{"report_id":"b3154846-205b-4019-bed9-d39c955395de","version":6,"status":"done","tags":[],"date":"2023-11-18T00:26:24Z","url":{"schema":"http","addr":"www.upload.ee/download/15948481/66efff39742d1ddce8e5/Server.exe","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"final":{"url":{"schema":"https","addr":"www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"title":"UPLOAD.EE - Server.exe - Download"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T12:57:23Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"accounts.google.com","ip":{"addr":"142.250.74.109","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":81,"first_seen":"2016-03-20 13:44:49","last_seen":"2023-11-17 19:34:05","alert_count":0,"request_count":6,"received_data":17942,"sent_data":3704,"comment":"","tags":null,"fingerprints":null},{"fqdn":"static.bepolite.eu","ip":{"addr":"212.47.222.22","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2017-01-29 06:13:55","last_seen":"2023-11-17 19:25:28","alert_count":0,"request_count":13,"received_data":144222,"sent_data":20722,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pogothere.xyz","ip":{"addr":"172.64.132.28","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2022-08-22","domain_rank":0,"first_seen":"2022-09-04 21:11:25","last_seen":"2023-11-17 13:54:38","alert_count":0,"request_count":1,"received_data":9012,"sent_data":415,"comment":"","tags":null,"fingerprints":null},{"fqdn":"banner.hookusbookus.com","ip":{"addr":"3.124.150.20","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2018-09-12","domain_rank":0,"first_seen":"2021-10-05 06:31:23","last_seen":"2023-11-17 19:25:28","alert_count":0,"request_count":4,"received_data":123846,"sent_data":4492,"comment":"","tags":null,"fingerprints":null},{"fqdn":"banner-server.hookusbookus.com","ip":{"addr":"3.124.150.20","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2018-09-12","domain_rank":0,"first_seen":"2023-01-24 15:19:09","last_seen":"2023-11-17 19:25:29","alert_count":0,"request_count":1,"received_data":27865,"sent_data":499,"comment":"","tags":null,"fingerprints":null},{"fqdn":"setitoefanyor.org","ip":{"addr":"172.67.198.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":1,"request_count":5,"received_data":179916,"sent_data":2742,"comment":"","tags":null,"fingerprints":null},{"fqdn":"adiingsinspiri.org","ip":{"addr":"54.230.111.81","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2023-11-08","domain_rank":0,"first_seen":"2023-11-15 08:36:02","last_seen":"2023-11-15 21:06:14","alert_count":0,"request_count":5,"received_data":6920,"sent_data":3777,"comment":"","tags":null,"fingerprints":null},{"fqdn":"dskwugy0u6y9l.cloudfront.net","ip":{"addr":"143.204.42.129","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2021-11-03 13:00:09","last_seen":"2023-11-17 19:36:20","alert_count":0,"request_count":2,"received_data":122228,"sent_data":976,"comment":"","tags":null,"fingerprints":null},{"fqdn":"serving.bepolite.eu","ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2017-01-29 19:42:29","last_seen":"2023-11-17 19:25:28","alert_count":0,"request_count":4,"received_data":760,"sent_data":3340,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.upload.ee","ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"domain_registered":"2010-07-04","domain_rank":981196,"first_seen":"2012-05-24 10:39:37","last_seen":"2023-11-17 19:12:51","alert_count":0,"request_count":8,"received_data":26256,"sent_data":4138,"comment":"","tags":null,"fingerprints":null},{"fqdn":"du0pud0sdlmzf.cloudfront.net","ip":{"addr":"143.204.42.211","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2023-08-24 12:49:59","last_seen":"2023-11-17 19:36:17","alert_count":0,"request_count":4,"received_data":120731,"sent_data":2398,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":439,"first_seen":"2012-09-30 02:15:09","last_seen":"2023-11-17 18:13:18","alert_count":0,"request_count":1,"received_data":26825,"sent_data":439,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.250.74.168","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":75,"first_seen":"2013-05-22 04:07:37","last_seen":"2023-11-17 18:15:21","alert_count":0,"request_count":2,"received_data":138529,"sent_data":875,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"Public InfoSec YARA rules","scan_date":"2023-11-18","alert":"Identifies a webshell or backdoor in image files.","trigger":"setitoefanyor.org/popunder.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/bartblaze/Yara-rules","meta":{"author":"@bartblaze","category":"MALWARE","creation_date":"2020-01-01","description":"Identifies a webshell or backdoor in image files.","fingerprint":"459e953dedb3a743094868b6ba551e72c3640e3f4d2d2837913e4288e88f6eca","first_imported":"2021-12-30","id":"6IgdjyQO28avrjCjsw4VWh","last_modified":"2021-12-30","malware_type":"WEBSHELL","rule":"Webshell_in_image","sharing":"TLP:WHITE","source":"BARTBLAZE","status":"RELEASED","version":"1.0"}}]},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":null},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"08016cfba1e3abe61f4b0947f34bda66","sha1":"e7def0a153b19e5c998115fd7aee188bfca54d3c","sha256":"78f923132d3135a026201b1e74962c366cbf298a5ff09b1151161d8eb23d1968","sha512":"025f648c6942915fe459e7d44577593645d50418cfa319de6c412fab57406ef360e538d2b19062a3e00fdea547b7fbfb56f42a27bef8a46391a6db76bb8d41c0","ssdeep":"","tlshash":"a4b0022ae5b4943124d14070287111a551511514c8446105c491c92919314cbf967041","size":90,"data":"","first_seen":"2024-08-20T19:00:16.04791Z","last_seen":"2024-08-20T19:00:16.04791Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/rimijoulukataloog1000x200est_hype_generated_script.js?50933","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"introduction_type":"scriptElement","is_inline":false,"md5":"27991113f419cdd9576b7e2665919fcb","sha1":"1ccc344dac0d40a18cf3c00ddddec4b7d8a7f031","sha256":"eeef7b03b025b5cdafab3622ce141a5fcece270542d23a35789285e15b0d09ab","sha512":"8ac3e3ea52fba34e867d2a0ede3a84059ec422f836221754e7aa7a564fc3cf578c2007a2a0020744966067c3fd3fb1dfcb3b9d518b1b632a009e12c9c97ffb6d","ssdeep":"192:1n8ZzN1RKhw9BwhxwUL6L/5uuuZVOmPwjwRNuuebBqdm51/qY+h+/da:1n8ZzN1RKhmBoxTL6L/5u5ZVOmP6wXu8","tlshash":"5bf13008625f6399492ca3ca9bc304673a3c8e6970854d44e365f8707b11fb733667fa","size":8161,"data":"","first_seen":"2024-08-20T19:00:16.048712Z","last_seen":"2024-08-20T19:00:16.048712Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15948481/sandbox%20eval%20code","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"69c02be3f74421ae2f1156f2b810e043a2c62b015ae7c402f00e003f2440fea4eee1e8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-17T21:15:42.718187Z","times_seen":885274,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"du0pud0sdlmzf.cloudfront.net/?dupud=997369","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.211","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb79aaad1cec2b662af9789f22abc5b4","sha1":"eb7565685ce03fc0cdf2311f863eecf9fb44fe73","sha256":"18af19e2725475ff5a880c962dfaf7321e48b0fdb82c08d475338d44e5722ada","sha512":"94bc898dd4a080d405e657a8568c27cc96e226754050b87ee075565a3e27d2c8c7d84b6c6c8835ccf84e92516cc0858904c2b5e489df8dca9148c74e261faa3c","ssdeep":"3072:eS9XPLAya82hrZ5LxjFYiUUFvVI4Gmqz1HU3NZkUMs61S9XPLAya82hrZ5LxjFYQ:eShLAyB2hrfVg103N+wEShLAyB2hrfVL","tlshash":"d6743b89be523869836374b640ff124e723f4669b8084dd4b49ad4d16db8d0943bffac","size":362665,"data":"","first_seen":"2023-11-18T01:26:31Z","last_seen":"2023-11-18T01:26:31Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c\u0026type=direct\u0026page_id=7283035\u0026screen_width=1280\u0026screen_height=1024\u0026os=Linux%20x86_64\u0026refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15948481%2F66efff39742d1ddce8e5%2FServer.exe\u0026pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15948481%2FServer.exe.html%3Fmsg%3Dsess_error\u0026rnd=1700267167505","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"09a21f78394b85a24147710cb999668d","sha1":"e8962d86d0447fc6272c9bfc915daa9b6f6c67cd","sha256":"8e203724cb0726651afefdb0bca43cd6af59ae33303888cc7d16f7be0adb33ea","sha512":"557f0901c9f13b4daae5364ea8a1e7a93c706038a49760af5085273c6b119122b9a9452a861f03d695eeda44ba11d81ed11021b4a854de4cfdde99147ac216d4","ssdeep":"192:JMmEXVLXqaVqaZqaCqaRqaE+qX0qXqqXJqXgqXRLhbqWqwq3qOq6FBhLpPdCIpwi:CmEF7qaVqaZqaCqaRqa3qX0qXqqXJqXo","tlshash":"e5229754d70e646496f4542787bc04d4f04cf378bd0b0d6678a7ac6fa8ea3b662d3724","size":10447,"data":"","first_seen":"2024-08-20T19:00:16.050439Z","last_seen":"2024-08-20T19:00:16.050439Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/js/js__file_upload.js","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":false,"md5":"66684709338f7239056ff3302e16bc4a","sha1":"7dbd501434bdc062cdc8f6744e272a7d39ca5136","sha256":"5163e50a8fe4549a8ca064e266de9c8e6aebd1d848185e0931959824a4d32c0f","sha512":"736a47122121ab209a76fb53a07aad3fc5b3a10dd8e1c760b65ecb66a7c16c802d105d9db843d36216ad65f7aa50652cd5b626daa0b2bf7a1a1573dd8b83ea03","ssdeep":"768:nE5keq96s7jR29qxFJuuGBs98dSx1yUL9acoR13knV96Qx8VDJR:n+qP7jR29eFJuuGBs98dSx1yUL9at6VM","tlshash":"77c2e793778684a48dda157e249e03ca7634c4176d0aa850fc6ccca8ae74f89907bf7d","size":25884,"data":"","first_seen":"2023-10-24T16:45:51Z","last_seen":"2026-05-15T03:10:01.468433Z","times_seen":3528,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/scripts/saresponsive.js","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e94b1e6619d5d0264e9073324b7fd667","sha1":"72f27e0a09fdf92a40a0cdba0a8be9e902e85380","sha256":"2ef9a9a195e17329b9e2a844c83ccfa1c80f93b9848f5430da8b0a63444da59c","sha512":"167c584fbfc5edde3ebc7a1aa0d825c51623cbb3f9643397643d5e600737d3e4d10cdf9ef8117cea52dfad56c3ef362b2a6870274c09f844abc129c02572be40","ssdeep":"3072:y4J+03jL5TCOauTwDhFdnCVQNLa98HrPevC2eYCLaISESuoa:40zEOQR+iLa98HrgreYCvSESy","tlshash":"d60418d57b8e381787a632a980ff014ef17dd2f6a1094875f09894a06db8a1d13b7f6c","size":177002,"data":"","first_seen":"2023-11-01T13:54:07Z","last_seen":"2024-08-20T21:30:55.312447Z","times_seen":15,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"a1357d762282ab540009d24df8c4f46f","sha1":"463851049a98871659c318f1dfa2a8f9d743b60d","sha256":"f9552a376efe29ddd9feca5215e57221a76a8bc50dcd731c33d5aaef66bd6f3e","sha512":"9f914c9f034d004e2b1f7c6ce5a0276bce03e210cf1460e4da732d559d48e5218a7451f63d3bfa0c901286f8bce74d37343147c47e4c10f91210973ce4b6d4bc","ssdeep":"","tlshash":"2db0022ae5b4943124d14070287111a551511514c8446105c491c92919314cbf967041","size":93,"data":"","first_seen":"2024-08-20T19:00:16.052364Z","last_seen":"2024-08-20T19:00:16.052364Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15948481/sandbox%20eval%20code","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"23c336606ee3a6d444b305153fa0e2e2","sha1":"473a2111970ae2a94b373e656d20c4bd4184d703","sha256":"305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60","sha512":"ab0470885483545a0306733fa3a067239e299e0b47d35f9769a763f65ba5e9d928ee364a66f9e577499ab0c452f34dc7a3a48a774ce3d09e56fd88d1989e84ba","ssdeep":"","tlshash":"bbc02b137750017d2f1016b0b9009003a1c923005eb78001f006001f2040eae88dc180","size":128,"data":"","first_seen":"2023-05-06T01:21:43Z","last_seen":"2026-05-17T21:32:46.531605Z","times_seen":76132,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"48e07e6b9e60fc36f21db6b71bf0b4b1","sha1":"fb4085cc0058779b28e5c366a2b92cf242399c2f","sha256":"3cbdc71216bd0aa119c93b4c5213941e9972e26ef16b3386c7c9cb32bcc60d64","sha512":"10187db826a6c668fff87f61e2468ecaf94b9a87475115b9718c9458f75281581aa84a3001fad9d5a1c48ba75a443d03da26fdf243fdc1e964770fb12b140178","ssdeep":"","tlshash":"ae60000030f00000c3c3003000c00030000003000cc00303000300c03000c00ccf0300","size":14,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2026-05-15T03:10:01.480683Z","times_seen":3584,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"8b6b8133fa32ec1af266bb95c6487703","sha1":"a4d5d60687114e0acdcf105503b51fb94b0e3134","sha256":"8b7a18cc9da2ea3da66dc5f5a4537438768bb31659256b1c75ac4ff2901c8393","sha512":"6fb3b6d97048880e844396017252610d30f08707479e2685b62ea04323d95b6c69093a0ca42121bb4c5628dbdd35a7285b581620d0ae07472a8183e1d579dfc0","ssdeep":"","tlshash":"5dc002b0d427169aa59550b5050d08c8a0910099e68dd4a94568c426447759e9c23511","size":131,"data":"","first_seen":"2024-08-20T19:00:16.054606Z","last_seen":"2024-08-20T19:00:16.054606Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"94c8b8eb07dcb1094f23218b108d29f4","sha1":"4117b35ecf3d206bf0485aba746d3d4fbeb3b878","sha256":"21dd4971459b47d2632e3370668d254271991653db36b357114abbc5daf8436c","sha512":"ed8264a7c2bf35965cee1a606338d1b8f22ad4bb724ec6786b66ab620ac91cb0cdd65deec2ad3bb16a52044fb9ee5847f1c50e1e8c7453b815ada9fde8dd350d","ssdeep":"","tlshash":"d3b002b0d427169aa59550b5050d08c8a0910099e68dd4a94568c426447759e9c23511","size":128,"data":"","first_seen":"2024-08-20T19:00:16.055555Z","last_seen":"2024-08-20T19:00:16.055555Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"63fa78e3d4ae4b7fc4cf5126264cb75e","sha1":"65657518c61173b8205d4fb68aabfae6ae7270a0","sha256":"a31d904d1ab6191632f68d0b375b622e4699c6e840f99ce53699df5d9f77ef6a","sha512":"84a1432bf021cfe79ca89727eabd12fc350317b89e20986f12393d7b25df94e424ec561aafb41922db622d4cd2eb4af54d6ae0ddab57d0d3bbdb8c8a9d698034","ssdeep":"","tlshash":"4d90222820800200c20080303003220f80e8200b28800088000002800232030022388e","size":57,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2026-05-15T03:10:01.483397Z","times_seen":3535,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"ba71a86056b5c9ef37b625aade54337e","sha1":"4769c2a07aa71c342dcb06dfa2950cff7ecae40f","sha256":"65d96ab8cd224643e09a693cdc8fa0b76eb9c6cfe0a4be8b797136ca83a305c0","sha512":"e115753c5b2d6cbecba098a1efc800f3b04e17610b6e509e81aa0bb637e4f7d74b1c9c79d89e7e4bf7204d7607a8ba490b44adf1719b6a20bb96e3819e55fdc4","ssdeep":"","tlshash":"d9c02b89210e0c7190f733808f3fbd01f4122364a4d05c33484e23058e20f27d358910","size":155,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2026-03-28T13:29:03.445604Z","times_seen":3495,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49\u0026l=dataLayer\u0026cx=c","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2fbc4fd40a97ef8677cc9165a2e7d2d5","sha1":"9331977a4921eb9e1ba4eb22a0bfba13cca54e7b","sha256":"23bf5c37b74f87250600fb9e726f485114fc231eee6c3de8343a1cdcc5acd9e2","sha512":"6f338dfe9dc6514361281057d8e3baa2e0d5c7e2271208100775c685ee34ca4ed49ef9036d8884c8cf2a67c27706c2aaef9fc8b838b719658b329242c93e1543","ssdeep":"3072:WHl+KVJ1leUSOWYSjUy5d62a5nMB+M8pVkUvfNFk82ewAE6NVkGR82WvmuA3n:uziUHSjUyyM8/kUvfN6RevVVkI8tY","tlshash":"713408d973c3706682a7f479503f024ba5bb2da2b44ccc94e189c9d42e74a9a417bf7c","size":249280,"data":"","first_seen":"2023-11-18T01:26:31Z","last_seen":"2023-11-18T01:26:31Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/assets/js/jquery.min.js","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"dc5e7f18c8d36ac1d3d4753a87c98d0a","sha1":"c8e1c8b386dc5b7a9184c763c88d19a346eb3342","sha256":"f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d","sha512":"6cb4f4426f559c06190df97229c05a436820d21498350ac9f118a5625758435171418a022ed523bae46e668f9f8ea871feab6aff58ad2740b67a30f196d65516","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakF:AYh8eip3huuf6IidlrvakdtQ47GK1","tlshash":"a993f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89476,"data":"","first_seen":"2023-03-07T01:02:01Z","last_seen":"2026-05-17T21:17:44.569678Z","times_seen":240214,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=UA-6703115-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"77c7e3b34877e66bd92a86ccf10dff70","sha1":"a3e1de92fb7c5521a71660bff967cceb57143c1e","sha256":"fdb5b72df35a6a7af2bda76deef4b77db23c2b648fdfb59de82b5f6cd43f9399","sha512":"c1e4b2e9d6b45c3949f85dfcafa18e1816367380e7fc47fe5495966bfc58040e50c24d3deb8ba51783a51ec49fdaf4b6ab3721a9c4fdc3f6fd508e00b781f907","ssdeep":"3072:D4hApML3reH9bbrS0+NE0OOyqKaNHAtfr:vy7ylwGOyqKaBe","tlshash":"55d308d8b3d6b12683a374b8513f010bf17a6d92f84cdc94e286c9c52e78699017bf6d","size":134713,"data":"","first_seen":"2023-11-18T01:26:31Z","last_seen":"2023-11-18T01:26:31Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pagead2.googlesyndication.com/pagead/js/adsbygoogle.js","fqdn":"pagead2.googlesyndication.com","domain":"googlesyndication.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"2e9e391ad98fbe1b2de0b7b4fa9ca904","sha1":"21d7771223e8286a06ad878af425094a40de32b5","sha256":"1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69","sha512":"defa1ba5ce4193014a4657fe394734634087d66c9db8024778ea2c3a59be02e38e0077725c7d000ff7046bea23070594f8942446c6068b4032d329d0716532b0","ssdeep":"","tlshash":"f63197075511c5fa022195d6ea7a3e2e61337628523440a8f238f23b23770cbf3d1abd","size":1648,"data":"","first_seen":"2023-05-06T01:21:43Z","last_seen":"2026-05-17T21:29:41.916182Z","times_seen":74042,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"ee82bbd6dd4561ebeb8db38c5cc9ed54","sha1":"6e302c2b3ad4a172499ee130634e1d4e3d3f200e","sha256":"a24b1876c012b7f29182d95669800773598152d8571401d71b486c2461944efd","sha512":"bb77dfcf6cabc279b0fa6c34fe63030db954536aaa2931673931e97d7c7db91fd6298d2729599d993d2025670403fd8bf427c8db6169603edc421c9605ee27e1","ssdeep":"","tlshash":"60c00275d4575814da54c1709084165a4c9d13b4d59c60010098b191092545d546f941","size":178,"data":"","first_seen":"2024-08-20T19:00:16.059151Z","last_seen":"2024-08-20T19:00:16.059151Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"domTimer","is_inline":false,"md5":"6d429d0c4f6e8b10c47cae51a4507bc1","sha1":"3486b91bb589544276c007185186cf037450dc51","sha256":"4ec988348bdcee1e32811e6fa7b604322c8d76274c0e489634cc98a5b7c977d7","sha512":"ff56d35d76319194d5050abd105286715e9044e75a3986dc0cf8ea8b3a3d0379a293b24962217bb113a9daec4bc25e7ce11a18a45baf4d04d32f7e7ee746665d","ssdeep":"","tlshash":"cec00275d4575814da54c1709084165a4c9d13b4d59c60010098b191092545d546f941","size":175,"data":"","first_seen":"2024-08-20T19:00:16.073606Z","last_seen":"2024-08-20T19:00:16.073606Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"bada815b0add3317d69cbff824573d6b","sha1":"60ebc2061d3dbf196d418b6802aa0d971b7bc189","sha256":"f2fe3c2dc65244420df6fc8efd959211c4ef3d9f76e2a3c530b4a3163138d92b","sha512":"ebebfda077663be98ce77e2cd5423a0714b98afd3e733b59e81eb93b8fad64d788707761de91ed96d6cbe281cd96b11641a77532c41ae95a08944e1987070463","ssdeep":"","tlshash":"a43140f4ab7d64a498be210d633cf38fa46d60373c431c43ad5e55e41a71e2f0523a96","size":1636,"data":"","first_seen":"2023-03-09T23:09:39Z","last_seen":"2024-08-21T09:18:42.71122Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:gr5xyIhZ6pQ/d/bTQcFeqZVxNnR36Hc9lDJlQC8dA9Sa5fLtUB5roNiEP:gr58IhZ6pg/bTXVx9t689fN8INtEONig","tlshash":"7ea1cd9b39e650310332bfe91bfaa559b22937605220c161be0c915b7399233d3e1bec","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-17T21:12:33.360119Z","times_seen":883605,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"3.124.150.20","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/tumult/hype-runtime/HYPE-752.thin.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a7736c83b9ad2dd6317674cd4ed0bb68","sha1":"0366b254fafb4a7a979a69fb9ef7be3434b74d14","sha256":"4804b62bc3461ff1ab61aa2482690d79db2646701da68b6371ad1485c6f948fd","sha512":"1c6e24fb1857c19d517e260553f9b2c153cc22800980806971c9602f052e73e4afaa32a7916d1bdf60e48abe47c94300714c9e4316a2d31d4da27e18e1c905f4","ssdeep":"768:0fS+Qu82PHLAAe95oLemSSO4Zb/TL0f0LiAnFdMXLlbQJAavBVZ4XOsKF4TLpG:2S+Qu8QLAAePo/SLGmXLqOmE9TlG","tlshash":"664328e877c970d252b338f1609f245b653aa6a3f8558ca0606cd1c4ed741be21e7e2f","size":56897,"data":"","first_seen":"2023-07-01T13:16:16Z","last_seen":"2025-10-26T11:09:41.197674Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner.hookusbookus.com/config/config.js?v=1","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"3.124.150.20","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee16e21326dec006274a554647c4d759","sha1":"8e4389c35e12ea6d1e4d7214c174fda343047865","sha256":"5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f","sha512":"a239a8e81f283185fdb6793b9d85b0418d876138414aab138425f356942648542372165bd3faac525d4538dd308467a432492efe6f3efc402ef3029b33d1ebb4","ssdeep":"","tlshash":"4ea012f3818884730728057185d738249f0da14444618184626814026008221511252c","size":75,"data":"","first_seen":"2023-03-13T06:46:56Z","last_seen":"2024-08-21T08:57:42.304883Z","times_seen":97,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":[{"md5":"dedf043ee17f5a8092842f4282d969f7","sha1":"93ee9173029131f2ed9da01abe9300b1552d5eb4","sha256":"c648eb539f3ec259ceb1782d4432f6c5540786d2db3bf924e6f714198abcbaa7","sha512":"609db7cfe3b697bda13557b6519649c210b1160919592bc88e7605650350588d6b376735593fea8304b4b89d5632f0469e29ff5ea6a0e03addc1cbad3fc34a6b","ssdeep":"","tlshash":"99d02b63b3c0b0803311503ce13fe211477e0ecaa20e9440491460cc34abd5f90e2e91","size":267,"data":"","first_seen":"2023-03-13T16:32:52Z","last_seen":"2024-08-21T08:32:41.213379Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"write":[{"md5":"26a200195fa52dc10d066c8a7e2ae7c3","sha1":"ee6f3fca8ecfa73f7967bc17286120000a2264ef","sha256":"7e8e82721ad887b4ec169cb750623b305aa57dd68689fefff3f96454aca71fd5","sha512":"78b636de6f90cb69d07a21fecaf11ea560f6c9d4b1d195a02a18044609eda488dd7ad0fd4a07b99d22b74bdbdac5ee99e4871802195ad7babfe80a7b7a3d6750","ssdeep":"","tlshash":"3db01241ec05c3981617160800fab06b04065910f1b5c4dd53e2c187d21c39c4d0235c","size":98,"data":"","first_seen":"2024-08-20T19:00:16.077314Z","last_seen":"2024-08-20T19:00:16.077314Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"www.upload.ee/download/15948481/66efff39742d1ddce8e5/Server.exe","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:06.828817624Z","timestamp":1700267166828,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /download/15948481/66efff39742d1ddce8e5/Server.exe HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Sat, 18 Nov 2023 00:26:05 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 401\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nP3P: CP=\"CAO PSA OUR\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":401,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (401), with no line terminators","md5":"a0ac8f2c18b97de6a7e5ff3d09faab2d","sha1":"5f3f03bbd55be8ab20e59041d4a2c3eb204d4bcf","sha256":"3d42882d1712993548446fa684f3911185c2fc643fd09737bf7d84f1b80ff2f6","sha512":"0e5b54d3900f05c4f2a49495604327cc35dfeb4e67cee89c82eba4dbaa15a30ec9b322b96e3a5170f4164f14568bc9ee490decee3f20d324bba9dc184d5e81e6","ssdeep":"","tlshash":"b4e0619e0c12d84fd51020f0a5f1f1c8159b812fe87c4e4079c004ba43c4fedde41756","first_seen":"2023-11-18T01:26:31Z","last_seen":"2023-11-18T01:26:31Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/download/15948481/66efff39742d1ddce8e5/Server.exe","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:07.032892929Z","timestamp":1700267167032,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /download/15948481/66efff39742d1ddce8e5/Server.exe HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 404 Not Found\r\nServer: nginx\r\nDate: Sat, 18 Nov 2023 00:26:06 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 401\r\nConnection: keep-alive\r\nKeep-Alive: timeout=5\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nP3P: CP=\"CAO PSA OUR\"\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":401,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (401), with no line terminators","md5":"a0ac8f2c18b97de6a7e5ff3d09faab2d","sha1":"5f3f03bbd55be8ab20e59041d4a2c3eb204d4bcf","sha256":"3d42882d1712993548446fa684f3911185c2fc643fd09737bf7d84f1b80ff2f6","sha512":"0e5b54d3900f05c4f2a49495604327cc35dfeb4e67cee89c82eba4dbaa15a30ec9b322b96e3a5170f4164f14568bc9ee490decee3f20d324bba9dc184d5e81e6","ssdeep":"","tlshash":"b4e0619e0c12d84fd51020f0a5f1f1c8159b812fe87c4e4079c004ba43c4fedde41756","first_seen":"2023-11-18T01:26:31Z","last_seen":"2023-11-18T01:26:31Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-18T00:26:07.255Z","timestamp":1700267167255,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /files/15948481/Server.exe.html?msg=sess_error HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/download/15948481/66efff39742d1ddce8e5/Server.exe\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 18 Nov 2023 00:26:06 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 8983\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nExpires: Mon, 26 Jul 1997 05:00:00 GMT\r\nLast-Modified: Sat, 18 Nov 2023 02:26:06 +0200\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=31536000\r\nX-XSS-Protection: 1\r\nP3P: CP=\"CAO PSA OUR\"\r\nSet-Cookie: lng=eng; expires=Sat, 16-Dec-2023 00:26:06 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8983,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (4526)","md5":"e2570d2bd51edf098cdd36a72911b48c","sha1":"01a8000d5f6bf064b9e102e674a5a1c7e07b2790","sha256":"b855536ca2c0835b574cbf9c584afd1b3062572cd2568992db4d69e1629804fc","sha512":"a30cef6540753f067001ed2ce60e63a7f8a03aee1ebc0fbbd71ba70ee4f1a6c68981fcae064a77aebf81f910327c428d0719a528d0c1993fc87e1f80085e05e8","ssdeep":"384:loJylIn7xpYwuu504Y8geHYGDRzhU3E8+UUKIz40qobHK7U3eBizEm+d:loJCIn7XY20t8PDRzh4E8+UUKIz40qou","tlshash":"d3922a71158ee82e8654a0d4e234fedc99d774afc3400884e87b64b7a5c5fa4ad312fa","first_seen":"2023-11-18T01:26:31Z","last_seen":"2023-11-18T01:26:31Z","times_seen":1,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/static/ubr__style.css","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:07.383999572Z","timestamp":1700267167384,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /static/ubr__style.css HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error\r\nCookie: lng=eng\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 18 Nov 2023 00:26:06 GMT\r\nContent-Type: text/css\r\nLast-Modified: Tue, 17 Oct 2023 12:17:20 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: W/\"652e7b50-24da\"\r\nExpires: Sat, 25 Nov 2023 00:26:06 GMT\r\nCache-Control: max-age=604800\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":2841,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (591), with CRLF line terminators","md5":"7b9692d4caecccf38e40d2333f8e00b0","sha1":"8ecb4f873571250f02a5cc2ceff0a24aed25fc33","sha256":"c4042306388924b75aa7d584c1e61165264967a52d09544ecba836f0d00eb9b9","sha512":"c7f31f284e1efd4e69f239cb705f27db186aac82acc7fee042fed2c23909f4c8192bef0c54b382f2aa3bb1e9d5542b8567024de43a795c3361ae74763a4d2d56","ssdeep":"192:a2jAySjuE174K/B4kxWnInnHGYaN4OI56pYgq+:Ejj2K/B4annc66pYgt","tlshash":"b012b572d2aa302e71abc0bab051fa9e3d58908bd4539771f96636b5cac10e53337708","first_seen":"2023-10-24T16:45:51Z","last_seen":"2026-05-15T03:10:01.473925Z","times_seen":3424,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/js/js__file_upload.js","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","date":"2023-11-18T00:26:07.364Z","timestamp":1700267167364,"http_version":"HTTP/1.1","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.upload.ee","organization":""},"issuer":{"commonName":"RapidSSL Global TLS RSA4096 SHA256 2022 CA1","organization":"DigiCert, Inc."