upload.ee/download/15188878/689869cfcffe1cd8a290/03052023__PBID_.rar
51.91.30.159 287 B URL upload.ee/download/15188878/689869cfcffe1cd8a290/03052023__PBID_.rar
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ade8a214a0192c3530f739c98af0c9ce
9b092dd9549cb5a24b4f7612c8fbf3c0232f92e4
2006725b7214677cc200ffe34a90223b6a9b583523a50df9a80e923bca5f1ac3
GET /download/15188878/689869cfcffe1cd8a290/03052023__PBID_.rar HTTP/1.1
Host: upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 04 May 2023 19:23:39 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 287
Connection: keep-alive
Keep-Alive: timeout=5
Location: http://www.upload.ee/download/15188878/689869cfcffe1cd8a290/03052023__PBID_.rar
www.upload.ee/download/15188878/689869cfcffe1cd8a290/03052023__PBID_.rar
51.91.30.159 0 B URL www.upload.ee/download/15188878/689869cfcffe1cd8a290/03052023__PBID_.rar
IP 51.91.30.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /download/15188878/689869cfcffe1cd8a290/03052023__PBID_.rar HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 04 May 2023 19:23:39 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
Location: https://www.upload.ee/download/15188878/689869cfcffe1cd8a290/03052023__PBID_.rar
www.upload.ee/download/15188878/689869cfcffe1cd8a290/03052023__PBID_.rar
51.91.30.159 419 B URL www.upload.ee/download/15188878/689869cfcffe1cd8a290/03052023__PBID_.rar
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (419), with no line terminators
Hash 23eb5f8dfe4e87850396c105f93324f8
d8c1bad07e3388947a1d2c63d97a3435bcaf6859
5d922faecff017995b429c4f6133bde21a6b68da196e330b55eaa38e6f3e18db
GET /download/15188878/689869cfcffe1cd8a290/03052023__PBID_.rar HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 04 May 2023 19:23:39 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 419
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
51.91.30.159200 OK 8.9 kB URL User Request GET HTTP/1.1 www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
IP 51.91.30.159:443
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4526)
Hash eadc451e777bbe44dc2b82dd692fea31
1657fe804a93d967b0cecb2308ff3e77503f8ee0
c75adf653360ea7df55e172709a37e6bfa9005073b1f3aad2fe431e417d83f53
GET /files/15188878/03052023__PBID_.rar.html?msg=sess_error HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/download/15188878/689869cfcffe1cd8a290/03052023__PBID_.rar
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 May 2023 19:23:39 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8934
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu, 04 May 2023 22:23:39 +0300
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
Set-Cookie: lng=eng; expires=Thu, 01-Jun-2023 19:23:39 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None
Content-Encoding: gzip
www.upload.ee/static/ubr__style.css
51.91.30.159200 OK 2.9 kB URL GET HTTP/1.1 www.upload.ee/static/ubr__style.css
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (591), with CRLF line terminators
Hash 7b736ade714db0c4ee6dbd432b2b1367
98b85ea1586315cba25380eca3c9785820a23042
e3d11bbf89fb8f84070b6616e4f422eef0182dbf937f0398d0d2c779509b07a1
GET /static/ubr__style.css HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 May 2023 19:23:39 GMT
Content-Type: text/css
Last-Modified: Fri, 04 Oct 2013 10:02:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"524e9233-25a0"
Expires: Thu, 11 May 2023 19:23:39 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash ab6f46b65e534ac46ebe932c1ac79277
8a4ca5a93ec063d595df9a68a882617ab0a4b53b
d58af2734a3c00378b2aebc9c396a97356185cf84b9a96bd9d46ff982f66cd4a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 04 May 2023 19:23:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upload.ee/js/js__file_upload.js
51.91.30.159200 OK 27 kB URL GET HTTP/1.1 www.upload.ee/js/js__file_upload.js
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (1853)
Hash 617f6d5a2744bc8c02e3d2c67544bd68
f57c068257c8bc85644d3be1e845c36506cd4625
62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658
GET /js/js__file_upload.js HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 May 2023 19:23:39 GMT
Content-Type: application/javascript
Content-Length: 27351
Last-Modified: Thu, 07 May 2020 19:13:28 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "5eb45dd8-6ad7"
Expires: Thu, 11 May 2023 19:23:39 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Accept-Ranges: bytes
www.googletagmanager.com/gtag/js?id=UA-6703115-1
142.250.74.168200 OK 47 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-6703115-1
IP 142.250.74.168:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint07:22:19:79:30:9E:4C:35:4E:21:BD:55:7D:44:2F:A9:71:9E:4C:AA
ValidityMon, 03 Apr 2023 08:16:11 GMT - Mon, 26 Jun 2023 08:16:10 GMT
File type ASCII text, with very long lines (2271)
Hash fc1968399bef49e74d99378e3def9563
bded3795a3c65c050f610922a02fa99d429c6523
394b26ecdbeba0bc92cedcf0f3ecbb5199cd171567859f88afbd5ab92d409bb9
GET /gtag/js?id=UA-6703115-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 04 May 2023 19:23:40 GMT
expires: Thu, 04 May 2023 19:23:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46729
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.upload.ee/images/arrow.gif
51.91.30.159200 OK 59 B URL GET HTTP/1.1 www.upload.ee/images/arrow.gif
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 6 x 9\012- data
Hash 6675f814b94f13f91f1383707b250e36
31452650e8fce2095613a2010799bdb7548bdd51
061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411
GET /images/arrow.gif HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 May 2023 19:23:40 GMT
Content-Type: image/gif
Content-Length: 59
Last-Modified: Sun, 14 Apr 2013 07:15:01 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "516a5775-3b"
Expires: Thu, 11 May 2023 19:23:40 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.upload.ee/images/dl_.png
51.91.30.159200 OK 1.9 kB URL GET HTTP/1.1 www.upload.ee/images/dl_.png
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type PNG image data, 154 x 32, 8-bit colormap, non-interlaced\012- data
Hash f3e8f284a4e98cdb91b6abfc142d94a4
fa9e618c2f56bea752ddd7e45a372c5539dadda9
2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882
GET /images/dl_.png HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 May 2023 19:23:40 GMT
Content-Type: image/png
Content-Length: 1900
Last-Modified: Thu, 01 Dec 2016 09:37:27 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "583fef57-76c"
Expires: Thu, 11 May 2023 19:23:40 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
s7.addthis.com/js/250/addthis_widget.js?pub=uploadee
23.38.200.123200 OK 116 kB URL GET HTTP/2 s7.addthis.com/js/250/addthis_widget.js?pub=uploadee
IP 23.38.200.123:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerDigiCert Inc
Subjectodc-addthis-prod-01.oracle.com
Fingerprint19:61:99:E9:2B:6A:F3:0B:0D:3E:EC:7F:34:87:11:4D:6A:F6:0A:DB
ValidityTue, 07 Feb 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type ASCII text, with very long lines (54602)
Size 116 kB (116406 bytes)
Hash 713773bc21cd98918f80c5866aa41679
34fbfa04134adeda4d13644ecca15a1e56011084
484825e7c7d5acd5fb522982f59686c55478db080a186e94e922ae3124ba569b
GET /js/250/addthis_widget.js?pub=uploadee HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116406
x-check-cacheable: YES
date: Thu, 04 May 2023 19:23:40 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 6a81c81d71df2ef804ec03072866332a
2b10628c1483396b5ce076cdac2faf9cd3d58688
39ee24c17a105a3bfd9dcc19654305cb1f0eb3073b38a40600ae6cc7b0360a43
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 04 May 2023 19:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/static/btn/lg-share-en.gif
23.38.200.123200 OK 596 B URL GET HTTP/2 s7.addthis.com/static/btn/lg-share-en.gif
IP 23.38.200.123:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerDigiCert Inc
Subjectodc-addthis-prod-01.oracle.com
Fingerprint19:61:99:E9:2B:6A:F3:0B:0D:3E:EC:7F:34:87:11:4D:6A:F6:0A:DB
ValidityTue, 07 Feb 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 125 x 16\012- data
Hash 212668d558dfda57c80995d818ad9d39
f5c7e2ed67eeba644dc220e8ba32956bcf413eb9
8d261abb1cdf02888b9a1f12cf9694e7ec7e93d7da3e8f20e2907af422327489
GET /static/btn/lg-share-en.gif HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: image/gif
content-length: 596
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-254"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 04 May 2023 19:23:40 GMT
x-host: s7.addthis.com
X-Firefox-Spdy: h2
www.upload.ee/favicon.ico
51.91.30.159200 OK 1.2 kB URL GET HTTP/1.1 www.upload.ee/favicon.ico
IP 51.91.30.159:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerDigiCert, Inc.
