upload.ee/download/14857804/d7d583a28c681c56673d/kms_server_service_v2.1.0.zip
51.91.30.159301 Moved Permanently 297 B URL HTTP/1.1 upload.ee/download/14857804/d7d583a28c681c56673d/kms_server_service_v2.1.0.zip
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f87af20ba0d40c9dd0e354a8caff4858
473276d4412e63a688711c904401e81bfffe176c
ee592a4045761ea3dd52b82ae4ccb532c1832c4e99f376fb723e68220d76ddad
GET /download/14857804/d7d583a28c681c56673d/kms_server_service_v2.1.0.zip HTTP/1.1
Host: upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 24 Jan 2023 14:19:29 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 297
Connection: keep-alive
Keep-Alive: timeout=5
Location: http://www.upload.ee/download/14857804/d7d583a28c681c56673d/kms_server_service_v2.1.0.zip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0be6cec5607bb65c06dbadd33456aec1
9d13129e936eb5fc82e403931884cdc8c6e6ab92
cb028034340b709ece65e45e8fc1a26a64dd85926beaa542f308d3f1d5ee2c84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB028034340B709ECE65E45E8FC1A26A64DD85926BEAA542F308D3F1D5EE2C84"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7014
Expires: Tue, 24 Jan 2023 16:16:24 GMT
Date: Tue, 24 Jan 2023 14:19:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f416977a8d6dfaafb2dbfd0e68b871f8
dfa97bd829b03162de91c80133f2fde69b58a8d2
2c4d0fd1b7a6d398026a4817267adce203429acdd3defa44a879f0d945f392d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C4D0FD1B7A6D398026A4817267ADCE203429ACDD3DEFA44A879F0D945F392D5"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3528
Expires: Tue, 24 Jan 2023 15:18:18 GMT
Date: Tue, 24 Jan 2023 14:19:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 24 Jan 2023 13:42:44 GMT
content-type: application/json
age: 2206
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31c8743c2b5202ce0228bac5aad7229b
4b5eee8e1ecbfc992505003be58e265ff3a0ee0a
8b3b47ea29fc02b8a08ee2a340a05ab23e391f0eb3b8d6beb17516706bb2e94d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B3B47EA29FC02B8A08EE2A340A05AB23E391F0EB3B8D6BEB17516706BB2E94D"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9304
Expires: Tue, 24 Jan 2023 16:54:34 GMT
Date: Tue, 24 Jan 2023 14:19:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pAGeUjTbxXivi+aPawbBppL46yb4DpwXqxx3PY5sP0EhTKJjitTlVVaCm31G6QvgT97ETIOdHmBalgHEiIGpxQ==
x-amz-request-id: 8S1E1EB5Y0DEQKQP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 24 Jan 2023 14:19:18 GMT
age: 12
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.upload.ee/download/14857804/d7d583a28c681c56673d/kms_server_service_v2.1.0.zip
51.91.30.159302 Found 0 B URL HTTP/1.1 www.upload.ee/download/14857804/d7d583a28c681c56673d/kms_server_service_v2.1.0.zip
IP 51.91.30.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /download/14857804/d7d583a28c681c56673d/kms_server_service_v2.1.0.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 24 Jan 2023 14:19:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
Location: https://www.upload.ee/download/14857804/d7d583a28c681c56673d/kms_server_service_v2.1.0.zip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 14:19:30 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a45ebd91c8366230e342326c91a2fa2f
9ff18c0c88875d39003f9419216ff4a999964168
b5c98b4da00c3694837463281715a4428e8123d78dff58b72525a7c9c5a39b2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3251
Cache-Control: max-age=133194
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:30 GMT
Etag: "63cf4189-1d7"
Expires: Thu, 26 Jan 2023 03:19:24 GMT
Last-Modified: Tue, 24 Jan 2023 02:25:13 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
www.upload.ee/download/14857804/d7d583a28c681c56673d/kms_server_service_v2.1.0.zip
51.91.30.159404 Not Found 409 B URL HTTP/1.1 www.upload.ee/download/14857804/d7d583a28c681c56673d/kms_server_service_v2.1.0.zip
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (409), with no line terminators
Hash 8b8c19682bca813529c96803e424dfd5
d3dbd8ff71804cd2930936c224d9c99137628321
231940b1e2575a0b652e36f1d392318066633b2cd4a527739194f01d9d41dae0
GET /download/14857804/d7d583a28c681c56673d/kms_server_service_v2.1.0.zip HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 24 Jan 2023 14:19:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 409
Connection: keep-alive
Keep-Alive: timeout=5
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
www.upload.ee/files/14857804/KMS_Server_Service_v2.1.0.zip.html
51.91.30.159200 OK 8.9 kB URL HTTP/1.1 www.upload.ee/files/14857804/KMS_Server_Service_v2.1.0.zip.html
IP 51.91.30.159:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4526)
Hash c57205393a93cca460264670379d351e
167432092043ed142205b9eea1f6112c799495ab
de3320a62ae87627808aef28811fafe845add9f7780f657d281f097aabc442fc
GET /files/14857804/KMS_Server_Service_v2.1.0.zip.html HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/download/14857804/d7d583a28c681c56673d/kms_server_service_v2.1.0.zip
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 14:19:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8881
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 24 Jan 2023 16:19:30 +0200
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1
P3P: CP="CAO PSA OUR"
Set-Cookie: lng=eng; expires=Tue, 21-Feb-2023 14:19:30 GMT; path=/; domain=www.upload.ee; secure; httponly; SameSite=None
Content-Encoding: gzip
www.upload.ee/static/ubr__style.css
51.91.30.159200 OK 2.9 kB URL HTTP/1.1 www.upload.ee/static/ubr__style.css
IP 51.91.30.159:0
File type ASCII text, with very long lines (591), with CRLF line terminators
Hash 7b736ade714db0c4ee6dbd432b2b1367
98b85ea1586315cba25380eca3c9785820a23042
e3d11bbf89fb8f84070b6616e4f422eef0182dbf937f0398d0d2c779509b07a1
GET /static/ubr__style.css HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/14857804/KMS_Server_Service_v2.1.0.zip.html
Cookie: lng=eng
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 14:19:30 GMT
Content-Type: text/css
Last-Modified: Fri, 04 Oct 2013 10:02:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
ETag: W/"524e9233-25a0"
Expires: Tue, 31 Jan 2023 14:19:30 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Content-Encoding: gzip
s7.addthis.com/js/250/addthis_widget.js?pub=uploadee
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/250/addthis_widget.js?pub=uploadee
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116332 bytes)
Hash c8d737e60bdacba7881311502080326f
dd80ca62ff99c01e84b9821ed22256c65870f3e5
0a2920847187f38e6f526a7e7eb20ec40fb7f37f56338de0c5e0e757f73ca8cc
GET /js/250/addthis_widget.js?pub=uploadee HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116332
date: Tue, 24 Jan 2023 14:19:30 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
www.upload.ee/js/js__file_upload.js
51.91.30.159200 OK 27 kB URL HTTP/1.1 www.upload.ee/js/js__file_upload.js
IP 51.91.30.159:0
File type Unicode text, UTF-8 text, with very long lines (1853)
Hash 617f6d5a2744bc8c02e3d2c67544bd68
f57c068257c8bc85644d3be1e845c36506cd4625
62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658
GET /js/js__file_upload.js HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/14857804/KMS_Server_Service_v2.1.0.zip.html
Cookie: lng=eng
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 14:19:30 GMT
Content-Type: application/javascript
Content-Length: 27351
Last-Modified: Thu, 07 May 2020 19:13:28 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "5eb45dd8-6ad7"
Expires: Tue, 31 Jan 2023 14:19:30 GMT
Cache-Control: max-age=604800
Vary: Accept-Encoding
Accept-Ranges: bytes
www.upload.ee/images/arrow.gif
51.91.30.159200 OK 59 B URL HTTP/1.1 www.upload.ee/images/arrow.gif
IP 51.91.30.159:0
File type GIF image data, version 89a, 6 x 9\012- data
Hash 6675f814b94f13f91f1383707b250e36
31452650e8fce2095613a2010799bdb7548bdd51
061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411
