os2.theu-free-ware.com/CM_DS/?v=3.0&c=1854160470
37.48.65.153302 Found 11 B URL User Request GET HTTP/1.1 os2.theu-free-ware.com/CM_DS/?v=3.0&c=1854160470
IP 37.48.65.153:80
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
NIDS Severity Alert suricata medium ETPRO ADWARE_PUP ADWARE/InstallCore.Gen Checkin
GET /CM_DS/?v=3.0&c=1854160470 HTTP/1.1
Host: os2.theu-free-ware.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Wed, 19 Apr 2023 00:32:42 GMT
location: http://ww1.theu-free-ware.com
server: nginx
set-cookie: sid=b27ddf74-de49-11ed-9205-764bbe4b3729; path=/; domain=.theu-free-ware.com; expires=Mon, 07 May 2091 03:46:50 GMT; max-age=2147483647; HttpOnly
35.186.238.101200 OK 2.8 kB URL User Request GET HTTP/1.1 IP 35.186.238.101:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2830), with no line terminators
Hash 6cfbffcfabf6c7813aadd15f3870ead4
55afaa49568d6f3278a388d96b8672ccbcb1ae70
1b1252c0c6fe647290b76cb491806bc26f1083f7e3ae8962fc7cf1886b71d313
GET / HTTP/1.1
Host: ww1.theu-free-ware.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: sid=b27ddf74-de49-11ed-9205-764bbe4b3729
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 19 Apr 2023 00:32:43 GMT
Content-Type: text/html
Content-Length: 2830
Last-Modified: Tue, 14 Feb 2023 15:46:05 GMT
ETag: "63ebacbd-b0e"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_STB/NNS+Qz5UOHfyhFwDWLUxdJGEyeMfm2O6lHF4TWyRLxDNV8kQ0Zm0np7bu2FeicDdRI3U6hmxg6n1McQ2zQ
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
img1.wsimg.com/parking-lander/static/js/main.727544c3.chunk.js
23.36.79.16200 OK 1.8 kB URL GET HTTP/2 img1.wsimg.com/parking-lander/static/js/main.727544c3.chunk.js
IP 23.36.79.16:443
ASN #20940 Akamai International B.V.
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
Fingerprint4D:28:AB:B5:BB:E6:84:09:15:A9:80:A1:56:45:20:CB:87:93:83:A3
ValidityThu, 15 Sep 2022 21:44:19 GMT - Tue, 17 Oct 2023 21:44:19 GMT
File type ASCII text, with very long lines (4918)
Hash 4765833f8aa1de1e75804851ab0449f3
b56fc269f045d73338c8dd55f638aa633de28e7d
c42908523310021f78e7a1c65746224723cda12e89730b0efeb24430b84dac1c
GET /parking-lander/static/js/main.727544c3.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: G+KwmdDoK2pI6c9DvjEwx8Yd4NOzuYF7PYbj0A+2bVdqnBv06gVVmOL1QEU8ZWzx1R0e+H5Ch2w=
x-amz-request-id: 2FAP39Z2BBAD4Z6V
last-modified: Tue, 14 Feb 2023 15:44:39 GMT
etag: "5fdf5d5d4c43969c55a42e692b95b2c9"
x-amz-server-side-encryption: AES256
x-amz-version-id: K0T3Ca3fAhPnHOiGo0Ai9_inM.KjDWrk
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 1827
cache-control: max-age=31536000
expires: Thu, 18 Apr 2024 00:32:43 GMT
date: Wed, 19 Apr 2023 00:32:43 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/parking-lander/static/js/1.3fa140ef.chunk.js
23.36.79.16200 OK 57 kB URL GET HTTP/2 img1.wsimg.com/parking-lander/static/js/1.3fa140ef.chunk.js
IP 23.36.79.16:443
ASN #20940 Akamai International B.V.