Subjectwww.upload.ee
Fingerprint50:32:93:34:C8:04:2F:84:49:77:0D:C4:DD:CA:79:C9:CB:3E:C0:F4
ValidityThu, 02 Mar 2023 00:00:00 GMT - Mon, 01 Apr 2024 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f299cf2e651c19e48d27900ced493ccb
c2d1086d517d7a26292e0d7b32da7c55b166c23b
115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1
GET /favicon.ico HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 04 May 2023 19:23:40 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 16 Dec 2008 17:17:25 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "4947e2a5-47e"
Expires: Thu, 11 May 2023 19:23:40 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123 26 kB URL s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
Certificate IssuerDigiCert Inc
Subjectodc-addthis-prod-01.oracle.com
Fingerprint19:61:99:E9:2B:6A:F3:0B:0D:3E:EC:7F:34:87:11:4D:6A:F6:0A:DB
ValidityTue, 07 Feb 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 04 May 2023 19:23:40 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL GET HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerDigiCert Inc
Subjectmoatads.com
Fingerprint85:67:EE:0A:71:3F:9F:25:93:ED:AC:9D:91:95:93:73:B0:D4:74:91
ValidityWed, 16 Nov 2022 00:00:00 GMT - Sat, 18 Nov 2023 23:59:59 GMT
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=8277
date: Thu, 04 May 2023 19:23:40 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 10f904178c751b2353823f4ac4d7c54e
b18e96deff5d819f0fb18a621c3a2f8f23beccf9
e219c531080727fd39012736c402bc699b7ed54beb126e2524566a2a6d2640fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 04 May 2023 19:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
142.250.74.168200 OK 80 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint07:22:19:79:30:9E:4C:35:4E:21:BD:55:7D:44:2F:A9:71:9E:4C:AA
ValidityMon, 03 Apr 2023 08:16:11 GMT - Mon, 26 Jun 2023 08:16:10 GMT
File type ASCII text, with very long lines (3288)
Hash 7cee0f46a648364dd55afffb65d3e006
79b690044ebbee9ede1aa562c911b1db92a76acb
46dd42b5ea3847932ceecf6215096fc25bce865430d2addb2fa2ee23b4d8cefe
GET /gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.googletagmanager.com
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 04 May 2023 19:23:40 GMT
expires: Thu, 04 May 2023 19:23:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79651
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
172.217.21.162200 OK 47 kB URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 172.217.21.162:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
File type ASCII text, with very long lines (3607)
Hash 5366b0ec60c5210840f6c34f83d8aeaa
80cd9fdffe559e012b86ce9a24cabdd017220884
cc4f6bdededd581368e78e83c81e9980d4eb513fe120c81b40223e850e28e0ac
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 04 May 2023 19:23:40 GMT
expires: Thu, 04 May 2023 19:23:40 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7661257676897011809
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/uploadee/_ate.track.config_resp
23.38.200.123200 OK 47 B URL GET HTTP/2 v1.addthisedge.com/live/boost/uploadee/_ate.track.config_resp
IP 23.38.200.123:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerDigiCert Inc
Subjectodc-addthis-prod-01.oracle.com
Fingerprint19:61:99:E9:2B:6A:F3:0B:0D:3E:EC:7F:34:87:11:4D:6A:F6:0A:DB
ValidityTue, 07 Feb 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 24c668b115f75423506f2ea21d1b49c2
14f956ddb2d9e8b072cd5f605c3f39526490b391
b542daef470a9730029174f975ce3ce236b3e58bf9183b11956acce994b13a16
GET /live/boost/uploadee/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 47
cache-control: public, max-age=35, s-maxage=86400
date: Thu, 04 May 2023 19:23:40 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=64540647f7cc2187&bkl=0&bl=1&pdt=75&sid=64540647f7cc2187&pub=uploadee&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.upload.ee&fp=files%2F15188878%2F03052023__PBID_.rar.html%3Fmsg%3Dsess_error&fr=download%2F15188878%2F689869cfcffe1cd8a290%2F03052023__PBID_.rar&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&mk=upload%2Cfiles%2Cdownload%2Cfailid%2Chosting%2Cgaleriid%2Cgalleries%2Cvideo%2Cpilt%2Cimage%2Ctasuta%20upload%2Cupload%20clipboard%2Ceestimaine%20upload%2Cpiltide%20upload&colc=1683228231658&jsl=0&uvs=6454064770343724000&skipb=1&callback=addthis.cbs.jsonp__47895251715636810
23.38.200.123200 OK 89 B URL GET HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=64540647f7cc2187&bkl=0&bl=1&pdt=75&sid=64540647f7cc2187&pub=uploadee&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.upload.ee&fp=files%2F15188878%2F03052023__PBID_.rar.html%3Fmsg%3Dsess_error&fr=download%2F15188878%2F689869cfcffe1cd8a290%2F03052023__PBID_.rar&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&mk=upload%2Cfiles%2Cdownload%2Cfailid%2Chosting%2Cgaleriid%2Cgalleries%2Cvideo%2Cpilt%2Cimage%2Ctasuta%20upload%2Cupload%20clipboard%2Ceestimaine%20upload%2Cpiltide%20upload&colc=1683228231658&jsl=0&uvs=6454064770343724000&skipb=1&callback=addthis.cbs.jsonp__47895251715636810
IP 23.38.200.123:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerDigiCert Inc
Subjectodc-addthis-prod-01.oracle.com
Fingerprint19:61:99:E9:2B:6A:F3:0B:0D:3E:EC:7F:34:87:11:4D:6A:F6:0A:DB
ValidityTue, 07 Feb 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash f7da596c30fa8b0c04d74ad11879ab02
bd97150d3ab93a358cc7ff8642634fa88f49c3ff
175e49871fe5c016ac78a8d8e93f7b28aafba90ab1af8fa9672cb90f91544079
GET /live/red_lojson/300lo.json?si=64540647f7cc2187&bkl=0&bl=1&pdt=75&sid=64540647f7cc2187&pub=uploadee&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.upload.ee&fp=files%2F15188878%2F03052023__PBID_.rar.html%3Fmsg%3Dsess_error&fr=download%2F15188878%2F689869cfcffe1cd8a290%2F03052023__PBID_.rar&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&mk=upload%2Cfiles%2Cdownload%2Cfailid%2Chosting%2Cgaleriid%2Cgalleries%2Cvideo%2Cpilt%2Cimage%2Ctasuta%20upload%2Cupload%20clipboard%2Ceestimaine%20upload%2Cpiltide%20upload&colc=1683228231658&jsl=0&uvs=6454064770343724000&skipb=1&callback=addthis.cbs.jsonp__47895251715636810 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Thu, 04 May 2023 19:23:40 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 10f904178c751b2353823f4ac4d7c54e
b18e96deff5d819f0fb18a621c3a2f8f23beccf9
e219c531080727fd39012736c402bc699b7ed54beb126e2524566a2a6d2640fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 04 May 2023 19:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5364884771898146&plah=www.upload.ee&bust=31074330
172.217.21.162200 OK 122 kB URL GET HTTP/3 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5364884771898146&plah=www.upload.ee&bust=31074330
IP 172.217.21.162:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
File type ASCII text, with very long lines (4452)
Size 122 kB (122348 bytes)
Hash 278db76b2f3c377114f0a99d04ca95b0
ac00ca3b7797c19ec0835962b99d63fa0c97f752
3e53bab10e0c27ba8f69ba508a55edbbc4a361932cbf97786ce922fa13dafca1
GET /pagead/managed/js/adsense/m202305030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5364884771898146&plah=www.upload.ee&bust=31074330 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: pagead2.googlesyndication.com
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 04 May 2023 19:23:40 GMT
expires: Thu, 04 May 2023 19:23:40 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 16646294952378014254