GET /images/arrow.gif HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/14857804/KMS_Server_Service_v2.1.0.zip.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 14:19:30 GMT
Content-Type: image/gif
Content-Length: 59
Last-Modified: Sun, 14 Apr 2013 07:15:01 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "516a5775-3b"
Expires: Tue, 31 Jan 2023 14:19:30 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.upload.ee/images/dl_.png
51.91.30.159200 OK 1.9 kB URL HTTP/1.1 www.upload.ee/images/dl_.png
IP 51.91.30.159:0
File type PNG image data, 154 x 32, 8-bit colormap, non-interlaced\012- data
Hash f3e8f284a4e98cdb91b6abfc142d94a4
fa9e618c2f56bea752ddd7e45a372c5539dadda9
2f13919383f54ca21e5b87f5644df8a875b99815c821dcbbabea352d854c6882
GET /images/dl_.png HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/14857804/KMS_Server_Service_v2.1.0.zip.html
Cookie: lng=eng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 14:19:30 GMT
Content-Type: image/png
Content-Length: 1900
Last-Modified: Thu, 01 Dec 2016 09:37:27 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "583fef57-76c"
Expires: Tue, 31 Jan 2023 14:19:30 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.googletagmanager.com/gtag/js?id=UA-6703115-1
172.217.21.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-6703115-1
IP 172.217.21.168:0
File type ASCII text, with very long lines (1759)
Hash 0b5377d15b53e411801841d4067cdb23
b4337df3f0cbd3858eba253d5a5ee2e16e37bea4
9db03be531b98e762ce8e643e162acef66669446b54d0104c3f68c7fdff6a626
GET /gtag/js?id=UA-6703115-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 24 Jan 2023 14:19:30 GMT
expires: Tue, 24 Jan 2023 14:19:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45024
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f136e9bdce8b778967f31c138c730bf6
032c6b734540fe786b259ba0c700622b88d768a2
ec9e91a632a1ee89dfd038cbe9700ed8c01e146846433284e81fad0ff2a75192
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/static/btn/lg-share-en.gif
23.38.200.123200 OK 596 B URL HTTP/2 s7.addthis.com/static/btn/lg-share-en.gif
IP 23.38.200.123:0
File type GIF image data, version 89a, 125 x 16\012- data
Hash 212668d558dfda57c80995d818ad9d39
f5c7e2ed67eeba644dc220e8ba32956bcf413eb9
8d261abb1cdf02888b9a1f12cf9694e7ec7e93d7da3e8f20e2907af422327489
GET /static/btn/lg-share-en.gif HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: image/gif
content-length: 596
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-254"
timing-allow-origin: *
cache-control: public, max-age=86313600
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
date: Tue, 24 Jan 2023 14:19:30 GMT
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Tue, 24 Jan 2023 14:19:30 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/uploadee/_ate.track.config_resp
23.38.200.123200 OK 47 B URL HTTP/2 v1.addthisedge.com/live/boost/uploadee/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 24c668b115f75423506f2ea21d1b49c2
14f956ddb2d9e8b072cd5f605c3f39526490b391
b542daef470a9730029174f975ce3ce236b3e58bf9183b11956acce994b13a16
GET /live/boost/uploadee/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-disposition: attachment; filename=1.txt
content-encoding: gzip
content-length: 47
cache-control: public, max-age=3, s-maxage=86400
date: Tue, 24 Jan 2023 14:19:30 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.upload.ee/favicon.ico
51.91.30.159200 OK 1.2 kB URL HTTP/1.1 www.upload.ee/favicon.ico
IP 51.91.30.159:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f299cf2e651c19e48d27900ced493ccb
c2d1086d517d7a26292e0d7b32da7c55b166c23b
115c8eb4840245f7aed0cb2a17fa7e91b86f79bb2f223a25af8cc533e1dedff1
GET /favicon.ico HTTP/1.1
Host: www.upload.ee
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/files/14857804/KMS_Server_Service_v2.1.0.zip.html
Cookie: lng=eng; __atuvc=1%7C4; __atuvs=63cfe8f102259725000
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 24 Jan 2023 14:19:30 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Tue, 16 Dec 2008 17:17:25 GMT
Connection: keep-alive
Keep-Alive: timeout=20
ETag: "4947e2a5-47e"
Expires: Tue, 31 Jan 2023 14:19:30 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 24 Jan 2023 14:17:31 GMT
age: 119
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=61081
date: Tue, 24 Jan 2023 14:19:30 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d49058d310f4af23788960ce233b8c82
dc5535fd32d7cbcd66eb12d44af2cdb15e60d438
5371cbf7ed4d0aadaa3b1cfc1f01cebcdceb87051e70784f21ef73d07c2393db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
172.217.21.162200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 172.217.21.162:0
File type ASCII text, with very long lines (4879)
Hash 807d5e75ca3bf2a4d1a4d247636ca362
1ffb7e80d4cd4b8c42f6174fed001c0431858697
d0b5fffbc3f168fe398078d3beb4a0e71ffc9c09e8931e126fff70af73b83409
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 24 Jan 2023 14:19:30 GMT
expires: Tue, 24 Jan 2023 14:19:30 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17579655574863553568
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49636
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
m.addthis.com/live/red_lojson/300lo.json?si=63cfe8f1265e455e&bkl=0&bl=1&pdt=104&sid=63cfe8f1265e455e&pub=uploadee&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.upload.ee&fp=files%2F14857804%2FKMS_Server_Service_v2.1.0.zip.html&fr=download%2F14857804%2Fd7d583a28c681c56673d%2Fkms_server_service_v2.1.0.zip&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&mk=upload%2Cfiles%2Cdownload%2Cfailid%2Chosting%2Cgaleriid%2Cgalleries%2Cvideo%2Cpilt%2Cimage%2Ctasuta%20upload%2Cupload%20clipboard%2Ceestimaine%20upload%2Cpiltide%20upload&colc=1674569969195&jsl=0&uvs=63cfe8f102259725000&skipb=1&callback=addthis.cbs.jsonp__040678808262342050
23.38.200.123200 OK 90 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=63cfe8f1265e455e&bkl=0&bl=1&pdt=104&sid=63cfe8f1265e455e&pub=uploadee&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.upload.ee&fp=files%2F14857804%2FKMS_Server_Service_v2.1.0.zip.html&fr=download%2F14857804%2Fd7d583a28c681c56673d%2Fkms_server_service_v2.1.0.zip&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&mk=upload%2Cfiles%2Cdownload%2Cfailid%2Chosting%2Cgaleriid%2Cgalleries%2Cvideo%2Cpilt%2Cimage%2Ctasuta%20upload%2Cupload%20clipboard%2Ceestimaine%20upload%2Cpiltide%20upload&colc=1674569969195&jsl=0&uvs=63cfe8f102259725000&skipb=1&callback=addthis.cbs.jsonp__040678808262342050
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 78b6769af2bc6693f3a5639b64016178
7db47f2afaf2af1284a87fd8fe1a18222c34ae51
10a67edbff494b34f3918d5227fc12f65fc9f8a962fbc4c36e4cfa5f588a6190
GET /live/red_lojson/300lo.json?si=63cfe8f1265e455e&bkl=0&bl=1&pdt=104&sid=63cfe8f1265e455e&pub=uploadee&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.upload.ee&fp=files%2F14857804%2FKMS_Server_Service_v2.1.0.zip.html&fr=download%2F14857804%2Fd7d583a28c681c56673d%2Fkms_server_service_v2.1.0.zip&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=2&gen=100&chr=UTF-8&mk=upload%2Cfiles%2Cdownload%2Cfailid%2Chosting%2Cgaleriid%2Cgalleries%2Cvideo%2Cpilt%2Cimage%2Ctasuta%20upload%2Cupload%20clipboard%2Ceestimaine%20upload%2Cpiltide%20upload&colc=1674569969195&jsl=0&uvs=63cfe8f102259725000&skipb=1&callback=addthis.cbs.jsonp__040678808262342050 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 90
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Tue, 24 Jan 2023 14:19:31 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d49058d310f4af23788960ce233b8c82
dc5535fd32d7cbcd66eb12d44af2cdb15e60d438
5371cbf7ed4d0aadaa3b1cfc1f01cebcdceb87051e70784f21ef73d07c2393db
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a0016981f79a7a1df58a5c1fbefb7cd5
d3a37f6798941d94312f5d1eb0aa31fe55228cd3
209ecb3765937d0eee4bc85fd639e407f1e68772c9e5bb3dbbab65658d6ebb0c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2680
Cache-Control: max-age=156715
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:31 GMT
