291 B URL upload.ee/download/15650911/27a9374dbbc41d9eabe7/utorrent3.6.0.46896.exe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1f79bcfc1027f46a05564db48fb04dd7
f8d3697365669e6729ca419e51f73ed329b66a84
d5286eff9290b7b763b9c7e452b388d00cadc72c15372cbd9a533aff7dd7be7d
GET /download/15650911/27a9374dbbc41d9eabe7/utorrent3.6.0.46896.exe HTTP/1.1
Host: upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 30 Sep 2023 13:45:29 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 291
Connection: keep-alive
Keep-Alive: timeout=5
Location: http://www.upload.ee/download/15650911/27a9374dbbc41d9eabe7/utorrent3.6.0.46896.exe
0 B URL www.upload.ee/download/15650911/27a9374dbbc41d9eabe7/utorrent3.6.0.46896.exe
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /download/15650911/27a9374dbbc41d9eabe7/utorrent3.6.0.46896.exe HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 30 Sep 2023 13:45:29 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
Location: https://www.upload.ee/download/15650911/27a9374dbbc41d9eabe7/utorrent3.6.0.46896.exe
397 B URL www.upload.ee/download/15650911/27a9374dbbc41d9eabe7/utorrent3.6.0.46896.exe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (397), with no line terminators
Hash a0eb1d4f793117877c10d36f55e84799
ac717e8587fd1e89d81043896fa57a50ac1191e9
035be8510186f1b68288254924a47854204879d266d909b6a5fb03ec578c8c1a
GET /download/15650911/27a9374dbbc41d9eabe7/utorrent3.6.0.46896.exe HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 30 Sep 2023 13:45:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 397
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
397 B URL www.upload.ee/download/15650911/27a9374dbbc41d9eabe7/utorrent3.6.0.46896.exe
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (397), with no line terminators
Hash a0eb1d4f793117877c10d36f55e84799
ac717e8587fd1e89d81043896fa57a50ac1191e9
035be8510186f1b68288254924a47854204879d266d909b6a5fb03ec578c8c1a
GET /download/15650911/27a9374dbbc41d9eabe7/utorrent3.6.0.46896.exe HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 30 Sep 2023 13:45:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 397
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
GET www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
200 OK 9.0 kB URL User Request GET HTTP/1.1 www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
IP
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4526)
Hash 39574ce3ce799b87b5f24d8965f0077e
64105690b8422afebbc4eba0262efe25f41b9482
9a3752fc8d257f3af1ad7b320559fdf0ce5de353813a17a211aad02408a1729b
GET /files/15650911/uTorrent3.6.0.46896.exe.html HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/download/15650911/27a9374dbbc41d9eabe7/utorrent3.6.0.46896.exe
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 30 Sep 2023 13:45:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8963
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 30 Sep 2023 16:45:30 +0300
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
Set-Cookie: lng=eng; expires=Sat, 28-Oct-2023 13:45:30 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None
Content-Encoding: gzip
GET www.upload.ee/static/ubr__style.css
200 OK 2.9 kB URL GET HTTP/1.1 www.upload.ee/static/ubr__style.css
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (591), with CRLF line terminators
Hash 3ba04e290212b44bcca8f10a60a4e879
a9b021c9019bdbb28250836039b2372a1b4d0f0f
f618b1c7be10c3203620d44c6f323be5b61ac10e67588d96cb69988b3173c7d2
GET /static/ubr__style.css HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Cookie: lng=eng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 30 Sep 2023 13:45:30 GMT
Content-Type: text/css
Last-Modified: Fri, 04 Oct 2013 10:02:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"524e9233-25a0"
Expires: Sat, 07 Oct 2023 13:45:30 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip
GET www.upload.ee/js/js__file_upload.js
200 OK 27 kB URL GET HTTP/1.1 www.upload.ee/js/js__file_upload.js
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (1853)
Hash 617f6d5a2744bc8c02e3d2c67544bd68
f57c068257c8bc85644d3be1e845c36506cd4625
62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658
GET /js/js__file_upload.js HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Cookie: lng=eng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 30 Sep 2023 13:45:30 GMT
Content-Type: application/javascript
Content-Length: 27351
Last-Modified: Thu, 07 May 2020 19:13:28 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "5eb45dd8-6ad7"
Expires: Sat, 07 Oct 2023 13:45:30 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Accept-Ranges: bytes
471 B IP
Hash aa2a52bc41a5e23195d52340c4469568
37309d52f7e6a663971fd76cceab4d49a58b2339
dee191d39095702156a7fa38bc253850528670acfffac98f5f4beb689cca65d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 30 Sep 2023 13:45:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET www.upload.ee/images/dl_.png
200 OK 1.9 kB URL GET HTTP/1.1 www.upload.ee/images/dl_.png
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type PNG image data, 154 x 32, 8-bit colormap, non-interlaced\012- data
Hash f3e8f284a4e98cdb91b6abfc142d94a4
fa9e618c2f56bea752ddd7e45a372c5539dadda9
2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882
GET /images/dl_.png HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 30 Sep 2023 13:45:30 GMT
Content-Type: image/png
Content-Length: 1900
Last-Modified: Thu, 01 Dec 2016 09:37:27 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "583fef57-76c"
Expires: Sat, 07 Oct 2023 13:45:30 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
GET www.upload.ee/images/arrow.gif
200 OK 59 B URL GET HTTP/1.1 www.upload.ee/images/arrow.gif
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 6 x 9\012- data
Hash 6675f814b94f13f91f1383707b250e36
31452650e8fce2095613a2010799bdb7548bdd51
061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411
GET /images/arrow.gif HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 30 Sep 2023 13:45:30 GMT
Content-Type: image/gif
Content-Length: 59
Last-Modified: Sun, 14 Apr 2013 07:15:01 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "516a5775-3b"
Expires: Sat, 07 Oct 2023 13:45:30 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
GET du0pud0sdlmzf.cloudfront.net/?dupud=997369
