www.upload.ee Open in urlscan Pro
2001:41d0:403:2b9f:: Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.upload.ee/files/13847882/KM_T_01.02.2022_password_2022.7z.html
Submission Tags: falconsandbox
Submission: On June 30 via api (June 30th 2022, 7:56:19 pm UTC) from US — Scanned from FR

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 14 domains to perform 44 HTTP transactions. The main IP is 2001:41d0:403:2b9f::, located in Frankfurt am Main, Germany and belongs to OVH, FR. The main domain is www.upload.ee. The Cisco Umbrella rank of the primary domain is 712414.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on March 17th 2022. Valid for: a year.

This is the only time www.upload.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2001:41d0:403... 2001:41d0:403:2b9f::	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	212.47.222.21 212.47.222.21	3327 (CITIC CIT...) (CITIC CITIC Telecom CPC Netherlands B.V.)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2 6	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
6	37.157.5.72 37.157.5.72	198622 (ADFORM) (ADFORM)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	23.35.236.213 23.35.236.213	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
44	20

3 2001:41d0:403:2b9f:: (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)

www.upload.ee	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.47.222.21 (Estonia)

ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL)

serving.bepolite.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.bepolite.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.5.72 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.213 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-213.deploy.static.akamaitechnologies.com

471dba781145c0b4e9a4-68ba33ff6464ef96d82d61273b7d0752.ssl.cf5.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	adform.net 2 redirects track.adform.net — Cisco Umbrella Rank: 3976 s1.adform.net — Cisco Umbrella Rank: 7940	228 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	211 KB
4	bepolite.eu serving.bepolite.eu static.bepolite.eu	175 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 2733	20 KB
3	upload.ee www.upload.ee — Cisco Umbrella Rank: 712414	39 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	rackcdn.com 471dba781145c0b4e9a4-68ba33ff6464ef96d82d61273b7d0752.ssl.cf5.rackcdn.com	9 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	111 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	35 KB
1	google.fr adservice.google.fr — Cisco Umbrella Rank: 25125	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	643 B
44	14

	Domain	Requested by
6	s1.adform.net	track.adform.net s1.adform.net www.upload.ee
6	track.adform.net	2 redirects static.bepolite.eu s1.adform.net
6	pagead2.googlesyndication.com	www.upload.ee pagead2.googlesyndication.com tpc.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www.upload.ee	www.upload.ee
2	fonts.gstatic.com	fonts.googleapis.com
2	471dba781145c0b4e9a4-68ba33ff6464ef96d82d61273b7d0752.ssl.cf5.rackcdn.com	s1.adform.net
2	static.bepolite.eu	serving.bepolite.eu
2	serving.bepolite.eu	www.upload.ee
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.upload.ee www.googletagmanager.com
1	fonts.googleapis.com	s1.adform.net
1	cdnjs.cloudflare.com	s1.adform.net
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.fr	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
44	20

This site contains no links.

Subject Issuer	Validity	Valid
www.upload.ee RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-03-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.fr GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
static.bepolite.eu R3	`2022-05-11` - `2022-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.ssl.cf5.rackcdn.com DigiCert SHA2 Secure Server CA	`2022-01-30` - `2023-01-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.upload.ee/files/13847882/KM_T_01.02.2022_password_2022.7z.html
Frame ID: C8A8AA8964EEEA095CF1FAB8FBF02C35
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html
Frame ID: 965591464D15CD8FD458E72D2B1392C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5364884771898146&output=html&adk=1812271804&adf=3025194257&lmt=1656618974&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F13847882%2FKM_T_01.02.2022_password_2022.7z.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656618974458&bpp=2&bdt=290&idt=180&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4672723439571&frm=20&pv=2&ga_vid=1432813177.1656618974&ga_sid=1656618975&ga_hid=750485123&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531607&oid=2&pvsid=4345899971052762&tmod=1784513524&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201
Frame ID: 2B317BBCEA6C150955866601A80C2F54
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E2F1CCEDC63CAE144F51AA957CFAA9D8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 733C804C36E5137D085989FD0DC8DC9B
Requests: 2 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=51549391;encodedclick=https://serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5t-zJy6-RPM0HMdvTAvNUVrRKPjM6ewQR6R63Few2IIiKHzIzVFa7HlYAGQoFDxxZ7d_soymsaUoJ6VCZlhk-CuFoJgqCEtBiKOPh37O8AiaWMtRfhGJOOq0SPJkg_hRPA0sNlL_w7mN7smsazocp7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2vBP6ZF52PXiL2IP0WW9-WCWW1BYv6E1vuMoZfJaXE4z9hLrQDd5YETTrApegd_m_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q&clink=
Frame ID: 7559AC3DE062427CC8A86194CA91F27C
Requests: 6 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/84296/7250803/7250803.js?ADFassetID=7250803&bv=1793
Frame ID: 6EC45D0215529FC509E0E87B3FAD5E71
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UPLOAD.EE - File does not exist

