994&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 22 Sep 2023 03:11:44 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-XXXa-r9OgyLO7P52lcxcoQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
200 OK 1.1 kB URL GET HTTP/2 static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 83d96c15e4e8c47d21932e12fd4ea19c
e37d7968f226fb8951bd263a7ef42afb83421833
7b7b5866f37a6abf0f2540177b360babbeec231a53124d11395361f475824fcc
GET /banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
etag: "2943849315"
last-modified: Tue, 19 Sep 2023 12:36:35 GMT
content-length: 1147
date: Fri, 22 Sep 2023 03:11:31 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 236632424
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/88aaba9d-21d4-4917-a28e-6b74dc2b94c7/Dermedic_baneriai-09-EE_300x250-EE.jpg
200 OK 59 kB URL GET HTTP/2 static.bepolite.eu/banners/88aaba9d-21d4-4917-a28e-6b74dc2b94c7/Dermedic_baneriai-09-EE_300x250-EE.jpg
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x250, components 3\012- data
Hash ff1cb03a3640a2fd0c82896d9bbf78bf
8e2634c530229c9dbc15cff2b96fb0793200321e
da23af6135a48509298eaf9d3289ba082ba97feae4f6a25085a086747936d604
GET /banners/88aaba9d-21d4-4917-a28e-6b74dc2b94c7/Dermedic_baneriai-09-EE_300x250-EE.jpg HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
accept-ranges: bytes
etag: "1263002368"
last-modified: Mon, 28 Aug 2023 07:26:35 GMT
content-length: 59365
date: Fri, 22 Sep 2023 03:11:31 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 235331597
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/files/close-gray.png
200 OK 1.5 kB URL GET HTTP/2 static.bepolite.eu/files/close-gray.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 41d9676ab94bece3f7a549b4769ddbe2
521f14490fc57fea51e2e5bf00e2299dce51561b
c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34
GET /files/close-gray.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2525417386"
last-modified: Fri, 08 Apr 2022 18:07:56 GMT
content-length: 1497
date: Fri, 22 Sep 2023 03:11:31 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 231235966
age: 0
X-Firefox-Spdy: h2
GET serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1c1Q_oZal1e6S8K5uXvdoK2DBgzUh9UnQKlVkQ2SFpFwxy4xIFiCU4gdcxv6w9o47a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1c1Q_oZal1e6S8K5uXvdoK2DBgzUh9UnQKlVkQ2SFpFwxy4xIFiCU4gdcxv6w9o47a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1c1Q_oZal1e6S8K5uXvdoK2DBgzUh9UnQKlVkQ2SFpFwxy4xIFiCU4gdcxv6w9o47a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=1d8d91fe2d2431b3bf6b4c6c50d7bdf3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Fri, 22 Sep 2023 03:11:30 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 236632430
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET wdownthreerfdfg.com/popunder.gif
200 OK 34 kB URL GET HTTP/3 wdownthreerfdfg.com/popunder.gif
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectwdownthreerfdfg.com
Fingerprint01:C6:73:D9:51:19:6F:F8:8D:B0:27:C4:23:40:83:57:46:92:ED:67
ValidityWed, 13 Sep 2023 06:26:23 GMT - Tue, 12 Dec 2023 06:26:22 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d5d738201812beb401fa990e75035d81
6e6bf5218fb1aa383e1a2bc455739083ebd6732a
10be777775fe0fa1411a482b220da7cfb61cf7ecd5d81972f54bc8e103c7832a
GET /popunder.gif HTTP/1.1
Host: wdownthreerfdfg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 22 Sep 2023 03:11:44 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 23541
last-modified: Thu, 21 Sep 2023 20:39:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6G4NJIoR7He15kywKhEl7o2vMs%2B1GC8B2Mb6%2BhZbW7ZfzbG6dPqTdPh1HpHQgGwivRvH5pkEKcM8KiPAVnJcqP0ADuTyKsur7eDFctYG6zXT42c2efIx675BtXQEPjEzwKdZ8l6i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80a75cbe2e3cb4f4-OSL
alt-svc: h3=":443"; ma=86400
GET static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index_edge.js
200 OK 2.3 kB URL GET HTTP/2 static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index_edge.js