200 OK 118 kB URL GET HTTP/2 du0pud0sdlmzf.cloudfront.net/?dupud=997369
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (15948)
Size 118 kB (117782 bytes)
Hash 5e512f321b04c9e65f9e75e789d04d98
2de1e941740c5973baf4930a03485f715d8b041d
4f3e30129c9097f1dd4fdbfbfd1072e2cb5afe319c0acc10890920086ca30dcb
GET /?dupud=997369 HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 117782
date: Sat, 30 Sep 2023 13:39:02 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: L_CTL2bfuUz_aoC1HxSNxlt2CrRy7yYn2N9fJq3vzoMKx0Bkf3oI-w==
age: 388
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=UA-6703115-1
200 OK 52 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-6703115-1
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (2213)
Hash 0c48803c68135a63274ab764acb452b6
39438aa2cb26db3084629a522420fee049519164
8a0f9cc5c286c90b78ef6903bfaa45f0b55fa2f0efc2906cb480d7c3f2cd41cb
GET /gtag/js?id=UA-6703115-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 30 Sep 2023 13:45:30 GMT
expires: Sat, 30 Sep 2023 13:45:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 51699
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
471 B IP
Hash aa2a52bc41a5e23195d52340c4469568
37309d52f7e6a663971fd76cceab4d49a58b2339
dee191d39095702156a7fa38bc253850528670acfffac98f5f4beb689cca65d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 30 Sep 2023 13:45:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET imoughtcallmeoc.com/WXNBaHF2TCIbTAw3D1o/Nx8pKxoAMRI/EhEiJj48AzIHLjBpMmccGD1OeFFGakV4TgEwF3xZVyoHIBwEKk5wThg3FS5VVy9OcEZCbV1yXF9pVTRVQH8HMQkWZEJnGAUtH3xZR2BFcVBAbEBwW0Bh
204 No Content 0 B URL GET HTTP/2 imoughtcallmeoc.com/WXNBaHF2TCIbTAw3D1o/Nx8pKxoAMRI/EhEiJj48AzIHLjBpMmccGD1OeFFGakV4TgEwF3xZVyoHIBwEKk5wThg3FS5VVy9OcEZCbV1yXF9pVTRVQH8HMQkWZEJnGAUtH3xZR2BFcVBAbEBwW0Bh
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectimoughtcallmeoc.com
Fingerprint6A:B1:82:66:FB:7F:B1:7D:D7:B6:B6:FA:47:74:69:56:50:78:B1:A5
ValidityWed, 13 Sep 2023 06:22:08 GMT - Tue, 12 Dec 2023 06:22:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /WXNBaHF2TCIbTAw3D1o/Nx8pKxoAMRI/EhEiJj48AzIHLjBpMmccGD1OeFFGakV4TgEwF3xZVyoHIBwEKk5wThg3FS5VVy9OcEZCbV1yXF9pVTRVQH8HMQkWZEJnGAUtH3xZR2BFcVBAbEBwW0Bh HTTP/1.1
Host: imoughtcallmeoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 30 Sep 2023 13:45:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9NNNh1C9oyBV9RtAVIdDvZns88cn7cT%2BIyIty3GZHN56ANIxJwNZADtl3vo8ps%2BnB35xat5TNm6k%2BGTGqWCzC0b3%2BFx%2FPUsv38hEKELnmavHQrPJ9tkHE3bZz3h8pHc%2B5cryNJL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80ece820ec770b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET imoughtcallmeoc.com/bEYySDdDeVE7CgkBfARVKzJ7HW8iHGUNdT0jAzhTPRB8fG8qKRQ8Xgh7C3EAWHYKbkcFIg95D0o1RilDGTUPeREFKFQnCkowD3kZXGgAZgNKMw95ERg2Uy8KXWBCPEMAewN+Dlp2CnkCX3cBfQ8
204 No Content 0 B URL GET HTTP/2 imoughtcallmeoc.com/bEYySDdDeVE7CgkBfARVKzJ7HW8iHGUNdT0jAzhTPRB8fG8qKRQ8Xgh7C3EAWHYKbkcFIg95D0o1RilDGTUPeREFKFQnCkowD3kZXGgAZgNKMw95ERg2Uy8KXWBCPEMAewN+Dlp2CnkCX3cBfQ8
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectimoughtcallmeoc.com
Fingerprint6A:B1:82:66:FB:7F:B1:7D:D7:B6:B6:FA:47:74:69:56:50:78:B1:A5
ValidityWed, 13 Sep 2023 06:22:08 GMT - Tue, 12 Dec 2023 06:22:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bEYySDdDeVE7CgkBfARVKzJ7HW8iHGUNdT0jAzhTPRB8fG8qKRQ8Xgh7C3EAWHYKbkcFIg95D0o1RilDGTUPeREFKFQnCkowD3kZXGgAZgNKMw95ERg2Uy8KXWBCPEMAewN+Dlp2CnkCX3cBfQ8 HTTP/1.1
Host: imoughtcallmeoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 30 Sep 2023 13:45:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coZuOrqV247NUcpuAiUUfZaHOlaPJ3CBhdCizqX%2F0kHsI8ZwgM0TNIKGEHsA8n%2FZ7qd8bcegpCzbkV9WU0yLJ2kWVpwx19JfXrKFYnXog%2BTK61OiFO%2BN757QwsOjiAqFpsUPSbtM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80ece820fc810b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET imoughtcallmeoc.com/ck02TnNdclU9TigJYCYpOgNhDx8aH2d/KjwbcDYyJCpSGiU3IhA6GhZwD3dERnwCaAMbKQt/VQE5VzoGAXAHaBocK1lzVQRwB2BARmMFel1Ca0NzQlQ5Ri8UT3wQPgcGIQt/RUt7BnZCR34HfUpG
204 No Content 0 B URL GET HTTP/2 imoughtcallmeoc.com/ck02TnNdclU9TigJYCYpOgNhDx8aH2d/KjwbcDYyJCpSGiU3IhA6GhZwD3dERnwCaAMbKQt/VQE5VzoGAXAHaBocK1lzVQRwB2BARmMFel1Ca0NzQlQ5Ri8UT3wQPgcGIQt/RUt7BnZCR34HfUpG
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectimoughtcallmeoc.com
Fingerprint6A:B1:82:66:FB:7F:B1:7D:D7:B6:B6:FA:47:74:69:56:50:78:B1:A5
ValidityWed, 13 Sep 2023 06:22:08 GMT - Tue, 12 Dec 2023 06:22:07 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ck02TnNdclU9TigJYCYpOgNhDx8aH2d/KjwbcDYyJCpSGiU3IhA6GhZwD3dERnwCaAMbKQt/VQE5VzoGAXAHaBocK1lzVQRwB2BARmMFel1Ca0NzQlQ5Ri8UT3wQPgcGIQt/RUt7BnZCR34HfUpG HTTP/1.1
Host: imoughtcallmeoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 30 Sep 2023 13:45:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6G9QxmJiqc56tfM02723n8Iw1wuJ8oG1UulBPFDfHJkOKmWhjz455n%2FtseX0lygEuPGw73PU50VxvIwcuQosRTGa1yg9twq0EhHLM%2BtH5aZXUAmCSLWWQK48tOA0d7MRAwboITj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80ece8210c880b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET loyeesihighlyreco.info/RTVGOUkkVyVUdiQIJB88N1l7HHsDEHR/LTAFNkwtdUYiVSQ/U2haJSpAIl87KlsyFycgQWMLDzZXPHcjCnMfdBEEBCNYGzFUBE4fM2MhaxgBWH9zHhd3HnYLfXoPfiImcncNGyZyH0gqL28PeAwpfQFvMTdtPmwZEmEhcA0uYyJ2CDJ6E1F9dnZ3fywBfQdbGDJNElgxfHkHbC4sd3Z8DBZ2FHMbInwAdj4HfwVVGHNxLmMbI1gIewh1bA1jIiF5E14lP20Ofw4GWB99HiIECHUiKncTCQswYhFBHwF9CFoqEGwNYyF0cxReOh1tIXcoA1gcfg8pGANwBBRFF3oPIU8eYR8XdgFdLwQED3ATdVoEbHhxEHR/ARNsAG8wcH4HahwPb3cNLRBNclMcInxgUzoqWzYEChR/MlQ7DQUDeBw1Yw
200 OK 1.2 kB URL GET HTTP/2 loyeesihighlyreco.info/RTVGOUkkVyVUdiQIJB88N1l7HHsDEHR/LTAFNkwtdUYiVSQ/U2haJSpAIl87KlsyFycgQWMLDzZXPHcjCnMfdBEEBCNYGzFUBE4fM2MhaxgBWH9zHhd3HnYLfXoPfiImcncNGyZyH0gqL28PeAwpfQFvMTdtPmwZEmEhcA0uYyJ2CDJ6E1F9dnZ3fywBfQdbGDJNElgxfHkHbC4sd3Z8DBZ2FHMbInwAdj4HfwVVGHNxLmMbI1gIewh1bA1jIiF5E14lP20Ofw4GWB99HiIECHUiKncTCQswYhFBHwF9CFoqEGwNYyF0cxReOh1tIXcoA1gcfg8pGANwBBRFF3oPIU8eYR8XdgFdLwQED3ATdVoEbHhxEHR/ARNsAG8wcH4HahwPb3cNLRBNclMcInxgUzoqWzYEChR/MlQ7DQUDeBw1Yw
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerAmazon
Subjectloyeesihighlyreco.info
FingerprintF2:5E:3F:9D:76:E8:B1:87:7B:9D:83:02:89:3D:B2:18:38:F6:A7:B8
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3022), with no line terminators
Hash 6e741d8fc1c94ec7c073c3d86e130c7d
f31d5433ea68d4ff186514e569007461a10a5ea0