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
Fingerprint4D:28:AB:B5:BB:E6:84:09:15:A9:80:A1:56:45:20:CB:87:93:83:A3
ValidityThu, 15 Sep 2022 21:44:19 GMT - Tue, 17 Oct 2023 21:44:19 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash b1a9331d6c0e8a1b66863c6ca8477641
90dfe8b3d4571613ed3e04e53d2503d58684dc03
d21e9a17b3f1a8d15dff4aee534040b740009c16ef74c4185eb151ca52ba1c66
GET /parking-lander/static/js/1.3fa140ef.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: OCcGn1JfNBQv6+PedMR9b3qPljuI4WoxpivU6zSOnj5T4ghXWTvCbv6/qtM8SSXELvZkrY2NYI0=
x-amz-request-id: 2FAPK430WR30W4W0
last-modified: Tue, 14 Feb 2023 15:44:40 GMT
etag: "06166eb9b942e7c63d8ee1eba5b3de68"
x-amz-server-side-encryption: AES256
x-amz-version-id: Qm3JNw36qGFoIyTVwvXuxJRglKzwn3oO
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 57353
cache-control: max-age=31536000
expires: Thu, 18 Apr 2024 00:32:43 GMT
date: Wed, 19 Apr 2023 00:32:43 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/parking-lander/static/js/0.40743286.chunk.js
23.36.79.16200 OK 140 kB URL GET HTTP/2 img1.wsimg.com/parking-lander/static/js/0.40743286.chunk.js
IP 23.36.79.16:443
ASN #20940 Akamai International B.V.
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
Fingerprint4D:28:AB:B5:BB:E6:84:09:15:A9:80:A1:56:45:20:CB:87:93:83:A3
ValidityThu, 15 Sep 2022 21:44:19 GMT - Tue, 17 Oct 2023 21:44:19 GMT
File type ASCII text, with very long lines (65462)
Size 140 kB (139862 bytes)
Hash 86e3cfb33222003b0db28f9a3dd97c0b
be2be171a4e55332472ee32fd73f5a1b5dcb952f
24f9d9e26c29c25042fe573f938d08afd365f83a1f5e32853c26d2f72df65411
GET /parking-lander/static/js/0.40743286.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: f0SGcvFmDtEX/kqsGotSp6Buh7LQtFnodVFgNR7DozUuYF4unhJHIR5WZD92RZWybaw0iBhKDII=
x-amz-request-id: 2FAJDMPCN6W0P945
last-modified: Tue, 14 Feb 2023 15:44:39 GMT
etag: "b068012e619429e22f89192c5175a1e0"
x-amz-server-side-encryption: AES256
x-amz-version-id: gYg2nrvw6dt8CWezF3ZJ_Af3PN3NBmJj
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
content-length: 139862
cache-control: max-age=31536000
expires: Thu, 18 Apr 2024 00:32:43 GMT
date: Wed, 19 Apr 2023 00:32:43 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 509b993c92e20aaf96d5a4b34bd0b65b
8e1642af733aed25b3a5bbaff51dada166912e3e
eec8e5c239879ba7648884b4294c8c21055bbdcb23bd772603c8e360d9482087
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Apr 2023 00:32:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ww1.theu-free-ware.com/px.js?ch=1&abp=1
35.186.238.101200 OK 476 B URL GET HTTP/1.1 ww1.theu-free-ware.com/px.js?ch=1&abp=1
IP 35.186.238.101:80
Requested by http://ww1.theu-free-ware.com/
Hash d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc
GET /px.js?ch=1&abp=1 HTTP/1.1
Host: ww1.theu-free-ware.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Cookie: sid=b27ddf74-de49-11ed-9205-764bbe4b3729; caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 19 Apr 2023 00:32:43 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Tue, 14 Feb 2023 15:45:51 GMT
ETag: "63ebacaf-1dc"
Accept-Ranges: bytes
Via: 1.1 google
ww1.theu-free-ware.com/px.js?ch=2&abp=1
35.186.238.101200 OK 476 B URL GET HTTP/1.1 ww1.theu-free-ware.com/px.js?ch=2&abp=1
IP 35.186.238.101:80
Requested by http://ww1.theu-free-ware.com/