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type ASCII text, with very long lines (1950), with CRLF line terminators
Hash 033232ccfc3988ea75e56fc5a3ba647c
cc8a5830f95942bdebe409fdc04868bd055480dc
2886b24ee4dfc3bd83aa79daceb23f6205acb3b67e94aff4ebfd35885c3ee102
GET /banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index_edge.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "363011113"
last-modified: Tue, 19 Sep 2023 12:36:35 GMT
content-length: 2331
date: Fri, 22 Sep 2023 03:11:31 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 237373613
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index_edge.js
200 OK 2.3 kB URL GET HTTP/2 static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index_edge.js
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type ASCII text, with very long lines (1950), with CRLF line terminators
Hash 033232ccfc3988ea75e56fc5a3ba647c
cc8a5830f95942bdebe409fdc04868bd055480dc
2886b24ee4dfc3bd83aa79daceb23f6205acb3b67e94aff4ebfd35885c3ee102
GET /banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index_edge.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "2361199666"
last-modified: Tue, 19 Sep 2023 12:36:35 GMT
content-length: 2331
date: Fri, 22 Sep 2023 03:11:12 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 237373625
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/bg.jpg
200 OK 36 kB URL GET HTTP/2 static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/bg.jpg
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x400, components 3\012- data
Hash 9606d46f8ff8eeeab12a35a699e90f7c
7c5ad4de6e5127e7058263fc02e18adbd837b001
f613d52f7aa894c5fb86dbd70191b31617da9ea5c823be392665bbed75fb25a0
GET /banners/e24984c5-9029-4e3a-8853-4c5b157e624f/bg.jpg HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
accept-ranges: bytes
etag: "1258772253"
last-modified: Tue, 19 Sep 2023 12:36:35 GMT
content-length: 36158
date: Fri, 22 Sep 2023 03:11:31 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 214048621
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/logod.png
200 OK 1.9 kB URL GET HTTP/2 static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/logod.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 1000 x 400, 8-bit colormap, non-interlaced\012- data
Hash d504a965b26d720f066ceebc2745aaa1
a2d6baebc0fbdd857f3121c53f4874412c703e53
d73a93170ecf7557473091056cea5cfd3aad37674d268d8c83b8a0f1f7358009
GET /banners/e24984c5-9029-4e3a-8853-4c5b157e624f/logod.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "901359608"
last-modified: Tue, 19 Sep 2023 12:36:35 GMT
content-length: 1935
date: Fri, 22 Sep 2023 03:11:31 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 198538974
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/mce_logo.png
200 OK 3.2 kB URL GET HTTP/2 static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/mce_logo.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 1000 x 400, 8-bit colormap, non-interlaced\012- data
Hash 1a1dbe232ef2985aba17bd0e4c061af5
0dfc5c01e9d5bf0a5a6965a3289b9c70b33d3f1f
d654583ab6fa4a225642c4e97b029aa268a915bb2a4b7573baced1b32ec94a4c
GET /banners/e24984c5-9029-4e3a-8853-4c5b157e624f/mce_logo.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1433775955"
last-modified: Tue, 19 Sep 2023 12:36:35 GMT
content-length: 3243
date: Fri, 22 Sep 2023 03:03:46 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 214048624
age: 0
X-Firefox-Spdy: h2
GET pogothere.xyz/asd100.bin
200 OK 104 kB IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 104 kB (104448 bytes)
Hash 9a09384e0bfae23e663c0c8f7d3cebf2
6afadd7145f442f78513aee9e7b385f918979956
5486e2365acd17b577254ff9c4d5b291aa7ab20cd5e36541a3fc5093e41e4540
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 22 Sep 2023 03:11:44 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 291
last-modified: Fri, 22 Sep 2023 03:06:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BD4jUWwNwef9DqAVAxPGvGlwiDiDI8npmEhW%2BQ4Ds%2FNgtQ9rcWNtbPpI9V%2FsV1VVXR8YsHvoXGITDW7SVGa5hAxI4xH9TPUjX%2BAD598NBDebK%2FRniVVkTKly630BaBx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80a75cbd0b140b45-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/t12.png