8e54de3047864cce1f7431d8d1760bf9a1fb3036db84606e8295ef1f998ede92
GET /RTVGOUkkVyVUdiQIJB88N1l7HHsDEHR/LTAFNkwtdUYiVSQ/U2haJSpAIl87KlsyFycgQWMLDzZXPHcjCnMfdBEEBCNYGzFUBE4fM2MhaxgBWH9zHhd3HnYLfXoPfiImcncNGyZyH0gqL28PeAwpfQFvMTdtPmwZEmEhcA0uYyJ2CDJ6E1F9dnZ3fywBfQdbGDJNElgxfHkHbC4sd3Z8DBZ2FHMbInwAdj4HfwVVGHNxLmMbI1gIewh1bA1jIiF5E14lP20Ofw4GWB99HiIECHUiKncTCQswYhFBHwF9CFoqEGwNYyF0cxReOh1tIXcoA1gcfg8pGANwBBRFF3oPIU8eYR8XdgFdLwQED3ATdVoEbHhxEHR/ARNsAG8wcH4HahwPb3cNLRBNclMcInxgUzoqWzYEChR/MlQ7DQUDeBw1Yw HTTP/1.1
Host: loyeesihighlyreco.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Sat, 30 Sep 2023 13:45:31 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 41ce182e8f343263845579fafd1af6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: h0Cgn8mfnz8Vwou92op2wAO5gntnRtJRzy4CVJhCzQTjiN8PR3RBxw==
X-Firefox-Spdy: h2
GET loyeesihighlyreco.info/R1d4VE4mNRs5cSZqGnI7NTtFcXwBckoSKjJnCCEqdyQcOCM9MVY3IigiHDI8KDkMeiAiI11mCCkNPBIDFQIpHBYuHhIxNgUOMxwmfg8pDnojDwAXGT1vCR8mFho+FS0yHA8NOwQuLgMcPjAREiQKDzcQdiAAKRI/DAQtHxgpERIdHzcEGwwcLhUuATsiHzoXHARmTB8fMxsyByUoFSoGa3UVOWcIDBYvOH0jEgAeKB8FEAJ9CSccZx8OADsdORcSPRAoA2ZAASNyYRsDCB80Sjh9IxUiHC8fDj4CHwFmGWccCREwYX8OID4HBD4nEAIgI3JKFiofAS0VFmpmSTAbAhMeFwMzERQFPww9ABYPMCdIMBgSMR4TAz8AKRVoLSQXOj56Dzo+AXA1NjV8MTMfBhk
200 OK 1.2 kB URL GET HTTP/2 loyeesihighlyreco.info/R1d4VE4mNRs5cSZqGnI7NTtFcXwBckoSKjJnCCEqdyQcOCM9MVY3IigiHDI8KDkMeiAiI11mCCkNPBIDFQIpHBYuHhIxNgUOMxwmfg8pDnojDwAXGT1vCR8mFho+FS0yHA8NOwQuLgMcPjAREiQKDzcQdiAAKRI/DAQtHxgpERIdHzcEGwwcLhUuATsiHzoXHARmTB8fMxsyByUoFSoGa3UVOWcIDBYvOH0jEgAeKB8FEAJ9CSccZx8OADsdORcSPRAoA2ZAASNyYRsDCB80Sjh9IxUiHC8fDj4CHwFmGWccCREwYX8OID4HBD4nEAIgI3JKFiofAS0VFmpmSTAbAhMeFwMzERQFPww9ABYPMCdIMBgSMR4TAz8AKRVoLSQXOj56Dzo+AXA1NjV8MTMfBhk
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerAmazon
Subjectloyeesihighlyreco.info
FingerprintF2:5E:3F:9D:76:E8:B1:87:7B:9D:83:02:89:3D:B2:18:38:F6:A7:B8
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3003), with no line terminators
Hash 73129290cb1e4ea0ff6d234058e76038
d716266af50a7fae5655e80721a561396044b386
0043bc2c8830443cc15b814646f642448aa45e18f5dc2521cac9de11501ded52
GET /R1d4VE4mNRs5cSZqGnI7NTtFcXwBckoSKjJnCCEqdyQcOCM9MVY3IigiHDI8KDkMeiAiI11mCCkNPBIDFQIpHBYuHhIxNgUOMxwmfg8pDnojDwAXGT1vCR8mFho+FS0yHA8NOwQuLgMcPjAREiQKDzcQdiAAKRI/DAQtHxgpERIdHzcEGwwcLhUuATsiHzoXHARmTB8fMxsyByUoFSoGa3UVOWcIDBYvOH0jEgAeKB8FEAJ9CSccZx8OADsdORcSPRAoA2ZAASNyYRsDCB80Sjh9IxUiHC8fDj4CHwFmGWccCREwYX8OID4HBD4nEAIgI3JKFiofAS0VFmpmSTAbAhMeFwMzERQFPww9ABYPMCdIMBgSMR4TAz8AKRVoLSQXOj56Dzo+AXA1NjV8MTMfBhk HTTP/1.1
Host: loyeesihighlyreco.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 1162
date: Sat, 30 Sep 2023 13:45:31 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 41ce182e8f343263845579fafd1af6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: stfq0FqdkI-8Z19Js5CNesbdSK-aRAnLTjZawN2_lgb2WoXABZKrQg==
X-Firefox-Spdy: h2
GET loyeesihighlyreco.info/YUQ1T0sAJlYidAB5V2k+EygIanknYQcJLxR0RTovUTdRIyYbIhssJw4xUSk5DipBYSUEMBB9DQAnByskMz5sHgggHV0MGgILcQckMRdZDSgFI38ZDzM3WhgKLyV9DBkYFU8OBAIFcAcOBgJdHiwKAGMXKDAMQhYMKAVBGQoGHV4MeysGdhwFNBBZAQQsdGwsDycRBhsjJBx9DHIkAncsKjgReBwcBhFaGwkOCHcMEjUVZgkvABVvGB03LEMbICsTYRcZURJZGRIqdQ0rDgkGXA0OLCJgBw0RFmMBBQUMZxgdNyMEHg07EX4XEiYXXiMSAyx7DR0WaQ0mHTMjfBsTNzNkGS87IEIVCDd1WSYJJAl3Dh83EHMeLDAdUh56NyhZfQwkCncHEw4MEyU4DipFcj8CAAUYLVZzQToi
200 OK 1.2 kB URL GET HTTP/2 loyeesihighlyreco.info/YUQ1T0sAJlYidAB5V2k+EygIanknYQcJLxR0RTovUTdRIyYbIhssJw4xUSk5DipBYSUEMBB9DQAnByskMz5sHgggHV0MGgILcQckMRdZDSgFI38ZDzM3WhgKLyV9DBkYFU8OBAIFcAcOBgJdHiwKAGMXKDAMQhYMKAVBGQoGHV4MeysGdhwFNBBZAQQsdGwsDycRBhsjJBx9DHIkAncsKjgReBwcBhFaGwkOCHcMEjUVZgkvABVvGB03LEMbICsTYRcZURJZGRIqdQ0rDgkGXA0OLCJgBw0RFmMBBQUMZxgdNyMEHg07EX4XEiYXXiMSAyx7DR0WaQ0mHTMjfBsTNzNkGS87IEIVCDd1WSYJJAl3Dh83EHMeLDAdUh56NyhZfQwkCncHEw4MEyU4DipFcj8CAAUYLVZzQToi
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerAmazon
Subjectloyeesihighlyreco.info
FingerprintF2:5E:3F:9D:76:E8:B1:87:7B:9D:83:02:89:3D:B2:18:38:F6:A7:B8
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3017), with no line terminators
Hash 29a9e6e35a076100df9d78ebd85ac975
35bb53c5e15271f71cce3739e97d6767e76a6edd
38e4811370e99181574358fe4c3af1cd765103ed1c00dadc62d0d643c5f5cc60
GET /YUQ1T0sAJlYidAB5V2k+EygIanknYQcJLxR0RTovUTdRIyYbIhssJw4xUSk5DipBYSUEMBB9DQAnByskMz5sHgggHV0MGgILcQckMRdZDSgFI38ZDzM3WhgKLyV9DBkYFU8OBAIFcAcOBgJdHiwKAGMXKDAMQhYMKAVBGQoGHV4MeysGdhwFNBBZAQQsdGwsDycRBhsjJBx9DHIkAncsKjgReBwcBhFaGwkOCHcMEjUVZgkvABVvGB03LEMbICsTYRcZURJZGRIqdQ0rDgkGXA0OLCJgBw0RFmMBBQUMZxgdNyMEHg07EX4XEiYXXiMSAyx7DR0WaQ0mHTMjfBsTNzNkGS87IEIVCDd1WSYJJAl3Dh83EHMeLDAdUh56NyhZfQwkCncHEw4MEyU4DipFcj8CAAUYLVZzQToi HTTP/1.1
Host: loyeesihighlyreco.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1172
date: Sat, 30 Sep 2023 13:45:31 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 41ce182e8f343263845579fafd1af6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: z6z2PAw6fwleqbqMDjXflPVihdJlzTeFiWPZ1jQFGk9QaDMAjqljDg==
X-Firefox-Spdy: h2
GET www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
200 OK 86 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type ASCII text, with very long lines (3034)
Hash 65b371d57c284f39a7034f2ba5b14338
7306117045f3cf85e05c2c83fc2af7848d5ff7eb
fb3b0988b1c6f728733c0b3c4bab9e2fe9efadf51578296686e83e9cfd18bf46
GET /gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 30 Sep 2023 13:45:31 GMT
expires: Sat, 30 Sep 2023 13:45:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85950
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET www.upload.ee/favicon.ico
200 OK 1.2 kB URL GET HTTP/1.1 www.upload.ee/favicon.ico
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f299cf2e651c19e48d27900ced493ccb
c2d1086d517d7a26292e0d7b32da7c55b166c23b
115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1
GET /favicon.ico HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 30 Sep 2023 13:45:31 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 16 Dec 2008 17:17:25 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "4947e2a5-47e"
Expires: Sat, 07 Oct 2023 13:45:31 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
GET loyeesihighlyreco.info/utx?cb=UI3VUNhg1Up8&top=www.upload.ee&tid=997369
204 No Content 0 B URL GET HTTP/2 loyeesihighlyreco.info/utx?cb=UI3VUNhg1Up8&top=www.upload.ee&tid=997369