Hash d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc
GET /px.js?ch=2&abp=1 HTTP/1.1
Host: ww1.theu-free-ware.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Cookie: sid=b27ddf74-de49-11ed-9205-764bbe4b3729; caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 19 Apr 2023 00:32:43 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Tue, 14 Feb 2023 15:46:05 GMT
ETag: "63ebacbd-1dc"
Accept-Ranges: bytes
Via: 1.1 google
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 2bb32eb287a980b1e3d6225302f2a399
2c5bfdfe6c3b0be4d73096793bdc6167ef920e4d
9fd58d9d6500c88f270ed41816a2d87472ce1fd1332e7a934e37cd499e39104a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Apr 2023 00:32:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.23 1.8 kB IP 192.124.249.23:0
Hash 6a301840bd811109c5403cc05d32a333
c7826da261880010d357c4c638d241d472a9e05b
114eaf4618b40d9b1281f7c120741d299ab2a0fb4e5f7318b228e41cb184cc1e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 19 Apr 2023 00:32:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 18 Apr 2023 21:48:50 GMT
Expires: Wed, 19 Apr 2023 21:48:50 GMT
ETag: "c7826da261880010d357c4c638d241d472a9e05b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.23 1.8 kB IP 192.124.249.23:0
Hash 6a301840bd811109c5403cc05d32a333
c7826da261880010d357c4c638d241d472a9e05b
114eaf4618b40d9b1281f7c120741d299ab2a0fb4e5f7318b228e41cb184cc1e
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 19 Apr 2023 00:32:44 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 18 Apr 2023 21:48:50 GMT
Expires: Wed, 19 Apr 2023 21:48:50 GMT
ETag: "c7826da261880010d357c4c638d241d472a9e05b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
api.aws.parking.godaddy.com/v1/domains/domain?domain=ww1.theu-free-ware.com&portfolioId=&abp=1
23.23.99.212200 OK 0 B URL GET HTTP/2 api.aws.parking.godaddy.com/v1/domains/domain?domain=ww1.theu-free-ware.com&portfolioId=&abp=1
IP 23.23.99.212:443
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoDaddy.com, Inc.
Subject*.aws.parking.godaddy.com
FingerprintE7:BD:64:BB:AC:CB:4F:6E:C3:F2:EB:52:B9:C1:CE:C3:9A:7B:AA:08
ValidityTue, 21 Mar 2023 00:28:15 GMT - Sun, 21 Apr 2024 00:28:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/domains/domain?domain=ww1.theu-free-ware.com&portfolioId=&abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-request-id
Referer: http://ww1.theu-free-ware.com/
Origin: http://ww1.theu-free-ware.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 19 Apr 2023 00:32:44 GMT
content-length: 0
set-cookie: AWSALB=fG+xd0M5ivLr6uiIOlk6zIN8KRqGWVdfbaegqPRvGg2EjSyPPsvzDXG0+gGK3lRxRC+MDYCjquRkpRKJInRj/g8qY+5Ys3/ePBCoci2yYNnRxl4H7nvnTXQO6Z8L; Expires=Wed, 26 Apr 2023 00:32:44 GMT; Path=/
AWSALBCORS=fG+xd0M5ivLr6uiIOlk6zIN8KRqGWVdfbaegqPRvGg2EjSyPPsvzDXG0+gGK3lRxRC+MDYCjquRkpRKJInRj/g8qY+5Ys3/ePBCoci2yYNnRxl4H7nvnTXQO6Z8L; Expires=Wed, 26 Apr 2023 00:32:44 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: http://ww1.theu-free-ware.com
access-control-max-age: 600
x-request-id: nyL_g8__
X-Firefox-Spdy: h2
api.aws.parking.godaddy.com/v1/domains/domain?domain=ww1.theu-free-ware.com&portfolioId=&abp=1
23.23.99.212200 OK 963 B URL GET HTTP/2 api.aws.parking.godaddy.com/v1/domains/domain?domain=ww1.theu-free-ware.com&portfolioId=&abp=1
IP 23.23.99.212:443
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoDaddy.com, Inc.
