103.224.182.253302 Found 2 B URL User Request GET HTTP/1.1 IP 103.224.182.253:443
ASN #133618 Trellian Pty. Limited
Certificate IssuerLet's Encrypt
Subjectedumarketdigital.com
Fingerprint5E:E2:37:34:7C:C4:37:D4:53:ED:1A:39:78:A7:F5:3C:4A:0D:38:C6
ValidityMon, 09 Oct 2023 08:17:00 GMT - Sun, 07 Jan 2024 08:16:59 GMT
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
GET / HTTP/1.1
Host: morritas.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
date: Sat, 02 Dec 2023 02:18:07 GMT
server: Apache
set-cookie: __tad=1701483487.3951359; expires=Tue, 29-Nov-2033 02:18:07 GMT; Max-Age=315360000
location: http://ww38.morritas.ga/
content-length: 2
content-type: text/html; charset=UTF-8
connection: close
76.223.26.96200 OK 2.4 kB URL User Request GET HTTP/1.1 IP 76.223.26.96:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash f0ff7944c69d4005b1a18cab5a53f4b2
9f6f0af1dd4be064e3c67422f9e25189751ed033
896e29097c181fc83b7ebdd26ddefafb9de3902c795861e969e2d878687c88a1
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET / HTTP/1.1
Host: ww38.morritas.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 02 Dec 2023 02:18:07 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: skenzo
X-Buckets: bucket011
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_N0IDukeodOtlS9dEE2alhWTU1/Hlgnmw4hl41jDtnYZzJ/BQVDR29qydpVTWT/tYeQTZXcV06wLU37ozKNUeHQ==
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Domain: morritas.ga
X-Subdomain: ww38
Content-Encoding: gzip
ww38.morritas.ga/favicon.ico
76.223.26.96200 OK 0 B URL GET HTTP/1.1 ww38.morritas.ga/favicon.ico
IP 76.223.26.96:80
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.ga domain
GET /favicon.ico HTTP/1.1
Host: ww38.morritas.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww38.morritas.ga/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 02 Dec 2023 02:18:08 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
208.91.196.46200 OK 36 kB URL GET HTTP/1.1 ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
IP 208.91.196.46:80
ASN #40034 CONFLUENCE-NETWORK-INC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10734), with CRLF, LF line terminators
Hash 501e407d1b6cfadc3ab369c46d497fb1
31fbe512481b28e4f43c6bfa8fa7ffee10c16aba
582abe627c83229f497ad3a7c1422183113522b50cef41241565220a4967b7a2
GET /?dn=morritas.ga&pid=9PO755G95 HTTP/1.1
Host: ifdnzact.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww38.morritas.ga/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 02 Dec 2023 02:18:08 GMT
Server: Apache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_VuV2ZB+8lB6PYf2ydRuj9XpuWDkFC4ScxKOe7WZv4SQYfTEIOaUZxYMQ1wO8RnzLVjyIrFDc+kceA0/ove0wBg==
Keep-Alive: timeout=5, max=128
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ifdnzact.com/px.js?ch=1
208.91.196.46200 OK 346 B IP 208.91.196.46:80
ASN #40034 CONFLUENCE-NETWORK-INC
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
File type ASCII text, with very long lines (346), with no line terminators
Hash f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
GET /px.js?ch=1 HTTP/1.1
Host: ifdnzact.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 02 Dec 2023 02:18:09 GMT
Server: Apache
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=118
Connection: Keep-Alive
Content-Type: application/javascript
a.delivery.consentmanager.net/delivery/cmp.php?&cdid=21fdca2281833&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&&l=en&o=1701483494650
