os.theu-free-ware.com/CM_DS/?v=5.0&c=650201555
506 B URL os.theu-free-ware.com/CM_DS/?v=5.0&c=650201555
IP
ASN #30633 LEASEWEB-USA-WDC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (506), with no line terminators
Hash acba9a1b94b5349b1c72cbf308ed25db
219badf0e62ad8e99113a470e2aca53c1fd16e3f
dd71adbf6627d9c54adee68acd59c4e5db8e114368494ae45114ae188edf59b7
NIDS Severity Alert suricata medium ETPRO ADWARE_PUP ADWARE/InstallCore.Gen Checkin
GET /CM_DS/?v=5.0&c=650201555 HTTP/1.1
Host: os.theu-free-ware.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 506
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 10:03:13 GMT
server: nginx
set-cookie: sid=90064912-df62-11ed-af05-c919b53fd1e0; path=/; domain=.theu-free-ware.com; expires=Tue, 08 May 2091 13:17:20 GMT; max-age=2147483647; HttpOnly
os.theu-free-ware.com/favicon.ico
9 B URL os.theu-free-ware.com/favicon.ico
IP
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: os.theu-free-ware.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://os.theu-free-ware.com/CM_DS/?v=5.0&c=650201555
Cookie: sid=90064912-df62-11ed-af05-c919b53fd1e0
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Thu, 20 Apr 2023 10:03:13 GMT
server: nginx
os.theu-free-ware.com/CM_DS/?c=650201555&ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY4MTk5MjE5MywiaWF0IjoxNjgxOTg0OTkzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydGJwb3M1NGNvcXE5YjJvZjgxNXVpdWQiLCJuYmYiOjE2ODE5ODQ5OTMsInRzIjoxNjgxOTg0OTkzNDU0NDE4fQ.RjDmCjgv0-OhpIKo9qx3EEUjq9ZKRtCoD6_qys-B4Xw&sid=90064912-df62-11ed-af05-c919b53fd1e0&v=5.0
302 Found 11 B URL User Request GET HTTP/1.1 os.theu-free-ware.com/CM_DS/?c=650201555&ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY4MTk5MjE5MywiaWF0IjoxNjgxOTg0OTkzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydGJwb3M1NGNvcXE5YjJvZjgxNXVpdWQiLCJuYmYiOjE2ODE5ODQ5OTMsInRzIjoxNjgxOTg0OTkzNDU0NDE4fQ.RjDmCjgv0-OhpIKo9qx3EEUjq9ZKRtCoD6_qys-B4Xw&sid=90064912-df62-11ed-af05-c919b53fd1e0&v=5.0
IP
ASN #30633 LEASEWEB-USA-WDC
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /CM_DS/?c=650201555&ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY4MTk5MjE5MywiaWF0IjoxNjgxOTg0OTkzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydGJwb3M1NGNvcXE5YjJvZjgxNXVpdWQiLCJuYmYiOjE2ODE5ODQ5OTMsInRzIjoxNjgxOTg0OTkzNDU0NDE4fQ.RjDmCjgv0-OhpIKo9qx3EEUjq9ZKRtCoD6_qys-B4Xw&sid=90064912-df62-11ed-af05-c919b53fd1e0&v=5.0 HTTP/1.1
Host: os.theu-free-ware.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://os.theu-free-ware.com/CM_DS/?v=5.0&c=650201555
Cookie: sid=90064912-df62-11ed-af05-c919b53fd1e0
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Thu, 20 Apr 2023 10:03:14 GMT
location: http://ww1.theu-free-ware.com
server: nginx
set-cookie: sid=90064912-df62-11ed-af05-c919b53fd1e0; path=/; domain=.theu-free-ware.com; expires=Tue, 08 May 2091 13:17:21 GMT; max-age=2147483647; HttpOnly
200 OK 2.8 kB URL User Request GET HTTP/1.1 IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2830), with no line terminators
Hash 6cfbffcfabf6c7813aadd15f3870ead4
55afaa49568d6f3278a388d96b8672ccbcb1ae70