Subject*.aws.parking.godaddy.com
FingerprintE7:BD:64:BB:AC:CB:4F:6E:C3:F2:EB:52:B9:C1:CE:C3:9A:7B:AA:08
ValidityTue, 21 Mar 2023 00:28:15 GMT - Sun, 21 Apr 2024 00:28:15 GMT
File type JSON data\012- , ASCII text, with very long lines (962)
Hash 5653a7ecb2382f3622032628925b8538
c27a4726225fdd5dffb95acd1580a5f6eb908bd8
6efeb048aa202cbcfe6fe46736b03d7cd11df91b7d588ae2874df9a8ab563feb
GET /v1/domains/domain?domain=ww1.theu-free-ware.com&portfolioId=&abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww1.theu-free-ware.com/
X-Request-Id: bc7aca2b-5e05-429b-9e42-c55f0165c1a2
Origin: http://ww1.theu-free-ware.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Apr 2023 00:32:44 GMT
content-type: application/json
content-length: 963
set-cookie: AWSALB=E3sVVeHNz1BwvwEky12PLXGBGntjkEFybXFYYZQseRlbEaeNHUzf1T2lt4308qFsYdOmE0yn6LyEmR+MeYeawWH0HtX7eRR/QYaNoxC7XCzHe+LaMssOnk/RV3H6; Expires=Wed, 26 Apr 2023 00:32:44 GMT; Path=/
AWSALBCORS=E3sVVeHNz1BwvwEky12PLXGBGntjkEFybXFYYZQseRlbEaeNHUzf1T2lt4308qFsYdOmE0yn6LyEmR+MeYeawWH0HtX7eRR/QYaNoxC7XCzHe+LaMssOnk/RV3H6; Expires=Wed, 26 Apr 2023 00:32:44 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: http://ww1.theu-free-ware.com
access-control-max-age: 600
x-request-id: bc7aca2b-5e05-429b-9e42-c55f0165c1a2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 612a4035440aad44cff3ef492cfe67af
6b6a546e1f866b7ebe8ae64ebfb36b7c2f9b48f4
0d20ba7383f08606086b604f36457448a7530e4587a30a0a2f143ab92883a75f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Apr 2023 00:32:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=ww1.theu-free-ware.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie
216.58.207.194200 OK 246 B URL GET HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=ww1.theu-free-ware.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie
IP 216.58.207.194:443
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
Fingerprint4B:CB:DB:D2:14:E4:F5:46:FA:69:7D:5D:7F:77:3E:7B:A4:87:E2:E7
ValidityTue, 28 Mar 2023 16:51:59 GMT - Tue, 20 Jun 2023 16:51:58 GMT
File type ASCII text, with very long lines (376), with no line terminators
Hash 76db94804e3b1244d65380cfdace9925
bb52dee7b67275ae063493d3a4738d4f8de9c5a3
7b1990c15792af3d4d6714e3bf7bf6814b8bbe29c23432dce4e78f19eb3bf682
GET /gampad/cookie.js?domain=ww1.theu-free-ware.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 19 Apr 2023 00:32:44 GMT
server: cafe
cache-control: private
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08272&domain_name=theu-free-ware.com&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fww1.theu-free-ware.com%2F&type=3&uiopt=true&swp=as-drid-2927860770008733&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3&nocache=9231681864502089&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681864502090&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1024&frm=0&cl=523105112&uio=-&cont=relatedLinks&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.theu-free-ware.com%2F&adbw=master-1%3A500
142.250.74.132200 OK 2.0 kB URL GET HTTP/3 www.google.com/afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08272&domain_name=theu-free-ware.com&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fww1.theu-free-ware.com%2F&type=3&uiopt=true&swp=as-drid-2927860770008733&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3&nocache=9231681864502089&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681864502090&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1024&frm=0&cl=523105112&uio=-&cont=relatedLinks&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.theu-free-ware.com%2F&adbw=master-1%3A500
IP 142.250.74.132:443
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5061)
Hash 302305089d1a6a863c6020afe2f9c596
ff980c5e4442d7476713d7d287fc9228938f968f
9acc3b163267a959d630c600b1b246fa366f1bccd59eda1e9409b2d3bd074ef5