87.230.98.74200 OK 587 B URL GET HTTP/1.1 a.delivery.consentmanager.net/delivery/cmp.php?&cdid=21fdca2281833&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&&l=en&o=1701483494650
IP 87.230.98.74:443
ASN #61157 PlusServer GmbH
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
Certificate IssuerLet's Encrypt
Subjecta.delivery.consentmanager.net
Fingerprint44:49:A8:C0:AF:F7:D9:6E:D0:B5:35:77:3B:05:89:CC:80:9A:8D:50
ValidityWed, 15 Nov 2023 00:31:04 GMT - Tue, 13 Feb 2024 00:31:03 GMT
File type ASCII text, with CRLF line terminators
Hash a230076f24eb0c549cfcedc970c4f9c6
b14678e20b16451bee7b06771fba100050066bb0
8ba20d88707fedcb95bd0fe92809cb3a98491927086625861499b01e7bf3ab88
GET /delivery/cmp.php?&cdid=21fdca2281833&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&&l=en&o=1701483494650 HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 02 Dec 2023 02:18:09 GMT
Cache-Control: no-store, no-cache, must-revalidate
Edge-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Sat, 02 Dec 2023 02:18:09 GMT
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
ifdnzact.com/px.js?ch=2
208.91.196.46200 OK 346 B IP 208.91.196.46:80
ASN #40034 CONFLUENCE-NETWORK-INC
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
File type ASCII text, with very long lines (346), with no line terminators
Hash f84f931c0dd37448e03f0dabf4e4ca9f
9c2c50edcf576453ccc07bf65668bd23c76e8663
5c1d5fd46a88611c31ecbb8ffc1142a7e74ec7fb7d72bd3891131c880ef3f584
GET /px.js?ch=2 HTTP/1.1
Host: ifdnzact.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 02 Dec 2023 02:18:09 GMT
Server: Apache
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
ETag: "15a-5b952a63b81f1"
Accept-Ranges: bytes
Content-Length: 346
Keep-Alive: timeout=5, max=128
Connection: Keep-Alive
Content-Type: application/javascript
a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=68884&o=1701483489&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&&l=en&odw=0&dlt=1&l=en
87.230.98.74200 OK 589 B URL GET HTTP/1.1 a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=1&id=68884&o=1701483489&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&&l=en&odw=0&dlt=1&l=en
IP 87.230.98.74:443
ASN #61157 PlusServer GmbH
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
Certificate IssuerLet's Encrypt
Subjecta.delivery.consentmanager.net
Fingerprint44:49:A8:C0:AF:F7:D9:6E:D0:B5:35:77:3B:05:89:CC:80:9A:8D:50
ValidityWed, 15 Nov 2023 00:31:04 GMT - Tue, 13 Feb 2024 00:31:03 GMT
File type ASCII text, with CRLF line terminators
Hash b29aa6d7764787f4d3ebd60dc8b91a66
55deef0164cf556ff2956a75a8da38146e725cb5
2140aa322762a99347ba8882cd97c048adf79d612fa5543cdcd5b1937e8a9fff
GET /delivery/cmp.php?__cmpcc=1&id=68884&o=1701483489&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&&l=en&odw=0&dlt=1&l=en HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 02 Dec 2023 02:18:09 GMT
Cache-Control: no-store, no-cache, must-revalidate
Edge-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Sat, 02 Dec 2023 02:18:09 GMT
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
i4.cdn-image.com/__media__/js/min.js?v2.3
208.91.196.253200 OK 8.4 kB URL GET HTTP/1.1 i4.cdn-image.com/__media__/js/min.js?v2.3
IP 208.91.196.253:80
ASN #40034 CONFLUENCE-NETWORK-INC
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
File type ASCII text, with very long lines (8349), with CRLF line terminators
Hash c16c3a4c0fad29106f34d00e89f6886e
6e11811ab8a98bb295b0916cdee68b302c33403d