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

44
Requests

95 %
HTTPS

74 %
IPv6

14
Domains

20
Subdomains

20
IPs

5
Countries

868 kB
Transfer

1705 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://track.adform.net/banners/Elements/Files/84296/10945146.png?assetID=10945146&av=1 HTTP 301
https://s1.adform.net/banners/Elements/Files/84296/10945146.png?assetID=10945146&av=1

Request Chain 48

https://track.adform.net/banners/Elements/Files/84296/7519749.png?assetID=7519749&av=1 HTTP 301
https://s1.adform.net/banners/Elements/Files/84296/7519749.png?assetID=7519749&av=1

44 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request KM_T_01.02.2022_password_2022.7z.html Show response
www.upload.ee/files/13847882/ 17 KB
9 KB 129ms
29ms Document
text/html 2001:41d0:403:2b9f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upload.ee/files/13847882/KM_T_01.02.2022_password_2022.7z.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:41d0:403:2b9f:: Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

Software

nginx /

Resource Hash

50ea690898ecae0d7442bdd818e08e5ea35e112aaa6ed3edcfd252a4938408d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 8111
Content-Type: text/html; charset=UTF-8
Date: Thu, 30 Jun 2022 19:56:14 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive: timeout=20
Last-Modified: Thu, 30 Jun 2022 22:56:14 +0300
P3P: CP="CAO PSA OUR"
Pragma: no-cache
Server: nginx
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1

GET
H/1.1 200
OK ubr__style.css
www.upload.ee/static/ 9 KB
3 KB 25ms
24ms Stylesheet
text/css 2001:41d0:403:2b9f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upload.ee/static/ubr__style.css
Requested by: Host: www.upload.ee
URL: https://www.upload.ee/files/13847882/KM_T_01.02.2022_password_2022.7z.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:403:2b9f:: Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: f618b1c7be10c3203620d44c6f323be5b61ac10e67588d96cb69988b3173c7d2

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/files/13847882/KM_T_01.02.2022_password_2022.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 19:56:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Oct 2013 10:02:27 GMT
Server: nginx
ETag: W/"524e9233-25a0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Expires: Thu, 07 Jul 2022 19:56:14 GMT

GET
H/1.1 200
OK js__file_upload.js Show response
www.upload.ee/js/ 27 KB
27 KB 49ms
24ms Script
application/javascript 2001:41d0:403:2b9f::
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upload.ee/js/js__file_upload.js
Requested by: Host: www.upload.ee
URL: https://www.upload.ee/files/13847882/KM_T_01.02.2022_password_2022.7z.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:403:2b9f:: Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
Software: nginx /
Resource Hash: 62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/files/13847882/KM_T_01.02.2022_password_2022.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 19:56:14 GMT
Last-Modified: Thu, 07 May 2020 19:13:28 GMT
Server: nginx
ETag: "5eb45dd8-6ad7"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 27351
Expires: Thu, 07 Jul 2022 19:56:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 97ms
38ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6703115-1

Requested by

Host: www.upload.ee
URL: https://www.upload.ee/files/13847882/KM_T_01.02.2022_password_2022.7z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c3cd8736ade5ceb00ac357e68e6c4d50716c3b2ee7304fc7a7fe7653842a90a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:14 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41373
x-xss-protection: 0
expires: Thu, 30 Jun 2022 19:56:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
56 KB 148ms
61ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.upload.ee
URL: https://www.upload.ee/files/13847882/KM_T_01.02.2022_password_2022.7z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9cadad228f2a64b4ba2f3a076ed3bde183dc8ce8de79fe334f76788cf877473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56372
x-xss-protection: 0
server: cafe
etag: 10521229535116996239
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 19:56:14 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f68b35350119fd9b2baaa614ab6c4293c3acbdcf6a2c4b0fdd00b763b2e0783f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 350 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bdf727d13755276f83fd66b58e35567b774e9ecd9353cdadce780d37279c7f1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 582 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8515c4ec214e25a839b4c0d6434036a83808127a38e86d18d14b3bd6910fe0a1

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 352 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6171149909e151adcb67293584df9b14856ccaf0510b4ff7f1cdbb5553a81604

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 59 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bcd8b1ee7ac4501aa3ba7adbd264ab335f5c9e7debc59f35c230668be73d88e

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 49 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a54c52108fe4845441689f86a0a596858c35192dfd6ef5437a53151d43956ba