GET /afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08272&domain_name=theu-free-ware.com&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fww1.theu-free-ware.com%2F&type=3&uiopt=true&swp=as-drid-2927860770008733&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3&nocache=9231681864502089&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681864502090&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1024&frm=0&cl=523105112&uio=-&cont=relatedLinks&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.theu-free-ware.com%2F&adbw=master-1%3A500 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Wed, 19 Apr 2023 00:32:44 GMT
expires: Wed, 19 Apr 2023 00:32:44 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-Jw8XO0nehrEu358r4Cscdw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2010
x-xss-protection: 0
set-cookie: CONSENT=PENDING+462; expires=Fri, 18-Apr-2025 00:32:44 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 612a4035440aad44cff3ef492cfe67af
6b6a546e1f866b7ebe8ae64ebfb36b7c2f9b48f4
0d20ba7383f08606086b604f36457448a7530e4587a30a0a2f143ab92883a75f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Apr 2023 00:32:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash de13eb66d448cbaec89de874dd4e2e34
d749cadf1f018be76a6533b28e5f30501bcb9d6a
85e3dd55e2d283817cd9c477ababb09f7baf1a0113c115101bd1971afdd24742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Apr 2023 00:32:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash de13eb66d448cbaec89de874dd4e2e34
d749cadf1f018be76a6533b28e5f30501bcb9d6a
85e3dd55e2d283817cd9c477ababb09f7baf1a0113c115101bd1971afdd24742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Apr 2023 00:32:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/adsense/domains/caf.js
142.250.74.132200 OK 54 kB URL GET HTTP/3 www.google.com/adsense/domains/caf.js
IP 142.250.74.132:443
Requested by https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08272&domain_name=theu-free-ware.com&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fww1.theu-free-ware.com%2F&type=3&uiopt=true&swp=as-drid-2927860770008733&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3&nocache=9231681864502089&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681864502090&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1024&frm=0&cl=523105112&uio=-&cont=relatedLinks&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.theu-free-ware.com%2F&adbw=master-1%3A500
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type ASCII text, with very long lines (2193)
Hash 00ae98b82a7e7cd62e1dc876889ed785
952ece95f95a25dd4807a768086d5ed0fd19d245
1d59399a5a07518bc973d0ec885c3a919ba2cdea6cb7a9ab8ceb7a31a4048733
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Alt-Used: www.google.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Wed, 19 Apr 2023 00:32:45 GMT
expires: Wed, 19 Apr 2023 00:32:45 GMT
cache-control: private, max-age=3600
etag: "14285691363788620456"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
216.58.211.1200 OK 174 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP 216.58.211.1:443
Requested by https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08272&domain_name=theu-free-ware.com&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fww1.theu-free-ware.com%2F&type=3&uiopt=true&swp=as-drid-2927860770008733&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3&nocache=9231681864502089&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681864502090&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1024&frm=0&cl=523105112&uio=-&cont=relatedLinks&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.theu-free-ware.com%2F&adbw=master-1%3A500
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 18 Apr 2023 19:42:15 GMT
expires: Wed, 19 Apr 2023 18:42:15 GMT
cache-control: public, max-age=82800
age: 17430
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
23.23.99.212200 OK 0 B URL POST HTTP/2 api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
IP 23.23.99.212:443
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoDaddy.com, Inc.