Etag: "63cf9fa6-1d7"
Expires: Thu, 26 Jan 2023 09:51:26 GMT
Last-Modified: Tue, 24 Jan 2023 09:06:46 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 24 Jan 2023 13:41:08 GMT
expires: Tue, 24 Jan 2023 15:41:08 GMT
cache-control: public, max-age=7200
age: 2303
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3b3a20f95faa65f999532845deb676a9
e5e016934e53e64b5c25b93ef6e3902431511463
0b77ff555226f56f424749e1eef183d54f04711b905e0d1944a2638c3d360e3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash da2c90870cbcc7eb4d247fe66a32be33
ca5d60ea46a8d4b79c594191002c67077000cc87
eec1aeddcbebfd509994a4badb273faec2987c7d043090b612794abef0292a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.upload.ee&callback=_gfp_s_&client=ca-pub-5364884771898146
142.250.74.98200 OK 250 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.upload.ee&callback=_gfp_s_&client=ca-pub-5364884771898146
IP 142.250.74.98:0
File type ASCII text, with very long lines (385), with no line terminators
Hash 80fd75c375521fead0927cc3a2212c52
521b1233e8c50d8018969014a30f5664c3fdf4b9
ef9fc1eb5926cb19fdfc4d1eb9a94df254cee922307a0f9a6162ce9a13cd1e90
GET /gampad/cookie.js?domain=www.upload.ee&callback=_gfp_s_&client=ca-pub-5364884771898146 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 24 Jan 2023 14:19:31 GMT
server: cafe
cache-control: private
content-length: 250
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 4ec3b5ebec8f98b7435df060984d7ca6
dedffe21033e532f09b5c5e89e76db0853f91b0a
01e21ddc29765a26a6c7e48c1d30bd0c5f6cd3d40ad00e1b67deacc827d341e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.upload.ee
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.upload.ee
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.upload.ee HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 24 Jan 2023 14:19:31 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.200.178.235101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.178.235:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SF1uOR8WwyK9rScSCs/dZQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N7plV3ae5FaXAViqyobXV5QswKU=
adservice.google.com/adsid/integrator.js?domain=www.upload.ee
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.upload.ee
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.upload.ee HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 24 Jan 2023 14:19:31 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3b3a20f95faa65f999532845deb676a9
e5e016934e53e64b5c25b93ef6e3902431511463
0b77ff555226f56f424749e1eef183d54f04711b905e0d1944a2638c3d360e3f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash da2c90870cbcc7eb4d247fe66a32be33
ca5d60ea46a8d4b79c594191002c67077000cc87
eec1aeddcbebfd509994a4badb273faec2987c7d043090b612794abef0292a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 4ec3b5ebec8f98b7435df060984d7ca6
dedffe21033e532f09b5c5e89e76db0853f91b0a
01e21ddc29765a26a6c7e48c1d30bd0c5f6cd3d40ad00e1b67deacc827d341e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11eef2d36ba6ae259f52a7284f9b5ad1
b420ce644c7c2d9cebacd0e5c85609f31be780d1
721c0b2a1e16f86ad98140af1cde0d5a14d706198b454de6d38439e6db544694
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "721C0B2A1E16F86AD98140AF1CDE0D5A14D706198B454DE6D38439E6DB544694"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8154
Expires: Tue, 24 Jan 2023 16:35:25 GMT
Date: Tue, 24 Jan 2023 14:19:31 GMT
Connection: keep-alive
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-6703115-1&cid=1327106853.1674569969&jid=1943922932&gjid=114367530&_gid=1434264928.1674569970&_u=YADAAUAAAAAAACAAI~&z=469503309
64.233.165.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-6703115-1&cid=1327106853.1674569969&jid=1943922932&gjid=114367530&_gid=1434264928.1674569970&_u=YADAAUAAAAAAACAAI~&z=469503309
IP 64.233.165.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-6703115-1&cid=1327106853.1674569969&jid=1943922932&gjid=114367530&_gid=1434264928.1674569970&_u=YADAAUAAAAAAACAAI~&z=469503309 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.upload.ee
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.upload.ee
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 24 Jan 2023 14:19:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=5992598&screen_width=1280&screen_height=939&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14857804%2Fd7d583a28c681c56673d%2Fkms_server_service_v2.1.0.zip&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14857804%2FKMS_Server_Service_v2.1.0.zip.html&rnd=1674569969170
212.47.222.21200 OK 2.1 kB URL HTTP/2 serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=5992598&screen_width=1280&screen_height=939&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14857804%2Fd7d583a28c681c56673d%2Fkms_server_service_v2.1.0.zip&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14857804%2FKMS_Server_Service_v2.1.0.zip.html&rnd=1674569969170
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type ASCII text, with very long lines (394)
Hash 59678248b56f099840140aa82450ff3e
f43d326295b864aba91b053bc7bc9abb1a56d023
55dc5f5c22bbf18a7a59293b8939d677b2c425f845de59d2d8007a063ac4d6ab
GET /script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=5992598&screen_width=1280&screen_height=939&os=Linux%20x86_64&refurl=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14857804%2Fd7d583a28c681c56673d%2Fkms_server_service_v2.1.0.zip&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14857804%2FKMS_Server_Service_v2.1.0.zip.html&rnd=1674569969170 HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private, must-revalidate, max-age=0
vary: accept-encoding
content-encoding: gzip
content-type: text/plain;charset=ISO-8859-1
date: Tue, 24 Jan 2023 14:18:27 GMT
set-cookie: bepolite_id=e55ff45d8ac87253805caf7e320acde8; Max-Age=7776000; Expires=Mon, 24-Apr-2023 14:18:28 GMT; SameSite=None; Secure
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146308255
age: 0
via: 1.1 varnish (Varnish/6.2)
accept-ranges: bytes
content-length: 2122
server: lighttpd/1.4.64
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 770524cd994bedf15247e3ebe9412f90
25afc7f5b0199f96178b912c85fdbe6071c175fa
3008247e7d4045825a621710852194d4eb7993d7f4aa429cf290a5ddf441e2dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.bepolite.eu/scripts/saresponsive.js
212.47.222.21200 OK 175 kB URL HTTP/2 static.bepolite.eu/scripts/saresponsive.js
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type ASCII text, with very long lines (32077), with CRLF line terminators
Size 175 kB (174597 bytes)
Hash ab9074f7f6d1549fb6febe869e34bcd5
8fc2a53ea741c38fb674dcc7eaf7a774be67bfbc
c3e4013421d3da576ff619f21e1913f7267ddbbd9f4f93b535857e6299cfbeaa
GET /scripts/saresponsive.js HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "111176352"
last-modified: Wed, 31 Aug 2022 21:50:38 GMT
content-length: 174597
date: Tue, 24 Jan 2023 14:17:01 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 147359631
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-LT9YQX0N49>m=2oe1n0&_p=119826545&cid=1327106853.1674569969&ul=en-us&sr=1280x1024&_s=1&sid=1674569969&sct=1&seg=0&dl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14857804%2FKMS_Server_Service_v2.1.0.zip.html&dr=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14857804%2Fd7d583a28c681c56673d%2Fkms_server_service_v2.1.0.zip&dt=UPLOAD.EE%20-%20KMS_Server_Service_v2.1.0.zip%20-%20Download&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LT9YQX0N49>m=2oe1n0&_p=119826545&cid=1327106853.1674569969&ul=en-us&sr=1280x1024&_s=1&sid=1674569969&sct=1&seg=0&dl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14857804%2FKMS_Server_Service_v2.1.0.zip.html&dr=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14857804%2Fd7d583a28c681c56673d%2Fkms_server_service_v2.1.0.zip&dt=UPLOAD.EE%20-%20KMS_Server_Service_v2.1.0.zip%20-%20Download&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LT9YQX0N49>m=2oe1n0&_p=119826545&cid=1327106853.1674569969&ul=en-us&sr=1280x1024&_s=1&sid=1674569969&sct=1&seg=0&dl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F14857804%2FKMS_Server_Service_v2.1.0.zip.html&dr=https%3A%2F%2Fwww.upload.ee%2Fdownload%2F14857804%2Fd7d583a28c681c56673d%2Fkms_server_service_v2.1.0.zip&dt=UPLOAD.EE%20-%20KMS_Server_Service_v2.1.0.zip%20-%20Download&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.upload.ee