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 51 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53533f8e6e06c2660ab8f4015e0635c3fb54b233facf0c7793430f2d3db85f0f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 196 KB
70 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6703115-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9800d061cec738d284071bef38462967ef5ac0637a1297992a0714b6e1371663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:14 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71251
x-xss-protection: 0
expires: Thu, 30 Jun 2022 19:56:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 86ms
25ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6703115-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3606
date: Thu, 30 Jun 2022 18:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Jun 2022 20:56:08 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 68ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LT9YQX0N49&gtm=2oe6t0&_p=750485123&_z=ccd.v9B&cid=1432813177.1656618974&ul=en-us&sr=1600x1200&_s=1&sid=1656618974&sct=1&seg=0&dl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F13847882%2FKM_T_01.02.2022_password_2022.7z.html&dt=UPLOAD.EE%20-%20File%20does%20not%20exist&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LT9YQX0N49&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 19:56:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upload.ee
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 86ms
33ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=750485123&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F13847882%2FKM_T_01.02.2022_password_2022.7z.html&ul=en-us&de=UTF-8&dt=UPLOAD.EE%20-%20File%20does%20not%20exist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=636847663&gjid=1834275500&cid=1432813177.1656618974&tid=UA-6703115-1&_gid=341624663.1656618974&_r=1&gtm=2ou6t0&z=1331652621

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upload.ee/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 19:56:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upload.ee
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/ 340 KB
120 KB 109ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5364884771898146&plah=www.upload.ee

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6076735a5e2ca7ccd6a4af3d205e34716ef961770be8d5986fcebc4f78472fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122509
x-xss-protection: 0
server: cafe
etag: 730319205419448257
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 19:56:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/ Frame 9655 10 KB
5 KB 85ms
25ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220628/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

age: 15432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 15:39:02 GMT
etag: 10429905676100781186
expires: Thu, 14 Jul 2022 15:39:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 71ms
24ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6703115-1&cid=1432813177.1656618974&jid=636847663&gjid=1834275500&_gid=341624663.1656618974&_u=YADAAUAAAAAAAC~&z=1128108055

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upload.ee/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 30 Jun 2022 19:56:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.upload.ee
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
643 B 109ms
34ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.upload.ee&callback=_gfp_s_&client=ca-pub-5364884771898146

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206270101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5364884771898146&plah=www.upload.ee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

f4a2bdfa647224f3d801b4e9d0a99a9cc49b6505b78aee5c4c978b78804f747b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.fr/adsid/ 107 B
792 B 108ms
35ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.fr/adsid/integrator.js?domain=www.upload.ee

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 19:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 110ms
37ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.upload.ee

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 19:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B31 603 B
67 B 101ms
47ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5364884771898146&output=html&adk=1812271804&adf=3025194257&lmt=1656618974&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F13847882%2FKM_T_01.02.2022_password_2022.7z.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656618974458&bpp=2&bdt=290&idt=180&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4672723439571&frm=20&pv=2&ga_vid=1432813177.1656618974&ga_sid=1656618975&ga_hid=750485123&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531607&oid=2&pvsid=4345899971052762&tmod=1784513524&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 19:56:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 script Show response
serving.bepolite.eu/ 4 KB
2 KB 329ms
131ms Script
text/plain 212.47.222.21
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=6756765&screen_width=1600&screen_height=1200&os=Win32&refurl=&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F13847882%2FKM_T_01.02.2022_password_2022.7z.html&rnd=1656618974259
Requested by: Host: www.upload.ee
URL: https://www.upload.ee/files/13847882/KM_T_01.02.2022_password_2022.7z.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.47.222.21 , Estonia, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software: lighttpd/1.4.64 /
Resource Hash: 874f85c8fc18d84c5947011de956fd8df2dbd42adf14505748bb4d6077b00f3f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:44:27 GMT
content-encoding: gzip
server: lighttpd/1.4.64
age: 0
vary: accept-encoding
p3p: CP='BePolite does not have a P3P policy'
via: 1.1 varnish (Varnish/6.2)
cache-control: private, must-revalidate, max-age=0
x-varnish: 867426741
accept-ranges: bytes
content-type: text/plain;charset=ISO-8859-1
content-length: 1495

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 101ms
47ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220628&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

039b52ebf0ee5301671e2ec98343f84831c21fedb9c1070840f5ffda104c37b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Jun 2022 19:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10596
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 114ms
39ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 30 Jun 2022 19:56:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E2F1 13 KB
5 KB 81ms
26ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

accept-ranges: bytes
age: 1898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 19:24:37 GMT
expires: Fri, 30 Jun 2023 19:24:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 733C 783 B
1 KB 101ms
36ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94a25d5164e6945cc422f1c381ff96c9d9745c9790e2a9756b9d770b8be445eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qEnxD2C-PdrntmAe74cL3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.upload.ee/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-qEnxD2C-PdrntmAe74cL3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 19:56:15 GMT
expires: Thu, 30 Jun 2022 19:56:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js Show response
pagead2.googlesyndication.com/bg/ Frame E2F1 36 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/edue1xTc5YuiZOhJi4VIA_c20CetZt5T9y7Q3cNnrTA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 16:19:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13936
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 16:19:52 GMT