200 OK 1.3 kB URL GET HTTP/2 static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/t12.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 1000 x 400, 4-bit colormap, non-interlaced\012- data
Hash c561b9e1b4e6a638814604e83d349254
d913b86b7f8fa90cc66988404719cc62b58d7ecd
106667f88af66a96060db1fe902965c433fcfc1623ee58264fb47c555203c0c7
GET /banners/e24984c5-9029-4e3a-8853-4c5b157e624f/t12.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2939934334"
last-modified: Tue, 19 Sep 2023 12:36:35 GMT
content-length: 1257
date: Fri, 22 Sep 2023 03:11:31 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 214048627
age: 0
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/mull.png
200 OK 1.4 kB URL GET HTTP/2 static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/mull.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 117 x 117, 8-bit colormap, non-interlaced\012- data
Hash 1d601fa17114da42767bc0a6c93e4e52
9264a3db8d2d53ef63e883deb0086e88a70972b3
93d71fd429d3f03e46cf8f71147dc43588e8cf3151d0c4d32d54b915a171b56d
GET /banners/e24984c5-9029-4e3a-8853-4c5b157e624f/mull.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "4122624961"
last-modified: Tue, 19 Sep 2023 12:36:35 GMT
content-length: 1431
date: Fri, 22 Sep 2023 03:11:31 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 236923662
age: 0
X-Firefox-Spdy: h2
GET serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=1d8d91fe2d2431b3bf6b4c6c50d7bdf3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Fri, 22 Sep 2023 03:11:31 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 237114227
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=1d8d91fe2d2431b3bf6b4c6c50d7bdf3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Fri, 22 Sep 2023 03:03:48 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 236886756
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET static.bepolite.eu/scripts/saresponsive.js
200 OK 177 kB URL GET HTTP/2 static.bepolite.eu/scripts/saresponsive.js
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Size 177 kB (176967 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /scripts/saresponsive.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "2445274911"
last-modified: Sun, 17 Sep 2023 21:45:34 GMT
content-length: 176967
date: Fri, 22 Sep 2023 03:03:45 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 236632421
age: 0
X-Firefox-Spdy: h2
GET pogothere.xyz/
200 OK 26 B IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 1dac48f7b331d4193807c5bc54fa112d
b69c093c8c8d872cdd99fe22b610a9c8f7f19987
90282ef9608e688498998d311bd1264569a72f00e620d8db30e9bb6e58118360
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 22 Sep 2023 03:11:44 GMT
content-type: text/plain
set-cookie: csu=215746507612607@1@1695352304; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFqrQDXZU1NpUo0TayQXMACbZ5f3n8ZEPGDtfcRqD9uMpKTfunuGL5rY7L%2F8swUENZjiu6FhOx00Vqi5J74AHzCbVdHmeaWna20Oee8fRZn2sZCVQBEwSJxr7udGx4ah"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a75cbd4b200b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/t11.png
200 OK 2.0 kB URL GET HTTP/2 static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/t11.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 1000 x 400, 4-bit colormap, non-interlaced\012- data
Hash fd8ffa986dabf8e55ea16ad84efb51d9
a2ab76837f5733d4b6165c3e7629d0f418bf6089
778e56b34bf74e451b073e9c19b9a89cf0a71f7a63ab2e53217dbbc98665ea62
GET /banners/e24984c5-9029-4e3a-8853-4c5b157e624f/t11.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3434959153"
last-modified: Tue, 19 Sep 2023 12:36:35 GMT
content-length: 2048
date: Fri, 22 Sep 2023 03:11:12 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 231235978
age: 0
X-Firefox-Spdy: h2
GET pogothere.xyz/
200 OK 27 B IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 816d1d87f9ef84432e31b850ff5a2abe