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.upload.ee
date: Tue, 24 Jan 2023 14:19:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.97200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 14:14:04 GMT
expires: Tue, 23 Jan 2024 14:14:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 86727
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F9d445e95-05df-4539-9fc1-2fccb7100e88%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=8cd42730300b440b8bcb803b7182eab450dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
212.47.222.21200 OK 3.8 kB URL HTTP/2 static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F9d445e95-05df-4539-9fc1-2fccb7100e88%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=8cd42730300b440b8bcb803b7182eab450dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 13d73ab7fb8fa5696bb06b88fc0de93e
88fbfc054517378e38eace25ae52bfa31019d5c1
d2f643cc07ec4297989e22a90abd1870008d98c62b757a4d24e8ac6dac7d08e2
GET /banners/9d445e95-05df-4539-9fc1-2fccb7100e88/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F9d445e95-05df-4539-9fc1-2fccb7100e88%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=8cd42730300b440b8bcb803b7182eab450dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
etag: "655887719"
last-modified: Tue, 24 Jan 2023 13:30:07 GMT
content-length: 3774
date: Tue, 24 Jan 2023 14:17:15 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 147720375
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 5b30b8284ca26f40e61117727a67f32e
689fa2f274ffc67f271fc35b2aff2001a3195cba
c0bec212fe30dee99a94e74758cc809fddf2bf2d1a4a346df78df1b6b71ac305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb939c833-9ad8-4724-b0a5-150657e0cfde%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=851c4e5582344144a82bc94271ba879e50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
212.47.222.21200 OK 3.8 kB URL HTTP/2 static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb939c833-9ad8-4724-b0a5-150657e0cfde%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=851c4e5582344144a82bc94271ba879e50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 13d73ab7fb8fa5696bb06b88fc0de93e
88fbfc054517378e38eace25ae52bfa31019d5c1
d2f643cc07ec4297989e22a90abd1870008d98c62b757a4d24e8ac6dac7d08e2
GET /banners/b939c833-9ad8-4724-b0a5-150657e0cfde/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb939c833-9ad8-4724-b0a5-150657e0cfde%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=851c4e5582344144a82bc94271ba879e50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
accept-ranges: bytes
etag: "1603794331"
last-modified: Tue, 24 Jan 2023 13:26:57 GMT
content-length: 3774
date: Tue, 24 Jan 2023 14:18:28 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 135454288
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
216.58.207.228200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 8ad6db880522df88d42a87c3a240198e
864958af1f2706b07e332316226b37ffb7d61043
0e337e158554608c502a4be359c1aa546abcf45c916757a9748edb13f28d0717
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 24 Jan 2023 14:19:31 GMT
date: Tue, 24 Jan 2023 14:19:31 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce--4bfF_MV2LgMzIgTyDTfTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/rimihinnalangetus1000x200est_hype_generated_script.js?44929
212.47.222.21200 OK 8.9 kB URL HTTP/2 static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/rimihinnalangetus1000x200est_hype_generated_script.js?44929
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type ASCII text, with very long lines (6323)
Hash 189640c02dc2824e93753bfbb8fd6612
aea1c8bdb684182c0d146ca405b76ebac30c5815
8106e18e9380ac6221486a7a8e84f223a07d24499599c24a1be95e89d777e1e0
GET /banners/9d445e95-05df-4539-9fc1-2fccb7100e88/rimihinnalangetus1000x200est_hype_generated_script.js?44929 HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F9d445e95-05df-4539-9fc1-2fccb7100e88%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=8cd42730300b440b8bcb803b7182eab450dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "3343073545"
last-modified: Tue, 24 Jan 2023 13:30:07 GMT
content-length: 8864
date: Tue, 24 Jan 2023 14:17:15 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146715864
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/rimihinnalangetus1000x200est_hype_generated_script.js?44929
212.47.222.21200 OK 8.9 kB URL HTTP/2 static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/rimihinnalangetus1000x200est_hype_generated_script.js?44929
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type ASCII text, with very long lines (6323)
Hash ddeb8edc529a76173d86e3fdb5175b82
dbbb4d6689a8a41928be4f4b64389be808836dda
59a625a9531b1d4b97ef27b99f76f2f9b1b8428e0f8f793df7daf042e8edc088
GET /banners/b939c833-9ad8-4724-b0a5-150657e0cfde/rimihinnalangetus1000x200est_hype_generated_script.js?44929 HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb939c833-9ad8-4724-b0a5-150657e0cfde%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=851c4e5582344144a82bc94271ba879e50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
etag: "1016071834"
last-modified: Tue, 24 Jan 2023 13:26:57 GMT
content-length: 8876
date: Tue, 24 Jan 2023 14:17:01 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 135454291
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 07bd887a383223b249754b4d9a66cd58
cac97a015e2e43662b654d4c3009a9d36ec6aef7
8ac825e6b97c148c75e5bc45c4b4eaee86ad9bfacbfabed3744b972463f98d3a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4517
Cache-Control: max-age=110658
Content-Type: application/ocsp-response
Date: Tue, 24 Jan 2023 14:19:31 GMT
Etag: "63cee490-1d7"
Expires: Wed, 25 Jan 2023 21:03:49 GMT
Last-Modified: Mon, 23 Jan 2023 19:48:32 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 3d747ebd6dbeb70a0b1998209aea6cc8
e89483752b097ec5513021990119b6bf49e1334c
dac86a0e957d8f06733bd73c731387316eae29a7a9f08c1b769812d4169cdcd8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135929
Date: Tue, 24 Jan 2023 14:19:31 GMT
Etag: "63cf4b6a-1d7"
Expires: Thu, 26 Jan 2023 04:05:00 GMT
Last-Modified: Tue, 24 Jan 2023 03:07:22 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Of4mR4fCwXBv-bCM3-dwdDAqzYaiO2K23V95LA26WwaEIhnJAnMZfw==
Age: 3458
cdn.jsdelivr.net/gh/tumult/hype-runtime/HYPE-748.thin.min.js
151.101.193.229200 OK 25 kB URL HTTP/2 cdn.jsdelivr.net/gh/tumult/hype-runtime/HYPE-748.thin.min.js
IP 151.101.193.229:0
File type HTML document, ASCII text, with very long lines (3286)
Hash 494798715d92f427108349df370aff2d
f5cc98917136ae475bed03864988bf43641edede
8d665e23c104cde2e8eaead7398415aee158b09f0c67dabf60451696ad46223b
GET /gh/tumult/hype-runtime/HYPE-748.thin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"de41-iS6EwhJ2ZX6DiiVpqJRTOxhzVPE"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 24 Jan 2023 14:19:32 GMT
age: 8927
x-served-by: cache-fra-eddf8230028-FRA, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24694
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 2e3b2d0ebf42df66aef988303d933d21
f757bddbac4e214e1a2deadaf029ed8b922b2d8f
690ff94a713d24215505c441cb05ff563eff8bcca53079ee7b4492bddb7ee739
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 24 Jan 2023 14:19:32 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1069497B5DE018AFB661BA98BA816E4A9D6B897B"
Expires: Wed, 25 Jan 2023 00:00:00 GMT
Last-Modified: Tue, 24 Jan 2023 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2656