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 122348
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 84e5f1fd051d9e588d420e3e475ee093
5cfe76bacce01c0660847c2d08c94280363e12c9
599edc3f602b33b40e567c7e088cd71fa1639a95a6b5471507cf3bfaad5ea439
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 04 May 2023 19:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash d0a7d2b0bcb042267e2a03cf051e9c41
81ccb85e187aa60538181c1d2c013cbc9bb85592
bf310d71c305ad77f1fb00c39fbac3a6b748e617023b9e1d599799634cd2ea91
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 04 May 2023 19:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.upload.ee&callback=_gfp_s_&client=ca-pub-5364884771898146
216.58.207.226200 OK 248 B URL GET HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.upload.ee&callback=_gfp_s_&client=ca-pub-5364884771898146
IP 216.58.207.226:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
Fingerprint64:FB:54:D3:87:13:FF:E1:0B:82:AB:82:7D:DD:06:E3:5E:CB:77:C2
ValidityMon, 03 Apr 2023 08:21:53 GMT - Mon, 26 Jun 2023 08:21:52 GMT
File type ASCII text, with very long lines (385), with no line terminators
Hash 252d1881ab8455ed472e790749ea09e7
8feaf759c0cc854e109392b9d7d4384ff23771c6
30b5ef19596d087e684a554f2f9ba05b98115852d6dd17543ea86f8d63caeb84
GET /gampad/cookie.js?domain=www.upload.ee&callback=_gfp_s_&client=ca-pub-5364884771898146 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 04 May 2023 19:23:40 GMT
server: cafe
cache-control: private
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 3a72067351b347eb5c7a7deaca3594ad
b6ed79f64b05083485f0840e97535c1afb2b472b
84f7bf729eef3c67bc9595c52bc7ff4c86e45dea8b4cee26abc7a10418be2a0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 04 May 2023 19:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.upload.ee
172.217.21.162200 OK 100 B URL GET HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.upload.ee
IP 172.217.21.162:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintA5:D0:38:67:8E:62:86:24:29:BC:82:07:2E:29:1E:0B:C8:29:09:29
ValidityMon, 03 Apr 2023 08:27:03 GMT - Mon, 26 Jun 2023 08:27:02 GMT
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.upload.ee HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 04 May 2023 19:23:40 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.upload.ee
142.250.74.34200 OK 100 B URL GET HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.upload.ee
IP 142.250.74.34:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintD5:3A:80:A6:03:B0:E4:36:0E:46:7B:36:45:CB:50:4C:D6:98:CE:59
ValidityMon, 03 Apr 2023 08:17:58 GMT - Mon, 26 Jun 2023 08:17:57 GMT
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.upload.ee HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 04 May 2023 19:23:40 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 2299a57e78f486603696973d3057b5b2
7f86905e7f6ceab3f72dbc1eb0dfb8ba76bf982b
4ae8a931f038a41fd3ea47508d1380a8b536454fae3d0a2809ae4761b4572c45
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 04 May 2023 19:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 848a36af403aafa13121cc6df2380042
dbc255bc3b7578cf528ccdf4719362a62d719d7c
8eaa469b9c975904205a27cef199b7d67f3c848cadd3f785cd964df1905d7c4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 04 May 2023 19:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 3a72067351b347eb5c7a7deaca3594ad
b6ed79f64b05083485f0840e97535c1afb2b472b
84f7bf729eef3c67bc9595c52bc7ff4c86e45dea8b4cee26abc7a10418be2a0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 04 May 2023 19:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230502&st=env
172.217.21.162200 OK 11 kB URL GET HTTP/3 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230502&st=env
IP 172.217.21.162:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
File type JSON data\012- , ASCII text, with very long lines (14615), with no line terminators
Hash 58cd060d01b2d065052f7ee290bceabd
dfbf8a744248e1d5d9032cc00d92f5aaae8b424a
ae6441b2691b11759f94df46bab8b98ddb3636a2bbc5e05a2b09d9a9b012c494
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230502&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 04 May 2023 19:23:41 GMT
server: cafe
content-length: 11032
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=2046697&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15188878%2F689869cfcffe1cd8a290%2F03052023__PBID_.rar&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15188878%2F03052023__PBID_.rar.html%3Fmsg%3Dsess_error&rnd=1683228231638
212.47.222.21 2.2 kB URL GET serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=2046697&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15188878%2F689869cfcffe1cd8a290%2F03052023__PBID_.rar&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15188878%2F03052023__PBID_.rar.html%3Fmsg%3Dsess_error&rnd=1683228231638
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type ASCII text, with very long lines (394)
Hash 4b4bcb2ad4a63cddc60a861a2f73b66e
243aac8b2469b218cf29cb00dc3aba3c924fc76b
5820ed56e61e1051c2e4649395e45340f87035bbc5f634d29d45bdc598e6ae11
GET /script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=2046697&screen_width=1280&screen_height=1024&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F15188878%2F689869cfcffe1cd8a290%2F03052023__PBID_.rar&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F15188878%2F03052023__PBID_.rar.html%3Fmsg%3Dsess_error&rnd=1683228231638 HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private, must-revalidate, max-age=0
vary: accept-encoding
content-encoding: gzip
content-type: text/plain;charset=ISO-8859-1
date: Thu, 04 May 2023 19:19:03 GMT
set-cookie: bepolite_id=14e205c80cff783402e258d005abdc7d; Max-Age=7776000; Expires=Wed, 02-Aug-2023 19:19:04 GMT; SameSite=None; Secure
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52716558
age: 0
via: 1.1 varnish (Varnish/6.2)
accept-ranges: bytes
content-length: 2165
server: lighttpd/1.4.64
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 32a77683a1825bf6c34c28feac08104e
d2a77ad336968834cc0288f1888ec2c336a7d62c
17aa82a9b178d50b6f578cf84c4245ebac3e9ad3bb187323fba772af598103fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 04 May 2023 19:23:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK 6.4 kB URL GET HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 172.217.21.161:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjecttpc.googlesyndication.com
FingerprintFA:BE:2D:1E:F9:2F:85:0D:1C:53:23:E1:8F:CB:37:95:4E:97:B5:6F
ValidityMon, 03 Apr 2023 08:24:19 GMT - Mon, 26 Jun 2023 08:24:18 GMT
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 04 May 2023 19:23:41 GMT
expires: Thu, 04 May 2023 19:23:41 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
172.217.21.161200 OK 5.0 kB URL GET HTTP/3 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 172.217.21.161:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: tpc.googlesyndication.com
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 04 May 2023 15:14:05 GMT
expires: Fri, 03 May 2024 15:14:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
vary: Accept-Encoding
age: 14976
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash f0f9bf51320211f2e9d0f60870d1da2c
73a0d51b74a965aa1a46b879b827055808bd5aef