},"validity":{"start":"Thu, 02 Mar 2023 00:00:00 GMT","end":"Mon, 01 Apr 2024 23:59:59 GMT"},"fingerprint":{"sha1":"50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4","sha256":"AB:0D:2D:02:34:6F:B5:08:58:FA:7A:F5:12:43:16:EF:56:12:7B:6F:99:CB:3F:AA:39:F3:0E:91:FE:43:FE:CF"}}},"request":{"raw":"GET /js/js__file_upload.js HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error\r\nCookie: lng=eng\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 18 Nov 2023 00:26:06 GMT\r\nContent-Type: application/javascript\r\nLast-Modified: Tue, 17 Oct 2023 12:32:21 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: W/\"652e7ed5-651c\"\r\nExpires: Sat, 25 Nov 2023 00:26:06 GMT\r\nCache-Control: max-age=604800\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7670,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (1853)","md5":"66684709338f7239056ff3302e16bc4a","sha1":"7dbd501434bdc062cdc8f6744e272a7d39ca5136","sha256":"5163e50a8fe4549a8ca064e266de9c8e6aebd1d848185e0931959824a4d32c0f","sha512":"736a47122121ab209a76fb53a07aad3fc5b3a10dd8e1c760b65ecb66a7c16c802d105d9db843d36216ad65f7aa50652cd5b626daa0b2bf7a1a1573dd8b83ea03","ssdeep":"768:nE5keq96s7jR29qxFJuuGBs98dSx1yUL9acoR13knV96Qx8VDJR:n+qP7jR29eFJuuGBs98dSx1yUL9at6VM","tlshash":"77c2e793778684a48dda157e249e03ca7634c4176d0aa850fc6ccca8ae74f89907bf7d","first_seen":"2023-10-24T16:45:51Z","last_seen":"2026-05-15T03:10:01.468433Z","times_seen":3528,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":8,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/images/arrow.gif","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:07.439541101Z","timestamp":1700267167439,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /images/arrow.gif HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error\r\nCookie: lng=eng\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 18 Nov 2023 00:26:06 GMT\r\nContent-Type: image/gif\r\nContent-Length: 59\r\nLast-Modified: Sun, 14 Apr 2013 07:15:01 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"516a5775-3b\"\r\nExpires: Sat, 25 Nov 2023 00:26:06 GMT\r\nCache-Control: max-age=604800\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":59,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 6 x 9\\012- data","md5":"6675f814b94f13f91f1383707b250e36","sha1":"31452650e8fce2095613a2010799bdb7548bdd51","sha256":"061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411","sha512":"d232d7337ef45394ddeb09894a7aec31363ef026299bd047d49dc46975757da192136b03531ab7be451a4d28ce8e3250a9538f94c6ae38347537de00192e9c62","ssdeep":"","tlshash":"3fa0020295b4c144c80411761c58815056027226858e175736bc7722ec498a17152121","first_seen":"2023-04-30T19:35:34Z","last_seen":"2026-05-15T03:10:01.465295Z","times_seen":3578,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/images/dl_.png","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:07.445091345Z","timestamp":1700267167445,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /images/dl_.png HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error\r\nCookie: lng=eng\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 18 Nov 2023 00:26:06 GMT\r\nContent-Type: image/png\r\nContent-Length: 1900\r\nLast-Modified: Thu, 01 Dec 2016 09:37:27 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"583fef57-76c\"\r\nExpires: Sat, 25 Nov 2023 00:26:06 GMT\r\nCache-Control: max-age=604800\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1900,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 154 x 32, 8-bit colormap, non-interlaced\\012- data","md5":"f3e8f284a4e98cdb91b6abfc142d94a4","sha1":"fa9e618c2f56bea752ddd7e45a372c5539dadda9","sha256":"2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882","sha512":"e3d0865ac754c5956d7636635dd87df016e893a20c3292b0918b26305e4ebe3515a7498cff2e1902155de884b9fcfca8ec7a01d8a5ab5053b6ad62c914781144","ssdeep":"","tlshash":"6241398ffcfc75dc437e002a1a943806266692c471a4a7382b5108be2d4270f4224e66","first_seen":"2023-04-30T19:35:34Z","last_seen":"2026-05-15T03:10:01.474469Z","times_seen":3578,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.googletagmanager.com/gtag/js?id=UA-6703115-1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:07.497370671Z","timestamp":1700267167497,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /gtag/js?id=UA-6703115-1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 18 Nov 2023 00:26:06 GMT\r\nexpires: Sat, 18 Nov 2023 00:26:06 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 51371\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":51371,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (2213)","md5":"77c7e3b34877e66bd92a86ccf10dff70","sha1":"a3e1de92fb7c5521a71660bff967cceb57143c1e","sha256":"fdb5b72df35a6a7af2bda76deef4b77db23c2b648fdfb59de82b5f6cd43f9399","sha512":"c1e4b2e9d6b45c3949f85dfcafa18e1816367380e7fc47fe5495966bfc58040e50c24d3deb8ba51783a51ec49fdaf4b6ab3721a9c4fdc3f6fd508e00b781f907","ssdeep":"3072:D4hApML3reH9bbrS0+NE0OOyqKaNHAtfr:vy7ylwGOyqKaBe","tlshash":"55d308d8b3d6b12683a374b8513f010bf17a6d92f84cdc94e286c9c52e78699017bf6d","first_seen":"2023-11-18T01:26:31Z","last_seen":"2023-11-18T01:26:31Z","times_seen":1,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"du0pud0sdlmzf.cloudfront.net/?dupud=997369","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.211","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:07.638767557Z","timestamp":1700267167638,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /?dupud=997369 HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 117754\r\ndate: Sat, 18 Nov 2023 00:26:06 GMT\r\naccess-control-allow-origin: *\r\ncache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform\r\ncontent-encoding: gzip\r\npragma: no-cache\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: nvlJZSrjwB3dY3mcSljq3nAwKM3M4C-XwIrk6sqzzOweE6Nxtm36xw==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":117754,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"Unicode text, UTF-8 text, with very long lines (15945)","md5":"bb79aaad1cec2b662af9789f22abc5b4","sha1":"eb7565685ce03fc0cdf2311f863eecf9fb44fe73","sha256":"18af19e2725475ff5a880c962dfaf7321e48b0fdb82c08d475338d44e5722ada","sha512":"94bc898dd4a080d405e657a8568c27cc96e226754050b87ee075565a3e27d2c8c7d84b6c6c8835ccf84e92516cc0858904c2b5e489df8dca9148c74e261faa3c","ssdeep":"3072:eS9XPLAya82hrZ5LxjFYiUUFvVI4Gmqz1HU3NZkUMs61S9XPLAya82hrZ5LxjFYQ:eShLAyB2hrfVg103N+wEShLAyB2hrfVL","tlshash":"d6743b89be523869836374b640ff124e723f4669b8084dd4b49ad4d16db8d0943bffac","first_seen":"2023-11-18T01:26:31Z","last_seen":"2023-11-18T01:26:31Z","times_seen":1,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49\u0026l=dataLayer\u0026cx=c","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.250.74.168","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:07.674728832Z","timestamp":1700267167674,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /gtag/js?id=G-LT9YQX0N49\u0026l=dataLayer\u0026cx=c HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sat, 18 Nov 2023 00:26:06 GMT\r\nexpires: Sat, 18 Nov 2023 00:26:06 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 85976\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":85976,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (3034)","md5":"2fbc4fd40a97ef8677cc9165a2e7d2d5","sha1":"9331977a4921eb9e1ba4eb22a0bfba13cca54e7b","sha256":"23bf5c37b74f87250600fb9e726f485114fc231eee6c3de8343a1cdcc5acd9e2","sha512":"6f338dfe9dc6514361281057d8e3baa2e0d5c7e2271208100775c685ee34ca4ed49ef9036d8884c8cf2a67c27706c2aaef9fc8b838b719658b329242c93e1543","ssdeep":"3072:WHl+KVJ1leUSOWYSjUy5d62a5nMB+M8pVkUvfNFk82ewAE6NVkGR82WvmuA3n:uziUHSjUyyM8/kUvfN6RevVVkI8tY","tlshash":"713408d973c3706682a7f479503f024ba5bb2da2b44ccc94e189c9d42e74a9a417bf7c","first_seen":"2023-11-18T01:26:31Z","last_seen":"2023-11-18T01:26:31Z","times_seen":1,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"setitoefanyor.org/UWo0ZjZ+VVcVCwIQUD5sFShOJ2EXP3VVBhczBTdyNw12C2MmJxISXzVXDV8BYlwNQEY4DglXECIeVRJDIlcFQF8/DFtbECdXBUgFZUQHUhhhTEFbB3ceRAdRbFsSFkIlBglXAWFaBlABYFwDUQ5o","fqdn":"setitoefanyor.org","domain":"setitoefanyor.org","tld":"org"},"ip":{"addr":"172.67.198.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","date":"2023-11-18T00:26:07.798Z","timestamp":1700267167798,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"setitoefanyor.org","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 15 Nov 2023 06:34:23 GMT","end":"Tue, 13 Feb 2024 06:34:22 GMT"},"fingerprint":{"sha1":"71:E6:35:28:05:47:4A:2C:6E:EB:4C:92:5D:31:D3:8B:D5:4D:B8:83","sha256":"1A:C1:C4:75:47:51:EE:18:E6:93:4D:6B:AD:C0:A8:99:30:63:5A:CE:36:8A:40:C6:A1:AF:A0:AA:C3:CE:7F:BD"}}},"request":{"raw":"GET /UWo0ZjZ+VVcVCwIQUD5sFShOJ2EXP3VVBhczBTdyNw12C2MmJxISXzVXDV8BYlwNQEY4DglXECIeVRJDIlcFQF8/DFtbECdXBUgFZUQHUhhhTEFbB3ceRAdRbFsSFkIlBglXAWFaBlABYFwDUQ5o HTTP/1.1\r\nHost: setitoefanyor.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 18 Nov 2023 00:26:06 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=7J5BpGMlR2wOal8LypjbO%2BIwGM%2BScB0XZjLLr7quo01qoOzxb6Bz2D4LCt1N%2FmKgSQR8AU3Tq5T8lpO6hkUehEFPSW507288RUPqfy9dntKe9hLE6FzcrunvBngnLOtb52497Q%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 827c148099cfb4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"resource_available":true,"data":null}},"time_used":140,"timings":{"blocked":12,"dns":4,"connect":1,"send":0,"wait":113,"receive":0,"ssl":7},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"setitoefanyor.org/eDVvQmpXCgwxVzVwOXYnMHglIQEfdD4lDktmLhQoOX09DCg9Rkk2AxwIVntdTAVXZBoRUVJzUl5GGyMeDUZSc0wRWwktV15DUnNESBtdbF5eQFJzTAxFDiVXSRMfNh4UCF51WkgHWXVbTgJXc1s","fqdn":"setitoefanyor.org","domain":"setitoefanyor.org","tld":"org"},"ip":{"addr":"172.67.198.24","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:07.926867595Z","timestamp":1700267167926,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"setitoefanyor.org","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 15 Nov 2023 06:34:23 GMT","end":"Tue, 13 Feb 2024 06:34:22 GMT"},"fingerprint":{"sha1":"71:E6:35:28:05:47:4A:2C:6E:EB:4C:92:5D:31:D3:8B:D5:4D:B8:83","sha256":"1A:C1:C4:75:47:51:EE:18:E6:93:4D:6B:AD:C0:A8:99:30:63:5A:CE:36:8A:40:C6:A1:AF:A0:AA:C3:CE:7F:BD"}}},"request":{"raw":"GET /eDVvQmpXCgwxVzVwOXYnMHglIQEfdD4lDktmLhQoOX09DCg9Rkk2AxwIVntdTAVXZBoRUVJzUl5GGyMeDUZSc0wRWwktV15DUnNESBtdbF5eQFJzTAxFDiVXSRMfNh4UCF51WkgHWXVbTgJXc1s HTTP/1.1\r\nHost: setitoefanyor.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 18 Nov 2023 00:26:06 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=OROZDkUclcIZY0lrh7%2F0dXSXJSehhfMMIurB7lXYZYn2bBkp35fcLjkGEB4GrRauJ0w7QWfhYfOEUHMPGSJ6PY%2B10KbCltHPxs4SFjn%2BUGl0jv1NhUJEB0xpDckctBIvLqXrXA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 827c1480a9d2b4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adiingsinspiri.org/TDQyanQtVlEHSy0JUEwBPlgPT0YKEQAsEDkEQh8QfEdWBhk2UhwJGCNBVgwGI1pGRBopQBdYMnh6ZQY9GAVkPTYlbUILHwl1fiI+P3B0X0MpY0U+NTZHVSVEGmF4IhgrYV4rEg1ecyg+CH0XWDYGQ2g6JAhhSikyIEF7ECYucFw8BAFyQSEQFAFIPDV8RVEHMRh8Zg0THFNVIzkfXwUyEzsRACg/NlBwPg58QVMsEwt5WzNBG2VaHhIeeXM4RyRFaB0iDnl6Xx8Jcl0hFSFXdCgnCVx7L0UBUVxSAAhiCjIRG3FjPRM8RWgdIS5kXxoZKHJaXhAiR3Q7M2EFCzAiBXl5EyV6cXQZOypjZy8jFFwXWDYWZWAnESIMSDI2P0B5PgQCYHoFPhZ1YDMuIg1IOzIeARQAByNaQlcYegFVUyMBUQYnDj1GAQ","fqdn":"adiingsinspiri.org","domain":"adiingsinspiri.org","tld":"org"},"ip":{"addr":"54.230.111.81","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:07.934413067Z","timestamp":1700267167934,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /TDQyanQtVlEHSy0JUEwBPlgPT0YKEQAsEDkEQh8QfEdWBhk2UhwJGCNBVgwGI1pGRBopQBdYMnh6ZQY9GAVkPTYlbUILHwl1fiI+P3B0X0MpY0U+NTZHVSVEGmF4IhgrYV4rEg1ecyg+CH0XWDYGQ2g6JAhhSikyIEF7ECYucFw8BAFyQSEQFAFIPDV8RVEHMRh8Zg0THFNVIzkfXwUyEzsRACg/NlBwPg58QVMsEwt5WzNBG2VaHhIeeXM4RyRFaB0iDnl6Xx8Jcl0hFSFXdCgnCVx7L0UBUVxSAAhiCjIRG3FjPRM8RWgdIS5kXxoZKHJaXhAiR3Q7M2EFCzAiBXl5EyV6cXQZOypjZy8jFFwXWDYWZWAnESIMSDI2P0B5PgQCYHoFPhZ1YDMuIg1IOzIeARQAByNaQlcYegFVUyMBUQYnDj1GAQ HTTP/1.1\r\nHost: adiingsinspiri.