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78e967959fedb4ed-OSL
static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/2-est.png
212.47.222.21200 OK 934 B URL HTTP/2 static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/2-est.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 225 x 19, 4-bit colormap, non-interlaced\012- data
Hash 7a931d74e071bf3f507d45cfc6f7adc5
e6afb068a20a6cc9ef21cc9496f72d39cf9bd3f1
525d0e2d8442700ddbcb58c61fb472d87498282e30697b0c95889c1cd97e39b2
GET /banners/9d445e95-05df-4539-9fc1-2fccb7100e88/2-est.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F9d445e95-05df-4539-9fc1-2fccb7100e88%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=8cd42730300b440b8bcb803b7182eab450dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1685844567"
last-modified: Tue, 24 Jan 2023 13:30:07 GMT
content-length: 934
date: Tue, 24 Jan 2023 14:18:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146886315
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/2-hind.png
212.47.222.21200 OK 1.9 kB URL HTTP/2 static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/2-hind.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 144 x 132, 8-bit colormap, non-interlaced\012- data
Hash 5673ddc31ea3f69b4a558b807946b556
b2dad72ecef95f5d23fa7b4da85b92152114bee8
510a17c8586b0e1ceff1b1222546124b1765743082a59dad0d36b07df481163b
GET /banners/9d445e95-05df-4539-9fc1-2fccb7100e88/2-hind.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F9d445e95-05df-4539-9fc1-2fccb7100e88%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=8cd42730300b440b8bcb803b7182eab450dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3596334390"
last-modified: Tue, 24 Jan 2023 13:30:07 GMT
content-length: 1864
date: Tue, 24 Jan 2023 14:18:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146308264
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
banner.hookusbookus.com/config/config.js
52.57.219.21200 OK 75 B URL HTTP/2 banner.hookusbookus.com/config/config.js
IP 52.57.219.21:0
Hash ee16e21326dec006274a554647c4d759
8e4389c35e12ea6d1e4d7214c174fda343047865
5ccb649c18765165e7128191ea14ab53d8de87d6ad7eea29328b681d455d7a4f
GET /config/config.js HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=43f1ff9b6bce46119b6d0ca8fca6542950dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 14:19:32 GMT
content-type: application/javascript
content-length: 75
server: nginx/1.15.12
last-modified: Tue, 24 Jan 2023 14:03:54 GMT
etag: "63cfe54a-4b"
accept-ranges: bytes
X-Firefox-Spdy: h2
static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/2-pic.png
212.47.222.21200 OK 29 kB URL HTTP/2 static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/2-pic.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 225 x 193, 8-bit colormap, non-interlaced\012- data
Hash 6c1c9d9bdb6b8d9f1c66122860163c85
21a22ef5a15231a92dd27d32acae1036a857974b
cded89ef4491baec2d3e4b27fa49969fddca29944c2bbf017f34da613843a58c
GET /banners/9d445e95-05df-4539-9fc1-2fccb7100e88/2-pic.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F9d445e95-05df-4539-9fc1-2fccb7100e88%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=8cd42730300b440b8bcb803b7182eab450dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2430173451"
last-modified: Tue, 24 Jan 2023 13:30:07 GMT
content-length: 28948
date: Tue, 24 Jan 2023 14:17:01 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146853637
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/1-hind.png
212.47.222.21200 OK 2.2 kB URL HTTP/2 static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/1-hind.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 174 x 159, 8-bit colormap, non-interlaced\012- data
Hash d3d063a1d21658c4a6ba04267cc26bea
80ceead3252038a26cc3b8a441e6cda374905acb
1b58a8288e015c7fd2f276e9ada2ce90b81348186467c39c9b8de11daf91fcdb
GET /banners/9d445e95-05df-4539-9fc1-2fccb7100e88/1-hind.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F9d445e95-05df-4539-9fc1-2fccb7100e88%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=8cd42730300b440b8bcb803b7182eab450dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2803101815"
last-modified: Tue, 24 Jan 2023 13:30:07 GMT
content-length: 2171
date: Tue, 24 Jan 2023 14:18:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146886318
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/1-pic.png
212.47.222.21200 OK 15 kB URL HTTP/2 static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/1-pic.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 116 x 330, 8-bit colormap, non-interlaced\012- data
Hash 15811c6bc5190b70ff750f744a0adf52
70283b5c090801465f15a0a247d8c402143b0498
8cb574e25a4d99cef250b0c679c940d856ecccde0a7b1c107f7b651ec7b9aca7
GET /banners/9d445e95-05df-4539-9fc1-2fccb7100e88/1-pic.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F9d445e95-05df-4539-9fc1-2fccb7100e88%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=8cd42730300b440b8bcb803b7182eab450dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1517773082"
last-modified: Tue, 24 Jan 2023 13:30:07 GMT
content-length: 15332
date: Tue, 24 Jan 2023 14:18:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146308267
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/1-est.png
212.47.222.21200 OK 741 B URL HTTP/2 static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/1-est.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 191 x 19, 4-bit colormap, non-interlaced\012- data
Hash b50039d3e4bdf65fd06bcaa768dd24b8
632d7172dd773a493272e5f75aed57d26b00bbb8
144f8f572838163582a687e21ecbe34d43efd3240920dc5f66bca081f0e78b5c
GET /banners/9d445e95-05df-4539-9fc1-2fccb7100e88/1-est.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F9d445e95-05df-4539-9fc1-2fccb7100e88%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=8cd42730300b440b8bcb803b7182eab450dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2952142062"
last-modified: Tue, 24 Jan 2023 13:30:07 GMT
content-length: 741
date: Tue, 24 Jan 2023 14:18:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146530119
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/cta-est.png
212.47.222.21200 OK 9.8 kB URL HTTP/2 static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/cta-est.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 449 x 161, 8-bit colormap, non-interlaced\012- data
Hash b459c7fe18d5f5a8ddf36f5124792bee
f194cbb1afc4aabe352e5265462953348605be14
705b024bcee1e103a60677bf132c1a8309653d18380f148bc5d6b65a4acc9de6
GET /banners/9d445e95-05df-4539-9fc1-2fccb7100e88/cta-est.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F9d445e95-05df-4539-9fc1-2fccb7100e88%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=8cd42730300b440b8bcb803b7182eab450dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3343420231"
last-modified: Tue, 24 Jan 2023 13:30:07 GMT
content-length: 9777
date: Tue, 24 Jan 2023 14:17:15 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 147461715
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/lipp.png
212.47.222.21200 OK 970 B URL HTTP/2 static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/lipp.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 58 x 83, 8-bit colormap, non-interlaced\012- data
Hash b30e09bc070e8cdf9e14db9973085a62
28ba27be9ca299a935c2a33751442a7edf072379
c68b07ccb98ef7cc7771f2ac087080e3127582267990204fcbae0d0ad42cfa1e
GET /banners/9d445e95-05df-4539-9fc1-2fccb7100e88/lipp.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F9d445e95-05df-4539-9fc1-2fccb7100e88%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=8cd42730300b440b8bcb803b7182eab450dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3934225391"
last-modified: Tue, 24 Jan 2023 13:30:07 GMT
content-length: 970
date: Tue, 24 Jan 2023 14:18:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146308270
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/1000x200.png