0c96cb6f99efe129ef5c2a371af0e07ef1be9d64baa58629ef80ab14a523b106
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 04 May 2023 19:23:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.bepolite.eu/scripts/saresponsive.js
212.47.222.21200 OK 175 kB URL GET HTTP/2 static.bepolite.eu/scripts/saresponsive.js
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type ASCII text, with very long lines (32077), with CRLF line terminators
Size 175 kB (174581 bytes)
Hash 5460c08214d99449b925ba6cba9044d4
61da313f0047e4ce6c97ad8b484f976ad51003ea
4ed2ec56f430465894d4a1f95c76f298d052084bffb775b3cb7685ad66c94c24
GET /scripts/saresponsive.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "20844406"
last-modified: Mon, 30 Jan 2023 22:16:03 GMT
content-length: 174581
date: Thu, 04 May 2023 19:18:36 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 35060784
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL GET HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintC3:7C:54:CD:86:09:A4:3E:2C:6D:EC:7C:FA:65:7B:3E:64:CB:10:E0
ValidityMon, 03 Apr 2023 08:25:07 GMT - Mon, 26 Jun 2023 08:25:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash e430c57e3f5baa88e522a028e65f558a
f7a6af4c42440b87ad1d811828370cfd746c89ef
c4998a4af5257e5ba504d3ca3ae3694a386ceb02a13f31a86e391a21d7d8eb43
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 04 May 2023 19:23:41 GMT
date: Thu, 04 May 2023 19:23:41 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-K6vnRQ3EXrtAjGHKPiD_UA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
172.217.21.162 15 kB URL pagead2.googlesyndication.com/bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js
IP 172.217.21.162:0
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
File type ASCII text, with very long lines (37002)
Hash 67f401fee3123e08a48326625e5b3e7e
fec5f372a02cf0433472acca67d73e4510188d83
4769159704b59ae36a23de2c6c5ef597ab0d6f29804d34f8e27a18a7c6a864e9
GET /bg/WGW0ljRHHlLJrtXsuRq4GtWylHJljqnzeCv2B2VFxAk.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: pagead2.googlesyndication.com
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14616
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 02 May 2023 19:42:23 GMT
expires: Wed, 01 May 2024 19:42:23 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 01 May 2023 14:28:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 171678
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
212.47.222.21200 OK 1.6 kB URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f29ac48e8322b36fd0e26754455249ed
db0103d2b6cf2ccb11e153c832f6c6b60e161305
7efdf6df467ff7cf521663aac8826121c87f79a315d8c765257a87af4b532a09
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
etag: "2197311789"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 1553
date: Thu, 04 May 2023 19:19:04 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52805102
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/5b9fec38-4951-4090-bd56-469cbe76a80b/benu_midfunnel_kolesterool_1000x200_est.gif
212.47.222.21200 OK 81 kB URL GET HTTP/2 static.bepolite.eu/banners/5b9fec38-4951-4090-bd56-469cbe76a80b/benu_midfunnel_kolesterool_1000x200_est.gif
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type GIF image data, version 89a, 1000 x 200\012- data
Hash e86ee960ca78cdc173401a6590289daa
01c1df524ed522034dbd0ea4ace8eac25b1e4ce1
80d4f60226ea20493493bf9144bdd681de99c942f664e413f7370405db844f2f
GET /banners/5b9fec38-4951-4090-bd56-469cbe76a80b/benu_midfunnel_kolesterool_1000x200_est.gif HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
accept-ranges: bytes
etag: "3817218918"
last-modified: Fri, 28 Apr 2023 11:35:23 GMT
content-length: 81296
date: Thu, 04 May 2023 19:18:36 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 54103311
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/files/close-gray.png
212.47.222.21200 OK 1.5 kB URL GET HTTP/2 static.bepolite.eu/files/close-gray.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 41d9676ab94bece3f7a549b4769ddbe2
521f14490fc57fea51e2e5bf00e2299dce51561b
c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34
GET /files/close-gray.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3930991918"
last-modified: Fri, 08 Apr 2022 18:07:56 GMT
content-length: 1497
date: Thu, 04 May 2023 19:19:04 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 41806904
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0ZeG0PJ1p3hZ8DpLGeVLKYkl2rwCJ-EgahyyDOtXHIsd5jn6A20OqBZaL6D1l7E_7a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.21200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0ZeG0PJ1p3hZ8DpLGeVLKYkl2rwCJ-EgahyyDOtXHIsd5jn6A20OqBZaL6D1l7E_7a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /event?key=FYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-0ZeG0PJ1p3hZ8DpLGeVLKYkl2rwCJ-EgahyyDOtXHIsd5jn6A20OqBZaL6D1l7E_7a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=14e205c80cff783402e258d005abdc7d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 04 May 2023 19:21:32 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52478312
age: 0
via: 1.1 varnish (Varnish/6.2)
accept-ranges: bytes
server: lighttpd/1.4.64
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230502&jk=2606150688887529&rc=
172.217.21.162204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230502&jk=2606150688887529&rc=
IP 172.217.21.162:443
Requested by https://www.google.com/recaptcha/api2/aframe
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20230502&jk=2606150688887529&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: pagead2.googlesyndication.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 04 May 2023 19:23:41 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
tpc.googlesyndication.com/generate_204?LA-Cmw
172.217.21.161 0 B URL tpc.googlesyndication.com/generate_204?LA-Cmw
IP 172.217.21.161:0
Certificate IssuerGoogle Trust Services LLC
Subjecttpc.googlesyndication.com
FingerprintFA:BE:2D:1E:F9:2F:85:0D:1C:53:23:E1:8F:CB:37:95:4E:97:B5:6F
ValidityMon, 03 Apr 2023 08:24:19 GMT - Mon, 26 Jun 2023 08:24:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?LA-Cmw HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: tpc.googlesyndication.com
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 19:23:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
animate.adobe.com/runtime/6.0.0/edge.6.0.0.min.js
23.33.119.17200 OK 34 kB URL GET HTTP/2 animate.adobe.com/runtime/6.0.0/edge.6.0.0.min.js
IP 23.33.119.17:443
ASN #20940 Akamai International B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerDigiCert Inc
Subject*.adobe.com
Fingerprint02:34:86:FC:43:9F:4B:35:C3:FC:67:0B:FF:3B:BC:BC:6E:5A:91:6A
ValidityMon, 10 Oct 2022 00:00:00 GMT - Wed, 11 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (561)
Hash 7abd3002a743d28c0c1bd98a64eda18c
cca936df62e2dcfbf790b0ab14ab279ac8e2c353
2d616c4a760ea77e76af1c7fe272a225abeed861b85db2f7f23efe8b7514e559
GET /runtime/6.0.0/edge.6.0.0.min.js HTTP/1.1
Host: animate.adobe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Apache
last-modified: Tue, 05 May 2015 12:17:26 GMT
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=900
expires: Thu, 04 May 2023 19:38:41 GMT
date: Thu, 04 May 2023 19:23:41 GMT
content-length: 33737
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px_edge.js