1b1252c0c6fe647290b76cb491806bc26f1083f7e3ae8962fc7cf1886b71d313
GET / HTTP/1.1
Host: ww1.theu-free-ware.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://os.theu-free-ware.com/
Connection: keep-alive
Cookie: sid=90064912-df62-11ed-af05-c919b53fd1e0
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 20 Apr 2023 10:03:14 GMT
Content-Type: text/html
Content-Length: 2830
Last-Modified: Tue, 14 Feb 2023 15:45:53 GMT
ETag: "63ebacb1-b0e"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_STB/NNS+Qz5UOHfyhFwDWLUxdJGEyeMfm2O6lHF4TWyRLxDNV8kQ0Zm0np7bu2FeicDdRI3U6hmxg6n1McQ2zQ
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
img1.wsimg.com/parking-lander/static/js/1.3fa140ef.chunk.js
200 OK 57 kB URL GET HTTP/2 img1.wsimg.com/parking-lander/static/js/1.3fa140ef.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
Fingerprint4D:28:AB:B5:BB:E6:84:09:15:A9:80:A1:56:45:20:CB:87:93:83:A3
ValidityThu, 15 Sep 2022 21:44:19 GMT - Tue, 17 Oct 2023 21:44:19 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash b1a9331d6c0e8a1b66863c6ca8477641
90dfe8b3d4571613ed3e04e53d2503d58684dc03
d21e9a17b3f1a8d15dff4aee534040b740009c16ef74c4185eb151ca52ba1c66
GET /parking-lander/static/js/1.3fa140ef.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: OCcGn1JfNBQv6+PedMR9b3qPljuI4WoxpivU6zSOnj5T4ghXWTvCbv6/qtM8SSXELvZkrY2NYI0=
x-amz-request-id: 2FAPK430WR30W4W0
last-modified: Tue, 14 Feb 2023 15:44:40 GMT
etag: "06166eb9b942e7c63d8ee1eba5b3de68"
x-amz-server-side-encryption: AES256
x-amz-version-id: Qm3JNw36qGFoIyTVwvXuxJRglKzwn3oO
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 19 Apr 2024 10:03:14 GMT
date: Thu, 20 Apr 2023 10:03:14 GMT
content-length: 57353
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/parking-lander/static/js/0.40743286.chunk.js
200 OK 140 kB URL GET HTTP/2 img1.wsimg.com/parking-lander/static/js/0.40743286.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
Fingerprint4D:28:AB:B5:BB:E6:84:09:15:A9:80:A1:56:45:20:CB:87:93:83:A3
ValidityThu, 15 Sep 2022 21:44:19 GMT - Tue, 17 Oct 2023 21:44:19 GMT
File type ASCII text, with very long lines (65462)
Size 140 kB (139862 bytes)
Hash 86e3cfb33222003b0db28f9a3dd97c0b
be2be171a4e55332472ee32fd73f5a1b5dcb952f
24f9d9e26c29c25042fe573f938d08afd365f83a1f5e32853c26d2f72df65411
GET /parking-lander/static/js/0.40743286.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: f0SGcvFmDtEX/kqsGotSp6Buh7LQtFnodVFgNR7DozUuYF4unhJHIR5WZD92RZWybaw0iBhKDII=
x-amz-request-id: 2FAJDMPCN6W0P945
last-modified: Tue, 14 Feb 2023 15:44:39 GMT
etag: "b068012e619429e22f89192c5175a1e0"
x-amz-server-side-encryption: AES256
x-amz-version-id: gYg2nrvw6dt8CWezF3ZJ_Af3PN3NBmJj
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 19 Apr 2024 10:03:14 GMT
date: Thu, 20 Apr 2023 10:03:14 GMT
content-length: 139862
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img1.wsimg.com/parking-lander/static/js/main.727544c3.chunk.js
200 OK 1.8 kB URL GET HTTP/2 img1.wsimg.com/parking-lander/static/js/main.727544c3.chunk.js
IP
ASN #20940 Akamai International B.V.
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerStarfield Technologies, Inc.