GET
H2 200 saresponsive.js Show response
static.bepolite.eu/scripts/ 171 KB
171 KB 153ms
102ms Script
application/javascript 212.47.222.21
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.bepolite.eu/scripts/saresponsive.js
Requested by: Host: serving.bepolite.eu
URL: https://serving.bepolite.eu/script?space=50dd7b0f-4105-441f-8f60-18cc3fcb090c&type=direct&page_id=6756765&screen_width=1600&screen_height=1200&os=Win32&refurl=&pageurl=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F13847882%2FKM_T_01.02.2022_password_2022.7z.html&rnd=1656618974259
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.47.222.21 , Estonia, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software: lighttpd/1.4.55 /
Resource Hash: 87d99960ddb3728c4dfb26af7bb3a06fe91f61acc003dc2178703284fd7823e4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:51:04 GMT
via: 1.1 varnish (Varnish/6.2)
last-modified: Fri, 08 Apr 2022 18:07:56 GMT
server: lighttpd/1.4.55
age: 0
etag: "405547463"
p3p: CP='BePolite does not have a P3P policy'
cache-control: must-revalidate, private
x-varnish: 867485141
accept-ranges: bytes
content-type: application/javascript
content-length: 175191
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 733C 0
0 78ms
78ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220628&jk=4345899971052762&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E2F1 0
9 B 26ms
26ms Image
text/plain 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gEEFkQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 7559 1 KB
1 KB 129ms
34ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=51549391;encodedclick=https://serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5t-zJy6-RPM0HMdvTAvNUVrRKPjM6ewQR6R63Few2IIiKHzIzVFa7HlYAGQoFDxxZ7d_soymsaUoJ6VCZlhk-CuFoJgqCEtBiKOPh37O8AiaWMtRfhGJOOq0SPJkg_hRPA0sNlL_w7mN7smsazocp7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2vBP6ZF52PXiL2IP0WW9-WCWW1BYv6E1vuMoZfJaXE4z9hLrQDd5YETTrApegd_m_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q&clink=

Requested by

Host: static.bepolite.eu
URL: https://static.bepolite.eu/scripts/saresponsive.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3e4cd706ad09ccbfe46cf8444ae534639b0e5032bafce062c59358b02e28fe3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 19:56:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 911
expires: -1

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 7559 33 KB
16 KB 154ms
65ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=51549391;encodedclick=https://serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5t-zJy6-RPM0HMdvTAvNUVrRKPjM6ewQR6R63Few2IIiKHzIzVFa7HlYAGQoFDxxZ7d_soymsaUoJ6VCZlhk-CuFoJgqCEtBiKOPh37O8AiaWMtRfhGJOOq0SPJkg_hRPA0sNlL_w7mN7smsazocp7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2vBP6ZF52PXiL2IP0WW9-WCWW1BYv6E1vuMoZfJaXE4z9hLrQDd5YETTrApegd_m_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q&clink=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 6432ec4ed5666c89f540968f6fe64c4d21a82a976b9008d64a64b335c781b68b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:15 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 14:08:59 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 01 Jul 2022 23:38:40 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 7559 6 KB
3 KB 37ms
36ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=51549391;encodedclick=https://serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5t-zJy6-RPM0HMdvTAvNUVrRKPjM6ewQR6R63Few2IIiKHzIzVFa7HlYAGQoFDxxZ7d_soymsaUoJ6VCZlhk-CuFoJgqCEtBiKOPh37O8AiaWMtRfhGJOOq0SPJkg_hRPA0sNlL_w7mN7smsazocp7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2vBP6ZF52PXiL2IP0WW9-WCWW1BYv6E1vuMoZfJaXE4z9hLrQDd5YETTrApegd_m_a5hY8OvOxWaQQS9P0iYfnngZXtFEp1ljuqs475VAp1Q&clink=;js=1;adfxid=1x;10557;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|0|1;cmpgdpr=;cmpgdprconsent=;fd=0|2&CREFURL=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F13847882%2FKM_T_01.02.2022_password_2022.7z.html