212.47.222.21200 OK 9.0 kB URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px_edge.js
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type ASCII text, with very long lines (8540), with CRLF line terminators
Hash 94b3e90bfe185292429cbe15faa8c13e
f2d05475d636e4be5e17c759b83fd469c82c3259
0b027534a60c89f117943c66e8dbae50742b4a86c94aed2c690ab0acb0e4cec4
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px_edge.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "3002441266"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 9033
date: Thu, 04 May 2023 19:21:33 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52716585
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash b7e72c83c06756f82af4322ad70cd5b8
4e9ab134087610b559f2abebbd7d7e358de9351d
b657e06dc6397d65d002179422374c2198f5c2a1128eee977842b5886a6b17da
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 04 May 2023 19:23:41 GMT
Last-Modified: Thu, 04 May 2023 18:35:52 GMT
Server: ECAcc (bsa/EB2A)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wC3sKu2IiGlP7n9wAKlc3EBVJrbs7gYV2zA50zE4aSG2YDffV1iLMg==
Age: 2869
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px_edge.js
212.47.222.21200 OK 9.0 kB URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px_edge.js
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type ASCII text, with very long lines (8540), with CRLF line terminators
Hash 94b3e90bfe185292429cbe15faa8c13e
f2d05475d636e4be5e17c759b83fd469c82c3259
0b027534a60c89f117943c66e8dbae50742b4a86c94aed2c690ab0acb0e4cec4
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px_edge.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "569876363"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 9033
date: Thu, 04 May 2023 19:18:37 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 54103335
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_bg_1000x400px.png
212.47.222.21200 OK 8.7 kB URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_bg_1000x400px.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type PNG image data, 1000 x 400, 8-bit colormap, non-interlaced\012- data
Hash ea4d8dfbaffe43195d020bb5f022641c
7b7990730d739a1ac8ca1931ae1632141ced10ef
9ce096faad25792df72bb7af060c475eab410eee1ea6a8634723329b0c9b8587
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_bg_1000x400px.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2180055756"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 8680
date: Thu, 04 May 2023 19:21:33 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 49543312
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_pilv.png
212.47.222.21200 OK 2.0 kB URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_pilv.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type PNG image data, 416 x 193, 8-bit colormap, non-interlaced\012- data
Hash bea0fdc450f388a8b6797e4b8e32b6b8
38ef98568989bfade5b53b06d2377a08aa3cb268
f22fc5161b725645003464dab32c76210e1377f9a3ee103ed5b7e69fd5a3ca9e
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_pilv.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2153932724"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 1955
date: Thu, 04 May 2023 19:21:33 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52063452
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kukk_01.png
212.47.222.21200 OK 5.3 kB URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kukk_01.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type PNG image data, 231 x 224, 8-bit colormap, non-interlaced\012- data
Hash a18dca2db04677201adef7c147eaaee1
1d2acfcf1568089bc00379f7bc6fa4baebf86999
50b5069751ef2f345db8e67ca4aca96ccee6ebf2bc196a6d8fd3c0cfe73de3a7
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kukk_01.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3532791899"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 5269
date: Thu, 04 May 2023 19:21:33 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52478321
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kukemuts.png
212.47.222.21200 OK 9.6 kB URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kukemuts.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type PNG image data, 156 x 124, 8-bit colormap, non-interlaced\012- data
Hash 4c224a74d11b754caae384c45827efec
a0e744999978a9c95d758beab91e5a40f4c229cd
ab2ed3c051d656d36a8537cea5e623461854df0acd9851b6585bffd2ab83f830
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kukemuts.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1119849306"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 9623
date: Thu, 04 May 2023 19:19:04 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52086857
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_tekstimull.png
212.47.222.21200 OK 7.6 kB URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_tekstimull.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type PNG image data, 384 x 201, 8-bit colormap, non-interlaced\012- data
Hash 554ec5fe3b9f7def532e06848195b1db
590ff5d8135612f9189eef7eed45b178f4226cd2
d7c5467cf36c637a44c1c9d32d68663f6079e031b0a91565c7373b45bb8cd957
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_tekstimull.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3246501872"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 7626
date: Thu, 04 May 2023 19:18:37 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 49543315
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_vaarikas.png
212.47.222.21200 OK 1.9 kB URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_vaarikas.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type PNG image data, 73 x 77, 8-bit colormap, non-interlaced\012- data
Hash 679520d8dc604f4f2fd521207da39398
ba0300f8921566f52a146696803fd85fcea31215
0f14ae7a0e4f6629bc1f4ef5bb176095dd14c2bd6f402dd0a78d939d40df22f7
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_vaarikas.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1102749533"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 1878
date: Thu, 04 May 2023 19:21:33 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52063455
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
52.29.55.185200 OK 4.0 kB URL GET HTTP/2 banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 52.29.55.185:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerAmazon
Subject*.hookusbookus.com
Fingerprint7F:13:59:59:81:B1:85:AD:9D:D2:3B:87:D1:D5:08:9D:34:06:A5:77
ValidityFri, 10 Feb 2023 00:00:00 GMT - Wed, 05 Jul 2023 23:59:59 GMT
Hash c2264fe2a2c8e1ab2d1f6dc81f83b15c
a76b6c95fe06d2309b4a82699566a61668bb5cb8
68eac851bad2486b8fffd3382417ae9528aa6c8c5c1f1475c314eec320f642dc
GET /index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 04 May 2023 19:23:41 GMT
content-type: text/html
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
vary: Accept-Encoding
etag: W/"63cfe903-1781"
content-encoding: gzip
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kirss.png
212.47.222.21200 OK 1.6 kB URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kirss.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type PNG image data, 76 x 83, 8-bit colormap, non-interlaced\012- data
Hash c523e6c947c03cd9e7d5ccf1113e3e17
98cb0979f8f04b3494e1028fbe5e043b31ce6bbb
08f82377fe2883b66a04517a8e189700cec45a4254df6b2f39f1e87b6da122b1