212.47.222.21200 OK 11 kB URL HTTP/2 static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/1000x200.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 1000 x 200, 8-bit colormap, non-interlaced\012- data
Hash 322f27f056b7da9c94669026da534f45
6200ca6a9072812439207246709b5131bc2bf001
cb932a70cb46ee474fd26574eafa1aa0a4690e3a7e5b6e59d07dcb7aa8144463
GET /banners/9d445e95-05df-4539-9fc1-2fccb7100e88/1000x200.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/9d445e95-05df-4539-9fc1-2fccb7100e88/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-25bslV3y-YxZjYHpQAmOzFCtBBEL82V1CP4Z0NFGNAiA5dKBKGp2Fa72DpG-hzYGna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2F9d445e95-05df-4539-9fc1-2fccb7100e88%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=8cd42730300b440b8bcb803b7182eab450dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3663158011"
last-modified: Tue, 24 Jan 2023 13:30:07 GMT
content-length: 11341
date: Tue, 24 Jan 2023 14:18:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 147461718
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/2-est.png
212.47.222.21200 OK 934 B URL HTTP/2 static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/2-est.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 225 x 19, 4-bit colormap, non-interlaced\012- data
Hash 7a931d74e071bf3f507d45cfc6f7adc5
e6afb068a20a6cc9ef21cc9496f72d39cf9bd3f1
525d0e2d8442700ddbcb58c61fb472d87498282e30697b0c95889c1cd97e39b2
GET /banners/b939c833-9ad8-4724-b0a5-150657e0cfde/2-est.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb939c833-9ad8-4724-b0a5-150657e0cfde%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=851c4e5582344144a82bc94271ba879e50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1193963054"
last-modified: Tue, 24 Jan 2023 13:26:57 GMT
content-length: 934
date: Tue, 24 Jan 2023 14:18:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146308273
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/1-pic.png
212.47.222.21200 OK 15 kB URL HTTP/2 static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/1-pic.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 116 x 330, 8-bit colormap, non-interlaced\012- data
Hash 15811c6bc5190b70ff750f744a0adf52
70283b5c090801465f15a0a247d8c402143b0498
8cb574e25a4d99cef250b0c679c940d856ecccde0a7b1c107f7b651ec7b9aca7
GET /banners/b939c833-9ad8-4724-b0a5-150657e0cfde/1-pic.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb939c833-9ad8-4724-b0a5-150657e0cfde%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=851c4e5582344144a82bc94271ba879e50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3253004349"
last-modified: Tue, 24 Jan 2023 13:26:57 GMT
content-length: 15332
date: Tue, 24 Jan 2023 14:17:15 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 147359655
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/1-hind.png
212.47.222.21200 OK 2.2 kB URL HTTP/2 static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/1-hind.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 174 x 159, 8-bit colormap, non-interlaced\012- data
Hash d3d063a1d21658c4a6ba04267cc26bea
80ceead3252038a26cc3b8a441e6cda374905acb
1b58a8288e015c7fd2f276e9ada2ce90b81348186467c39c9b8de11daf91fcdb
GET /banners/b939c833-9ad8-4724-b0a5-150657e0cfde/1-hind.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb939c833-9ad8-4724-b0a5-150657e0cfde%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=851c4e5582344144a82bc94271ba879e50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "482494190"
last-modified: Tue, 24 Jan 2023 13:26:57 GMT
content-length: 2171
date: Tue, 24 Jan 2023 14:17:01 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146074263
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/cta-est.png
212.47.222.21200 OK 9.8 kB URL HTTP/2 static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/cta-est.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 449 x 161, 8-bit colormap, non-interlaced\012- data
Hash b459c7fe18d5f5a8ddf36f5124792bee
f194cbb1afc4aabe352e5265462953348605be14
705b024bcee1e103a60677bf132c1a8309653d18380f148bc5d6b65a4acc9de6
GET /banners/b939c833-9ad8-4724-b0a5-150657e0cfde/cta-est.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb939c833-9ad8-4724-b0a5-150657e0cfde%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=851c4e5582344144a82bc94271ba879e50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3217552810"
last-modified: Tue, 24 Jan 2023 13:26:57 GMT
content-length: 9777
date: Tue, 24 Jan 2023 14:18:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146308276
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/2-pic.png
212.47.222.21200 OK 29 kB URL HTTP/2 static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/2-pic.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 225 x 193, 8-bit colormap, non-interlaced\012- data
Hash 6c1c9d9bdb6b8d9f1c66122860163c85
21a22ef5a15231a92dd27d32acae1036a857974b
cded89ef4491baec2d3e4b27fa49969fddca29944c2bbf017f34da613843a58c
GET /banners/b939c833-9ad8-4724-b0a5-150657e0cfde/2-pic.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb939c833-9ad8-4724-b0a5-150657e0cfde%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=851c4e5582344144a82bc94271ba879e50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2453690330"
last-modified: Tue, 24 Jan 2023 13:26:57 GMT
content-length: 28948
date: Tue, 24 Jan 2023 14:18:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 147359658
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/lipp.png
212.47.222.21200 OK 970 B URL HTTP/2 static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/lipp.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 58 x 83, 8-bit colormap, non-interlaced\012- data
Hash b30e09bc070e8cdf9e14db9973085a62
28ba27be9ca299a935c2a33751442a7edf072379
c68b07ccb98ef7cc7771f2ac087080e3127582267990204fcbae0d0ad42cfa1e
GET /banners/b939c833-9ad8-4724-b0a5-150657e0cfde/lipp.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb939c833-9ad8-4724-b0a5-150657e0cfde%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=851c4e5582344144a82bc94271ba879e50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2737464943"
last-modified: Tue, 24 Jan 2023 13:26:57 GMT
content-length: 970
date: Tue, 24 Jan 2023 14:18:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 147461721
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/1000x200.png
212.47.222.21200 OK 11 kB URL HTTP/2 static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/1000x200.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 1000 x 200, 8-bit colormap, non-interlaced\012- data
Hash 322f27f056b7da9c94669026da534f45
6200ca6a9072812439207246709b5131bc2bf001
cb932a70cb46ee474fd26574eafa1aa0a4690e3a7e5b6e59d07dcb7aa8144463
GET /banners/b939c833-9ad8-4724-b0a5-150657e0cfde/1000x200.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb939c833-9ad8-4724-b0a5-150657e0cfde%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=851c4e5582344144a82bc94271ba879e50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "3250905477"
last-modified: Tue, 24 Jan 2023 13:26:57 GMT
content-length: 11341
date: Tue, 24 Jan 2023 14:17:15 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146074266
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/2-hind.png
212.47.222.21200 OK 1.9 kB URL HTTP/2 static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/2-hind.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 144 x 132, 8-bit colormap, non-interlaced\012- data
Hash 5673ddc31ea3f69b4a558b807946b556
b2dad72ecef95f5d23fa7b4da85b92152114bee8
510a17c8586b0e1ceff1b1222546124b1765743082a59dad0d36b07df481163b
GET /banners/b939c833-9ad8-4724-b0a5-150657e0cfde/2-hind.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb939c833-9ad8-4724-b0a5-150657e0cfde%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=851c4e5582344144a82bc94271ba879e50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "2631402686"