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 1179\r\ndate: Sat, 18 Nov 2023 00:26:06 GMT\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\ncontent-encoding: gzip\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: 517CGqnMyPvacrEGRsQZsfulY7guMFvq7Haa9QE_ZYvjjIp2Fapyvg==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1179,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (3024), with no line terminators","md5":"bd862f99cfb56ab187551a51f15c22e7","sha1":"18aeb8ae70d502d3b2722bb3ce1cce632b383b90","sha256":"bba31d07930548bf60fe44a7bec5d18a21cfdb00ecd675152b9001776d8087e0","sha512":"5940a7e132db2d4e4dbaaa403d3ea002cf0cc8c35e746cc3d04203c28254912f900c444611617b0c556087664b95b76e0af1dfa87124f72f902f0834a1b7dcb6","ssdeep":"","tlshash":"2b51318d34f3a082c2f2a064453bb59afa285aa1874cdb14867d96bcbc705ed6317f0c","first_seen":"2023-11-18T01:26:31Z","last_seen":"2023-11-18T01:26:31Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adiingsinspiri.org/VGhkRXc1CgcoSDVVBmMCJgRZYEUSTVYDEyFYFDATZBsAKRouDkomGzsdACMFOwYQaxkxHEF3MQIKVAM6BT8tCDs9IQodJScHLw0PNj4KH0M3PhQPPC5QEQE1bVAndhA2KiwIEBcRB3Y+LgcxFzUnXy8NDwc7N3UDGB8yFi0tAxIEIR4fBSw2Eyw8PUMOEAcKERctEQI2DRwtBjUcMDUhQjZZLg4UZxAUAhthHwUdPjM7CgtPGDkXBzkQOg8QMWxdAA0UbT88Ewc3ASYOFGcfHgMyJBEgHTUHPgl8TzUtACEUBxsPBCYFHQUdOj8wPANONz4uIBQMRVUuIhJQCg8jGSAnFkNkMiIEBzcgVTIjElEKCi8sPEIvBDsGFHgwbREPdxseLTwnAQE","fqdn":"adiingsinspiri.org","domain":"adiingsinspiri.org","tld":"org"},"ip":{"addr":"54.230.111.81","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","date":"2023-11-18T00:26:07.828Z","timestamp":1700267167828,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adiingsinspiri.org","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Wed, 15 Nov 2023 00:00:00 GMT","end":"Fri, 13 Dec 2024 23:59:59 GMT"},"fingerprint":{"sha1":"F1:71:03:4D:5E:75:1B:A9:AB:5F:04:38:5F:1A:B1:DB:D9:D4:85:4C","sha256":"F6:F3:7C:5D:16:6F:A8:A7:5F:16:9D:20:75:B6:D2:E4:5C:06:79:C4:2D:4E:23:B9:65:12:22:8D:49:20:27:24"}}},"request":{"raw":"GET /VGhkRXc1CgcoSDVVBmMCJgRZYEUSTVYDEyFYFDATZBsAKRouDkomGzsdACMFOwYQaxkxHEF3MQIKVAM6BT8tCDs9IQodJScHLw0PNj4KH0M3PhQPPC5QEQE1bVAndhA2KiwIEBcRB3Y+LgcxFzUnXy8NDwc7N3UDGB8yFi0tAxIEIR4fBSw2Eyw8PUMOEAcKERctEQI2DRwtBjUcMDUhQjZZLg4UZxAUAhthHwUdPjM7CgtPGDkXBzkQOg8QMWxdAA0UbT88Ewc3ASYOFGcfHgMyJBEgHTUHPgl8TzUtACEUBxsPBCYFHQUdOj8wPANONz4uIBQMRVUuIhJQCg8jGSAnFkNkMiIEBzcgVTIjElEKCi8sPEIvBDsGFHgwbREPdxseLTwnAQE HTTP/1.1\r\nHost: adiingsinspiri.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 1156\r\ndate: Sat, 18 Nov 2023 00:26:06 GMT\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\ncontent-encoding: gzip\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: QbXKej69jrqNNpKMqvK7hZ_VTIhDGssGKabNId5FVsPCAczizXrPJQ==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1156,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (2998), with no line terminators","md5":"8b9e5b452e3dfd18e7eeab61e0583e8c","sha1":"55ba1cabd3640742073b7e7df66a9aa208d7fee7","sha256":"660e8aceedbe459ef992b1bb9b63670b43ba22510e4dbc00904ee476bdba0dff","sha512":"1dc2cdfadd6e15d32dae7617161599279b7c18b605cb0e3b85f27815dc114fddf0eb098e9f5458571a1cff02aa9709d737724c578644103d14485647703ed739","ssdeep":"","tlshash":"3851108d34f3a082c2f26024453bb59afa384aa1834cca14863c96bcbd715e96317f4c","first_seen":"2023-11-18T01:26:31Z","last_seen":"2023-11-18T01:26:31Z","times_seen":1,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adiingsinspiri.org/Z2ZXMDEGBDRdDgZbNRZEFQpqFQMhQ2V2VRJWJ0VVVxUzXFwdAHlTXQgTM1ZDCAgjHl8CEnICdw4oAmZnBAwRZ3oNFQJ0WiIVGmUJLiIfelk2EQJkfR4/M2gBMVIZW1UQJGRmWSJVbkR5JVIyVEYEVDRHayszD1hdMSBmZXodLAd2ACYUGVsJJiMuYUkiJyByaB4jFGhdUlIZcUU/MS4ERiUgAWh8PysfZXAACRhXWT4xBFsBMREZSlIvEhR2cANXMWFeJiQQclwqJAZ4VTMNNWgBJl80dXAlMg8BWys3NHJoID8gdnADVx1HYDIkMGJaNgEwUlU/Sy9ocBAzPn1zIQcAXXMJKBZ9dwMhAXNwJjBnU3QmJAJJRgkgZlRQNz4VcVUQNGdqdxAkEkpzCDcgFlsUCTlADARTFgIBUwcZaGgsChECQg","fqdn":"adiingsinspiri.org","domain":"adiingsinspiri.org","tld":"org"},"ip":{"addr":"54.230.111.81","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:07.953129871Z","timestamp":1700267167953,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /Z2ZXMDEGBDRdDgZbNRZEFQpqFQMhQ2V2VRJWJ0VVVxUzXFwdAHlTXQgTM1ZDCAgjHl8CEnICdw4oAmZnBAwRZ3oNFQJ0WiIVGmUJLiIfelk2EQJkfR4/M2gBMVIZW1UQJGRmWSJVbkR5JVIyVEYEVDRHayszD1hdMSBmZXodLAd2ACYUGVsJJiMuYUkiJyByaB4jFGhdUlIZcUU/MS4ERiUgAWh8PysfZXAACRhXWT4xBFsBMREZSlIvEhR2cANXMWFeJiQQclwqJAZ4VTMNNWgBJl80dXAlMg8BWys3NHJoID8gdnADVx1HYDIkMGJaNgEwUlU/Sy9ocBAzPn1zIQcAXXMJKBZ9dwMhAXNwJjBnU3QmJAJJRgkgZlRQNz4VcVUQNGdqdxAkEkpzCDcgFlsUCTlADARTFgIBUwcZaGgsChECQg HTTP/1.1\r\nHost: adiingsinspiri.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\ncontent-length: 1179\r\ndate: Sat, 18 Nov 2023 00:26:06 GMT\r\nserver: openresty/1.17.8.2\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\ncontent-encoding: gzip\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: Zfy-5kg7PeXqMV4iMjaHo_KgIAJYaFvmFIM5MemzxUhHMhr_SXR1HQ==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1179,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (3027), with no line terminators","md5":"0f8fb7d41a25e350e4a9b4f57909bc38","sha1":"a34338d03f71f8f81bbac5c9524c8e3b3792ba76","sha256":"3d14f5c5ee0a83311b79a8df26a20deb48eac0baeb4f335cac2f0fce5e9ab1c5","sha512":"587d8490f86740a42302b0eaaa4ea63e45327ea998b5b9a8f5204c392135baf33891d98c31fda10bdfbfc798e9c2da16a61469b3065738176c02a56393f89908","ssdeep":"","tlshash":"03510e8d34f3a082c2b27065053bb99afa385a91834cce14863d96bcbc715ed6327f4c","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"setitoefanyor.org/WWpPUE12VSwjcAo8GQIpMh43CSAbLioYdDIwfx40Pz0JOB8RBWkkJD1Xdml6bVt7dj0wDnJhayoeLiQ4Kld+diQ3DCBtay9Xfn5+bUR8ZGNpTDptfH8ePzEqZFtpIDktBnJhemlafWZ6aFx4aH9h","fqdn":"setitoefanyor.org","domain":"setitoefanyor.org","tld":"org"},"ip":{"addr":"172.67.198.24","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:07.953244853Z","timestamp":1700267167953,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"setitoefanyor.org","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 15 Nov 2023 06:34:23 GMT","end":"Tue, 13 Feb 2024 06:34:22 GMT"},"fingerprint":{"sha1":"71:E6:35:28:05:47:4A:2C:6E:EB:4C:92:5D:31:D3:8B:D5:4D:B8:83","sha256":"1A:C1:C4:75:47:51:EE:18:E6:93:4D:6B:AD:C0:A8:99:30:63:5A:CE:36:8A:40:C6:A1:AF:A0:AA:C3:CE:7F:BD"}}},"request":{"raw":"GET /WWpPUE12VSwjcAo8GQIpMh43CSAbLioYdDIwfx40Pz0JOB8RBWkkJD1Xdml6bVt7dj0wDnJhayoeLiQ4Kld+diQ3DCBtay9Xfn5+bUR8ZGNpTDptfH8ePzEqZFtpIDktBnJhemlafWZ6aFx4aH9h HTTP/1.1\r\nHost: setitoefanyor.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 18 Nov 2023 00:26:06 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=FTeRXMtyXj8NOz8FC0gA%2FUlrnFVDJ8%2FyZrzuFFX2t2gKoSN%2BWX4GQnG6XB6nj80EFaU7m%2FrE8yDKvtFLZ44N5dmh%2B6IXjkRtjcT9R%2BKTeNjzvSifgOZx3F165YcCaUt2M82s%2BA%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 827c1480c9d8b4ff-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.upload.ee/favicon.ico","fqdn":"www.upload.ee","domain":"upload.ee","tld":"ee"},"ip":{"addr":"51.91.30.159","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:08.11379429Z","timestamp":1700267168113,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.upload.ee\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error\r\nCookie: lng=eng; _ga_LT9YQX0N49=GS1.1.1700267167.1.0.1700267167.0.0.0; _ga=GA1.1.1424656933.1700267168\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sat, 18 Nov 2023 00:26:07 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 1150\r\nLast-Modified: Tue, 16 Dec 2008 17:17:25 GMT\r\nConnection: keep-alive\r\nKeep-Alive: timeout=20\r\nETag: \"4947e2a5-47e\"\r\nExpires: Sat, 25 Nov 2023 00:26:07 GMT\r\nCache-Control: max-age=604800\r\nAccept-Ranges: bytes\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\\012- data","md5":"f299cf2e651c19e48d27900ced493ccb","sha1":"c2d1086d517d7a26292e0d7b32da7c55b166c23b","sha256":"115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1","sha512":"b46341bfbac50f48afcd2a4e34910901d722ce72f9f34f809916103e01d7ebc11bce15a28bf6449efd49ab9dfef1f84a94e3ad775cbe52d5822996674124b104","ssdeep":"","tlshash":"6921fea2f747de24d05a027081978e195686ee563199204b711c7d6e782e5504435237","first_seen":"2023-04-30T19:35:34Z","last_seen":"2026-05-15T03:10:01.47651Z","times_seen":3625,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=mail","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:08.188217993Z","timestamp":1700267168188,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=mail HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:igJNz-FhNbVmU_iK3ge32xnlcdHOUw:4ktV2wqGb7EP0cqQ; Expires=Mon, 17-Nov-2025 00:26:07 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026ifkv=AVQVeyxTgw_GcdUgUGZzwzh9QdyZQLmkoKZckjF3vWHcjmH6-IKBpsJlRcWRv99VAh4QS0mynTFa\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-cSY0vrSUnHOtwedpYf8Y5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\ncross-origin-opener-policy: unsafe-none\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adiingsinspiri.org/utx?cb=xLVEEdAsDwqH\u0026top=www.upload.ee\u0026tid=997414","fqdn":"adiingsinspiri.org","domain":"adiingsinspiri.org","tld":"org"},"ip":{"addr":"54.230.111.81","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:08.192147879Z","timestamp":1700267168192,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /utx?cb=xLVEEdAsDwqH\u0026top=www.upload.ee\u0026tid=997414 HTTP/1.1\r\nHost: adiingsinspiri.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\nserver: openresty/1.17.8.2\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.upload.ee\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\nset-cookie: ut=x; Expires=Sat, 18 Nov 2023 00:27:07 GMT; Max-Age=60\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: A7TsDeYYF0nakbj6z7Lyisnuxc1EX4EG-aty8PJQm_yCIoqf6Qc6aA==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:08.228216034Z","timestamp":1700267168228,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /ServiceLogin?passive=true\u0026continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026uilel=3\u0026hl=en\u0026service=youtube HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: application/binary\r\nset-cookie: __Host-GAPS=1:TSnx0RhCmfSupl16l7lSL_BiFVT6WQ:zA7SV4jnRoHJjQmC; Expires=Mon, 17-Nov-2025 00:26:07 GMT; Path=/; Secure; HttpOnly; Priority=HIGH\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\nlocation: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AVQVeyw95RLM0xRCzOjLEiNxw-0nuYROpxGafshKLDchsfOvqTwUSYDVsM3_UjPqfl1TuPpdv8zY\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncross-origin-opener-policy: unsafe-none\r\ncontent-security-policy: script-src 'nonce-q6ReAexXZK1mWV8pLu1l2Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport\r\ncross-origin-resource-policy: cross-origin\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\nserver: ESF\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026ifkv=AVQVeyxTgw_GcdUgUGZzwzh9QdyZQLmkoKZckjF3vWHcjmH6-IKBpsJlRcWRv99VAh4QS0mynTFa","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","date":"2023-11-18T00:26:08.207Z","timestamp":1700267168207,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"accounts.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:25:04 GMT","end":"Mon, 15 Jan 2024 11:25:03 GMT"},"fingerprint":{"sha1":"1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B","sha256":"18:DD:28:CE:04:BA:29:BB:BF:0C:6D:03:D5:97:E2:19:EF:D0:5D:FA:ED:A7:70:06:66:A8:74:2A:D6:60:0D:2F"}}},"request":{"raw":"GET /InteractiveLogin?continue=https://www.google.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=mail\u0026uilel=3\u0026ifkv=AVQVeyxTgw_GcdUgUGZzwzh9QdyZQLmkoKZckjF3vWHcjmH6-IKBpsJlRcWRv99VAh4QS0mynTFa HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:hDVQ8Z9X1OVyAmxb2ffRyFFv4rovyQ:JQ6ENq97UA0JpdwS;Path=/;Expires=Mon, 17-Nov-2025 00:26:07 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeywOeJYRf4ECoVjFMsbpriRE_6LATPfO71-y_dZVtN9tTF0a9y-KeiXzDJvKtoS1lpVcxrtR\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-754235248%3A1700267167247993\u0026theme=glif\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-security-policy: script-src 'nonce-RlTyCAuHIbxkUFcmBF1Mww' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 402\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":402,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (393)","md5":"7537716fd72c9181f689a7bb04f7f25b","sha1":"a06bb805fef6dc83ce3a2aa9f65c9ffd91966f5c","sha256":"236f2810bb2e0191f53dc5827b2a643c44b146e4cdd433767d359225e3b27da3","sha512":"d81daa62fa6672efb39ad24a3355083c45f44c1c2c6b5386b543994960af92655c964eed7b46f06bca3b630104509335a38f55f09ac34995eec0280ae18acc94","ssdeep":"","tlshash":"88f005ee5c99049d596368f5d418a188987435797fcbeaacf0f2f30486d0c2720053f3","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adiingsinspiri.org/utx?cb=IoIQax0m6hwJ\u0026top=www.upload.ee\u0026tid=997369","fqdn":"adiingsinspiri.org","domain":"adiingsinspiri.org","tld":"org"},"ip":{"addr":"54.230.111.81","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:08.293627432Z","timestamp":1700267168293,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /utx?cb=IoIQax0m6hwJ\u0026top=www.upload.ee\u0026tid=997369 HTTP/1.1\r\nHost: adiingsinspiri.