Subject*.wsimg.com
Fingerprint4D:28:AB:B5:BB:E6:84:09:15:A9:80:A1:56:45:20:CB:87:93:83:A3
ValidityThu, 15 Sep 2022 21:44:19 GMT - Tue, 17 Oct 2023 21:44:19 GMT
File type ASCII text, with very long lines (4918)
Hash 4765833f8aa1de1e75804851ab0449f3
b56fc269f045d73338c8dd55f638aa633de28e7d
c42908523310021f78e7a1c65746224723cda12e89730b0efeb24430b84dac1c
GET /parking-lander/static/js/main.727544c3.chunk.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: G+KwmdDoK2pI6c9DvjEwx8Yd4NOzuYF7PYbj0A+2bVdqnBv06gVVmOL1QEU8ZWzx1R0e+H5Ch2w=
x-amz-request-id: 2FAP39Z2BBAD4Z6V
last-modified: Tue, 14 Feb 2023 15:44:39 GMT
etag: "5fdf5d5d4c43969c55a42e692b95b2c9"
x-amz-server-side-encryption: AES256
x-amz-version-id: K0T3Ca3fAhPnHOiGo0Ai9_inM.KjDWrk
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=31536000
expires: Fri, 19 Apr 2024 10:03:14 GMT
date: Thu, 20 Apr 2023 10:03:14 GMT
content-length: 1827
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ww1.theu-free-ware.com/px.js?ch=1&abp=1
200 OK 476 B URL GET HTTP/1.1 ww1.theu-free-ware.com/px.js?ch=1&abp=1
IP
Requested by http://ww1.theu-free-ware.com/
Hash d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc
GET /px.js?ch=1&abp=1 HTTP/1.1
Host: ww1.theu-free-ware.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Cookie: sid=90064912-df62-11ed-af05-c919b53fd1e0; caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 20 Apr 2023 10:03:14 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Tue, 14 Feb 2023 15:45:32 GMT
ETag: "63ebac9c-1dc"
Accept-Ranges: bytes
Via: 1.1 google
ww1.theu-free-ware.com/px.js?ch=2&abp=1
200 OK 476 B URL GET HTTP/1.1 ww1.theu-free-ware.com/px.js?ch=2&abp=1
IP
Requested by http://ww1.theu-free-ware.com/
Hash d2183968f9080b37babfeba3ccf10df2
24b9cf589ee6789e567fac3ae5acfc25826d00c6
4d9b83714539f82372e1e0177924bcb5180b75148e22d6725468fd2fb6f96bcc
GET /px.js?ch=2&abp=1 HTTP/1.1
Host: ww1.theu-free-ware.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Cookie: sid=90064912-df62-11ed-af05-c919b53fd1e0; caf_ipaddr=91.90.42.154; country=NO; city=""; expiry_partner=
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 20 Apr 2023 10:03:14 GMT
Content-Type: application/javascript
Content-Length: 476
Last-Modified: Tue, 14 Feb 2023 15:45:25 GMT
ETag: "63ebac95-1dc"
Accept-Ranges: bytes
Via: 1.1 google
ocsp.pki.goog/gts1c3
471 B IP
Hash 6ed663834426f0f7936d696aea93bb0f
437e53d625099a838728b3dcef3b1dcd2647bd99
abe8ff563b98428a328ebe3f071bfc45969990fb8eede03aa17b395fd2db03cf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Apr 2023 10:03:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash 1da8e325bbdc051df54f86ce097b0937
8c4ffaebf3fdfc9b55e349a4e21403ef30ca6771
b68743f22c02912ac995b5f7a383c548b840b48759f00f9b1950fb951c8f3dcf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Apr 2023 10:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
1.8 kB IP
Hash 19576bfbf42191efc6dfe8aed29cf646
1976d1a628538ae087cab48343dfcba21fc0dc35
0786cb8dcd314f05043e342eb7a8de217cb33d7fd57772c2051b1691e59af44c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 20 Apr 2023 10:03:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 19 Apr 2023 21:49:49 GMT
Expires: Thu, 20 Apr 2023 21:49:49 GMT
ETag: "1976d1a628538ae087cab48343dfcba21fc0dc35"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
1.8 kB IP
Hash 19576bfbf42191efc6dfe8aed29cf646
1976d1a628538ae087cab48343dfcba21fc0dc35
0786cb8dcd314f05043e342eb7a8de217cb33d7fd57772c2051b1691e59af44c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 20 Apr 2023 10:03:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 19 Apr 2023 21:49:49 GMT
Expires: Thu, 20 Apr 2023 21:49:49 GMT
ETag: "1976d1a628538ae087cab48343dfcba21fc0dc35"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
api.aws.parking.godaddy.com/v1/domains/domain?domain=ww1.theu-free-ware.com&portfolioId=&abp=1
200 OK 0 B URL OPTIONS HTTP/2 api.aws.parking.godaddy.com/v1/domains/domain?domain=ww1.theu-free-ware.com&portfolioId=&abp=1
IP
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoDaddy.com, Inc.