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

dc9c4978abfb57d045dcd38a33086671f464639443c2bd413c33ce11925be018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 19:56:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2827
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
70ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220628&jk=4345899971052762&bg=!oKOlo-fNAAaLlKKnq5Q7ACkAdvg8WmoY6I4qbas3PLetF6AygcjCRKyZE2RTOjunCukVOBK_n7rrTgIAAABmUgAAAAJoAQeZArrXbvGXpenNQQYerusAnHGIZtFh7pn7c71Scheiv4XKL0eJXuCtH7zRkhiIlNuNMTmbUYXWewLm2F1iOw6XLDE2hVaI7oiMO89bThVQmVzYLRGNl1ud2AIyH1pHlgzLDXCw3JGyHRPGYbDiD-u4JRk55IQb2cX-bNcsxjdyM1GrS0jiWbolfCJeEEy7rua5aMSmOquC54MNdu89Ryq5Zpp35DCwBrPhw2fXKeptrhK3sv22X9nMJOZ8gyt2BRWOHxThDFZlKHyY8rWo2LLyobFviVX5oEZytFrYeAUp9wzxPYdp-TVUL8T6nAqv7A4RrVVIyp_zYOZZMxtrs6FkzZJrfMooTgoCtlp81HO7Ln2daKPmEKsUbIJ_lnT0LLJPpZhLZT7SJv7hpbQPVbBIcbRydW50m2hJsturrEqA45gDp5lXpVLn6zwiRNK1ogXu3m5SNDvxmSnYWcsMZDLN7FxN2EvPIYjz9SXVBXy1BFYjYCRc56mzbZIAePhvMxFo4kwipu_3mbseG09d3Lbkm04Ld46lUCgC2an0Lc5blAbz699doxXN6bDK5gKBEABYnjwT56MchAZG7doBC5yJ9d13mx-NyjY7TVgnH4NZMFZFk4pUwZFCUqH_2iAUGDiWs3T8bzJF1egRFpKNe3AMhPeBoi20Ax0dcYcos0lBJsgT3pMP1X4E1WKag89R2J8hloGBjfiGVor72eDLtUOWaYbXYTe9hM5xSMRS3C0wF_XgefUAYsnhZ6qLYBL8DX-AdJV0qJXeB2CKbGDAV9V81YOhq9cMw4sYkMBABefPDWlfCB7ex0zGj27P1nxfn7cOTbBqWl9yGligcHUQjcz5RboOhtVNz8ajP0drhIosiILUpbt9373zSNJjTPkINAS9ES6koP7wTpDCxn84-iT2Bnw6_scr1ZGmdknf6w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.220/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 7559 91 KB
39 KB 44ms
44ms Script
text/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.220/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 040e1d278ffaee2d190544c256985ead53da4deeb49df5155095da09c84d2dd4

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:15 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 14:08:59 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Fri, 01 Jul 2022 23:39:48 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame 7559 35 B
468 B 34ms
33ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=51549391&csi=lzwCb5ojDclHgSgQsmrFq1cpPIxs_QHGJ2CjV0qMHXLy4bWIz2rQqI3L7uHsyPc3ed76SxbyzSiGkudH0QAckgUYSlbiXJQzxaMB7E3Is5U1

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.upload.ee/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 19:56:15 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.upload.ee
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 7250803.js Show response
s1.adform.net/Banners/Elements/Files/84296/7250803/ Frame 6EC4 7 KB
2 KB 34ms
33ms Script
application/x-javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/84296/7250803/7250803.js?ADFassetID=7250803&bv=1793

Requested by

Host: www.upload.ee
URL: https://www.upload.ee/files/13847882/KM_T_01.02.2022_password_2022.7z.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7d10cc03b9052e99c365e79209ce015f828f64204e02a4111f9d388792f186db

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:15 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2019 15:33:21 GMT
server: nginx
etag: W/"5df7a3c1-1c4a"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 6EC4 30 KB
13 KB 40ms
38ms Script
application/javascript 37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.220/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:15 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 12:02:22 GMT
server: nginx
x-amz-request-id: tx0000000000000824372e6-0062bdf725-3233e7e3-default
etag: W/"4731aef0a5114a59b4311776d270e848"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/ Frame 6EC4 114 KB
35 KB 88ms
41ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.3/TweenMax.min.js

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.220/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1205261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34868
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c604"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9H9ISA%2BjYSLEtmuuMCUsIhP2DZB%2FTw1PUzx2YIjR3oAOwVBhAv1HHQ3FTWO94JDfZNxnf3MjoCy2DqbqZOBNNkl3qN0sNp%2FNtJiUuTxKx4aO1RSPqF3r27te%2FhUtmchRkHQNwFQTDCKmDsc2dNZ77v39"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 723976d7cbdd40e1-CDG
expires: Tue, 20 Jun 2023 19:56:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6EC4 5 KB
1 KB 97ms
35ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&display=swap&subset=cyrillic-ext,latin-ext

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.220/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

86af09d351c0a3be01506ecbff333a4e35474f82442f1fd632a609626e3cd6f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 19:56:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 30 Jun 2022 19:56:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 30 Jun 2022 19:56:15 GMT