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\nserver: openresty/1.17.8.2\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://www.upload.ee\r\ncache-control: no-store, no-cache, must-revalidate, no-transform\r\npragma: no-cache\r\np3p: CP=\"NID DSP ALL COR\"\r\nset-cookie: ut=x; Expires=Sat, 18 Nov 2023 00:27:07 GMT; Max-Age=60\r\naccept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P1\r\nx-amz-cf-id: fyuRM3kiKUbzfX8554GgcN4OxF-e7zZqa7cI_eKo9wsgP45-A_jdRg==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AVQVeyw95RLM0xRCzOjLEiNxw-0nuYROpxGafshKLDchsfOvqTwUSYDVsM3_UjPqfl1TuPpdv8zY","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:08.345900124Z","timestamp":1700267168345,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico\u0026hl=en\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026ifkv=AVQVeyw95RLM0xRCzOjLEiNxw-0nuYROpxGafshKLDchsfOvqTwUSYDVsM3_UjPqfl1TuPpdv8zY HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 302 Found\r\ncontent-type: text/html; charset=UTF-8\r\nset-cookie: __Host-GAPS=1:XlhGi20XLQ-UAUIP7np-MR1q74-mLQ:qGk3hjplFQMk042j;Path=/;Expires=Mon, 17-Nov-2025 00:26:07 GMT;Secure;HttpOnly;Priority=HIGH\r\nx-frame-options: DENY\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\nlocation: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyzUbjbemTt4oBcd6UNMUIa0dTWEgBiOiFnSWM3nHGq3e949Xj1kOWks4I_b5XRD7SW_IG7Dww\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-771687877%3A1700267167325014\u0026theme=glif\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreport-to: {\"group\":\"coop_gse_qebhlk\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/gse_qebhlk\"}]}\r\ncontent-security-policy: script-src 'nonce-j-_KWuWvDkL1g3iMP1_6bg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_gse_qebhlk\"\r\ncontent-encoding: gzip\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncontent-length: 407\r\nserver: GSE\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":407,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with very long lines (399)","md5":"e3dcda91153a75e46ff4350cf7b1d740","sha1":"0d99b236ed77c8c9783c83d2a7e6d0fd38f88284","sha256":"2772dc91a14602ddc44add14805e34ed333ed90301529cb9e9664575a59fa2e7","sha512":"2d27a91bce9dbe0f8e40074ef5f7b8b0b04e9fb6e6fc4e127df0f48cb0742b42068cdf54404c2191b9019a09e790990e68164d97766071ea5142daa0764c2408","ssdeep":"","tlshash":"67f0209e088601fe294334f9e424608c442468683ac2e8bcb0e6e70040fce2710067f3","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"du0pud0sdlmzf.cloudfront.net/4NWlIT1VWBiYpakEALHJsDF57eWwTAzsgO0VUJHlgUlAfAjABJDI+JwZPPDUxCFluIzRbDnVpMFsKdX5zVA0qcmETHTggPggIMSk7Xgw+KzdBTz0uaFgGMiY5WQhtfRMAR3hqZwVBMH5kEFoKamcFBSEhIE1Men8tDV8XeWEQWgpqZwUbPmpmdFh4dnsFQG-19ZVIMKyQ6EFsOfWUEWXh+ZQRMen8zXBstKTpNTHoJZARYZn9zQFR5","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.211","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:08.41748884Z","timestamp":1700267168417,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /4NWlIT1VWBiYpakEALHJsDF57eWwTAzsgO0VUJHlgUlAfAjABJDI+JwZPPDUxCFluIzRbDnVpMFsKdX5zVA0qcmETHTggPggIMSk7Xgw+KzdBTz0uaFgGMiY5WQhtfRMAR3hqZwVBMH5kEFoKamcFBSEhIE1Men8tDV8XeWEQWgpqZwUbPmpmdFh4dnsFQG-19ZVIMKyQ6EFsOfWUEWXh+ZQRMen8zXBstKTpNTHoJZARYZn9zQFR5 HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://adiingsinspiri.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 612\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: lzSJNEvOAr7IpC0n0_9x2y4F2UgBt-EI5nykp5KoNIoKx1HfZjeMQQ==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":612,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (866), with no line terminators","md5":"db6e0a7b17fafcab40427e77f4132a87","sha1":"db66bd688cfb4de092403d1228a66100d798eb48","sha256":"3bacbb3d6957644660eec4d9150874bb942a04b9722c3c4ff1854eb78c83d914","sha512":"49543bdf16cd4e93fd486a1321ad5ed186434ab54045bd1830bc9ef48befdd31755934763a6f4b43dda3afdf6c0b24064644423763122f90791cbacf9013cdf8","ssdeep":"","tlshash":"41112f3d99e02bb68857a44f33f0e01a52d4a18e20a29b714e5e4bf6ef0dc2b469170c","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"du0pud0sdlmzf.cloudfront.net/Vb0FMQWIMLiInXRsoKHxbVnZ4cVpJKz8uDB98C3gbBHMgCyc3IzoURBs7KHxSSS0tLwVSZykvAVJwaiAGDXx4ZxcOfCEuGAYtICBHXQd5b1JKc3xpGl5waXIgSnN8LQsBNDRkUF85dHc9WXVpciBKc3wzFEpyDXBSVm98aEddcSskAQQuaXMkXXF9cVJecX-1kUF8nJTMHCS40ZFApcH1wTF9nOXxT","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.211","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:08.425152907Z","timestamp":1700267168425,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /Vb0FMQWIMLiInXRsoKHxbVnZ4cVpJKz8uDB98C3gbBHMgCyc3IzoURBs7KHxSSS0tLwVSZykvAVJwaiAGDXx4ZxcOfCEuGAYtICBHXQd5b1JKc3xpGl5waXIgSnN8LQsBNDRkUF85dHc9WXVpciBKc3wzFEpyDXBSVm98aEddcSskAQQuaXMkXXF9cVJecX-1kUF8nJTMHCS40ZFApcH1wTF9nOXxT HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://adiingsinspiri.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 189\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: O8xXSNfpOjTJpNMgwNMnwCZBRdgce0HL2ChuWVRxYt53RPqfWTtRRg==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":189,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"521a520fe46dd875cc6efe10a234f3c8","sha1":"191b754a854279a4030c00ea2e3e29cdb3f540d2","sha256":"59ba8cc7373872eaaf269c4df49528570d3cde302e0dc2d2b4348ac7340ce57d","sha512":"18a18472a33f2f0518bedef68cdccb8023cc1e6bb07b81ed3ca56fdc1b05bd521f8ffa9a02fb25e3e8af4ac1a0a835d5a5f6cc7cb7b8be291f22f278ed060f9a","ssdeep":"","tlshash":"55d022384b98588021708f4ef12473f8d24800cc6b98043831132bb3900e535a3e8082","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"du0pud0sdlmzf.cloudfront.net/iNUVVcjFWKjsUDkEsMU8IDHJhQwUTLyYdX0V4NkdwB3VhE39tHB4edwc2cwZLUXhlVF1UKzJPF1ArNk8AEyQxEAwBYyECXl54NAtXWy4wBFVXMXMHUAgoOghYWSk0VwNzcHtCFAd1fQoABGBmMBQHdTkbX0A9cEABTX1jLQcBYGYwFAd1JwQUBgRkQggbdX-xXAwUiMBFaWmBnNAMFdGVCAAV0cEABUywnF1daPXBAdwR0ZFwBEzBoQw","fqdn":"du0pud0sdlmzf.cloudfront.net","domain":"du0pud0sdlmzf.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.211","port":0,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:08.43476766Z","timestamp":1700267168434,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /iNUVVcjFWKjsUDkEsMU8IDHJhQwUTLyYdX0V4NkdwB3VhE39tHB4edwc2cwZLUXhlVF1UKzJPF1ArNk8AEyQxEAwBYyECXl54NAtXWy4wBFVXMXMHUAgoOghYWSk0VwNzcHtCFAd1fQoABGBmMBQHdTkbX0A9cEABTX1jLQcBYGYwFAd1JwQUBgRkQggbdX-xXAwUiMBFaWmBnNAMFdGVCAAV0cEABUywnF1daPXBAdwR0ZFwBEzBoQw HTTP/1.1\r\nHost: du0pud0sdlmzf.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://adiingsinspiri.org/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 579\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\naccess-control-allow-origin: *\r\ncache-control: max-age=31556926\r\ncontent-encoding: gzip\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: IDHCR12DBXLKlNGySXvCztiTIe12sCfigKlfP_QIjVXctBQMiQhHvA==\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":579,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with very long lines (799), with no line terminators","md5":"89fb982b48eedc49039e9a60dde4b527","sha1":"5a3e141e55f85bbbcd0e078406552c2a7d1a485f","sha256":"84f02c470522afb35513b609d7a5150d64f2bc9599f87e36981b4482515a01af","sha512":"56afaff31e6a98ec6cfdfdab424fbc92db892703d09dfde04e3ea2ca2981b981d5033a7c148bfbe9d5ea51b975f17f1f7f9a05c46a04162f0ad0812dae6e4dbf","ssdeep":"","tlshash":"9001412d9ae00be99847250622f0f01942e5e08d22b21b614a1e0bf6eb0cc3b4650308","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"setitoefanyor.org/bGJiSmxDXQE5UT5TJDg9XjRHeCo2DhJ4OgIkBRI0NgEBeDoOATQbShgLBndVVVVWe1hKEgsuUV1EET4NGBcRd19cUlNsBQIEDXdcXFJTbBpRU0x5WEJRVmRcShdfe11dUlp7WFVbW39eVVFRfEoYEgMtUV1EEj4YAF9TfVxcUFR9XVpaVHhe","fqdn":"setitoefanyor.org","domain":"setitoefanyor.org","tld":"org"},"ip":{"addr":"172.67.198.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","date":"2023-11-18T00:26:08.628Z","timestamp":1700267168628,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"setitoefanyor.org","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 15 Nov 2023 06:34:23 GMT","end":"Tue, 13 Feb 2024 06:34:22 GMT"},"fingerprint":{"sha1":"71:E6:35:28:05:47:4A:2C:6E:EB:4C:92:5D:31:D3:8B:D5:4D:B8:83","sha256":"1A:C1:C4:75:47:51:EE:18:E6:93:4D:6B:AD:C0:A8:99:30:63:5A:CE:36:8A:40:C6:A1:AF:A0:AA:C3:CE:7F:BD"}}},"request":{"raw":"POST /bGJiSmxDXQE5UT5TJDg9XjRHeCo2DhJ4OgIkBRI0NgEBeDoOATQbShgLBndVVVVWe1hKEgsuUV1EET4NGBcRd19cUlNsBQIEDXdcXFJTbBpRU0x5WEJRVmRcShdfe11dUlp7WFVbW39eVVFRfEoYEgMtUV1EEj4YAF9TfVxcUFR9XVpaVHhe HTTP/1.1\r\nHost: setitoefanyor.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nContent-Length: 0\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\naccess-control-allow-origin: *\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=d%2BSHj18QoPfSGb2PXqJi9UkVgwDteuz8sv6ViwaAaPavAUQHP291uIDroBtVv2YpdKNUuYyYu3nFu%2BFOnH5SdtK8rhHtM%2FHLaCIqyXqIpY1WlbIeHKNwqdlQ8M1SwbNcqSiCCQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 827c1485b865b523-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"resource_available":true,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyzUbjbemTt4oBcd6UNMUIa0dTWEgBiOiFnSWM3nHGq3e949Xj1kOWks4I_b5XRD7SW_IG7Dww\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-771687877%3A1700267167325014\u0026theme=glif","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":0,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:10.202692857Z","timestamp":1700267170202,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeyzUbjbemTt4oBcd6UNMUIa0dTWEgBiOiFnSWM3nHGq3e949Xj1kOWks4I_b5XRD7SW_IG7Dww\u0026passive=true\u0026service=youtube\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-771687877%3A1700267167325014\u0026theme=glif HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-1X9C3lOjiRCRMIrNTI6IIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":2783,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document, Unicode text, UTF-8 text, with very long lines (1656)","md5":"25b8cecfa88d9ed73e68966e05922f06","sha1":"eccc5b1b3e8367b63a7a81b850fffde58f726de8","sha256":"da1b92e93af28be0e11b0d14a67aa5d216069771269faa0270b9e07257431af2","sha512":"aee92b7a246c4a56f3c3cff29df8c66df39abb6d0b4772d8093fdd350baa520e993843dc7b7edaea4e48e3b47af9984fc9f234797129729d4167561b8faad180","ssdeep":"192:r8kMmEXVLXqaVqaZqaCqaRqaE+qX0qXqqXJqXgqXRLhbqWqwq3qOq6FBhLpPdCIh:I5mEF7qaVqaZqaCqaRqa3qX0qXqqXJqY","tlshash":"8342e865d74e302566b8502786fd04d4a04cf3b8bd0b4e9678679c3fa4ea3a661e3718","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"setitoefanyor.org/popunder.gif","fqdn":"setitoefanyor.org","domain":"setitoefanyor.org","tld":"org"},"ip":{"addr":"172.67.198.24","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:10.371020833Z","timestamp":1700267170371,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"setitoefanyor.org","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Wed, 15 Nov 2023 06:34:23 GMT","end":"Tue, 13 Feb 2024 06:34:22 GMT"},"fingerprint":{"sha1":"71:E6:35:28:05:47:4A:2C:6E:EB:4C:92:5D:31:D3:8B:D5:4D:B8:83","sha256":"1A:C1:C4:75:47:51:EE:18:E6:93:4D:6B:AD:C0:A8:99:30:63:5A:CE:36:8A:40:C6:A1:AF:A0:AA:C3:CE:7F:BD"}}},"request":{"raw":"GET /popunder.gif HTTP/1.1\r\nHost: setitoefanyor.org\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/3 200 OK\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\ncontent-type: image/gif\r\naccess-control-allow-origin: *\r\npragma: public\r\ncache-control: public, max-age=604800, immutable\r\ncf-cache-status: HIT\r\nage: 18518\r\nlast-modified: Fri, 17 Nov 2023 19:17:29 GMT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=Wn5NembL%2Ffkv0y6Mh5ovi2m46teuW4zNkvsH6LjQrpA%2F1ua48CWYi9oWgc4%2F%2B0yOJXSBQxq2AnNBGHuOtDgn%2FLWpamdLR023VbaK%2BzYJzuG9UsZy8Pr0YtPGeT8bOIpw3RP9zQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 827c14852fe5b523-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":177037,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1\\012- data","md5":"a484f93e1e1e1735547ff8650cd01f7d","sha1":"5244badd6d6e8cee6f79b381db050877e62d366b","sha256":"95ef72f51d062d408d3c2fb6351223f58d9cc78b873dfa5d16ceb78a6c5aba50","sha512":"748db2172edbc016825c9f3c67d0ff9764fd4ce8108e3150d097e8da86307b4b7e707af9cac75fb4cb73ae58a5e6146704ed84dc1e619f209bcc83b7ea2e57eb","ssdeep":"3072:c4J+03jL5TCOauTwDhFdnCVQNLa98HrPevC2eYCLaISESuoa:a0zEOQR+iLa98HrgreYCvSESy","tlshash":"2a0418d57b8e381787a632a980ff014ef17dd2f6a1094875f09894a06db8a1d13b7f6c","first_seen":"2023-11-01T13:54:08Z","last_seen":"2024-08-20T21:30:55.277168Z","times_seen":5,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"infosec_yara","sensor_type":"yara","title":"","description":"Public InfoSec YARA rules","scan_date":"2023-11-18","alert":"Identifies a webshell or backdoor in image files.","trigger":"setitoefanyor.org/popunder.gif","verdict":"malware","severity":"medium","comment":"","link":"https://github.com/bartblaze/Yara-rules","meta":{"author":"@bartblaze","category":"MALWARE","creation_date":"2020-01-01","description":"Identifies a webshell or backdoor in image files.","fingerprint":"459e953dedb3a743094868b6ba551e72c3640e3f4d2d2837913e4288e88f6eca","first_imported":"2021-12-30","id":"6IgdjyQO28avrjCjsw4VWh","last_modified":"2021-12-30","malware_type":"WEBSHELL","rule":"Webshell_in_image","sharing":"TLP:WHITE","source":"BARTBLAZE","status":"RELEASED","version":"1.0"}}],"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/2c571999-e5b7-410d-a271-bf1532acf5e0/Novembercampaing_1000x400_EE.jpg","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:10.443544939Z","timestamp":1700267170443,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /banners/2c571999-e5b7-410d-a271-bf1532acf5e0/Novembercampaing_1000x400_EE.jpg HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\naccept-ranges: bytes\r\netag: \"1818358582\"\r\nlast-modified: Fri, 10 Nov 2023 22:00:23 GMT\r\ncontent-length: 52870\r\ndate: Sat, 18 Nov 2023 00:25:57 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 832129724\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":52870,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, progressive, precision 8, 1000x400, components 3\\012- data","md5":"4f8c6d530b3b16463c23f63c5c039f20","sha1":"028f36c64868215ee266bf88f87126b8ca324c9c","sha256":"0a671462370c495769e35b68d809de5ee4e0102f8dcc86ca7a882d2eaf6b9af1","sha512":"85f4a5a91d106369ed75aadfe8c0b4cfa120cae7e798909b95de326ed50ad2fdc2bcbb5b278b957da4c4a627e084def2b2d0e6c483ccdafe59152f3a1d911b4f","ssdeep":"768:4YyNFmqr2AkVLu0kIIEwIKzDTfCcBe85D57+nV+9UuTsywmANPEDbKktHqC/wL/L:4bGpvvIEK/Liw99saApEDbbq9Clk0q","tlshash":"3833f1bcc50bddf6e2e93ef460d1ef35c3d95bb4a6a71bc461024a69e0d05646d8802f","first_seen":"2023-11-18T01:26:32Z","last_seen":"2024-08-20T19:00:16.02383Z","times_seen":3,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeywOeJYRf4ECoVjFMsbpriRE_6LATPfO71-y_dZVtN9tTF0a9y-KeiXzDJvKtoS1lpVcxrtR\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-754235248%3A1700267167247993\u0026theme=glif","fqdn":"accounts.