last-modified: Tue, 24 Jan 2023 13:26:57 GMT
content-length: 1864
date: Tue, 24 Jan 2023 14:17:01 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146308279
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/1-est.png
212.47.222.21200 OK 741 B URL HTTP/2 static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/1-est.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 191 x 19, 4-bit colormap, non-interlaced\012- data
Hash b50039d3e4bdf65fd06bcaa768dd24b8
632d7172dd773a493272e5f75aed57d26b00bbb8
144f8f572838163582a687e21ecbe34d43efd3240920dc5f66bca081f0e78b5c
GET /banners/b939c833-9ad8-4724-b0a5-150657e0cfde/1-est.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/banners/b939c833-9ad8-4724-b0a5-150657e0cfde/index.html?click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttps%253A%252F%252Ftrack.adform.net%252FC%252F%253Fbn%253D61084719&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fstatic.bepolite.eu%2Fbanners%2Fb939c833-9ad8-4724-b0a5-150657e0cfde%2Findex.html&clink=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D61084719&banner_id=851c4e5582344144a82bc94271ba879e50dd7b0f4105441f8f6018cc3fcb090c&bg=black&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "1543233755"
last-modified: Tue, 24 Jan 2023 13:26:57 GMT
content-length: 741
date: Tue, 24 Jan 2023 14:18:29 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 147359661
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/prices-bg-3.png
52.57.219.21200 OK 2.4 kB URL HTTP/2 banner.hookusbookus.com/assets/image/prices-bg-3.png
IP 52.57.219.21:0
File type PNG image data, 250 x 118, 8-bit/color RGBA, non-interlaced\012- data
Hash ef56eff9c1246b25c0088c156116ae05
21f5a8245443365c960a196d005277a3c5ef4709
be624625b85909d1b549672c0a13b167751f842e035c3156f1d5e4a1b677ce54
GET /assets/image/prices-bg-3.png HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 14:19:32 GMT
content-type: image/png
content-length: 2442
server: nginx/1.15.12
last-modified: Thu, 22 Apr 2021 07:20:15 GMT
etag: "608123af-98a"
accept-ranges: bytes
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/JdZmoWeiiQlpfMAuIIeC.jpg
108.157.217.229200 OK 61 kB URL HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/JdZmoWeiiQlpfMAuIIeC.jpg
IP 108.157.217.229:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x195, components 3\012- data
Hash dd86bfb4bf775c862d2c4ce6c31b29b5
94119b0ecc2ae1f9fa98a98eb6c416622ef14547
de5103951b90a9ed1ba44af9919079bed54e32ab4c61d849d19c672ef26e0bca
GET /hotelliveeb/images/general/1/JdZmoWeiiQlpfMAuIIeC.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 60807
date: Mon, 23 Jan 2023 16:42:30 GMT
last-modified: Mon, 20 Dec 2021 05:01:37 GMT
etag: "dd86bfb4bf775c862d2c4ce6c31b29b5"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5e29eae3156522edc7886df59287259c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 6J7EekncxdXhfBKJ9Hj-TngWMhUt4E45VAzb39ZTt-Loz3pDUEjdpQ==
age: 77823
X-Firefox-Spdy: h2
banner.hookusbookus.com/assets/image/svg/hb-logo.svg
52.57.219.21200 OK 80 kB URL HTTP/2 banner.hookusbookus.com/assets/image/svg/hb-logo.svg
IP 52.57.219.21:0
Hash 2513ca9700c0eed65729d23c95966cd8
117e31bf02d5b92895c7d262bb803a67c21e9b8b
208a8290f323d65f90a5b4f7dea392ad4330ff0180ae67cbb73fe1ae699fda8a
GET /assets/image/svg/hb-logo.svg HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/assets/css/index_1000x200.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 24 Jan 2023 14:19:32 GMT
content-type: image/svg+xml
server: nginx/1.15.12
last-modified: Mon, 05 Jul 2021 19:56:59 GMT
vary: Accept-Encoding
etag: W/"60e3640b-3be5"
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16706
Expires: Tue, 24 Jan 2023 18:57:58 GMT
Date: Tue, 24 Jan 2023 14:19:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16706
Expires: Tue, 24 Jan 2023 18:57:58 GMT
Date: Tue, 24 Jan 2023 14:19:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16706
Expires: Tue, 24 Jan 2023 18:57:58 GMT
Date: Tue, 24 Jan 2023 14:19:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WZE7yDAT_YRseW7m410pGAwkWAwJ2HmuTlg2IbSvCbN20SJbmQ4Odg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:06:36 GMT
age: 58376
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 462fc1946b8dbae49aa3cf22291fc707
400c6dc7973b36a5d3e43cc3b439da49ab6c76b5
88e13373963e8427baa4cdf19909eb297aafe035ec0376cbed6d4f4fa45dbd32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ad2eb2b-9cfe-4f71-89ea-99ac9e3f783f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4381
x-amzn-requestid: 528fddee-8bac-466a-8f82-3d5bffab7ca4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFpFghoAMFSPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefef0-63f97c8409b808910ce8f50a;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0eb65TKWgBaHaPETcwgUpjEHT6yMMT4N0vcRh3C66WYct0PNL-AcpQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:56:47 GMT
etag: "400c6dc7973b36a5d3e43cc3b439da49ab6c76b5"
content-type: image/jpeg
age: 58965
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 07:21:04 GMT
age: 25108
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 056caf4190dfd50ec8ccd4c81906a3aa
a913fcf6f7e4250c70ea97e55d0f1cce5b144c50
1747b399960d4953c1154e1185afd9429f519799ac443e486042bd64b31183ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fe0b832-fa1d-48ac-8248-84591cfa9db0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7768
x-amzn-requestid: 1acc401a-ede6-4079-8bdc-cbee1b1bfab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH8-BF4coAMF72A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca859-32a96bef2c041ade5f0fb021;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:07:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V2VY8s0VM4Dl6c88tWYw3v3VSzc1ZQs9MlF6b-pvw-tb31Dn6cqPmg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 04:23:40 GMT
age: 35752
etag: "a913fcf6f7e4250c70ea97e55d0f1cce5b144c50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4f5d148-4ecd-4a73-a2f7-b11441d43fbd.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4f5d148-4ecd-4a73-a2f7-b11441d43fbd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f6030cffa883f3445d938df64abae802
40c94e9879037db82e285b475189bef6c10f1c38
e536037d7c49777afaa079010327ce4bd95d16d02984ddd754fc3573e0d11242
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4f5d148-4ecd-4a73-a2f7-b11441d43fbd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6020
x-amzn-requestid: ff476ee8-4e2a-401d-ae35-c7a81d2ab5d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNyxTHpDIAMFdKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe6e-598963e85397d6475543245e;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mce4VwtD9jZdLdaRTMjTtk4Xb_hL19SMRacAp7BrHjr7mdTUPAHYmg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 21:57:43 GMT
etag: "40c94e9879037db82e285b475189bef6c10f1c38"
content-type: image/jpeg
age: 58909
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee9090f-cd45-474d-b05a-663eab75ddc2.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee9090f-cd45-474d-b05a-663eab75ddc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9088e8181cf43fa7e77bd0c169d459e
2a06f6ea31a615ac3a1a33fb2997e8617468e6f0
d09867478b7fe952ad8919728805cdc0918d849827f5e646ad2d824f9a6911e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee9090f-cd45-474d-b05a-663eab75ddc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9158
x-amzn-requestid: 27bce48a-9cab-4546-a713-33a4c42036eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFoEw2IAMF_eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefef0-341ee41e3ac904ee28e70f47;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dqzsjJD39H7SueW8rmB_3vreBtOxWYNHl8CpU-9jFj353yPS0ldiuw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 23 Jan 2023 22:04:40 GMT
age: 58492
etag: "2a06f6ea31a615ac3a1a33fb2997e8617468e6f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.bepolite.eu/files/close-gray.png
212.47.222.21200 OK 1.5 kB URL HTTP/2 static.bepolite.eu/files/close-gray.png