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerAmazon
Subjectloyeesihighlyreco.info
FingerprintF2:5E:3F:9D:76:E8:B1:87:7B:9D:83:02:89:3D:B2:18:38:F6:A7:B8
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=UI3VUNhg1Up8&top=www.upload.ee&tid=997369 HTTP/1.1
Host: loyeesihighlyreco.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 30 Sep 2023 13:45:31 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 30 Sep 2023 13:46:31 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 41ce182e8f343263845579fafd1af6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: xAE8bGT6LRUUVFHIVoskQApiBjsV1HV7yNMA9Py-rgzO50M-lOlI-A==
X-Firefox-Spdy: h2
GET loyeesihighlyreco.info/utx?cb=yXI6XpE8FH5O&top=www.upload.ee&tid=997414
204 No Content 0 B URL GET HTTP/2 loyeesihighlyreco.info/utx?cb=yXI6XpE8FH5O&top=www.upload.ee&tid=997414
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerAmazon
Subjectloyeesihighlyreco.info
FingerprintF2:5E:3F:9D:76:E8:B1:87:7B:9D:83:02:89:3D:B2:18:38:F6:A7:B8
ValidityThu, 21 Sep 2023 00:00:00 GMT - Sat, 19 Oct 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=yXI6XpE8FH5O&top=www.upload.ee&tid=997414 HTTP/1.1
Host: loyeesihighlyreco.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 30 Sep 2023 13:45:31 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://www.upload.ee
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 30 Sep 2023 13:46:31 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 41ce182e8f343263845579fafd1af6b8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: tg6XVnxFTYvhSlc7b1zE9_15Rk7MyQ8rQcFcjL7XfjC5zY9Hu_V8nA==
X-Firefox-Spdy: h2
471 B IP
Hash 53e27cd9ad64962d442e9b91ac9e68ce
df935e007d5933e7c46e9c3f210b8d5c8ae93157
3867ca77a666a242a5a403d7abe1fa7c0ad43639e99694c7d8830ea668477d7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 30 Sep 2023 13:45:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
199 B URL du0pud0sdlmzf.cloudfront.net/nZDFMRUQHXiIjexBYKHh9XQZ4dXxCWz8qKhQMFAcuKwYuCyVWRygiFjMXOD8gWQFqKSUKVnFjIQpScXRiBVUueHBCRC14KQtLJSkoBRR+A3FKAWl3dExJfXRhV3Npd3QIWCIwPEEDfD18Um56cWFXc2l3dBZHaXYFVQF1a3RNFH51IwFSJyphVnd+dXVUAX-11dUEDfCMtFlQqKjxBAwp0dVUffGMxWQA
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 5e2a9c2dfede49777734b7c723b874b9
98962a24e3b31b017b4acb967d0b9d489ecf37a3
9919787ba7dcd5c10504b71b60781b81b08b459b30109101d97135deb51c837b
GET /nZDFMRUQHXiIjexBYKHh9XQZ4dXxCWz8qKhQMFAcuKwYuCyVWRygiFjMXOD8gWQFqKSUKVnFjIQpScXRiBVUueHBCRC14KQtLJSkoBRR+A3FKAWl3dExJfXRhV3Npd3QIWCIwPEEDfD18Um56cWFXc2l3dBZHaXYFVQF1a3RNFH51IwFSJyphVnd+dXVUAX-11dUEDfCMtFlQqKjxBAwp0dVUffGMxWQA HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loyeesihighlyreco.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 199
date: Sat, 30 Sep 2023 13:45:31 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YzqHQuOGDvLYblEUe5GZBHcm3L8JPtixRC8WlI3x_5vf-xa1HCywmQ==
X-Firefox-Spdy: h2
623 B URL du0pud0sdlmzf.cloudfront.net/sbzNjOFYMXA1eaRtaBwVvVgRQDm9JWRBXOB8OIGkcG14RcGYqcjZIAElHGVxrXxUPWTgIDkVdOAwOUh43C1FeDHAbQwxTax9LAUgiB0EESCRJRgIFOwBJClQ6DhZRfmNBA0YKZkdLUglzXHFGCmYDWg1NLkoBU0BuWWxVDHNccUYKZh1FRgsXXgNaFmZGFl-EIMQpQCFdzXXVRCGdfA1IIZ0oBU14/HVYFVy5KASUJZ14dUx4jUgI
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (877), with no line terminators
Hash 17e5fa22de3123d4d032ea1b9e967933
aaecc6f45d7591bbff173c5e86798430d0a99370
6d625bbb1cfe2a510b1c11a96220a04d4dc8d176d65236553ad4036c1acb9ce3
GET /sbzNjOFYMXA1eaRtaBwVvVgRQDm9JWRBXOB8OIGkcG14RcGYqcjZIAElHGVxrXxUPWTgIDkVdOAwOUh43C1FeDHAbQwxTax9LAUgiB0EESCRJRgIFOwBJClQ6DhZRfmNBA0YKZkdLUglzXHFGCmYDWg1NLkoBU0BuWWxVDHNccUYKZh1FRgsXXgNaFmZGFl-EIMQpQCFdzXXVRCGdfA1IIZ0oBU14/HVYFVy5KASUJZ14dUx4jUgI HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loyeesihighlyreco.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 623
date: Sat, 30 Sep 2023 13:45:31 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0NgJWYb4MBiTM1egaEHsmKcTl5qzEB_qrVjDT8qI5UkLZNxyIFuvZA==
X-Firefox-Spdy: h2
583 B URL du0pud0sdlmzf.cloudfront.net/ac2doRzYQCAYhCQcODHoPSlBcdgJVDRsoWANaHCRyQzAOcAEHEgFhQgkDVXcQHwYGIAtVAgYkC0JBCSNUTlNOM0YcDFU3ThEXHC9EFBcaYUMSWgUoTBoLBCYTQSFdaQZWVVhvTkJWTXR0VlVYK18dEhBiBEMfUHFpRVNNdHRWVVg1QFZUKXYGSklYbhNBVw-8iVRgITXVwQVdZdwZCV1liBEMBATVTFQgQYgQ1Vll2GENBHXoH
IP
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (807), with no line terminators
Hash 789a706fcb496aa98523eb06c4b49187
41b6d8eb7012b9fdcd765cbacee383d642363e49
17fefa3dc92950fb35017eaa9aebd9045a71a1b80c9f850999b89e5483ff7028
GET /ac2doRzYQCAYhCQcODHoPSlBcdgJVDRsoWANaHCRyQzAOcAEHEgFhQgkDVXcQHwYGIAtVAgYkC0JBCSNUTlNOM0YcDFU3ThEXHC9EFBcaYUMSWgUoTBoLBCYTQSFdaQZWVVhvTkJWTXR0VlVYK18dEhBiBEMfUHFpRVNNdHRWVVg1QFZUKXYGSklYbhNBVw-8iVRgITXVwQVdZdwZCV1liBEMBATVTFQgQYgQ1Vll2GENBHXoH HTTP/1.1
Host: du0pud0sdlmzf.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://loyeesihighlyreco.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 583
date: Sat, 30 Sep 2023 13:45:31 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kUoo92JFY9X0X-o7Fne5FmToN8b-M81pM9uKsVQWTO-M2u1aqU0dsA==
X-Firefox-Spdy: h2
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:-ZlEz-iS8sKZcyUxZm3Kn_0DN1zJig:BgiXyrdcn_4Ld1iZ; Expires=Mon, 29-Sep-2025 13:45:31 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 30 Sep 2023 13:45:31 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhdVOiNXgnuH-xacLK5_e3Jd1o7wM0x1FVS_AoD1B8N64VoN_7bmTeKJk-SjLlzv7rkaXA_UQA
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
content-security-policy: script-src 'nonce-Zk_5uajOhW51aoZjRD3nmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 0 B URL GET HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:VHKsrU9-JUn5PD1katBTuWlZpda6oA:PzibdYWH_Tfoha9g; Expires=Mon, 29-Sep-2025 13:45:31 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 30 Sep 2023 13:45:31 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhdVYoRE84nv4p3m0DxPQOfGwNbzacxUvYgZHD249nn3hvUsz71pGfOc9JMiX78MVm0P-uTPJw
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-dYVJHHcAjG3-uX8Ept8Klw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
472 B IP
Hash b5a91d039fd5e950f37d1d2124f05de7
bc1b73065c7f0ad1e64187c07a5098f473736875
a937479af4b3ada653e802aabf4532eab5ead96f92d5703b7aa98e396ae8cfda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 30 Sep 2023 13:45:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