GET
H/1.1 200
OK generic-banner-custom.v1.0.min.css
471dba781145c0b4e9a4-68ba33ff6464ef96d82d61273b7d0752.ssl.cf5.rackcdn.com/bannerscvi/prod/css/ Frame 6EC4 20 KB
4 KB 124ms
37ms Stylesheet
text/css 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://471dba781145c0b4e9a4-68ba33ff6464ef96d82d61273b7d0752.ssl.cf5.rackcdn.com/bannerscvi/prod/css/generic-banner-custom.v1.0.min.css
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.220/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 861f4088524a76a72f87515ad3413a54fc478faf00059bd1ff6c4e38292e271c

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 19:56:16 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Mon, 12 Jul 2021 10:46:17 GMT
X-Trans-Id: txba876c5bd8c544f2b01cf-0062b9c715iad3
ETag: d750a763bc04526ab7e6c22118b15f51
Vary: Accept-Encoding
Content-Type: text/css
X-Timestamp: 1626086776.31040
Cache-Control: public, max-age=804
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4121
Expires: Thu, 30 Jun 2022 20:09:40 GMT

GET
H/1.1 200
OK generic-banner-controls.1.0.min.js Show response
471dba781145c0b4e9a4-68ba33ff6464ef96d82d61273b7d0752.ssl.cf5.rackcdn.com/bannerscvi/prod/js/ Frame 6EC4 23 KB
5 KB 115ms
29ms Script
text/javascript 23.35.236.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://471dba781145c0b4e9a4-68ba33ff6464ef96d82d61273b7d0752.ssl.cf5.rackcdn.com/bannerscvi/prod/js/generic-banner-controls.1.0.min.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.220/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.213 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-213.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 967b6c054e68737dec18c6189ac0f36452703ae60fdd7bf2afef6744af2073be

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 19:56:16 GMT
Content-Encoding: gzip
Origin: https://mycloud.rackspace.com
Last-Modified: Tue, 14 Sep 2021 13:40:33 GMT
X-Trans-Id: tx1a86dc663ed7466893a11-0062bde1dbiad3
ETag: cd94028f8fa93a84cf60ae0db5a7868d
Vary: Accept-Encoding
Content-Type: text/javascript
X-Timestamp: 1631626832.99717
Cache-Control: public, max-age=413
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4188
Expires: Thu, 30 Jun 2022 20:03:09 GMT

GET
DATA 200
OK truncated
/ Frame 6EC4 11 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1f42d01ab773194f52912b23aa409d82c22eced23efce46e05835632303c9b9

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 6EC4 15 KB
15 KB 97ms
37ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&display=swap&subset=cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upload.ee
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 22:18:51 GMT
x-content-type-options: nosniff
age: 164245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 22:18:51 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 6EC4 15 KB
16 KB 89ms
29ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&display=swap&subset=cyrillic-ext,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.upload.ee
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 22:18:51 GMT
x-content-type-options: nosniff
age: 164245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 22:18:51 GMT

GET
H2

200

10945146.png
s1.adform.net/banners/Elements/Files/84296/ Frame 6EC4
Redirect Chain

https://track.adform.net/banners/Elements/Files/84296/10945146.png?assetID=10945146&av=1
https://s1.adform.net/banners/Elements/Files/84296/10945146.png?assetID=10945146&av=1

146 KB
147 KB

38ms
36ms

Image
image/png

37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/banners/Elements/Files/84296/10945146.png?assetID=10945146&av=1

Protocol

Server

37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

300b4646e0a161bfd9e780abb1115fb4ffee6f8eeffd4dc6d59f60e329661c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:16 GMT
last-modified: Mon, 28 Feb 2022 09:51:38 GMT
server: nginx
etag: "621c9b2a-2492d"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 149805

Redirect headers

location: https://s1.adform.net/banners/Elements/Files/84296/10945146.png?assetID=10945146&av=1
date: Thu, 30 Jun 2022 19:56:16 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2

200

7519749.png
s1.adform.net/banners/Elements/Files/84296/ Frame 6EC4
Redirect Chain

https://track.adform.net/banners/Elements/Files/84296/7519749.png?assetID=7519749&av=1
https://s1.adform.net/banners/Elements/Files/84296/7519749.png?assetID=7519749&av=1

4 KB
5 KB

84ms
83ms

Image
image/png

37.157.5.72
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/banners/Elements/Files/84296/7519749.png?assetID=7519749&av=1

Protocol

Server

37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c612abac2c07cc858906c5208c2599226e58d278794ed26022010ebb490d192a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:56:16 GMT
last-modified: Mon, 16 Dec 2019 12:01:22 GMT
server: nginx
etag: "5df77212-11b8"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 4536