Subject*.aws.parking.godaddy.com
FingerprintE7:BD:64:BB:AC:CB:4F:6E:C3:F2:EB:52:B9:C1:CE:C3:9A:7B:AA:08
ValidityTue, 21 Mar 2023 00:28:15 GMT - Sun, 21 Apr 2024 00:28:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/parkingEvents?abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://ww1.theu-free-ware.com/
Origin: http://ww1.theu-free-ware.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Apr 2023 00:32:45 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=7B/7seF7WtHkDFIddv8ZuF0eoCYeUpnOYZjDWeL9Spmg1aLIFdxycEI1RGSp5E8VlFmGhF4D3SyER978xDIyCr0dEJWJrUEcl035SSwGLWn0CAfTlftlATeHGBPW; Expires=Wed, 26 Apr 2023 00:32:45 GMT; Path=/
AWSALBCORS=7B/7seF7WtHkDFIddv8ZuF0eoCYeUpnOYZjDWeL9Spmg1aLIFdxycEI1RGSp5E8VlFmGhF4D3SyER978xDIyCr0dEJWJrUEcl035SSwGLWn0CAfTlftlATeHGBPW; Expires=Wed, 26 Apr 2023 00:32:45 GMT; Path=/; SameSite=None; Secure
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash b42cb0a9b9d32177fd954c8fa6533124
ef32853b03898799d7570ee97c3de84cb3cdeea4
d6999e176d8ff255366712a5c3674aa6af21ba2efb89a7aecfa9f6ca805662e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 19 Apr 2023 00:32:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
23.23.99.212200 OK 0 B URL POST HTTP/2 api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
IP 23.23.99.212:443
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoDaddy.com, Inc.
Subject*.aws.parking.godaddy.com
FingerprintE7:BD:64:BB:AC:CB:4F:6E:C3:F2:EB:52:B9:C1:CE:C3:9A:7B:AA:08
ValidityTue, 21 Mar 2023 00:28:15 GMT - Sun, 21 Apr 2024 00:28:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/parkingEvents?abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww1.theu-free-ware.com/
Content-Type: application/json
Content-Length: 724
Origin: http://ww1.theu-free-ware.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 19 Apr 2023 00:32:45 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=afE9Gd/tZ5Va3SeqaVZSlKUrEQ953geCqkaKYukQ6++l97SWywCBNG29X2w8Sq0Sf9hA/Vfz4xquEBX3jDDU+thyBzInsjB1CusPkYHS3MGx015sdQKh6bC1jmjf; Expires=Wed, 26 Apr 2023 00:32:45 GMT; Path=/
AWSALBCORS=afE9Gd/tZ5Va3SeqaVZSlKUrEQ953geCqkaKYukQ6++l97SWywCBNG29X2w8Sq0Sf9hA/Vfz4xquEBX3jDDU+thyBzInsjB1CusPkYHS3MGx015sdQKh6bC1jmjf; Expires=Wed, 26 Apr 2023 00:32:45 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.google.com/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=yxbou0rbsv68&aqid=rDY_ZMj-OIfjywWqkJvwCA&psid=9841729664&pbt=bs&adbx=390&adby=154&adbh=474&adbw=500&adbah=152%2C152%2C152&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=523105112&csala=4%7C0%7C263%7C57%7C254&lle=0&ifv=1&usr=1
142.250.74.132204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=yxbou0rbsv68&aqid=rDY_ZMj-OIfjywWqkJvwCA&psid=9841729664&pbt=bs&adbx=390&adby=154&adbh=474&adbw=500&adbah=152%2C152%2C152&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=523105112&csala=4%7C0%7C263%7C57%7C254&lle=0&ifv=1&usr=1
IP 142.250.74.132:443
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=yxbou0rbsv68&aqid=rDY_ZMj-OIfjywWqkJvwCA&psid=9841729664&pbt=bs&adbx=390&adby=154&adbh=474&adbw=500&adbah=152%2C152%2C152&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=523105112&csala=4%7C0%7C263%7C57%7C254&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-vMskUWJbMS4f8yoouVHn2g' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Wed, 19 Apr 2023 00:32:46 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=WawkQQNHb9Q6KFzOiKZecde8_K00YvvMCN21sw6u6rEPBRc_EATo3STfLilQ_ghmMBz6VSXZk89r_fVm5VnIO0Vbrod4exhr0du43ItygRpdovNyJgPHKXcD_pBi4QGYcjsZJKGtSltpRSPKxZwUX0BTR456VwIZjHSGHryz4gs; expires=Thu, 19-Oct-2023 00:32:46 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+476; expires=Fri, 18-Apr-2025 00:32:46 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=k6tdrqxue0x8&aqid=rDY_ZMj-OIfjywWqkJvwCA&psid=9841729664&pbt=bv&adbx=390&adby=154&adbh=474&adbw=500&adbah=152%2C152%2C152&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=523105112&csala=4%7C0%7C263%7C57%7C254&lle=0&ifv=1&usr=1