Subject*.aws.parking.godaddy.com
FingerprintE7:BD:64:BB:AC:CB:4F:6E:C3:F2:EB:52:B9:C1:CE:C3:9A:7B:AA:08
ValidityTue, 21 Mar 2023 00:28:15 GMT - Sun, 21 Apr 2024 00:28:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/domains/domain?domain=ww1.theu-free-ware.com&portfolioId=&abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-request-id
Referer: http://ww1.theu-free-ware.com/
Origin: http://ww1.theu-free-ware.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 20 Apr 2023 10:03:15 GMT
content-length: 0
set-cookie: AWSALB=2XbJ6f3+10mDSgqCUTZco9aNo2xwCZ2khKodKupX0qxw6TvSNl7HPk6nkZbZeTLNCgyIWLl6M9jCPIqFO5b2AgGJPQAfsUdl67mJiJfYKBHbwjYBo/wetx9UMtiC; Expires=Thu, 27 Apr 2023 10:03:15 GMT; Path=/
AWSALBCORS=2XbJ6f3+10mDSgqCUTZco9aNo2xwCZ2khKodKupX0qxw6TvSNl7HPk6nkZbZeTLNCgyIWLl6M9jCPIqFO5b2AgGJPQAfsUdl67mJiJfYKBHbwjYBo/wetx9UMtiC; Expires=Thu, 27 Apr 2023 10:03:15 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-headers: X-Request-Id
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: http://ww1.theu-free-ware.com
access-control-max-age: 600
x-request-id: eaZs4KEg
X-Firefox-Spdy: h2
api.aws.parking.godaddy.com/v1/domains/domain?domain=ww1.theu-free-ware.com&portfolioId=&abp=1
200 OK 963 B URL OPTIONS HTTP/2 api.aws.parking.godaddy.com/v1/domains/domain?domain=ww1.theu-free-ware.com&portfolioId=&abp=1
IP
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoDaddy.com, Inc.
Subject*.aws.parking.godaddy.com
FingerprintE7:BD:64:BB:AC:CB:4F:6E:C3:F2:EB:52:B9:C1:CE:C3:9A:7B:AA:08
ValidityTue, 21 Mar 2023 00:28:15 GMT - Sun, 21 Apr 2024 00:28:15 GMT
File type JSON data\012- , ASCII text, with very long lines (962)
Hash 5653a7ecb2382f3622032628925b8538
c27a4726225fdd5dffb95acd1580a5f6eb908bd8
6efeb048aa202cbcfe6fe46736b03d7cd11df91b7d588ae2874df9a8ab563feb
GET /v1/domains/domain?domain=ww1.theu-free-ware.com&portfolioId=&abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww1.theu-free-ware.com/
X-Request-Id: 4e3983f8-aad6-4a6c-9b59-9c2d10aee978
Origin: http://ww1.theu-free-ware.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Apr 2023 10:03:15 GMT
content-type: application/json
content-length: 963
set-cookie: AWSALB=S8LqLJYHLZpUjchjAJbMd4zaOxUuMY3S7cV5jWFGSd6ZciYRMbK09SjaVP0HMN65/PY6ZPcuK3+gN/cAs8YndcH0gxVuCy+QDSTIeIWI6z7IyNYUZf7KB9SkWeqH; Expires=Thu, 27 Apr 2023 10:03:15 GMT; Path=/
AWSALBCORS=S8LqLJYHLZpUjchjAJbMd4zaOxUuMY3S7cV5jWFGSd6ZciYRMbK09SjaVP0HMN65/PY6ZPcuK3+gN/cAs8YndcH0gxVuCy+QDSTIeIWI6z7IyNYUZf7KB9SkWeqH; Expires=Thu, 27 Apr 2023 10:03:15 GMT; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
access-control-allow-origin: http://ww1.theu-free-ware.com
access-control-max-age: 600
x-request-id: 4e3983f8-aad6-4a6c-9b59-9c2d10aee978
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 4b7431bcd08a2234895a8ff4d4f0c43c
f02e4ee6b503d1e60a0e45a91829d8a05607e73c
d9a5a653d2c916bcc81fd01e7d5b4f691ed958004ce2bdf6667e08ab10617c0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Apr 2023 10:03:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=ww1.theu-free-ware.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie
200 OK 248 B URL GET HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=ww1.theu-free-ware.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie
IP
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.googleadservices.com
Fingerprint4B:CB:DB:D2:14:E4:F5:46:FA:69:7D:5D:7F:77:3E:7B:A4:87:E2:E7
ValidityTue, 28 Mar 2023 16:51:59 GMT - Tue, 20 Jun 2023 16:51:58 GMT
File type ASCII text, with very long lines (376), with no line terminators
Hash 6a39479c3f7127f94b47b0bc8edc5628
ea36c5183039a9839666bcdd7ec2bf5a0ea8b3c6
ae68a334c2099f7fffd4fa4892bc6c488fb53c20621b7705c4d4adfbbaafedb2
GET /gampad/cookie.js?domain=ww1.theu-free-ware.com&client=dp-namemedia08_3ph&product=SAS&callback=__sasCookie HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 20 Apr 2023 10:03:15 GMT