GET imoughtcallmeoc.com/popunder.gif
200 OK 439 B URL GET HTTP/3 imoughtcallmeoc.com/popunder.gif
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectimoughtcallmeoc.com
Fingerprint6A:B1:82:66:FB:7F:B1:7D:D7:B6:B6:FA:47:74:69:56:50:78:B1:A5
ValidityWed, 13 Sep 2023 06:22:08 GMT - Tue, 12 Dec 2023 06:22:07 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1a95e05a1f1aa750a374bd24fcad34cf
ef2dcea544a0d8993c1f18543e1dc5232761ac3a
64e9433deeeff6daac70d0c3f3fc72af191be5236c17a3a3f92a8c72b8d9eda0
GET /popunder.gif HTTP/1.1
Host: imoughtcallmeoc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 30 Sep 2023 13:45:31 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 60848
last-modified: Fri, 29 Sep 2023 20:51:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzTwt1dssPU2XIx8D2MPEq64vMVmyAJRpIhjHwLZk%2BYaNt5H8SJRYnaEjozS5BkrH%2BePotj8PSByVqtpZBZPn4mcRPLi9%2BlQRHlBbpbjrOr4zCU4nAF5VeaN4fB8lAoKU8O3LXkj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80ece824fe5e56a8-OSL
alt-svc: h3=":443"; ma=86400
GET accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhdVOiNXgnuH-xacLK5_e3Jd1o7wM0x1FVS_AoD1B8N64VoN_7bmTeKJk-SjLlzv7rkaXA_UQA
302 Found 399 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhdVOiNXgnuH-xacLK5_e3Jd1o7wM0x1FVS_AoD1B8N64VoN_7bmTeKJk-SjLlzv7rkaXA_UQA
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (393)
Hash 1638c643ab215580fc065fa866f5c428
3a32cfc66adf9eb7560ae40b081a46c85e9625ec
dde91f12b4c8d9e09fdebad9cf221251037eea90c449f8f08e08ad0696ef7543
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhdVOiNXgnuH-xacLK5_e3Jd1o7wM0x1FVS_AoD1B8N64VoN_7bmTeKJk-SjLlzv7rkaXA_UQA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:loPlgQYZbB4FhABnJ_k9cVrKpVZ8-A:QhTioxJzFqHj-Rh1;Path=/;Expires=Mon, 29-Sep-2025 13:45:32 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 30 Sep 2023 13:45:32 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdneops9Ky00JwK6PtYex6NG3GyFUzMeISPpYowZ92LvUH0YvWyKjjYaVyDkhRl9p9ImWbG&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1610810622%3A1696081532089821&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-BVWdCP2oEUvcwcx4i2PVUA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 399
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdneops9Ky00JwK6PtYex6NG3GyFUzMeISPpYowZ92LvUH0YvWyKjjYaVyDkhRl9p9ImWbG&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1610810622%3A1696081532089821&theme=glif
403 Forbidden 2.3 kB URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdneops9Ky00JwK6PtYex6NG3GyFUzMeISPpYowZ92LvUH0YvWyKjjYaVyDkhRl9p9ImWbG&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1610810622%3A1696081532089821&theme=glif
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1656)
Hash f6c9771934679c2bdacef7ff5964023d
761025717f258fcdaf5e97d60f44c3cbdab1356d
a8793ef696f3a6258606c4349fa04c2b4ced56f292425a0c9cd0bf6be2edb8c3
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdneops9Ky00JwK6PtYex6NG3GyFUzMeISPpYowZ92LvUH0YvWyKjjYaVyDkhRl9p9ImWbG&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1610810622%3A1696081532089821&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 30 Sep 2023 13:45:32 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-Chp68-qMDKowsz4A6KeOBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET static.bepolite.eu/scripts/saresponsive.js
200 OK 177 kB URL GET HTTP/2 static.bepolite.eu/scripts/saresponsive.js
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type ASCII text, with very long lines (32077), with CRLF line terminators
Size 177 kB (176967 bytes)
Hash 636b4ad7f97aa55c2242b396fe3e9f44
b4d6aae9e6f3de7fb4478f9ee5e12a8141bb02ba
54f7e44d9e8b65978b3753e157c4a3c9c338645fcc31429f6c49aca5e4bd1c62
GET /scripts/saresponsive.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "2348240467"
last-modified: Sun, 17 Sep 2023 21:45:34 GMT
content-length: 176967
date: Sat, 30 Sep 2023 13:45:13 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 590289633
age: 0
X-Firefox-Spdy: h2
471 B URL ocsp.r2m02.amazontrust.com/
IP
Hash afa4eb03051e1157aa7a1538446d2edc
27e0b951ccb934590a5910029571af86d24d9c71
734f286e268df050fa0c9b4618b82dbdd932ca2cebc8001a3033431e4e2495b7
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 30 Sep 2023 13:45:33 GMT
Last-Modified: Sat, 30 Sep 2023 12:07:39 GMT
Server: ECAcc (ska/F756)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f9SCFnGfm2QA60Mqu363vSbK90YaCkpJkhc4XYD20wZscJ4esgfGjw==
Age: 5874
471 B URL ocsp.r2m02.amazontrust.com/
IP
Hash afa4eb03051e1157aa7a1538446d2edc
27e0b951ccb934590a5910029571af86d24d9c71
734f286e268df050fa0c9b4618b82dbdd932ca2cebc8001a3033431e4e2495b7
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 30 Sep 2023 13:45:33 GMT
Last-Modified: Sat, 30 Sep 2023 12:10:37 GMT
Server: ECAcc (ska/F73C)
X-Cache: Miss from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HtLaLBR1EG8qLHhv5zf0Qqaz-IsSeD3V_yWIWu1fsYZfa8SKUosVIQ==
Age: 5697
GET banner.hookusbookus.com/config/config.js?v=1
200 OK 75 B URL GET HTTP/2 banner.hookusbookus.com/config/config.js?v=1
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
Hash ee16e21326dec006274a554647c4d759
8e4389c35e12ea6d1e4d7214c174fda343047865
5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f
GET /config/config.js?v=1 HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: application/javascript
content-length: 75
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
etag: "63cfe903-4b"
accept-ranges: bytes
X-Firefox-Spdy: h2
GET banner.hookusbookus.com/config/config.js?v=1
200 OK 75 B URL GET HTTP/2 banner.hookusbookus.com/config/config.js?v=1
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
Hash ee16e21326dec006274a554647c4d759
8e4389c35e12ea6d1e4d7214c174fda343047865
5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f
GET /config/config.js?v=1 HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: application/javascript
content-length: 75
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
etag: "63cfe903-4b"
accept-ranges: bytes
X-Firefox-Spdy: h2
GET banner.hookusbookus.com/assets/css/index_1000x200.css
200 OK 3.6 kB URL GET HTTP/2 banner.hookusbookus.com/assets/css/index_1000x200.css
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 805386b458c26412844874e80bbefc00
6fb5ebb2a34ca8403c2c45ef46e00480556fdbd4
012d0f48eb5661665403b394b6c52450d211fa73d683891ea34ce2555efd7471