Redirect headers

location: https://s1.adform.net/banners/Elements/Files/84296/7519749.png?assetID=7519749&av=1
date: Thu, 30 Jun 2022 19:56:16 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 event
serving.bepolite.eu/ 0
30 B 80ms
80ms Image
text/plain 212.47.222.21
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.bepolite.eu/event?key=FYFWuDany3hwv6rfuoAYF5t-zJy6-RPM0HMdvTAvNUVrRKPjM6ewQR6R63Few2IIiKHzIzVFa7HlYAGQoFDxxZ7d_soymsaUoJ6VCZlhk-CuFoJgqCEtBiKOPh37O8AiaWMtRfhGJOOq0SPJkg_hRPA0sNlL_w7mN7smsazocp7zp3ZdgWtH0MKue5p5AGKHXJxXiVJEh1Vfgxn38rgFo-tSrOiriedI-Oi3R5i8w-2vBP6ZF52PXiL2IP0WW9-WCWW1BYv6E1vuMoZfJaXE4z9hLrQDd5YETTrApegd_m_a5hY8OvOxWaQQS9P0iYfnf_8e5-90sra7UBdR4oM89g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.47.222.21 , Estonia, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software: lighttpd/1.4.64 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:51:05 GMT
via: 1.1 varnish (Varnish/6.2)
server: lighttpd/1.4.64
age: 0
p3p: CP='BePolite does not have a P3P policy'
x-varnish: 867426759
accept-ranges: bytes
content-length: 0

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23639dd2d453d1b11b6e03066ea3911ba9c42d9d3a2c91e25dd4aae21328f97f

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: babfde1d3ed18187c92e2e122f096aaaa091c894ad1be28e61177c6ea0177e8b

Request headers

accept-language: fr-FR,fr;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 close-gray.png
static.bepolite.eu/files/ 1 KB
2 KB 51ms
50ms Image
image/png 212.47.222.21
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.bepolite.eu/files/close-gray.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 212.47.222.21 , Estonia, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),
Reverse DNS
Software: lighttpd/1.4.55 /
Resource Hash: c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: https://www.upload.ee/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 19:51:05 GMT
via: 1.1 varnish (Varnish/6.2)
last-modified: Fri, 08 Apr 2022 18:07:56 GMT
server: lighttpd/1.4.55
age: 0
etag: "1971769258"
p3p: CP='BePolite does not have a P3P policy'
cache-control: must-revalidate, private
x-varnish: 867743445
accept-ranges: bytes
content-type: image/png
content-length: 1497
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 7559 35 B
468 B 35ms
34ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5065066234876642731@@51549391,7697290953911177153,100|1185|0|0|0|0|0|0|0||111|0|||||1|0|0|uhQMeUSGVh9cPlakbYq96XATulZEE1fH66T0I5URx5nkona16EK4ePL_QlhaeLlf0|||11|1|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.upload.ee/
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 19:56:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.upload.ee
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.upload.ee/	1970-01-20 04:50:38	Name: lng Value: eng
.upload.ee/	1970-01-20 21:41:30	Name: _ga_LT9YQX0N49 Value: GS1.1.1656618974.1.0.1656618974.0
.upload.ee/	1970-01-20 21:41:30	Name: _ga Value: GA1.2.1432813177.1656618974
.upload.ee/	1970-01-20 04:11:45	Name: _gid Value: GA1.2.341624663.1656618974
.upload.ee/	1970-01-20 04:10:19	Name: _gat_gtag_UA_6703115_1 Value: 1
.upload.ee/	1970-01-20 13:31:54	Name: __gads Value: ID=98fc99db372c384c-22a12020c0cd00e5:T=1656618974:RT=1656618974:S=ALNI_MYu70YtChqS9OWVM7RTkBClKa-lkg
.doubleclick.net/	1970-01-20 04:10:19	Name: test_cookie Value: CheckForPermission
serving.bepolite.eu/	1970-01-20 06:19:54	Name: bepolite_id Value: 169f3f2b9390f73292c9edbc245ec978
.adform.net/	1970-01-20 04:53:30	Name: C Value: 1
.adform.net/	1970-01-20 05:36:42	Name: uid Value: 5065066234876642731
.adform.net/	1970-01-20 04:20:23	Name: TPC Value: 1656618975685

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5364884771898146&output=html&adk=1812271804&adf=3025194257&lmt=1656618974&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.upload.ee%2Ffiles%2F13847882%2FKM_T_01.02.2022_password_2022.7z.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656618974458&bpp=2&bdt=290&idt=180&shv=r20220628&mjsv=m202206270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4672723439571&frm=20&pv=2&ga_vid=1432813177.1656618974&ga_sid=1656618975&ga_hid=750485123&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531607&oid=2&pvsid=4345899971052762&tmod=1784513524&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=201 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