server: cafe
cache-control: private
content-length: 248
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08272&domain_name=theu-free-ware.com&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fww1.theu-free-ware.com%2F&type=3&uiopt=true&swp=as-drid-2927860770008733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301157%2C17301160&format=r3&nocache=9161681985155558&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1681985155559&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1024&frm=0&cl=524880510&uio=-&cont=relatedLinks&jsid=caf&jsv=524880510&rurl=http%3A%2F%2Fww1.theu-free-ware.com%2F&referer=http%3A%2F%2Fos.theu-free-ware.com%2F&adbw=master-1%3A500
200 OK 2.1 kB URL GET HTTP/3 www.google.com/afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08272&domain_name=theu-free-ware.com&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fww1.theu-free-ware.com%2F&type=3&uiopt=true&swp=as-drid-2927860770008733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301157%2C17301160&format=r3&nocache=9161681985155558&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1681985155559&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1024&frm=0&cl=524880510&uio=-&cont=relatedLinks&jsid=caf&jsv=524880510&rurl=http%3A%2F%2Fww1.theu-free-ware.com%2F&referer=http%3A%2F%2Fos.theu-free-ware.com%2F&adbw=master-1%3A500
IP
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5251)
Hash 9f7d6733cca3594428e0f3f6abf4a48f
c6a514c2c28cfdd783db61668f29fcb231fb2813
f6c827634ffad34c267eea671c08907f44069a81848f70d2a83efb3fb3b4e304
GET /afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08272&domain_name=theu-free-ware.com&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fww1.theu-free-ware.com%2F&type=3&uiopt=true&swp=as-drid-2927860770008733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301157%2C17301160&format=r3&nocache=9161681985155558&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1681985155559&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1024&frm=0&cl=524880510&uio=-&cont=relatedLinks&jsid=caf&jsv=524880510&rurl=http%3A%2F%2Fww1.theu-free-ware.com%2F&referer=http%3A%2F%2Fos.theu-free-ware.com%2F&adbw=master-1%3A500 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=UTF-8
content-disposition: inline
date: Thu, 20 Apr 2023 10:03:15 GMT
expires: Thu, 20 Apr 2023 10:03:15 GMT
cache-control: private, max-age=3600
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-HrqaMcWc6pxRmwaZBYsCDA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 2058
x-xss-protection: 0
set-cookie: CONSENT=PENDING+161; expires=Sat, 19-Apr-2025 10:03:15 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
471 B IP
Hash 4b7431bcd08a2234895a8ff4d4f0c43c
f02e4ee6b503d1e60a0e45a91829d8a05607e73c
d9a5a653d2c916bcc81fd01e7d5b4f691ed958004ce2bdf6667e08ab10617c0b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Apr 2023 10:03:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash dc21314d06a1224d3e760fbe62ed1437
3d1608c4912cc6f221a65c89111c26c6cb6fc5df
5c49d376a9b05c94ab8ee21558bec5c6efb66e2700004d8efb1c5c0a58ed312d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Apr 2023 10:03:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash dc21314d06a1224d3e760fbe62ed1437
3d1608c4912cc6f221a65c89111c26c6cb6fc5df
5c49d376a9b05c94ab8ee21558bec5c6efb66e2700004d8efb1c5c0a58ed312d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Apr 2023 10:03:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/adsense/domains/caf.js
200 OK 54 kB URL GET HTTP/3 www.google.com/adsense/domains/caf.js
IP