ad3f55fe622fbb6173ab67a8566ca4706dbf1e4d
11afdf5e0326268a222d83d026205f7aea42c0e174946c5a12da3b197ecc1805
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 22 Sep 2023 03:11:44 GMT
content-type: text/plain
set-cookie: csu=1313722665609564@1@1695352304; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZsUMS9a1vMw4SZwBFvWmte31p5pF%2FP26GeniyBpVMmHbgyN7lQZnZ%2B90R%2BAnSHF5ewt5MpHaQG8X%2FbiBWg%2BoHhOwRZEhkOaXF8K%2BmEJRtsdId6rFV1FxgnJCRcNZtI%2F3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80a75cbd6b270b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=3949550&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15711713%2F7288fe0425531d939f77%2FClient.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15711713%2FClient.exe.html%3Fmsg%3Dsess_error&rnd=1695352303852
0 B URL GET serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=3949550&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15711713%2F7288fe0425531d939f77%2FClient.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15711713%2FClient.exe.html%3Fmsg%3Dsess_error&rnd=1695352303852
IP
Requested by https://www.upload.ee/files/15711713/Client.exe.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=3949550&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15711713%2F7288fe0425531d939f77%2FClient.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15711713%2FClient.exe.html%3Fmsg%3Dsess_error&rnd=1695352303852 HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private, must-revalidate, max-age=0
vary: accept-encoding
content-encoding: gzip
content-type: text/plain;charset=ISO-8859-1
date: Fri, 22 Sep 2023 03:11:30 GMT
set-cookie: bepolite_id=1d8d91fe2d2431b3bf6b4c6c50d7bdf3; Max-Age=7776000; Expires=Thu, 21-Dec-2023 03:11:31 GMT; SameSite=None; Secure
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 236632418
age: 0
accept-ranges: bytes
content-length: 1793
X-Firefox-Spdy: h2
GET animate.adobe.com/runtime/6.0.0/edge.6.0.0.min.js
200 OK 104 kB URL GET HTTP/2 animate.adobe.com/runtime/6.0.0/edge.6.0.0.min.js
IP
ASN #20940 Akamai International B.V.
Requested by https://static.bepolite.eu/banners/e24984c5-9029-4e3a-8853-4c5b157e624f/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Fwww.telia.ee%252Fera%252Ftv%252Ftelia-tv%252F%253Futm_campaign%253Db2c-autumn-08-2023%2526utm_medium%253Dbanner%2526utm_source%253Dsmartad%2526utm_content%253Dbillboard-masterchef-est&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF3SgSfcipiZk62t38iMWfmnRIh10-ijUTr0XrNvCqysri5ka39RipfQflSFM5FVpULh9Bf5_ZLhYg9WjLAPa9rYPwxuouGe3gzfpHaIPmNenBs_1Hi5z7tkkAAd-tJPmMWizcgAGSchAar6ZytFzjJrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3-3xCX_lXsqyZNn_7hcVQJ514npkAnxarNlTgaMDIvNjegzlxAAsRkaNGwd7ZK7Cfa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fe24984c5-9029-4e3a-8853-4c5b157e624f%2Findex.html&clink=https%3A%2F%2Fwww.telia.ee%2Fera%2Ftv%2Ftelia-tv%2F%3Futm_campaign%3Db2c-autumn-08-2023%26utm_medium%3Dbanner%26utm_source%3Dsmartad%26utm_content%3Dbillboard-masterchef-est&banner_id=68c169a10d8940bab7f6188bb0b30ecb50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerDigiCert Inc
Subject*.adobe.com
FingerprintB3:50:FB:1E:83:AF:74:EA:87:64:38:E3:6B:C4:7C:4E:DF:39:EE:6B
ValidityWed, 13 Sep 2023 00:00:00 GMT - Thu, 12 Sep 2024 23:59:59 GMT
File type ASCII text, with very long lines (561)
Size 104 kB (104401 bytes)
Hash 7e639ab33ff27a85b48e43fa6a9c49a1
11ae1b30653f3d90b8a01d38fb2ae6c89866365c
4338ef4782c1cc60e27fb10ff29ef635553887f154aeaeaa547c8f492919898d
GET /runtime/6.0.0/edge.6.0.0.min.js HTTP/1.1
Host: animate.adobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.bepolite.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Apache
last-modified: Tue, 05 May 2015 12:17:26 GMT
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=900
expires: Fri, 22 Sep 2023 03:26:45 GMT
date: Fri, 22 Sep 2023 03:11:45 GMT
content-length: 33737
X-Firefox-Spdy: h2
51.91.30.159
212.47.222.22
188.114.96.1
142.250.74.168
23.33.119.17
0.0.0.0
0.0.0.0