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kirss.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1387484653"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 1570
date: Thu, 04 May 2023 19:21:33 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52063458
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_ingver.png
212.47.222.21200 OK 1.7 kB URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_ingver.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type PNG image data, 88 x 81, 8-bit colormap, non-interlaced\012- data
Hash 7f0e71a037e3db03426e740cb0d013b3
b437fb036d1a0bbaacbaa83fc2151644106600e5
8b1bd2855b064c5df045f015532081edd409abdfbeff6e26f24e4500051ef4d5
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_ingver.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "587145353"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 1671
date: Thu, 04 May 2023 19:19:04 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52805126
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_lecoq%2Bmarat.png
212.47.222.21404 Not Found 341 B URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_lecoq%2Bmarat.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1ec31972ec65a65470d3b5d790c1f401
ff246ff3f34725545777856854cd50034c1eba55
664f2b1654c363a6348b688d5d475ed9ec0e7ef3c72f6f315f37fe97a2fe63eb
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_lecoq%2Bmarat.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
content-length: 341
date: Thu, 04 May 2023 19:18:37 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52063461
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kukes2rk.png
212.47.222.21200 OK 16 kB URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kukes2rk.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type PNG image data, 236 x 291, 8-bit colormap, non-interlaced\012- data
Hash 8bd00d314c612e5b7e7cf77ddf50216b
0fe6c2293dc5afc781c476439d131920031a7fa7
374702d0ffd5bcc12a29042129af7e580fdb931040e5b79e47334e4618eea6ea
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kukes2rk.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1569544645"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 16427
date: Thu, 04 May 2023 19:21:33 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52716591
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kuketiib_vasak.png
212.47.222.21200 OK 490 B URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kuketiib_vasak.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type PNG image data, 61 x 76, 8-bit colormap, non-interlaced\012- data
Hash bb1e640de73a222b84e28de8f559d9f9
56f978c5e463afaad99afd84879d1d9e87ce658d
6f3631c57588d9418c807a35acbe5e1d2537014734bbd934b6f90fbb7dd34c58
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kuketiib_vasak.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1985459463"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 490
date: Thu, 04 May 2023 19:21:33 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52086863
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kuketiib_parem.png
212.47.222.21200 OK 488 B URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kuketiib_parem.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type PNG image data, 61 x 76, 8-bit colormap, non-interlaced\012- data
Hash 9af697d2c8290476c649e6efd9a5de8b
d8ced2e431aebcd03fbde9988a80c19e88486195
d0624e3cc7f27c2b2e87b588050412d8f1384ce30e077074f2a52a431561c8cc
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_kuketiib_parem.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "725829181"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 488
date: Thu, 04 May 2023 19:19:04 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52063464
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
banner.hookusbookus.com/config/config.js?v=1
52.29.55.185200 OK 75 B URL GET HTTP/2 banner.hookusbookus.com/config/config.js?v=1
IP 52.29.55.185:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
Fingerprint7F:13:59:59:81:B1:85:AD:9D:D2:3B:87:D1:D5:08:9D:34:06:A5:77
ValidityFri, 10 Feb 2023 00:00:00 GMT - Wed, 05 Jul 2023 23:59:59 GMT
Hash ee16e21326dec006274a554647c4d759
8e4389c35e12ea6d1e4d7214c174fda343047865
5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f
GET /config/config.js?v=1 HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 04 May 2023 19:23:41 GMT
content-type: application/javascript
content-length: 75
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:19:47 GMT
etag: "63cfe903-4b"
accept-ranges: bytes
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/css/index_1000x200.css
52.29.55.185200 OK 3.6 kB URL GET HTTP/2 banner.hookusbookus.com/assets/css/index_1000x200.css
IP 52.29.55.185:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
Fingerprint7F:13:59:59:81:B1:85:AD:9D:D2:3B:87:D1:D5:08:9D:34:06:A5:77
ValidityFri, 10 Feb 2023 00:00:00 GMT - Wed, 05 Jul 2023 23:59:59 GMT
Hash 805386b458c26412844874e80bbefc00
6fb5ebb2a34ca8403c2c45ef46e00480556fdbd4
012d0f48eb5661665403b394b6c52450d211fa73d683891ea34ce2555efd7471
GET /assets/css/index_1000x200.css HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 04 May 2023 19:23:41 GMT
content-type: text/css
server: nginx/1.15.12
last-modified: Fri, 17 Dec 2021 08:13:58 GMT
vary: Accept-Encoding
etag: W/"61bc46c6-1301"
content-encoding: gzip
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-5364884771898146&su=www.upload.ee&eid=44759927%2C44759842%2C44759876%2C44773809%2C31074330%2C44782467%2C44788442%2C44789779&doc=complete&pg_h=1272&pg_w=1280&pg_hs=1272&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
172.217.21.162204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-5364884771898146&su=www.upload.ee&eid=44759927%2C44759842%2C44759876%2C44773809%2C31074330%2C44782467%2C44788442%2C44789779&doc=complete&pg_h=1272&pg_w=1280&pg_hs=1272&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
IP 172.217.21.162:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=ama_stats&wpc=ca-pub-5364884771898146&su=www.upload.ee&eid=44759927%2C44759842%2C44759876%2C44773809%2C31074330%2C44782467%2C44788442%2C44789779&doc=complete&pg_h=1272&pg_w=1280&pg_hs=1272&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: pagead2.googlesyndication.com
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 04 May 2023 19:23:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230502&jk=2606150688887529&bg=!u7iluOzNAAYV_mUANf47ADkAdvg8Wl81uY9N_SZOw_OsWbBb6HIICx72M26UF9O9O9VFJ_EY_cJ7vR6wIpncyQXBiCR2L5S1Ym0CAAAAq1IAAAAHaAEHCgEQeichoBC-ZUst-pmEXfCPanZX09ZXfH4Njof0471beFg9E2VGM3ZL82JCIFVCW98Cwp3Yr6JtucOlC5WonnlPA5tF8V8_8bHvu5HS_GLkbL_NMkAcLiqtQ56fSFwqPNoQbGusfxbkPMF2lqwMoOJOIZ3cm8BWwlDcE-ZheFSI-F-Bm8cKxYpP_Ncrh3gj7TBtrF6jmr7IS8pRoRE_yQUfIgk2X3qClBk9GA_kz06gigyb4CHsliLPmsGip4shayFw4SrE5uImJZnLyvSPcxaxiPlwSEBmVAdd_pVVO1rsUEnwFhvb4B_ToJ3Qrgj7X0kcHesEIpmG6N4x4nzfCiF7zH5OziuE8-ILaM_qIFz7sh2ZAnpOret8K9zKozEv74WBRWX3vNjMbfFO1574hhxm6VUq7oX1tJK9FsggtibpTNJh07kuopKkXqt2dSkkhEqMWjCKCD-slclHBo-oTLeYNzfxZQ0u4WN2kb3EdYzXS59P7TAvf0oitXnPMEOMmvC59pTsQGI8h3umpyckIOCQ8e-lwn__34rgfDdD6BrjBXZsHo6-xSuug9i7zXSmsMJLpgEeObMh0FtUM3n7IX7ticrdzDRAOpwW1YLjljYundckOnuXzg7CVKkrlcQSGRlZobJSOblnA_ctCxXXZB6UtcJkyuT97UfB4B_ryKc1NB8kGeki8mAvFk_dWemkws_RuG1VQkfk3a1_KY8AWsgEOX5gU_frmg3GAc35T424KrTgq8Y4bP0oaxZ0HBHZ66yC--dsT2BXR0w7jUwnbwnz2BwZShhe2do-5E8VZVzpjAjAoKbzLrP5bFLBmKz5grpKAD7XgwL4Q2BVpKb-7VAbYvLvAUlZ31C-6Ep668oBoKCvZ7THOLshXGRIGwH330-PX0ivDYVE_irmzmcrggJ5VZHYBHCOGrFfdunoOdZaspu-z4awi90qCUukBHUqTWDK7JQe74BbV4O7bVKyL3VE2bQs8a3byVKS7ryhu_2fWtOmkVYkqLyOQ9filWBrxPw9K-fMYVsBk7kRUN6Ma9WYrnodj3OfEMpb6MeFKoejj0u-puEI2B4me9gq4u72HUJcYxaj5PwXP10JWPF_-4EHJ_0YNQ7NWdshd8gSSbkF94xgvh0LrxYUoP10g2-npjF8c6Apy5CrIZqc5jBH2OW_bBKRlKudrD--mEYbMKaaPdR3OpqBrA2PhyF5o6LV