Requested by https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08272&domain_name=theu-free-ware.com&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fww1.theu-free-ware.com%2F&type=3&uiopt=true&swp=as-drid-2927860770008733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301157%2C17301160&format=r3&nocache=9161681985155558&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1681985155559&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1024&frm=0&cl=524880510&uio=-&cont=relatedLinks&jsid=caf&jsv=524880510&rurl=http%3A%2F%2Fww1.theu-free-ware.com%2F&referer=http%3A%2F%2Fos.theu-free-ware.com%2F&adbw=master-1%3A500
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
File type ASCII text, with very long lines (2193)
Hash ac32f70bade6b5e078787cc080ad8ba2
6ed6a3323ce14e384dc019a7047d43844f575d09
2847482c49c35f96f427d8f002785562646dc90164d2c4941555fe29bc52d6db
GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Alt-Used: www.google.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 20 Apr 2023 10:03:16 GMT
expires: Thu, 20 Apr 2023 10:03:16 GMT
cache-control: private, max-age=3600
etag: "1513767968863417938"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
200 OK 174 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff
IP
Requested by https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08272&domain_name=theu-free-ware.com&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fww1.theu-free-ware.com%2F&type=3&uiopt=true&swp=as-drid-2927860770008733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301157%2C17301160&format=r3&nocache=9161681985155558&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1681985155559&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1024&frm=0&cl=524880510&uio=-&cont=relatedLinks&jsid=caf&jsv=524880510&rurl=http%3A%2F%2Fww1.theu-free-ware.com%2F&referer=http%3A%2F%2Fos.theu-free-ware.com%2F&adbw=master-1%3A500
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4de8b85c8915995b571bde50e231be7c
29c226ca7b9cbe1d44e5480ce95bbb42727b2d99
2ec9168c4507546748c5f400f5030031f0eb06f2aed8deaa11362c395bff4f7a
GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%23ffffff HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 19 Apr 2023 11:34:45 GMT
expires: Thu, 20 Apr 2023 10:34:45 GMT
cache-control: public, max-age=82800
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
age: 80911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
200 OK 0 B URL POST HTTP/2 api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
IP
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoDaddy.com, Inc.
Subject*.aws.parking.godaddy.com
FingerprintE7:BD:64:BB:AC:CB:4F:6E:C3:F2:EB:52:B9:C1:CE:C3:9A:7B:AA:08
ValidityTue, 21 Mar 2023 00:28:15 GMT - Sun, 21 Apr 2024 00:28:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/parkingEvents?abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://ww1.theu-free-ware.com/
Origin: http://ww1.theu-free-ware.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Apr 2023 10:03:16 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=9FcoWFtYpnjy2u7HCHcKbS/YqZBEh3FqH8YUV4fg+aeh64Kxq1j4nhiQbsjsKOObE/ovrHM77ewcQCueAMwILKWQB+5bD8lyYj1Q67bRrF3db3SjmlzItr6rCINB; Expires=Thu, 27 Apr 2023 10:03:16 GMT; Path=/
AWSALBCORS=9FcoWFtYpnjy2u7HCHcKbS/YqZBEh3FqH8YUV4fg+aeh64Kxq1j4nhiQbsjsKOObE/ovrHM77ewcQCueAMwILKWQB+5bD8lyYj1Q67bRrF3db3SjmlzItr6rCINB; Expires=Thu, 27 Apr 2023 10:03:16 GMT; Path=/; SameSite=None; Secure
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash dc21314d06a1224d3e760fbe62ed1437
3d1608c4912cc6f221a65c89111c26c6cb6fc5df
5c49d376a9b05c94ab8ee21558bec5c6efb66e2700004d8efb1c5c0a58ed312d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 20 Apr 2023 10:03:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
200 OK 0 B URL POST HTTP/2 api.aws.parking.godaddy.com/v1/parkingEvents?abp=1
IP
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoDaddy.com, Inc.