471dba781145c0b4e9a4-68ba33ff6464ef96d82d61273b7d0752.ssl.cf5.rackcdn.com
adservice.google.com
adservice.google.fr
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s1.adform.net
serving.bepolite.eu
static.bepolite.eu
stats.g.doubleclick.net
tpc.googlesyndication.com
track.adform.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.upload.ee
172.217.18.2
2001:41d0:403:2b9f::
2001:4860:4802:32::36
212.47.222.21
23.35.236.213
2606:4700::6811:180e
2a00:1450:4001:803::2002
2a00:1450:4001:806::2003
2a00:1450:4001:808::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c08::9a
37.157.3.30
37.157.5.72
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
039b52ebf0ee5301671e2ec98343f84831c21fedb9c1070840f5ffda104c37b6
040e1d278ffaee2d190544c256985ead53da4deeb49df5155095da09c84d2dd4
061d01a0b85f948c6ec464870ecec4654c4bd2ff15cacda941bbbf16225ec411
23639dd2d453d1b11b6e03066ea3911ba9c42d9d3a2c91e25dd4aae21328f97f
300b4646e0a161bfd9e780abb1115fb4ffee6f8eeffd4dc6d59f60e329661c3e
3e4cd706ad09ccbfe46cf8444ae534639b0e5032bafce062c59358b02e28fe3b
4a54c52108fe4845441689f86a0a596858c35192dfd6ef5437a53151d43956ba
50ea690898ecae0d7442bdd818e08e5ea35e112aaa6ed3edcfd252a4938408d3
53533f8e6e06c2660ab8f4015e0635c3fb54b233facf0c7793430f2d3db85f0f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
6171149909e151adcb67293584df9b14856ccaf0510b4ff7f1cdbb5553a81604
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a3bb4d9d2b5a55b6d821a75d7b155fac47def3c241e4f1215d17e022f02658
6432ec4ed5666c89f540968f6fe64c4d21a82a976b9008d64a64b335c781b68b
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bdf727d13755276f83fd66b58e35567b774e9ecd9353cdadce780d37279c7f1
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
79db9ed714dce58ba264e8498b854803f736d027ad66de53f72ed0ddc367ad30
7d10cc03b9052e99c365e79209ce015f828f64204e02a4111f9d388792f186db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8515c4ec214e25a839b4c0d6434036a83808127a38e86d18d14b3bd6910fe0a1
861f4088524a76a72f87515ad3413a54fc478faf00059bd1ff6c4e38292e271c
86af09d351c0a3be01506ecbff333a4e35474f82442f1fd632a609626e3cd6f8
874f85c8fc18d84c5947011de956fd8df2dbd42adf14505748bb4d6077b00f3f
87d99960ddb3728c4dfb26af7bb3a06fe91f61acc003dc2178703284fd7823e4
94a25d5164e6945cc422f1c381ff96c9d9745c9790e2a9756b9d770b8be445eb
94f137c233766bb0015876c6cfbf8c28125aca4cb3a826d4f7a0495a38a8f3a5
967b6c054e68737dec18c6189ac0f36452703ae60fdd7bf2afef6744af2073be
9800d061cec738d284071bef38462967ef5ac0637a1297992a0714b6e1371663
9bcd8b1ee7ac4501aa3ba7adbd264ab335f5c9e7debc59f35c230668be73d88e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f42d01ab773194f52912b23aa409d82c22eced23efce46e05835632303c9b9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b6076735a5e2ca7ccd6a4af3d205e34716ef961770be8d5986fcebc4f78472fa
babfde1d3ed18187c92e2e122f096aaaa091c894ad1be28e61177c6ea0177e8b
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c2f89787bda82263fceb9ec11d398fa83a5f22abf248956df29bdee2987d2f34
c3cd8736ade5ceb00ac357e68e6c4d50716c3b2ee7304fc7a7fe7653842a90a4
c612abac2c07cc858906c5208c2599226e58d278794ed26022010ebb490d192a
c9cadad228f2a64b4ba2f3a076ed3bde183dc8ce8de79fe334f76788cf877473
dc9c4978abfb57d045dcd38a33086671f464639443c2bd413c33ce11925be018
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
f4a2bdfa647224f3d801b4e9d0a99a9cc49b6505b78aee5c4c978b78804f747b
f618b1c7be10c3203620d44c6f323be5b61ac10e67588d96cb69988b3173c7d2
f68b35350119fd9b2baaa614ab6c4293c3acbdcf6a2c4b0fdd00b763b2e0783f

www.upload.ee Open in urlscan Pro 2001:41d0:403:2b9f:: Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

95 %HTTPS

74 %IPv6

14 Domains

20 Subdomains

20 IPs

5 Countries

868 kBTransfer

1705 kBSize

11 Cookies

0 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.upload.ee Open in urlscan Pro
2001:41d0:403:2b9f:: Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

95 %
HTTPS

74 %
IPv6

14
Domains

20
Subdomains

20
IPs

5
Countries

868 kB
Transfer

1705 kB
Size

11
Cookies

44 HTTP transactions
11 data transactions