172.217.21.162204 No Content 0 B URL GET HTTP/3 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230502&jk=2606150688887529&bg=!u7iluOzNAAYV_mUANf47ADkAdvg8Wl81uY9N_SZOw_OsWbBb6HIICx72M26UF9O9O9VFJ_EY_cJ7vR6wIpncyQXBiCR2L5S1Ym0CAAAAq1IAAAAHaAEHCgEQeichoBC-ZUst-pmEXfCPanZX09ZXfH4Njof0471beFg9E2VGM3ZL82JCIFVCW98Cwp3Yr6JtucOlC5WonnlPA5tF8V8_8bHvu5HS_GLkbL_NMkAcLiqtQ56fSFwqPNoQbGusfxbkPMF2lqwMoOJOIZ3cm8BWwlDcE-ZheFSI-F-Bm8cKxYpP_Ncrh3gj7TBtrF6jmr7IS8pRoRE_yQUfIgk2X3qClBk9GA_kz06gigyb4CHsliLPmsGip4shayFw4SrE5uImJZnLyvSPcxaxiPlwSEBmVAdd_pVVO1rsUEnwFhvb4B_ToJ3Qrgj7X0kcHesEIpmG6N4x4nzfCiF7zH5OziuE8-ILaM_qIFz7sh2ZAnpOret8K9zKozEv74WBRWX3vNjMbfFO1574hhxm6VUq7oX1tJK9FsggtibpTNJh07kuopKkXqt2dSkkhEqMWjCKCD-slclHBo-oTLeYNzfxZQ0u4WN2kb3EdYzXS59P7TAvf0oitXnPMEOMmvC59pTsQGI8h3umpyckIOCQ8e-lwn__34rgfDdD6BrjBXZsHo6-xSuug9i7zXSmsMJLpgEeObMh0FtUM3n7IX7ticrdzDRAOpwW1YLjljYundckOnuXzg7CVKkrlcQSGRlZobJSOblnA_ctCxXXZB6UtcJkyuT97UfB4B_ryKc1NB8kGeki8mAvFk_dWemkws_RuG1VQkfk3a1_KY8AWsgEOX5gU_frmg3GAc35T424KrTgq8Y4bP0oaxZ0HBHZ66yC--dsT2BXR0w7jUwnbwnz2BwZShhe2do-5E8VZVzpjAjAoKbzLrP5bFLBmKz5grpKAD7XgwL4Q2BVpKb-7VAbYvLvAUlZ31C-6Ep668oBoKCvZ7THOLshXGRIGwH330-PX0ivDYVE_irmzmcrggJ5VZHYBHCOGrFfdunoOdZaspu-z4awi90qCUukBHUqTWDK7JQe74BbV4O7bVKyL3VE2bQs8a3byVKS7ryhu_2fWtOmkVYkqLyOQ9filWBrxPw9K-fMYVsBk7kRUN6Ma9WYrnodj3OfEMpb6MeFKoejj0u-puEI2B4me9gq4u72HUJcYxaj5PwXP10JWPF_-4EHJ_0YNQ7NWdshd8gSSbkF94xgvh0LrxYUoP10g2-npjF8c6Apy5CrIZqc5jBH2OW_bBKRlKudrD--mEYbMKaaPdR3OpqBrA2PhyF5o6LV
IP 172.217.21.162:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint09:1D:A9:AE:08:E0:55:47:86:0B:F7:70:DB:E9:AC:C4:2F:DE:19:E7
ValidityMon, 03 Apr 2023 08:16:10 GMT - Mon, 26 Jun 2023 08:16:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230502&jk=2606150688887529&bg=!u7iluOzNAAYV_mUANf47ADkAdvg8Wl81uY9N_SZOw_OsWbBb6HIICx72M26UF9O9O9VFJ_EY_cJ7vR6wIpncyQXBiCR2L5S1Ym0CAAAAq1IAAAAHaAEHCgEQeichoBC-ZUst-pmEXfCPanZX09ZXfH4Njof0471beFg9E2VGM3ZL82JCIFVCW98Cwp3Yr6JtucOlC5WonnlPA5tF8V8_8bHvu5HS_GLkbL_NMkAcLiqtQ56fSFwqPNoQbGusfxbkPMF2lqwMoOJOIZ3cm8BWwlDcE-ZheFSI-F-Bm8cKxYpP_Ncrh3gj7TBtrF6jmr7IS8pRoRE_yQUfIgk2X3qClBk9GA_kz06gigyb4CHsliLPmsGip4shayFw4SrE5uImJZnLyvSPcxaxiPlwSEBmVAdd_pVVO1rsUEnwFhvb4B_ToJ3Qrgj7X0kcHesEIpmG6N4x4nzfCiF7zH5OziuE8-ILaM_qIFz7sh2ZAnpOret8K9zKozEv74WBRWX3vNjMbfFO1574hhxm6VUq7oX1tJK9FsggtibpTNJh07kuopKkXqt2dSkkhEqMWjCKCD-slclHBo-oTLeYNzfxZQ0u4WN2kb3EdYzXS59P7TAvf0oitXnPMEOMmvC59pTsQGI8h3umpyckIOCQ8e-lwn__34rgfDdD6BrjBXZsHo6-xSuug9i7zXSmsMJLpgEeObMh0FtUM3n7IX7ticrdzDRAOpwW1YLjljYundckOnuXzg7CVKkrlcQSGRlZobJSOblnA_ctCxXXZB6UtcJkyuT97UfB4B_ryKc1NB8kGeki8mAvFk_dWemkws_RuG1VQkfk3a1_KY8AWsgEOX5gU_frmg3GAc35T424KrTgq8Y4bP0oaxZ0HBHZ66yC--dsT2BXR0w7jUwnbwnz2BwZShhe2do-5E8VZVzpjAjAoKbzLrP5bFLBmKz5grpKAD7XgwL4Q2BVpKb-7VAbYvLvAUlZ31C-6Ep668oBoKCvZ7THOLshXGRIGwH330-PX0ivDYVE_irmzmcrggJ5VZHYBHCOGrFfdunoOdZaspu-z4awi90qCUukBHUqTWDK7JQe74BbV4O7bVKyL3VE2bQs8a3byVKS7ryhu_2fWtOmkVYkqLyOQ9filWBrxPw9K-fMYVsBk7kRUN6Ma9WYrnodj3OfEMpb6MeFKoejj0u-puEI2B4me9gq4u72HUJcYxaj5PwXP10JWPF_-4EHJ_0YNQ7NWdshd8gSSbkF94xgvh0LrxYUoP10g2-npjF8c6Apy5CrIZqc5jBH2OW_bBKRlKudrD--mEYbMKaaPdR3OpqBrA2PhyF5o6LV HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: pagead2.googlesyndication.com
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 04 May 2023 19:23:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
52.29.55.185200 OK 53 kB URL GET HTTP/2 banner.hookusbookus.com/assets/fonts/greycliff-cf-regular.woff
IP 52.29.55.185:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
Fingerprint7F:13:59:59:81:B1:85:AD:9D:D2:3B:87:D1:D5:08:9D:34:06:A5:77
ValidityFri, 10 Feb 2023 00:00:00 GMT - Wed, 05 Jul 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 53104, version 1.500\012- data
Hash 4f5975fe17a8ca74963be0165ff6a443
4bca2ab6c3da2b6ae09602601adeac22e7a90381
5b8f98e0c93afef19bd64c3dea2a16d60dc1574e5a4a79b788ef03b9eb3c22df
GET /assets/fonts/greycliff-cf-regular.woff HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 04 May 2023 19:23:42 GMT
content-type: font/woff
content-length: 53104
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-cf70"
accept-ranges: bytes
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/2kSxi87jWxu1156IuitY.jpg
54.230.245.217200 OK 66 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/2kSxi87jWxu1156IuitY.jpg
IP 54.230.245.217:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash 72de32373e29b534f04643034d474f7f
450671677fd9a78d483b6e85b4b3642e41260781
8aa954dbc520de656d97b8d2d2fcb265e07e26c0060b991687519dcaca322e12
GET /hotelliveeb/images/general/1/2kSxi87jWxu1156IuitY.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 65835
date: Thu, 04 May 2023 04:18:28 GMT
last-modified: Thu, 20 Apr 2023 09:30:18 GMT
etag: "72de32373e29b534f04643034d474f7f"
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -kxNC6v4-XvQpASCp5lC7XFomV3h9dm-iSXKqTPy0kBZ6c5k-DMxKQ==
age: 54315
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.21200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /event?key=FYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=14e205c80cff783402e258d005abdc7d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 04 May 2023 19:19:05 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52805144
age: 0
via: 1.1 varnish (Varnish/6.2)
accept-ranges: bytes
server: lighttpd/1.4.64
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.21200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /event?key=FYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=14e205c80cff783402e258d005abdc7d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 04 May 2023 19:21:33 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52086872
age: 0
via: 1.1 varnish (Varnish/6.2)
accept-ranges: bytes
server: lighttpd/1.4.64
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
212.47.222.21200 OK 0 B URL GET HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /event?key=FYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnPQFkqynusZJvi-LzBjp4mA HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=14e205c80cff783402e258d005abdc7d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 04 May 2023 19:21:35 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 54103338
age: 0
via: 1.1 varnish (Varnish/6.2)
accept-ranges: bytes
server: lighttpd/1.4.64
X-Firefox-Spdy: h2
banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
52.29.55.185200 OK 73 kB URL GET HTTP/2 banner-server.hookusbookus.com/package-feed?language=et_ee&utmSource=allmedia
IP 52.29.55.185:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
Fingerprint7F:13:59:59:81:B1:85:AD:9D:D2:3B:87:D1:D5:08:9D:34:06:A5:77
ValidityFri, 10 Feb 2023 00:00:00 GMT - Wed, 05 Jul 2023 23:59:59 GMT
Hash 1146495a2812b989a1e61ec0b947e388
6d08ef1005fe35f1600ee086fc39898c23f2467f
fbaa7d1e6ee56fda73bd824c79295a39b9dc8c47447d36eff44afae4dd6cad9f
GET /package-feed?language=et_ee&utmSource=allmedia HTTP/1.1