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.74.109","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","date":"2023-11-18T00:26:08.289Z","timestamp":1700267168289,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"GTS CA 1C3","organization":"Google Trust Services LLC"},"validity":{"start":"Mon, 23 Oct 2023 11:18:24 GMT","end":"Mon, 15 Jan 2024 11:18:23 GMT"},"fingerprint":{"sha1":"4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95","sha256":"15:CB:A2:CE:4B:FE:61:1E:1A:B7:EA:EF:89:4D:AC:02:D4:54:5E:C6:82:ED:66:53:FC:05:C1:2F:71:78:EA:AE"}}},"request":{"raw":"GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico\u0026hl=en\u0026ifkv=AVQVeywOeJYRf4ECoVjFMsbpriRE_6LATPfO71-y_dZVtN9tTF0a9y-KeiXzDJvKtoS1lpVcxrtR\u0026passive=true\u0026service=mail\u0026uilel=3\u0026flowName=GlifWebSignIn\u0026flowEntry=ServiceLogin\u0026dsh=S-754235248%3A1700267167247993\u0026theme=glif HTTP/1.1\r\nHost: accounts.google.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 403 Forbidden\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"AccountsSignInUi\"\r\ncontent-security-policy: script-src 'nonce-z7Wkg9e0_KdL-5D7YQxC9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport\r\npermissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*\r\nreport-to: {\"group\":\"AccountsSignInUi\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi\"}]}\r\naccept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":4582,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"gzip compressed data, max compression\\012- data","md5":"874fc81768deef19df7b8d433abd1fe2","sha1":"3dc9d8a1059c9b9bca947de53e372cf6a5ed3d4d","sha256":"07faf061090c4c0a2c4577cefd2bcc6ed4cf940bd8092568c5087fd3458910ff","sha512":"b68814c749ad07a24103da7e81f28649efe3b57e10e6076e3a7a54592b29f04275ccaae3473e06b9f580631e5cf1591e6ac793396a8f2ba5c92444aa31437fde","ssdeep":"96:WCjg3yL/mo0mkYvFJH7uihdOz/h+551n1EtAdCkt91xK:WuDBxkYvFFzY0vEQCsK","tlshash":"8791c894ab4d162dc621232426abb29a673cd074216498e358dcd67c39ec46f811fdef","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":62,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":62,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/files/close-gray.png","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","date":"2023-11-18T00:26:10.478Z","timestamp":1700267170478,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 22:07:14 GMT","end":"Thu, 01 Feb 2024 22:07:13 GMT"},"fingerprint":{"sha1":"8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9","sha256":"07:59:4F:1D:42:4F:55:8E:06:78:31:DF:B2:F6:55:29:EB:02:AD:B6:00:E5:14:97:62:B3:A5:C7:A7:20:62:22"}}},"request":{"raw":"GET /files/close-gray.png HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\netag: \"1971769258\"\r\nlast-modified: Fri, 08 Apr 2022 18:07:56 GMT\r\ncontent-length: 1497\r\ndate: Sat, 18 Nov 2023 00:25:57 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 805212424\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1497,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\\012- data","md5":"41d9676ab94bece3f7a549b4769ddbe2","sha1":"521f14490fc57fea51e2e5bf00e2299dce51561b","sha256":"c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34","sha512":"9988bd18d13f38d3bfe107d116c28f896b9965de6ca0949905f47901965a356d621c1ec4b1a573dfb0ed753ccc270015419b24729b767de2d5210a73b2c3daaf","ssdeep":"","tlshash":"5d31f7f3e40c4ba3d57313928a6a7184ada3d5f230014014fcc9a90c966cf0eeaee253","first_seen":"2023-04-30T19:35:34Z","last_seen":"2024-08-21T09:18:42.702606Z","times_seen":112,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pogothere.xyz/","fqdn":"pogothere.xyz","domain":"pogothere.xyz","tld":"xyz"},"ip":{"addr":"172.64.132.28","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","date":"2023-11-18T00:26:08.101Z","timestamp":1700267168101,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Tue, 28 Feb 2023 00:00:00 GMT","end":"Tue, 27 Feb 2024 23:59:59 GMT"},"fingerprint":{"sha1":"17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB","sha256":"09:91:FB:E4:53:65:EC:A7:C4:6B:EB:F6:E2:94:A5:09:45:6F:FC:DC:B1:B4:E4:67:80:61:7A:EE:7F:81:DD:45"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: pogothere.xyz\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.upload.ee/\r\nOrigin: https://www.upload.ee\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Nov 2023 00:26:07 GMT\r\ncontent-type: text/plain\r\nset-cookie: csu=1110814999529336@1@1700267167; Max-Age=31104000; Secure; SameSite=None\r\naccess-control-allow-origin: https://www.upload.ee\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET\r\naccess-control-allow-headers: X-Requested-With, content-type\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=thfQJiKxT5Wjq2M8CYuyQLB18dVFCJiehDOiDCMFPa67Eqnn%2BdoypeCVY6R%2FTN96aLm5juH%2BQhJg5WyFnLn0rvJLGDIuYjLgGqNPXkZUI6UWLLJka7XoAHndT9IiT0Vb\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 827c14831e336397-LHR\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8190,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"763baa4409804540ccf837b5f9622e77","sha1":"93ca74b9d1c9b4bd45516e4157a4eb37fc9db6ad","sha256":"bba1583dce0d12d0dd2e1928079811eec02a2016a48e3fee4bda453e0ed57a33","sha512":"c5911523b4913fe9abb6183a5f59617e9151601906918bfd418fab1bc021971a8a77de7ba4b4cc92370dc915d9e8166214d139b9db9f52b128bc8fb0cc6fbee8","ssdeep":"","tlshash":"6a8000c888e2820c0288020ca22a08b0c0008223ae0b020838c080032808320000a08e","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":303,"timings":{"blocked":83,"dns":2,"connect":40,"send":0,"wait":125,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/tumult/hype-runtime/HYPE-752.thin.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.129.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-11-18T00:26:10.692Z","timestamp":1700267170692,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /gh/tumult/hype-runtime/HYPE-752.thin.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.bepolite.eu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: master\r\nx-jsd-version-type: branch\r\netag: W/\"de41-A2ayVPr7SnqXmmn7nve+NDS3TRQ\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sat, 18 Nov 2023 00:26:09 GMT\r\nage: 18462\r\nx-served-by: cache-fra-eddf8230058-FRA, cache-bma1630-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 26057\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":26057,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (3286)","md5":"a7736c83b9ad2dd6317674cd4ed0bb68","sha1":"0366b254fafb4a7a979a69fb9ef7be3434b74d14","sha256":"4804b62bc3461ff1ab61aa2482690d79db2646701da68b6371ad1485c6f948fd","sha512":"1c6e24fb1857c19d517e260553f9b2c153cc22800980806971c9602f052e73e4afaa32a7916d1bdf60e48abe47c94300714c9e4316a2d31d4da27e18e1c905f4","ssdeep":"768:0fS+Qu82PHLAAe95oLemSSO4Zb/TL0f0LiAnFdMXLlbQJAavBVZ4XOsKF4TLpG:2S+Qu8QLAAePo/SLGmXLqOmE9TlG","tlshash":"664328e877c970d252b338f1609f245b653aa6a3f8558ca0606cd1c4ed741be21e7e2f","first_seen":"2023-07-01T13:16:16Z","last_seen":"2025-10-26T11:09:41.197674Z","times_seen":8,"resource_available":true,"data":null}},"time_used":110,"timings":{"blocked":48,"dns":20,"connect":10,"send":0,"wait":9,"receive":4,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/rimi-logo.png","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-11-18T00:26:10.821Z","timestamp":1700267170821,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 22:07:14 GMT","end":"Thu, 01 Feb 2024 22:07:13 GMT"},"fingerprint":{"sha1":"8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9","sha256":"07:59:4F:1D:42:4F:55:8E:06:78:31:DF:B2:F6:55:29:EB:02:AD:B6:00:E5:14:97:62:B3:A5:C7:A7:20:62:22"}}},"request":{"raw":"GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/rimi-logo.png HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\netag: \"2867619645\"\r\nlast-modified: Thu, 16 Nov 2023 09:49:38 GMT\r\ncontent-length: 2424\r\ndate: Sat, 18 Nov 2023 00:25:58 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 877444071\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2424,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 217 x 78, 8-bit colormap, non-interlaced\\012- data","md5":"4a7ad134a262803b349d9ee16df28c26","sha1":"5ac60279269c61df50eaecf3cee3ad1e00d800da","sha256":"9bb95117866759fb9cd38a74a39b1674e7843645032386748a5d4cb81ac4292b","sha512":"d98d9777eb9445e44df704ad5fc4652eea374f0749f4d7100a38a63d7c371e051e6bb543d227db13b4bcc0dda76abeca1aee529ca93f85dd04e182500f357bff","ssdeep":"","tlshash":"","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/est.png","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:10.836887642Z","timestamp":1700267170836,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/est.png HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\netag: \"1809572135\"\r\nlast-modified: Thu, 16 Nov 2023 09:49:38 GMT\r\ncontent-length: 7328\r\ndate: Sat, 18 Nov 2023 00:25:58 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 867891857\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":7328,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 392 x 141, 8-bit colormap, non-interlaced\\012- data","md5":"e580ec9b0f35b1b79bda72ce33fb6d1f","sha1":"4f7bc40878126203ab538f8793869a95cb3f2e3c","sha256":"f32b53a2d6e43bfc7ff31bf05a46a047a5bcba2d97eeae021024c19d546ea925","sha512":"b5e3de659a24e4f0c9a98ab1e3d16c8179430166c7cc3af96b4a3c8f975563c717c17b8b6b0d92c62b83b1d94a1de4a4eed1108831bdc661d6be9c0f5ea08954","ssdeep":"","tlshash":"","first_seen":"2023-07-23T16:54:43Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1000x200.png","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:10.845642506Z","timestamp":1700267170845,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1000x200.png HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\netag: \"3391313778\"\r\nlast-modified: Thu, 16 Nov 2023 09:49:38 GMT\r\ncontent-length: 9381\r\ndate: Sat, 18 Nov 2023 00:25:58 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 850896076\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":9381,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 200, 8-bit colormap, non-interlaced\\012- data","md5":"772e1546faf6e7d8a3db157dcb85f437","sha1":"b2234be7206e161b45b5e6312719d6b17f8b80bf","sha256":"4bd80455b71ec910d4efea6385b4737ea541b9c64b6976bc50b03dad3a48085f","sha512":"4030d226aac377669e349873e29709bf08e2f688817025ecd51597c0aab0b6880ad5bc48aa706bebb059742232d445e44f711313a153d19d72a92b8bd146c38c","ssdeep":"192:ds7hWGmvWcJa1kEh5it9st8kR07vy4iseXefvjhGC:eWecJa17h5QyLR0O4GOsC","tlshash":"36129ef938e223e91a5052bcf07b83584a1c82fb854f5596b15afb0c485a636168ff4d","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-pic.png","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:10.848610112Z","timestamp":1700267170848,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-pic.png HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\netag: \"2236804787\"\r\nlast-modified: Thu, 16 Nov 2023 09:49:38 GMT\r\ncontent-length: 24451\r\ndate: Sat, 18 Nov 2023 00:25:44 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 