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 41d9676ab94bece3f7a549b4769ddbe2
521f14490fc57fea51e2e5bf00e2299dce51561b
c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34
GET /files/close-gray.png HTTP/1.1
Host: static.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
accept-ranges: bytes
etag: "732411054"
last-modified: Fri, 08 Apr 2022 18:07:56 GMT
content-length: 1497
date: Tue, 24 Jan 2023 14:17:02 GMT
server: lighttpd/1.4.55
cache-control: must-revalidate, private
expires: -1
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 147751842
age: 0
via: 1.1 varnish (Varnish/6.2)
X-Firefox-Spdy: h2
banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=43f1ff9b6bce46119b6d0ca8fca6542950dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
52.57.219.21200 OK 33 kB URL HTTP/2 banner.hookusbookus.com/index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=43f1ff9b6bce46119b6d0ca8fca6542950dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner
IP 52.57.219.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (59438)
Hash fd119956e4c7bba08ecf0496e07c90a2
c6cc6cb1d2b3e57b622906340811b20e6643197d
26c437aa310cf839d40dc0c5bddc2cb536aa7b49caad72886061372fc2d381bd
GET /index_1000x200.html?language=et_ee&utmSource=allmedia&click_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3Dhttp%253A%252F%252Fsmartad.ee&dynamic_url=https%3A%2F%2Fserving.bepolite.eu%2Fevent%3Fkey%3DFYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q%26clink%3D&f=https%3A%2F%2Fbanner.hookusbookus.com%2Findex_1000x200.html%3Flanguage%3Det_ee%26utmSource%3Dallmedia&clink=https%3A%2F%2Fsmartad.ee&banner_id=43f1ff9b6bce46119b6d0ca8fca6542950dd7b0f4105441f8f6018cc3fcb090c&bg=transparent&w=1000&h=200&locale=Display%20Estonia-EST&info=https%3A%2F%2Fdigital.tv3.ee%2Fbepolite-id%2F%3Futm_src%3Dbanner HTTP/1.1
Host: banner.hookusbookus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 24 Jan 2023 14:19:32 GMT
content-type: text/html
server: nginx/1.15.12
last-modified: Wed, 25 May 2022 06:39:17 GMT
vary: Accept-Encoding
etag: W/"628dcf15-177d"
content-encoding: gzip
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.21200 OK 0 B URL HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /event?key=FYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-1wt2MeNfTe_8MErV-1uE7uvKavkdgP3PvSDliwfwdC6Nb-oBgwvLl8nqDL0jWs1KPa5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=e55ff45d8ac87253805caf7e320acde8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Tue, 24 Jan 2023 14:17:15 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 135454333
age: 0
via: 1.1 varnish (Varnish/6.2)
accept-ranges: bytes
server: lighttpd/1.4.64
X-Firefox-Spdy: h2
serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
212.47.222.21200 OK 0 B URL HTTP/2 serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
IP 212.47.222.21:0
ASN #3327 CITIC Telecom CPC Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /event?key=FYFWuDany3hwv6rfuoAYF4bLGZ7gi48LSqczHCRMU825ND0hz3Udx4TmKNlofX0Do-_1e9SfS2TlIO7wbBsK0qwMFhDpPjeHUcAws-JALgBx6nPaO9jc6mUHXpVCq5vbNV_-mHLFTMbnA5ZaHZ03EtZ4BTaN5O6vJyRcKlAQ0A_zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-3uWnHPhR49qa2k1ls8ztIMqYDEsVmw4tezOUwqKjD8hugDQS68EDPWPQ6Ju3Gxpqna5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g HTTP/1.1
Host: serving.bepolite.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Cookie: bepolite_id=e55ff45d8ac87253805caf7e320acde8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Tue, 24 Jan 2023 14:17:01 GMT
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 146308315
age: 0
via: 1.1 varnish (Varnish/6.2)
accept-ranges: bytes
server: lighttpd/1.4.64
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=61084719;1x1inv=1;srctype=3;ord=7211057
37.157.5.142302 Found 238 B URL HTTP/2 track.adform.net/adfserve/?bn=61084719;1x1inv=1;srctype=3;ord=7211057
IP 37.157.5.142:0
Hash b5ba5f6a27b82950fc10062b752ce8ff
bd5db9c8bbe627b4b9095d676987724eabd41bfe
40d6078ae8e44cdce9ec9996711466d04b1c0d5c6447e8f3cb8a84a436ed9120
GET /adfserve/?bn=61084719;1x1inv=1;srctype=3;ord=7211057 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 24 Jan 2023 14:19:32 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=61084719;1x1inv=1;srctype=3;ord=7211057
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Fri, 24-Feb-2023 14:19:32 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?bn=61084719;1x1inv=1;srctype=3;ord=2552907
37.157.5.142302 Found 203 B URL HTTP/2 track.adform.net/adfserve/?bn=61084719;1x1inv=1;srctype=3;ord=2552907
IP 37.157.5.142:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8dfd93b71c61319d64a54f47987d0bf6
372be33e39bf82f7214431c49e0af8c110a5149f
0e884d60b1efbc1f311da3096e40f78cbce1c9589b5493e9cc6574ef0fb6531f
GET /adfserve/?bn=61084719;1x1inv=1;srctype=3;ord=2552907 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upload.ee/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 24 Jan 2023 14:19:33 GMT
content-type: text/html; charset=utf-8
location: https://track.adform.net/adfserve/?CC=1&bn=61084719;1x1inv=1;srctype=3;ord=2552907
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Fri, 24-Feb-2023 14:19:33 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
track.adform.net/adfserve/?CC=1&bn=61084719;1x1inv=1;srctype=3;ord=7211057
37.157.5.142200 OK 35 B URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=61084719;1x1inv=1;srctype=3;ord=7211057
IP 37.157.5.142:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /adfserve/?CC=1&bn=61084719;1x1inv=1;srctype=3;ord=7211057 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.upload.ee/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 14:19:33 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/9XFTBsexLSaW6Uk3nCoS.jpg
108.157.217.229200 OK 59 kB URL HTTP/2 dskwugy0u6y9l.cloudfront.net/hotelliveeb/images/general/1/9XFTBsexLSaW6Uk3nCoS.jpg
IP 108.157.217.229:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 346x198, components 3\012- data
Hash 2bc0042405de1b87297ef3b0e699e446
1c6098f9283395ff9ebf1f5710a61243a1998947
4848bddd5f564c6e0bf254cc2dd163d73618504f83a6c35e48a2938901d93a83
GET /hotelliveeb/images/general/1/9XFTBsexLSaW6Uk3nCoS.jpg HTTP/1.1
Host: dskwugy0u6y9l.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banner.hookusbookus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 59129
date: Tue, 24 Jan 2023 06:27:23 GMT
last-modified: Mon, 20 Dec 2021 05:01:50 GMT
etag: "2bc0042405de1b87297ef3b0e699e446"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 5e29eae3156522edc7886df59287259c.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: 31EIn1_P1x8DKNrOJBO4nQYx5G_nDoBXaGBQouDlOOLQuDbBMe2yFg==
age: 28336
X-Firefox-Spdy: h2
s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=0.6389572447540521
37.157.6.236200 OK 0 B URL HTTP/2 s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=0.6389572447540521
IP 37.157.6.236:0
GET /banners/scripts/rmb/Adform.DHTML.js?bv=0.6389572447540521 HTTP/1.1
Host: s1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 14:19:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
x-rgw-object-type: Normal
etag: W/"4731aef0a5114a59b4311776d270e848"
x-amz-request-id: tx00000a37373505363f9f8-0063766185-329354d9-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=0.05874547265585095
37.157.6.236200 OK 0 B URL HTTP/2 s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=0.05874547265585095
IP 37.157.6.236:0
GET /banners/scripts/rmb/Adform.DHTML.js?bv=0.05874547265585095 HTTP/1.1
Host: s1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.bepolite.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 24 Jan 2023 14:19:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
x-rgw-object-type: Normal
etag: W/"4731aef0a5114a59b4311776d270e848"
x-amz-request-id: tx00000a37373505363f9f8-0063766185-329354d9-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2