Host: banner-server.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://banner.hookusbookus.com
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 04 May 2023 19:23:42 GMT
content-type: application/json
access-control-allow-origin: https://banner.hookusbookus.com
access-control-allow-methods: POST, PUT, GET, PATCH, OPTIONS, DELETE
access-control-max-age: 3600
access-control-allow-headers: origin, authorization, accept, content-type, x-requested-with, Pragma, Cache-Control, If-Modified-Since, X-Auth-Token, X-Client-Certificate
access-control-allow-credentials: true
access-control-expose-headers: X-Auth-Token, Content-Disposition, Content-Length
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/JdZmoWeiiQlpfMAuIIeC.jpg
54.230.245.217 61 kB URL dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/JdZmoWeiiQlpfMAuIIeC.jpg
IP 54.230.245.217:0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x195, components 3\012- data
Hash dd86bfb4bf775c862d2c4ce6c31b29b5
94119b0ecc2ae1f9fa98a98eb6c416622ef14547
de5103951b90a9ed1ba44af9919079bed54e32ab4c61d849d19c672ef26e0bca
GET /hotelliveeb/images/general/1/JdZmoWeiiQlpfMAuIIeC.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 60807
date: Thu, 04 May 2023 12:20:48 GMT
last-modified: Mon, 20 Dec 2021 05:01:37 GMT
etag: "dd86bfb4bf775c862d2c4ce6c31b29b5"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uben5I_F0EtkrnvpsdltnXWdcU_acMhvyeHD9EpYDVDM6TUgyx_Y8A==
age: 25387
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/prices-bg-3.png
52.29.55.185200 OK 2.4 kB URL GET HTTP/2 banner.hookusbookus.com/assets/image/prices-bg-3.png
IP 52.29.55.185:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
Fingerprint7F:13:59:59:81:B1:85:AD:9D:D2:3B:87:D1:D5:08:9D:34:06:A5:77
ValidityFri, 10 Feb 2023 00:00:00 GMT - Wed, 05 Jul 2023 23:59:59 GMT
File type PNG image data, 250 x 118, 8-bit/color RGBA, non-interlaced\012- data
Hash ef56eff9c1246b25c0088c156116ae05
21f5a8245443365c960a196d005277a3c5ef4709
be624625b85909d1b549672c0a13b167751f842e035c3156f1d5e4a1b677ce54
GET /assets/image/prices-bg-3.png HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 04 May 2023 19:23:41 GMT
content-type: image/png
content-length: 2442
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-98a"
accept-ranges: bytes
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/siAdbm36aJT4SbFwxrl2.jpg
54.230.245.217200 OK 46 kB URL GET HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/siAdbm36aJT4SbFwxrl2.jpg
IP 54.230.245.217:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash 91451d1ec57ce1bc7c4c8ca7bddec42f
45745a127deca1d09ce6b76ad6fc61098a40d488
acbf223b98dddada08e0b403986fc5f7bfd8c360d6c63cd50cafc3fc5540979d
GET /hotelliveeb/images/general/1/siAdbm36aJT4SbFwxrl2.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 46158
date: Thu, 04 May 2023 19:14:33 GMT
last-modified: Wed, 12 Jan 2022 12:30:51 GMT
etag: "91451d1ec57ce1bc7c4c8ca7bddec42f"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eS3o9tLksIN0dQp5MdGtN9BtmBWB47zOjXwa_IqYCRLDECoRCE3D-A==
age: 556
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_laim.png
212.47.222.21200 OK 2.2 kB URL GET HTTP/2 static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_laim.png
IP 212.47.222.21:443
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Requested by https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerLet's Encrypt
Subjectstatic.bepolite.eu
Fingerprint94:A6:1E:22:AF:B9:99:28:F0:8F:3E:00:81:D1:F5:13:22:A7:49:66
ValidityTue, 07 Mar 2023 22:09:49 GMT - Mon, 05 Jun 2023 22:09:48 GMT
File type PNG image data, 73 x 76, 8-bit colormap, non-interlaced\012- data
Hash 3f94cfd811425b99bfe3de32fae2a553
433cb07d401fd9658d0665e9f9f93f86ab01ab2c
327f722ad2b89f9b635e25afd7f54d2da2d399bafc32a4c41351f50827c501d3
GET /banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_laim.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b2920179-1ed2-46c2-bf3b-743de7bdef2f/kukemood_1000x400px.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D63343717&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1hP2ntw-Dcdl4rOJA9PCNEELyg3Ph5UI1g5tJwkvL5YjSKIYSidhPxpyZUMy9ieH7a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb2920179-1ed2-46c2-bf3b-743de7bdef2f%2Fkukemood_1000x400px.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D63343717&banner_id=3f646989018447d280be42b5eb000e8150dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=400&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3229115556"
last-modified: Tue, 11 Apr 2023 11:07:35 GMT
content-length: 2188
date: Thu, 04 May 2023 19:21:33 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 52478324
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/js/jquery.min.js
52.29.55.185200 OK 90 kB URL GET HTTP/2 banner.hookusbookus.com/assets/js/jquery.min.js
IP 52.29.55.185:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
Fingerprint7F:13:59:59:81:B1:85:AD:9D:D2:3B:87:D1:D5:08:9D:34:06:A5:77
ValidityFri, 10 Feb 2023 00:00:00 GMT - Wed, 05 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /assets/js/jquery.min.js HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 04 May 2023 19:23:41 GMT
content-type: application/javascript
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
vary: Accept-Encoding
etag: W/"608123af-15d84"
content-encoding: gzip
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/svg/hb-logo.svg
52.29.55.185200 OK 15 kB URL GET HTTP/2 banner.hookusbookus.com/assets/image/svg/hb-logo.svg
IP 52.29.55.185:443
Requested by https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF0QtWNj8dgNeyc822GCBuF4Z7xEQ1Xll8XkifIPWSR0vw0Td3kmZPURFoIh96WrPeV54KLmtLy36c_iisHCYrVUrHoh_1YkbYeC-lrOsK-1Z24yRb4rrtIDzkxVg-Dxa9m0A-0pwoXxD4WRvqOuCAobzp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3_rPysUfw8x-WHcO05jt5w3L1YXjp5s2TtQMyuqA_CWqb3LDQwHkJFaq7r-9Q-ntra5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=c10098c5ff934825ae00d324cbe8f78a50dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Certificate IssuerAmazon
Subject*.hookusbookus.com
Fingerprint7F:13:59:59:81:B1:85:AD:9D:D2:3B:87:D1:D5:08:9D:34:06:A5:77
ValidityFri, 10 Feb 2023 00:00:00 GMT - Wed, 05 Jul 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15333), with no line terminators
Hash bf6baf947f924bf8d67e947a025def06
9ac9fccb0351b41c1545714153ed5fa2c4bfef3a
64efdaebd020c39ec366f473c831cb51e8cd5d5b1afde13a9695d1f2dae4e60e
GET /assets/image/svg/hb-logo.svg HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 04 May 2023 19:23:41 GMT
content-type: image/svg+xml
server: nginx/1.15.12
last-modified: Mon, 05 Jul 2021 19:56:59 GMT
vary: Accept-Encoding
etag: W/"60e3640b-3be5"
content-encoding: gzip
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 72 kB URL GET HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:443
Requested by https://www.upload.ee/files/15188878/03052023__PBID_.rar.html?msg=sess_error
Certificate IssuerDigiCert Inc
Subjectodc-addthis-prod-01.oracle.com
Fingerprint19:61:99:E9:2B:6A:F3:0B:0D:3E:EC:7F:34:87:11:4D:6A:F6:0A:DB
ValidityTue, 07 Feb 2023 00:00:00 GMT - Wed, 07 Feb 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash d1e5460011efab67f9d298e62ca41c69
b518bb4fef90af133240c8e6efc08f4b3b74c5ad
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Thu, 04 May 2023 19:23:40 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2