142.250.74.132204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=k6tdrqxue0x8&aqid=rDY_ZMj-OIfjywWqkJvwCA&psid=9841729664&pbt=bv&adbx=390&adby=154&adbh=474&adbw=500&adbah=152%2C152%2C152&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=523105112&csala=4%7C0%7C263%7C57%7C254&lle=0&ifv=1&usr=1
IP 142.250.74.132:443
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=k6tdrqxue0x8&aqid=rDY_ZMj-OIfjywWqkJvwCA&psid=9841729664&pbt=bv&adbx=390&adby=154&adbh=474&adbw=500&adbah=152%2C152%2C152&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=523105112&csala=4%7C0%7C263%7C57%7C254&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-LRyekHHL9miBQ7HSaJ2R8A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Wed, 19 Apr 2023 00:32:47 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=qNfce1rF2PJYfZ8u41ud5AxgEHSk4SvJWzJ5aNOtUmR20QeonM_YJD3-hLrrxXTAwcV7DMnIuYeyBQlkryRuGqewdkvrkGwUAieIx07n6z_LEDGe--0KxpO1FUWVuJFq6a5Q8IU_PzAOKmdapvV9Wf-V6iILz5Sh-Tfv6jAYSJE; expires=Thu, 19-Oct-2023 00:32:47 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+883; expires=Fri, 18-Apr-2025 00:32:47 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
216.58.211.1200 OK 391 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
IP 216.58.211.1:443
Requested by https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08272&domain_name=theu-free-ware.com&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fww1.theu-free-ware.com%2F&type=3&uiopt=true&swp=as-drid-2927860770008733&oe=UTF-8&ie=UTF-8&fexp=21404&format=r3&nocache=9231681864502089&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=2&u_tz=0&dt=1681864502090&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1024&frm=0&cl=523105112&uio=-&cont=relatedLinks&jsid=caf&jsv=523105112&rurl=http%3A%2F%2Fww1.theu-free-ware.com%2F&adbw=master-1%3A500
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (406), with no line terminators
Hash ac5de5b2153fb616405aa018d56d88e6
0e4688e0df186c6f38eb5844fdfd8f9c5ff5628e
9b69e0728184d834e455835268e4f3973f5d25e18a1089bcb1d3280589848441
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Tue, 18 Apr 2023 07:37:07 GMT
expires: Wed, 19 Apr 2023 06:37:07 GMT
cache-control: public, max-age=82800
age: 60938
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js?abp=1
142.250.74.132200 OK 148 kB URL GET HTTP/2 www.google.com/adsense/domains/caf.js?abp=1
IP 142.250.74.132:443
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint3E:43:00:13:2A:5D:12:97:9E:3A:1C:62:F3:7E:D1:C4:FB:DB:B7:73
ValidityTue, 28 Mar 2023 16:54:58 GMT - Tue, 20 Jun 2023 16:54:57 GMT
File type ASCII text, with very long lines (2193)
Size 148 kB (148179 bytes)
Hash 04feb793dc4eed36431f11c8b3ba5b6b
2bd16c468311d9d81cb470674fce565d520b0060
73991d96f56e005c3f63f8945b13a0d66a05b72f9ea0974384aef6704d0cf972
GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Wed, 19 Apr 2023 00:32:43 GMT
expires: Wed, 19 Apr 2023 00:32:43 GMT
cache-control: private, max-age=3600
etag: "5541196816858744750"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2