726103408\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":24451,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 236 x 171, 8-bit colormap, non-interlaced\\012- data","md5":"0f64aa6a68afedbcdc50baeedce643f0","sha1":"175274267d9a396a691d4d869b666938cf3200ad","sha256":"498efdaf701f047073b42e3058d3e86963043d812c2340f4a792accb77a1384b","sha512":"f4e0725bc1298a3d639c5428481cb25fb53071ba39a94ec7e5491874c806f379f075c4eb3cab8d3cb0d84792a9fad6dd5985cf0fbeda468ed88ec30818f294ca","ssdeep":"384:LnM9BPj3dbCEjApveWJ6OOiCPAw5Jj6v3CwCNh9IJRF+OepFQb0ActWsg:LM9BbdbCE0veJOs5h6TCNczEOepFQ4At","tlshash":"d4b2e1926950eff849cce23463ef6279cd6d37c2d8868265ac07f7847af5532828719c","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-est-1.png","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:10.849446291Z","timestamp":1700267170849,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-est-1.png HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\netag: \"1793107396\"\r\nlast-modified: Thu, 16 Nov 2023 09:49:38 GMT\r\ncontent-length: 1580\r\ndate: Sat, 18 Nov 2023 00:25:58 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 867891860\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1580,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 430 x 20, 4-bit colormap, non-interlaced\\012- data","md5":"dcb8605fdeee97d9f57483401d3b5c77","sha1":"1fd628c3554e651b96183ec599964ca5f15ae8fc","sha256":"f80ebf95d1bf5561a22540ef15af2d18f0a16df72b461c7f9abf81c0e9b8e1a7","sha512":"2a75a3ee64d43a71d007cafb3fe278d759fde6e5f10094986ea6e3e4fea03779afcee26c22d155aad87dd48e424efcc0318da7f8044e5f652b131137ee1cb239","ssdeep":"","tlshash":"a4312969344d3a7af304877c3206ded68e6e0910a700a3b16854fdde75a4207283cfea","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-hind.png","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:10.850020243Z","timestamp":1700267170850,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/2-hind.png HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\netag: \"200709162\"\r\nlast-modified: Thu, 16 Nov 2023 09:49:38 GMT\r\ncontent-length: 1476\r\ndate: Sat, 18 Nov 2023 00:25:42 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 877444074\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1476,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 183 x 85, 8-bit colormap, non-interlaced\\012- data","md5":"5ed39dafed0f85ee73b66293f53d1d65","sha1":"32525648c9336de3fd12566fa88c0ac9bb49b492","sha256":"a542aa385925bf99ba0071275dee27a80d36fb255e4384f337213fb4fd33d5fc","sha512":"f952bc3f6e254b28dea9f24c49d2313a7da7b08780cab6fa92075be7f0e5305c924c124cca8815c2fc62f94297a4c1f74d463cddbcf00063822af88dd28667e2","ssdeep":"","tlshash":"fa31d6e32138cd90cb8dd5012779ba714a36ede81cc11aa4ef9ccd142b9315146852f5","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-pic.png","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:10.853937944Z","timestamp":1700267170853,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-pic.png HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\netag: \"631513606\"\r\nlast-modified: Thu, 16 Nov 2023 09:49:38 GMT\r\ncontent-length: 23603\r\ndate: Sat, 18 Nov 2023 00:25:58 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 850896079\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":23603,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 191 x 212, 8-bit colormap, non-interlaced\\012- data","md5":"0f6df0e2a99e301d31c23eb5fdb2821d","sha1":"ac728ae3ec1d26030c1792aa5769c5988373c445","sha256":"9ef84892439181262952bf9ec897d3047bda9fe887b7ccf690c015c63db75a5b","sha512":"987bcc5b6bf5d2a77297f82cb61bec15005353d4ef9aee0ee2ae2a0477f39ddddd68145964816e4a1ae0c20c7f045338b2791ec4383df8c06613eda2f2561341","ssdeep":"384:Q0y71mr5nlG/vCSkiIxjgWf8R2EgHvdSg0t5yKoztqhp9vrj0Kw4CZpAflFQlW:UZmFI7ijNUR2PHQ5uXOp9cR4lMW","tlshash":"4bb2e170e5092d1e54f16e70373d7bc15acd1a6f2aca3447179addd89e38600c05b2be","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-est.png","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:10.859820404Z","timestamp":1700267170859,"http_version":"","security_state":"secure","security_info":null,"request":{"raw":"GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-est.png HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\netag: \"2858560924\"\r\nlast-modified: Thu, 16 Nov 2023 09:49:38 GMT\r\ncontent-length: 1639\r\ndate: Sat, 18 Nov 2023 00:25:58 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 726103411\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":1639,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 459 x 20, 4-bit colormap, non-interlaced\\012- data","md5":"f405ccd9bc811e7b425db042cc87cae8","sha1":"1d0982c7eb344a9c5e5190075137afb069968a98","sha256":"619f56a1e00a0e6669d04cfb3a40c4b0ab489a5244fb4c0cd2722f6fe58b2f6b","sha512":"f3c89977cff37e82d443ea3d98bfbccbe6b1d0fd5b841e36cbf86747073bfc7fa48481949074150fcbb9060195f8bd11e9402e08db869d53d4838f5059eb6d5d","ssdeep":"","tlshash":"8a31ea7fe42d9620d0512b7300051215ac3a6d1be333a630a165b63ca01e6ed5cbe417","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-hind.png","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-11-18T00:26:10.847Z","timestamp":1700267170847,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 22:07:14 GMT","end":"Thu, 01 Feb 2024 22:07:13 GMT"},"fingerprint":{"sha1":"8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9","sha256":"07:59:4F:1D:42:4F:55:8E:06:78:31:DF:B2:F6:55:29:EB:02:AD:B6:00:E5:14:97:62:B3:A5:C7:A7:20:62:22"}}},"request":{"raw":"GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/1-hind.png HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\naccept-ranges: bytes\r\netag: \"855136650\"\r\nlast-modified: Thu, 16 Nov 2023 09:49:38 GMT\r\ncontent-length: 1626\r\ndate: Sat, 18 Nov 2023 00:25:44 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 877444077\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1626,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 183 x 85, 8-bit colormap, non-interlaced\\012- data","md5":"ed31899f3a5ad7d063a49939b18be2fe","sha1":"18089afa6ba79161a622996c0aa5ea858b86eeb1","sha256":"4b0ec3a07d0f688c34df83422d51b233bb0abaeb6080141d039d9ce9f2cb6593","sha512":"b7600be422b73b8b9f6a0d97dde5105e7047f0866fc09a854692e5206a8a2722c802e8a9a5e586871747dda6085b28f7f7755117e9b59b8dd90a4af9650bcd06","ssdeep":"","tlshash":"","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"banner.hookusbookus.com/config/config.js?v=1","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"3.124.150.20","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:11.361503596Z","timestamp":1700267171361,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /config/config.js?v=1 HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Nov 2023 00:26:10 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 75\r\nserver: nginx/1.15.12\r\nlast-modified: Tue, 24 Jan 2023 14:19:47 GMT\r\netag: \"63cfe903-4b\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":75,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text","md5":"ee16e21326dec006274a554647c4d759","sha1":"8e4389c35e12ea6d1e4d7214c174fda343047865","sha256":"5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f","sha512":"a239a8e81f283185fdb6793b9d85b0418d876138414aab138425f356942648542372165bd3faac525d4538dd308467a432492efe6f3efc402ef3029b33d1ebb4","ssdeep":"","tlshash":"4ea012f3818884730728057185d738249f0da14444618184626814026008221511252c","first_seen":"2023-03-13T06:46:56Z","last_seen":"2024-08-21T08:57:42.304883Z","times_seen":97,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"banner.hookusbookus.com/assets/image/prices-bg-3.png","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"3.124.150.20","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:11.443071495Z","timestamp":1700267171443,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /assets/image/prices-bg-3.png HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/assets/css/index_1000x200.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Nov 2023 00:26:10 GMT\r\ncontent-type: image/png\r\ncontent-length: 2442\r\nserver: nginx/1.15.12\r\nlast-modified: Thu, 22 Apr 2021 07:20:15 GMT\r\netag: \"608123af-98a\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":2442,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 250 x 118, 8-bit/color RGBA, non-interlaced\\012- data","md5":"ef56eff9c1246b25c0088c156116ae05","sha1":"21f5a8245443365c960a196d005277a3c5ef4709","sha256":"be624625b85909d1b549672c0a13b167751f842e035c3156f1d5e4a1b677ce54","sha512":"10b48f3e266b0ec278b3dd880afe7bcc5b86ee40cd76293a6dfb9bc647780a7e95e366bec96ee1765aebea41307bfcca30aef7f14256addea31f047b132dfc24","ssdeep":"","tlshash":"9e510a0666a5109da0c37ee32c475c58cf302363618066ddd77fa5dd68a2885bf81b89","first_seen":"2023-05-01T00:43:07Z","last_seen":"2024-08-21T08:57:42.312691Z","times_seen":76,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"3.124.150.20","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:11.739693825Z","timestamp":1700267171739,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /assets/fonts/greycliff-cf-regular.woff HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/assets/css/index_1000x200.css\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Nov 2023 00:26:10 GMT\r\ncontent-type: font/woff\r\ncontent-length: 53104\r\nserver: nginx/1.15.12\r\nlast-modified: Thu, 22 Apr 2021 07:20:15 GMT\r\netag: \"608123af-cf70\"\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":53104,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 53104, version 1.500\\012- data","md5":"4f5975fe17a8ca74963be0165ff6a443","sha1":"4bca2ab6c3da2b6ae09602601adeac22e7a90381","sha256":"5b8f98e0c93afef19bd64c3dea2a16d60dc1574e5a4a79b788ef03b9eb3c22df","sha512":"6ca6fb1d1845ac2cbd2510fb8882193fa8c800f2dea37b680fed0780f6d50a08258eccda0ef52495d2af346c32866c3a34a7ceefb7448af211b1b4ef6a7585da","ssdeep":"1536:YkREtZ1LgzQ0J3ysMpc4EcDFBxfknCHWCFJqjQmt:os/MCLaMCCQg","tlshash":"2c3302610f0d0d77da5499ed2a6ee7fa6a03c4300e83036578da63e1a6637bcc7341e9","first_seen":"2023-05-01T00:43:07Z","last_seen":"2024-08-21T08:57:42.307464Z","times_seen":94,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","fqdn":"banner.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"3.124.150.20","port":0,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:11.774644675Z","timestamp":1700267171774,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1\r\nHost: banner.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Nov 2023 00:26:10 GMT\r\ncontent-type: text/html\r\nserver: nginx/1.15.12\r\nlast-modified: Tue, 24 Jan 2023 14:19:47 GMT\r\nvary: Accept-Encoding\r\netag: W/\"63cfe903-1781\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":67279,"size_decoded":0,"mime_type":"application/x-gzip","magic":"gzip compressed data, from Unix\\012- data","md5":"9db4f4d24bc947fa1be4fa7d1d289214","sha1":"69c3c2644f35d0583f6af8f11caa9cd9fde8dd49","sha256":"20eae81a9273d63fc9e25ef00f9bf70d43632f0fb03841a49a8e86035b14f735","sha512":"6d122f17a964fe7549c0dde1d08db885e4f54c4c5b2f59dab128e6ced681c719f13048c28c1de9c772b53edf02689ea57e95b22da93bb496056b6f5c5de34b5e","ssdeep":"1536:S3a34jj1NwVGOfSgAGBMXebWyCHg4FRwKz5K19U+EiVQ:S3z/HaDmCCHgYiKzI1XzVQ","tlshash":"15630235fb588a3ddc113ff457d24b8359026a8a0841841136daaadfcf6a84996c2f7c","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/nPEAWYJLUSat8p4TwADQ.jpg","fqdn":"dskwugy0u6y9l.cloudfront.net","domain":"dskwugy0u6y9l.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.129","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-11-18T00:26:17.684Z","timestamp":1700267177684,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 10 Oct 2023 00:00:00 GMT","end":"Thu, 19 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52","sha256":"E9:59:5B:FB:7B:3B:3F:96:AE:46:70:B0:A0:33:9A:0E:15:23:16:45:47:E4:D7:05:52:4B:6B:08:84:7B:BA:1D"}}},"request":{"raw":"GET /hotelliveeb/images/general/1/nPEAWYJLUSat8p4TwADQ.jpg HTTP/1.1\r\nHost: dskwugy0u6y9l.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\ncontent-length: 62663\r\ndate: Fri, 17 Nov 2023 23:27:18 GMT\r\nlast-modified: Mon, 20 Dec 2021 05:01:37 GMT\r\netag: \"9d39df13669f4b0a37f1ec935fcf07c1\"\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: a5qPs2M4TYkBhi6WZFI0DNaALsZQsjFulSzMXHl2URUwZLlStJRA4g==\r\nage: 3539\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":62663,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\\012- data","md5":"9d39df13669f4b0a37f1ec935fcf07c1","sha1":"bee556a5a2eb792bc07095365d7ce55e0f20c488","sha256":"c4ae0112f49b2e7eec621163661ab594d1deab9e18f27dfe9c37f212d5292ebd","sha512":"58c361be946b21cfd4ec5dbafdc075f7df4a46f84af84b49deee1f65caa67fbc4107c95571919f7383203541cdd725eab62ee59e57fc377903cecf5df0935cef","ssdeep":"","tlshash":"","first_seen":"2023-05-02T13:47:26Z","last_seen":"2023-12-14T11:47:25Z","times_seen":12,"resource_available":false,"data":null}},"time_used":34,"timings":{"blocked":12,"dns":1,"connect":1,"send":0,"wait":7,"receive":3,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","date":"2023-11-18T00:26:10.730Z","timestamp":1700267170730,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 22:07:14 GMT","end":"Thu, 01 Feb 2024 22:07:13 GMT"},"fingerprint":{"sha1":"8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9","sha256":"07:59:4F:1D:42:4F:55:8E:06:78:31:DF:B2:F6:55:29:EB:02:AD:B6:00:E5:14:97:62:B3:A5:C7:A7:20:62:22"}}},"request":{"raw":"GET /event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1\r\nHost: serving.