GET /assets/css/index_1000x200.css HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: text/css
server: nginx/1.15.12
last-modified: Fri, 17 Dec 2021 08:13:58 GMT
vary: Accept-Encoding
etag: W/"61bc46c6-1301"
content-encoding: gzip
X-Firefox-Spdy: h2
GET banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
200 OK 53 kB URL GET HTTP/2 banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
IP
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 53104, version 1.500\012- data
Hash 4f5975fe17a8ca74963be0165ff6a443
4bca2ab6c3da2b6ae09602601adeac22e7a90381
5b8f98e0c93afef19bd64c3dea2a16d60dc1574e5a4a79b788ef03b9eb3c22df
GET /assets/fonts/greycliff-cf-regular.woff HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_300x600.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: font/woff
content-length: 53104
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-cf70"
accept-ranges: bytes
X-Firefox-Spdy: h2
GET banner.hookusbookus.com/assets/image/svg/hb-logo.svg
200 OK 59 kB URL GET HTTP/2 banner.hookusbookus.com/assets/image/svg/hb-logo.svg
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 1a2a04e40aa7373bf1d1607a58fc10cc
a94c856cdf75232d89f30958f4ecf05f94152c5f
73d4b971e22ad0b6525275fad216f2f0b53a4d254a7bf2cf6703c1ff4504690d
GET /assets/image/svg/hb-logo.svg HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: image/svg+xml
server: nginx/1.15.12
last-modified: Mon, 05 Jul 2021 19:56:59 GMT
vary: Accept-Encoding
etag: W/"60e3640b-3be5"
content-encoding: gzip
X-Firefox-Spdy: h2
GET banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
200 OK 53 kB URL GET HTTP/2 banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
IP
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 53104, version 1.500\012- data
Hash 4f5975fe17a8ca74963be0165ff6a443
4bca2ab6c3da2b6ae09602601adeac22e7a90381
5b8f98e0c93afef19bd64c3dea2a16d60dc1574e5a4a79b788ef03b9eb3c22df
GET /assets/fonts/greycliff-cf-regular.woff HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: font/woff
content-length: 53104
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-cf70"
accept-ranges: bytes
X-Firefox-Spdy: h2
GET static.bepolite.eu/files/close-gray.png
200 OK 1.5 kB URL GET HTTP/2 static.bepolite.eu/files/close-gray.png
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 41d9676ab94bece3f7a549b4769ddbe2
521f14490fc57fea51e2e5bf00e2299dce51561b
c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34
GET /files/close-gray.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "732411054"
last-modified: Fri, 08 Apr 2022 18:07:56 GMT
content-length: 1497
date: Sat, 30 Sep 2023 13:44:47 GMT
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 587159069
age: 0
X-Firefox-Spdy: h2
GET serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=d373075a75897d7238f33deec4aa5303
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 30 Sep 2023 13:45:14 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 590775597
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=d373075a75897d7238f33deec4aa5303
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 30 Sep 2023 13:45:14 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 589615233
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/soKMSoUtgi9tQM5MYviC.jpg
421 Misdirected Request 69 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/soKMSoUtgi9tQM5MYviC.jpg
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x195, components 3\012- data
Hash 3b3a80140cb69917ab572f878123a250
3afd5fa8de0b9c4f59e188b34230ebf13e35ddae
d1a2571d94db05e28fe4a212717d942385324ec9029981f855c8fb2c95bd786f
GET /hotelliveeb/images/general/1/soKMSoUtgi9tQM5MYviC.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 421 Misdirected Request
server: CloudFront
date: Sat, 30 Sep 2023 13:45:34 GMT
content-type: text/html
content-length: 1003
x-cache: Error from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: K_25_GMm7-jLTL1aVvryypqZ6axCDy63E3oMb_dVXFWf8nccDZrH5w==
X-Firefox-Spdy: h2
GET dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/Jorw2Rp4VOD7k5ZbHjql.jpg
421 Misdirected Request 71 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/Jorw2Rp4VOD7k5ZbHjql.jpg
IP
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\012- data
Hash b0b5dcdd6349f7b94fc70a7a3f4d17a3
5a00369565eb2d0be87ff05b220b12718374105b
44f9bb8492c393640d67a0a140254c3adc42007584db9314e7e8694305e39ddd
GET /hotelliveeb/images/general/1/Jorw2Rp4VOD7k5ZbHjql.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 421 Misdirected Request
server: CloudFront
date: Sat, 30 Sep 2023 13:45:34 GMT
content-type: text/html
content-length: 1003
x-cache: Error from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M7o6u7_QTqlXr_PG9SMu6Alw-_6sIamrU3jRIZbSeRopO-gZAKH2ag==
X-Firefox-Spdy: h2
GET serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
IP
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?key=FYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=d373075a75897d7238f33deec4aa5303
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Sat, 30 Sep 2023 13:37:23 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 590647532
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/BiPXfaeoznADIcaeiaV5.jpg
200 OK 83 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/BiPXfaeoznADIcaeiaV5.jpg
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash b24b914651c320caa1bcc363a6a42de8
e1bb9cd2a4b8a4e0fff7551dc2d66f7efb7aa928
9a6817400bfe191c890f615ee9925e31a5b05fe9d244092b0fbe9a17eb6f553e
GET /hotelliveeb/images/general/1/BiPXfaeoznADIcaeiaV5.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 82921
date: Sat, 30 Sep 2023 10:22:29 GMT
last-modified: Wed, 19 Apr 2023 13:30:48 GMT
etag: "b24b914651c320caa1bcc363a6a42de8"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WVE-i9KNFxY4v8rHEyh4Elq2OjGCvmXSUpPUQbUYwQiuCAek7KIK_g==
age: 12191
X-Firefox-Spdy: h2
GET banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
200 OK 90 kB URL GET HTTP/2 banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash e1e614eb0366d6ec36db2eac0f3796eb
a5590520b3938726451c12786c66cef7f278eb16
066f3a1634656593e361f8eae898b56562297a97a868b0aec44ce316699137fa
GET /index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: text/html
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