Subject*.aws.parking.godaddy.com
FingerprintE7:BD:64:BB:AC:CB:4F:6E:C3:F2:EB:52:B9:C1:CE:C3:9A:7B:AA:08
ValidityTue, 21 Mar 2023 00:28:15 GMT - Sun, 21 Apr 2024 00:28:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/parkingEvents?abp=1 HTTP/1.1
Host: api.aws.parking.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww1.theu-free-ware.com/
Content-Type: application/json
Content-Length: 770
Origin: http://ww1.theu-free-ware.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 20 Apr 2023 10:03:16 GMT
content-type: text/plain
content-length: 0
set-cookie: AWSALB=nGmXmAv9hbHMcqT2LFikgYZqH5TlaM2CJHtd0/czRCB+Byb9GtPpRO7o7iGHpNheDD7ZxBPXcvQ2ryBKQr0H4QnIAzA6gds2oaCnYFx4gO5uym4xKx+hwFrFWf+i; Expires=Thu, 27 Apr 2023 10:03:16 GMT; Path=/
AWSALBCORS=nGmXmAv9hbHMcqT2LFikgYZqH5TlaM2CJHtd0/czRCB+Byb9GtPpRO7o7iGHpNheDD7ZxBPXcvQ2ryBKQr0H4QnIAzA6gds2oaCnYFx4gO5uym4xKx+hwFrFWf+i; Expires=Thu, 27 Apr 2023 10:03:16 GMT; Path=/; SameSite=None; Secure
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.google.com/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=7kg0c6w9st7s&aqid=4w1BZL6UOvyJxdwP78qEyAE&psid=9841729664&pbt=bs&adbx=390&adby=154&adbh=474&adbw=500&adbah=152%2C152%2C152&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=524880510&csala=5%7C0%7C227%7C59%7C231&lle=0&ifv=1&usr=1
204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=7kg0c6w9st7s&aqid=4w1BZL6UOvyJxdwP78qEyAE&psid=9841729664&pbt=bs&adbx=390&adby=154&adbh=474&adbw=500&adbah=152%2C152%2C152&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=524880510&csala=5%7C0%7C227%7C59%7C231&lle=0&ifv=1&usr=1
IP
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=7kg0c6w9st7s&aqid=4w1BZL6UOvyJxdwP78qEyAE&psid=9841729664&pbt=bs&adbx=390&adby=154&adbh=474&adbw=500&adbah=152%2C152%2C152&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=524880510&csala=5%7C0%7C227%7C59%7C231&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-GN9JiSTHoqUabH8J5Tce7Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Thu, 20 Apr 2023 10:03:17 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=UjcSPrluBAIhlLtsIOu1W_DLZiiuhypdQDgYaK1WNEx6WZztphFf78rVnmT8haiHWzIIExZa5n_Uvz2uhqX-IHKPFiLL6ixkI9-fNAlfT5mt8yBcFQjeW6kGDGjmuypn_vnM1pbJa8TKp17dEMQ4oDYuI3AHr0DsFm8BzthKTmQ; expires=Fri, 20-Oct-2023 10:03:17 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+423; expires=Sat, 19-Apr-2025 10:03:17 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=8mw5jkz6r5ve&aqid=4w1BZL6UOvyJxdwP78qEyAE&psid=9841729664&pbt=bv&adbx=390&adby=154&adbh=474&adbw=500&adbah=152%2C152%2C152&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=524880510&csala=5%7C0%7C227%7C59%7C231&lle=0&ifv=1&usr=1
204 No Content 0 B URL GET HTTP/3 www.google.com/afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=8mw5jkz6r5ve&aqid=4w1BZL6UOvyJxdwP78qEyAE&psid=9841729664&pbt=bv&adbx=390&adby=154&adbh=474&adbw=500&adbah=152%2C152%2C152&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=524880510&csala=5%7C0%7C227%7C59%7C231&lle=0&ifv=1&usr=1
IP
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintED:88:16:3C:FE:E3:0A:31:34:FF:BE:21:B4:92:AA:6F:B9:EA:AA:B5