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nCookie: bepolite_id=79a1c098136558b43368e93811a0fd44\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 0\r\ndate: Sat, 18 Nov 2023 00:25:53 GMT\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 805212427\r\nage: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"resource_available":true,"data":null}},"time_used":8814,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8814,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2bY5oiw4fyrAwn75trUE1bqspeCQ9uTRSMQOvtTdOJeWFA4xtXAzUZpt8hxla7Gk7a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:19.562582779Z","timestamp":1700267179562,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 22:07:14 GMT","end":"Thu, 01 Feb 2024 22:07:13 GMT"},"fingerprint":{"sha1":"8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9","sha256":"07:59:4F:1D:42:4F:55:8E:06:78:31:DF:B2:F6:55:29:EB:02:AD:B6:00:E5:14:97:62:B3:A5:C7:A7:20:62:22"}}},"request":{"raw":"GET /event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2bY5oiw4fyrAwn75trUE1bqspeCQ9uTRSMQOvtTdOJeWFA4xtXAzUZpt8hxla7Gk7a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1\r\nHost: serving.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nCookie: bepolite_id=79a1c098136558b43368e93811a0fd44\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 0\r\ndate: Sat, 18 Nov 2023 00:25:50 GMT\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 819162138\r\nage: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:19.595780187Z","timestamp":1700267179595,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 22:07:14 GMT","end":"Thu, 01 Feb 2024 22:07:13 GMT"},"fingerprint":{"sha1":"8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9","sha256":"07:59:4F:1D:42:4F:55:8E:06:78:31:DF:B2:F6:55:29:EB:02:AD:B6:00:E5:14:97:62:B3:A5:C7:A7:20:62:22"}}},"request":{"raw":"GET /event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1\r\nHost: serving.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nCookie: bepolite_id=79a1c098136558b43368e93811a0fd44\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 0\r\ndate: Sat, 18 Nov 2023 00:26:06 GMT\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 764365794\r\nage: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2bY5oiw4fyrAwn75trUE1bqspeCQ9uTRSMQOvtTdOJeWFA4xtXAzUZpt8hxla7Gk7a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g","fqdn":"serving.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":0,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-18T00:26:19.679403808Z","timestamp":1700267179679,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 22:07:14 GMT","end":"Thu, 01 Feb 2024 22:07:13 GMT"},"fingerprint":{"sha1":"8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9","sha256":"07:59:4F:1D:42:4F:55:8E:06:78:31:DF:B2:F6:55:29:EB:02:AD:B6:00:E5:14:97:62:B3:A5:C7:A7:20:62:22"}}},"request":{"raw":"GET /event?key=FYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2bY5oiw4fyrAwn75trUE1bqspeCQ9uTRSMQOvtTdOJeWFA4xtXAzUZpt8hxla7Gk7a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1\r\nHost: serving.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nCookie: bepolite_id=79a1c098136558b43368e93811a0fd44\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ncontent-length: 0\r\ndate: Sat, 18 Nov 2023 00:25:53 GMT\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 832129727\r\nage: 0\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/rimijoulukataloog1000x200est_hype_generated_script.js?50933","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-11-18T00:26:10.626Z","timestamp":1700267170626,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 22:07:14 GMT","end":"Thu, 01 Feb 2024 22:07:13 GMT"},"fingerprint":{"sha1":"8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9","sha256":"07:59:4F:1D:42:4F:55:8E:06:78:31:DF:B2:F6:55:29:EB:02:AD:B6:00:E5:14:97:62:B3:A5:C7:A7:20:62:22"}}},"request":{"raw":"GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/rimijoulukataloog1000x200est_hype_generated_script.js?50933 HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\naccept-ranges: bytes\r\netag: \"849680914\"\r\nlast-modified: Thu, 16 Nov 2023 09:49:38 GMT\r\ncontent-length: 8161\r\ndate: Sat, 18 Nov 2023 00:25:44 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 884652809\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":8161,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (8966), with no line terminators","md5":"62d26f2e0063b7c52102dfa1e6d10aea","sha1":"01b2a8e575b70f7661113557297fa84ab5907840","sha256":"98e64a0cf024c9f1311cf800982867284d1819d004aee066608a359e2dc9212e","sha512":"0475283057951ddf7ce660a31a9071f68cf86db9847c49ae487f0dc426346dd299fdb9275c887702ae1642b5072c1e4865f0896b8cea9850a8ab1c6d879a1216","ssdeep":"192:En6zeRo3Bzu5XMZWh33YXInIvKXLBMjd+:En6zYoRzu58ZWh33Y4D","tlshash":"0802dc4a248ff3a5418479fa2b773c5f3e204c84714d2c808951eeb47d72db9eba36a5","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/pxsDq6wPqej3c4rCsSZ0.jpg","fqdn":"dskwugy0u6y9l.cloudfront.net","domain":"dskwugy0u6y9l.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"143.204.42.211","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-11-18T00:26:11.740Z","timestamp":1700267171740,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Tue, 10 Oct 2023 00:00:00 GMT","end":"Thu, 19 Sep 2024 23:59:59 GMT"},"fingerprint":{"sha1":"FA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52","sha256":"E9:59:5B:FB:7B:3B:3F:96:AE:46:70:B0:A0:33:9A:0E:15:23:16:45:47:E4:D7:05:52:4B:6B:08:84:7B:BA:1D"}}},"request":{"raw":"GET /hotelliveeb/images/general/1/pxsDq6wPqej3c4rCsSZ0.jpg HTTP/1.1\r\nHost: dskwugy0u6y9l.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 421 Misdirected Request\r\nserver: CloudFront\r\ndate: Sat, 18 Nov 2023 00:26:10 GMT\r\ncontent-type: text/html\r\ncontent-length: 1003\r\nx-cache: Error from cloudfront\r\nvia: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-C1\r\nx-amz-cf-id: ujqf4lTsnuiUfYkYbmPBJIuFIwwzC0ygzIJsI_E58OypnF3Zy4Qiyg==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"421","status_text":"Misdirected Request","fingerprints":null,"data":{"size":58753,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\\012- data","md5":"fbddc409b98c0f668bb1ee09bbe260da","sha1":"24e9827e9c3a061226d664dc973f8d49b7ee1fe3","sha256":"96701d3fca8ccd83350be02117fc3d86636a6e378f4f4462bab21587aa26b762","sha512":"a76a42b9bf94b0ecbc4586dba87eac5efb73540595922de5787bda316dbad54ec974fce8efdb315b32120465f0167eaf6f51bbb40c9601598254578e7165a2c6","ssdeep":"1536:Mj1NwVGOfSgAGBMXebWyCHg4FRwKz5K19U+EiVQ:MHaDmCCHgYiKzI1XzVQ","tlshash":"5d430236fb08893dec153fb163924b8359026a4e4c5184513bdab7dbcfa8848d697f6c","first_seen":"2023-05-01T04:21:56Z","last_seen":"2024-08-21T07:36:31.640497Z","times_seen":14,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":8,"dns":1,"connect":1,"send":24,"wait":-1,"receive":28,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"banner-server.hookusbookus.com/package-feed?language=et_ee\u0026utmSource=allmedia","fqdn":"banner-server.hookusbookus.com","domain":"hookusbookus.com","tld":"com"},"ip":{"addr":"3.124.150.20","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://banner.hookusbookus.com/index_1000x200.html?language=et_ee\u0026utmSource=allmedia\u0026click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1-evhWID3ORXadlzh-PDTFyohtAUnWvPFvxHzT-ywuaqFN0px0PrukqcX27oIItUza5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia\u0026clink=https%3A%2F%2Fsmartad.ee\u0026banner_id=d0e67994dc7f4c0c89c220c278dae86e50dd7b0f4105441f8f6018cc3fcb090c\u0026bg=transparent\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","date":"2023-11-18T00:26:11.465Z","timestamp":1700267171465,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.hookusbookus.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Sun, 07 May 2023 00:00:00 GMT","end":"Tue, 04 Jun 2024 23:59:59 GMT"},"fingerprint":{"sha1":"CD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A","sha256":"03:E5:D5:1F:B5:D6:A2:3C:CC:18:C6:CC:04:44:53:F1:A4:42:CE:89:29:32:9F:D7:8B:A4:D4:DC:AD:3B:11:7C"}}},"request":{"raw":"GET /package-feed?language=et_ee\u0026utmSource=allmedia HTTP/1.1\r\nHost: banner-server.hookusbookus.com\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://banner.hookusbookus.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://banner.hookusbookus.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 18 Nov 2023 00:26:10 GMT\r\ncontent-type: application/json\r\naccess-control-allow-origin: https://banner.hookusbookus.com\r\naccess-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE\r\naccess-control-max-age: 3600\r\naccess-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate\r\naccess-control-allow-credentials: true\r\naccess-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length\r\nx-content-type-options: nosniff\r\nx-xss-protection: 1; mode=block\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: DENY\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":27122,"size_decoded":0,"mime_type":"application/json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-17T21:14:57.286906Z","times_seen":15351111,"resource_available":true,"data":null}},"time_used":361,"timings":{"blocked":154,"dns":32,"connect":25,"send":0,"wait":53,"receive":0,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.bepolite.eu/banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner","fqdn":"static.bepolite.eu","domain":"bepolite.eu","tld":"eu"},"ip":{"addr":"212.47.222.22","port":443,"asn":3327,"as":"CITIC Telecom CPC Netherlands B.V.","country":"Estonia","country_code":"EE"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://www.upload.ee/files/15948481/Server.exe.html?msg=sess_error","date":"2023-11-18T00:26:10.467Z","timestamp":1700267170467,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"P384","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"static.bepolite.eu","organization":""},"issuer":{"commonName":"R3","organization":"Let's Encrypt"},"validity":{"start":"Fri, 03 Nov 2023 22:07:14 GMT","end":"Thu, 01 Feb 2024 22:07:13 GMT"},"fingerprint":{"sha1":"8B:4D:B8:C8:25:20:C8:F7:6E:64:AD:6F:28:DF:17:96:B7:3E:67:B9","sha256":"07:59:4F:1D:42:4F:55:8E:06:78:31:DF:B2:F6:55:29:EB:02:AD:B6:00:E5:14:97:62:B3:A5:C7:A7:20:62:22"}}},"request":{"raw":"GET /banners/0ca858fd-12ca-41ea-b2bf-88211c79581d/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D69629138\u0026dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF9gvF9XNXfRgzUO4_7Bg5Wd1f4XYy0DsO_dsFWdv6pk--5HBvkrxiMyvbaGaBdnIsgdB8brbepojP2D9M5BGbOYwxEyHcZjmp02WvgV2U4hyBEKHr1I1rIftGl8GMBJbO3PFX-yuW6rfFOIaIyvOmrrzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-28NbLOyYOvj8yk-0QbTl_N1VEo_RlAyszFIPT-Q5AO_XpB1613JtVQxtGwTH2IR3Ta5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D\u0026f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F0ca858fd-12ca-41ea-b2bf-88211c79581d%2Findex.html\u0026clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D69629138\u0026banner_id=f61a74c490bf43b9ba8a598fcd8b2fa750dd7b0f4105441f8f6018cc3fcb090c\u0026bg=black\u0026w=1000\u0026h=200\u0026locale=Display%20Estonia-EST\u0026info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1\r\nHost: static.bepolite.eu\r\nUser-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.upload.ee/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\naccept-ranges: bytes\r\netag: \"2330996668\"\r\nlast-modified: Thu, 16 Nov 2023 09:49:38 GMT\r\ncontent-length: 3775\r\ndate: Sat, 18 Nov 2023 00:25:57 GMT\r\ncache-control: must-revalidate, private\r\nexpires: -1\r\np3p: CP='BePolite does not have a P3P policy'\r\nx-varnish: 726103405\r\nage: 0\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":3775,"size_decoded":0,"mime_type":"text/html","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document text\\012- exported SGML document, ASCII text, with very long lines (4204), with no line terminators","md5":"ff2334419a0ead85454249f977c0c6ac","sha1":"ce322ef758a08386a6d7924627897ef42b9e53ad","sha256":"a55642be49c8fbd3842d8d1dc1961430e118aa88d71b50f1ae9ce5dbcf181689","sha512":"9628396661f3f8418b346a3102e3f485e47bb45a795292bbf4eda5787e2cda4ec97d672b2aca9a01f4a79bfa65e1bf467d3b4430560a19d382ca213fe3c3265d","ssdeep":"48:tupSBYoRYi1W3QG+BhoiylTpDzZbr4gLhb5/PshbXOnlFP4WCx3b0dW6vgpzqbPz:fbRlHciyltzt1b5Xs52lZ4WmAP","tlshash":"438144252b7e4238d651afe022ab67163627dc18b13185d310edf848385c19ac19fd8f","first_seen":"2023-11-18T01:26:32Z","last_seen":"2023-11-18T01:26:32Z","times_seen":1,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":14,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}