vary: Accept-Encoding
etag: W/"63cfe903-1761"
content-encoding: gzip
X-Firefox-Spdy: h2
GET banner.hookusbookus.com/assets/js/jquery.min.js
200 OK 90 kB URL GET HTTP/2 banner.hookusbookus.com/assets/js/jquery.min.js
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /assets/js/jquery.min.js HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: application/javascript
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
vary: Accept-Encoding
etag: W/"608123af-15d84"
content-encoding: gzip
X-Firefox-Spdy: h2
GET banner.hookusbookus.com/assets/js/jquery.min.js
200 OK 90 kB URL GET HTTP/2 banner.hookusbookus.com/assets/js/jquery.min.js
IP
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /assets/js/jquery.min.js HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: application/javascript
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
vary: Accept-Encoding
etag: W/"608123af-15d84"
content-encoding: gzip
X-Firefox-Spdy: h2
GET serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=1926607&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15650911%2F27a9374dbbc41d9eabe7%2Futorrent3.6.0.46896.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15650911%2FuTorrent3.6.0.46896.exe.html&rnd=1696081531201
0 B URL GET serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=1926607&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15650911%2F27a9374dbbc41d9eabe7%2Futorrent3.6.0.46896.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15650911%2FuTorrent3.6.0.46896.exe.html&rnd=1696081531201
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
FingerprintB7:1B:BB:35:5B:E5:6E:92:4D:DE:79:2E:0E:C8:1F:0D:CE:28:88:FD
ValidityMon, 04 Sep 2023 21:06:47 GMT - Sun, 03 Dec 2023 21:06:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=1926607&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15650911%2F27a9374dbbc41d9eabe7%2Futorrent3.6.0.46896.exe&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15650911%2FuTorrent3.6.0.46896.exe.html&rnd=1696081531201 HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private, must-revalidate, max-age=0
vary: accept-encoding
content-encoding: gzip
content-type: text/plain;charset=ISO-8859-1
date: Sat, 30 Sep 2023 13:44:45 GMT
set-cookie: bepolite_id=d373075a75897d7238f33deec4aa5303; Max-Age=7776000; Expires=Fri, 29-Dec-2023 13:44:45 GMT; SameSite=None; Secure
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 589615215
age: 0
accept-ranges: bytes
content-length: 1442
X-Firefox-Spdy: h2
GET banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
200 OK 24 kB URL GET HTTP/2 banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
IP
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /package-feed?language=et_ee&utmSource=allmedia HTTP/1.1
Host: banner-server.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://banner.hookusbookus.com
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: application/json
access-control-allow-origin: https://banner.hookusbookus.com
access-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate
access-control-allow-credentials: true
access-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
X-Firefox-Spdy: h2
GET banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
200 OK 6.0 kB URL GET HTTP/2 banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6210), with no line terminators
Hash b2c258a8d77db021c8f33f8e84dba71b
c453e30dac638f4e1b897309fe32db795d540f80
2d1065201a188a85c1a7d0a3ee130f5a8dc4e60db8fe221fb2081e77222e5a9f
GET /index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: text/html
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
vary: Accept-Encoding
etag: W/"63cfe903-1781"
content-encoding: gzip
X-Firefox-Spdy: h2
GET pogothere.xyz/asd100.bin
200 OK 102 kB IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:31 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4901
last-modified: Sat, 30 Sep 2023 12:23:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwYgjr0b5WUm2bpurR5G6ZCeN46yOJK4DEgNnH2F6zAfC4woIcbRAqNYBzZRl81TsTngo%2BCFBJykzKfJhIuCZRQ8sUkYk%2BnqXB4PwwhBBydbUf3OlfzqvynPNp9TtL7l"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80ece8249fe04136-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET pogothere.xyz/
200 OK 27 B IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 268e05d419e20b9849677daf12a98174
01804c244b0fbad77a5a953ea8bfe52993652e03
c6641f83b12507e0031b25dfd4ea09122e2c19bb44da97c3069920021527e2a9
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:31 GMT
content-type: text/plain
set-cookie: csu=1344388680659784@1@1696081531; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdcW6Op5Ee72FZkhxopupjyXhAvuXYaAZGM3gXNV1V9Rj3inh7HhmGgE4HYF2hdSZF0PM8esmqh07h%2FzjpwctFmdxpwmyUtV54rMhTY%2BcymGJN8BlZD%2B93bcCjsILu30"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80ece82508b24136-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET banner.hookusbookus.com/assets/css/index_300x600.css
200 OK 7.2 kB URL GET HTTP/2 banner.hookusbookus.com/assets/css/index_300x600.css
IP
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type ASCII text, with very long lines (7402), with no line terminators
Hash ef4576b025213d57cd958c234d61a8a1
5dd8d741efe63291e503bb6bf23e603c810b9030
69478abb1501f6c8fb03f774621b5f0275d59f55b3fc4f24d95bade9e277efdb
GET /assets/css/index_300x600.css HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: text/css
server: nginx/1.15.12
last-modified: Mon, 05 Jul 2021 19:56:59 GMT
vary: Accept-Encoding
etag: W/"60e3640b-1c4f"
content-encoding: gzip
X-Firefox-Spdy: h2
GET pogothere.xyz/
200 OK 27 B IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 142ece2609a235fb1265b00600a8be74
1d0d190b724b52cdf3f65f47dc8b1699e8b5b56e
4b2a55f747141353b01ae1c40272bf2e92de2e757ab6ce07c769b9f76228fb03
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:31 GMT
content-type: text/plain
set-cookie: csu=1287465838795837@1@1696081531; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDEjn2FbqG%2Ffs7QOFdeysuG8ZXYJsWLZmKnusH6SLUudS4FJmqzrVSuuR1wYZ2AHZ0fjNP14QFVCYsZhuzZ0TMnDjIrILBwn3K4aRXScwyLjiZPzpY4yo7HS086%2F9fkJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80ece82528eb4136-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhdVYoRE84nv4p3m0DxPQOfGwNbzacxUvYgZHD249nn3hvUsz71pGfOc9JMiX78MVm0P-uTPJw