ValidityTue, 28 Mar 2023 16:47:33 GMT - Tue, 20 Jun 2023 16:47:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /afs/gen_204?client=dp-namemedia08_3ph&output=uds_ads_only&zx=8mw5jkz6r5ve&aqid=4w1BZL6UOvyJxdwP78qEyAE&psid=9841729664&pbt=bv&adbx=390&adby=154&adbh=474&adbw=500&adbah=152%2C152%2C152&adbn=master-1&eawp=partner-dp-namemedia08_3ph&errv=524880510&csala=5%7C0%7C227%7C59%7C231&lle=0&ifv=1&usr=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: www.google.com
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-zWb5_NaEV1hKogmYcchCOw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Thu, 20 Apr 2023 10:03:18 GMT
server: gws
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: NID=511=fas8-KuuWTK2dq4_S4T8fxtKwlAyKWPGzKun7PiMsoEgtk-daSb7yyYPnF1acU4_TAwPXo2DEve5ERN6v3wqw04vvrUt7rBBa_sp9903cjSRDcArKyN4b3ZtPXTQbbR-GSuglF5lKmuvWUhiW07bs7mA8n8y895ojSHIpid0wrs; expires=Fri, 20-Oct-2023 10:03:18 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+166; expires=Sat, 19-Apr-2025 10:03:18 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
200 OK 391 B URL GET HTTP/2 afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2
IP
Requested by https://www.google.com/afs/ads?adsafe=low&adtest=off&psid=9841729664&pcsa=false&channel=08272&domain_name=theu-free-ware.com&client=dp-namemedia08_3ph&r=m&rpbu=http%3A%2F%2Fww1.theu-free-ware.com%2F&type=3&uiopt=true&swp=as-drid-2927860770008733&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300002%2C17301157%2C17301160&format=r3&nocache=9161681985155558&num=0&output=afd_ads&v=3&bsl=8&pac=2&u_his=2&u_tz=0&dt=1681985155559&u_w=1280&u_h=1024&biw=1280&bih=1024&psw=1280&psh=1024&frm=0&cl=524880510&uio=-&cont=relatedLinks&jsid=caf&jsv=524880510&rurl=http%3A%2F%2Fww1.theu-free-ware.com%2F&referer=http%3A%2F%2Fos.theu-free-ware.com%2F&adbw=master-1%3A500
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
FingerprintD6:E1:72:BF:8B:94:81:F5:A1:9B:A7:B6:5B:FD:B8:A5:CA:2B:E5:FD
ValidityTue, 28 Mar 2023 16:54:33 GMT - Tue, 20 Jun 2023 16:54:32 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (406), with no line terminators
Hash ac5de5b2153fb616405aa018d56d88e6
0e4688e0df186c6f38eb5844fdfd8f9c5ff5628e
9b69e0728184d834e455835268e4f3973f5d25e18a1089bcb1d3280589848441
GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967d2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 272
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Wed, 19 Apr 2023 15:07:35 GMT
expires: Thu, 20 Apr 2023 14:07:35 GMT
cache-control: public, max-age=82800
age: 68141
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/adsense/domains/caf.js?abp=1
200 OK 148 kB URL GET HTTP/2 www.google.com/adsense/domains/caf.js?abp=1
IP
Requested by http://ww1.theu-free-ware.com/
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint3E:43:00:13:2A:5D:12:97:9E:3A:1C:62:F3:7E:D1:C4:FB:DB:B7:73
ValidityTue, 28 Mar 2023 16:54:58 GMT - Tue, 20 Jun 2023 16:54:57 GMT
File type ASCII text, with very long lines (2193)
Size 148 kB (148403 bytes)
Hash 9dd113e76e5ec0058c266cdc1aa76a77
35603bd7f65e1f41e30bbdeb60634e0275a2abab
0544994e6e3263ec81821deed80f909e63a290a29e53a8b81a9d3ba0eb081fb4
GET /adsense/domains/caf.js?abp=1 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ww1.theu-free-ware.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
date: Thu, 20 Apr 2023 10:03:15 GMT
expires: Thu, 20 Apr 2023 10:03:15 GMT
cache-control: private, max-age=3600
etag: "331091123273302823"
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
207.244.67.214
23.36.79.43