302 Found 0 B URL GET HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhdVYoRE84nv4p3m0DxPQOfGwNbzacxUvYgZHD249nn3hvUsz71pGfOc9JMiX78MVm0P-uTPJw
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhdVYoRE84nv4p3m0DxPQOfGwNbzacxUvYgZHD249nn3hvUsz71pGfOc9JMiX78MVm0P-uTPJw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:XHKIiTrL3nvHJ3N_Pk_SXFrdmt64yQ:A8hwXabuLVSTrRrH;Path=/;Expires=Mon, 29-Sep-2025 13:45:32 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 30 Sep 2023 13:45:32 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdvBk8zZw1silYKzgxXd5Y1sxMZORiy3tfhot0EOJz-cVb9SbK6LbVt4xcxsYgkDfmlvgcM&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-167760071%3A1696081532047910&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-mFhzlLYT34RNqP9XczIr-Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 404
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET banner.hookusbookus.com/assets/fonts/greycliff-cf-bold.woff
200 OK 53 kB URL GET HTTP/2 banner.hookusbookus.com/assets/fonts/greycliff-cf-bold.woff
IP
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type Web Open Font Format, TrueType, length 53208, version 1.500\012- data
Hash c03dece8ec0635406a35b888337dca8f
b72706815dccadd44dba1693ed8865b41782b14f
092416b2a5cbe9f6596ff7ee177db702262c64326231a3664a34a65c861601b1
GET /assets/fonts/greycliff-cf-bold.woff HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_300x600.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: font/woff
content-length: 53208
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-cfd8"
accept-ranges: bytes
X-Firefox-Spdy: h2
GET pogothere.xyz/asd100.bin
200 OK 102 kB IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT
Size 102 kB (102400 bytes)
Hash 4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Origin: https://www.upload.ee
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:31 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://www.upload.ee
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 4901
last-modified: Sat, 30 Sep 2023 12:23:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6thcRTpYOICinzdrPkpOYr%2BD95Et49O0g%2BH8i4dqY4vXtBGQ8HqiIug%2B31CwqN249hQqDwTa%2FNTrQLoT%2BZ16Py4PlNCAYQaSgdmnGFxIeeV6ZXuzlQMlk5F1FSLNWs%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80ece82528e44136-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdvBk8zZw1silYKzgxXd5Y1sxMZORiy3tfhot0EOJz-cVb9SbK6LbVt4xcxsYgkDfmlvgcM&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-167760071%3A1696081532047910&theme=glif
403 Forbidden 0 B URL GET HTTP/3 accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdvBk8zZw1silYKzgxXd5Y1sxMZORiy3tfhot0EOJz-cVb9SbK6LbVt4xcxsYgkDfmlvgcM&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-167760071%3A1696081532047910&theme=glif
IP
Requested by https://www.upload.ee/files/15650911/uTorrent3.6.0.46896.exe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhdvBk8zZw1silYKzgxXd5Y1sxMZORiy3tfhot0EOJz-cVb9SbK6LbVt4xcxsYgkDfmlvgcM&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-167760071%3A1696081532047910&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 30 Sep 2023 13:45:32 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-lrXfu91zw0wynscrNdpCXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
200 OK 24 kB URL GET HTTP/2 banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /package-feed?language=et_ee&utmSource=allmedia HTTP/1.1
Host: banner-server.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://banner.hookusbookus.com
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: application/json
access-control-allow-origin: https://banner.hookusbookus.com
access-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate
access-control-allow-credentials: true
access-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
X-Firefox-Spdy: h2
GET dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/1mkw2AAFegLbVWKSe6uN.jpg
200 OK 57 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/1mkw2AAFegLbVWKSe6uN.jpg
IP
Requested by https://banner.hookusbookus.com/index_300x600.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3GkrPtl30bRttEg6xGYsRnFbaKN4yJEFlwh9HrIZUdSqf8rsm0xg-WHbjnoMbP7Vra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_300x600.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=66baacca7d4948f283e04dc97ef2612850dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=300&h=600&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x230, components 3\012- data
Hash fea2f143d90bcefc5cf1d78d1a4ce5f5
4dbc366bca0b3e431d1c317dbe8907a0ee8abbfc
38c034434938de7745d61855d2f09970105d9c3726b9b9ec9b543d44683cc3b7
GET /hotelliveeb/images/general/1/1mkw2AAFegLbVWKSe6uN.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 57443
date: Fri, 29 Sep 2023 18:41:38 GMT
last-modified: Mon, 20 Dec 2021 05:01:19 GMT
etag: "fea2f143d90bcefc5cf1d78d1a4ce5f5"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: MIi0m9YshOgZ6e0ahiV2Kl6oQR76Z9kLFQNuvrorTpXQwL0S_TS6Kg==
age: 68642
X-Firefox-Spdy: h2
GET banner.hookusbookus.com/assets/image/prices-bg-3.png
200 OK 2.4 kB URL GET HTTP/2 banner.hookusbookus.com/assets/image/prices-bg-3.png
IP
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF7wIPGmlRO1_ESMWr3J0OeYZTUMSPNgonipXkT0t1i2PB-D-obVLMTy-imZZise698VZN25F7KXvzFWmu8j1uzveag7c5mXQtRqA0RnWqYrOMquDIstmzvimTfjVNhTVFkwRD1ajY072vIU-BFPQpXPzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3kGddYy3JUOC3TYr_NfxpuGOCFx5BdKmMEOl8Mei13VHe7MFOwF92tuBESJflajq3a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=129c0d359bec46149fd9f0dec164740650dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
FingerprintCD:CD:3C:03:66:21:F8:A9:21:BC:F8:C8:3C:DC:88:0A:C5:19:F1:7A
ValiditySun, 07 May 2023 00:00:00 GMT - Tue, 04 Jun 2024 23:59:59 GMT
File type PNG image data, 250 x 118, 8-bit/color RGBA, non-interlaced\012- data
Hash ef56eff9c1246b25c0088c156116ae05
21f5a8245443365c960a196d005277a3c5ef4709
be624625b85909d1b549672c0a13b167751f842e035c3156f1d5e4a1b677ce54
GET /assets/image/prices-bg-3.png HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 30 Sep 2023 13:45:33 GMT
content-type: image/png
content-length: 2442
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-98a"
accept-ranges: bytes
X-Firefox-Spdy: h2
51.91.30.159
142.250.74.109
212.47.222.21
3.127.176.57
188.114.97.1
0.0.0.0
0.0.0.0