097786d677a859b7bc87e285377b083b76d66a2fc2832a16bcd50b0e99df77ff
GET /__media__/js/min.js?v2.3 HTTP/1.1
Host: i4.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Dec 2023 02:18:10 GMT
Content-Type: application/javascript
Content-Length: 8435
Last-Modified: Thu, 06 Apr 2023 06:49:56 GMT
Connection: keep-alive
ETag: "642e6b94-20f3"
Expires: Sat, 16 Dec 2023 02:18:10 GMT
Cache-Control: max-age=1209600, public
Accept-Ranges: bytes
cdn.consentmanager.net/delivery/js/cmp_en.min.js
185.76.9.14200 OK 89 kB URL GET HTTP/2 cdn.consentmanager.net/delivery/js/cmp_en.min.js
IP 185.76.9.14:443
ASN #60068 Datacamp Limited
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
Certificate IssuerLet's Encrypt
Subject1376624012.rsc.cdn77.org
Fingerprint40:27:9C:9D:30:35:40:79:7E:8D:6A:C2:06:C0:6F:B7:C6:8E:6A:2F
ValidityMon, 13 Nov 2023 17:00:32 GMT - Sun, 11 Feb 2024 17:00:31 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3b7de819d58b7b7236158502730fb643
94bf0279f535b33db70bcdee62f224cb8183159e
454d3e6ab700504888a8106a23024b2bd54e508030ebb974eaea319d149765bd
GET /delivery/js/cmp_en.min.js HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 02:18:09 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 28 Nov 2023 20:41:16 GMT
etag: W/"647c2-60b3c70a3f300"
cache-control: max-age=86400
expires: Wed, 29 Nov 2023 20:44:32 GMT
edge-control: max-age=86400
x-77-nzt: EwwBuUwJDQH3Xb8AAAgBuUwKCQFhCAHUZjgJAWE
x-77-nzt-ray: c0a4cc284b0e218ce1936a65974b1733
x-77-cache: HIT
content-encoding: gzip
server: CDN77-Turbo
x-accel-expires: @1701520900
x-accel-date: 1701434500
x-cache-lb: MISS, HIT
x-age-lb: 48989
x-77-pop: stockholmSE
x-77-age: 48989
X-Firefox-Spdy: h2
a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=3&id=68884&o=1701483490&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&&l=en&odw=0&dlt=1&l=en
87.230.98.74200 OK 14 kB URL GET HTTP/1.1 a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=3&id=68884&o=1701483490&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&&l=en&odw=0&dlt=1&l=en
IP 87.230.98.74:443
ASN #61157 PlusServer GmbH
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
Certificate IssuerLet's Encrypt
Subjecta.delivery.consentmanager.net
Fingerprint44:49:A8:C0:AF:F7:D9:6E:D0:B5:35:77:3B:05:89:CC:80:9A:8D:50
ValidityWed, 15 Nov 2023 00:31:04 GMT - Tue, 13 Feb 2024 00:31:03 GMT
File type ASCII text, with very long lines (45611), with CRLF, LF line terminators
Hash c3ba1671fabd830a3aed7b9f4fc1ac80
3a8f68934d24a79fa755b1f14d9c5e0c01410c20
f8de2519b6a587fa3206cb6e6f7ce2dfa4ef31ab89c65e65910ca56842cbaaaf
GET /delivery/cmp.php?__cmpcc=3&id=68884&o=1701483490&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&&l=en&odw=0&dlt=1&l=en HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 02 Dec 2023 02:18:10 GMT
Cache-Control: no-store, no-cache, must-revalidate
Edge-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Sat, 02 Dec 2023 02:18:10 GMT
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
ifdnzact.com/sk-logabpstatus.php?a=Z1AyZlEwdXVWd21mMG5aSmltMmdPZjhkeXpNRlllZy9tRFNrQzdIN2JrS1QwdGV5WTkrdU5uV1kzYzlaQ0w3MStlbjlKWHI4QmlScG1SL0lhNVhPYXF3TldHcjJDcm05KzUzM0pZOHF0V0xrMXEyUzZLWDg2RVBRT2lZZ0YyYXk=&b=true
208.91.196.46200 OK 0 B URL GET HTTP/1.1 ifdnzact.com/sk-logabpstatus.php?a=Z1AyZlEwdXVWd21mMG5aSmltMmdPZjhkeXpNRlllZy9tRFNrQzdIN2JrS1QwdGV5WTkrdU5uV1kzYzlaQ0w3MStlbjlKWHI4QmlScG1SL0lhNVhPYXF3TldHcjJDcm05KzUzM0pZOHF0V0xrMXEyUzZLWDg2RVBRT2lZZ0YyYXk=&b=true
IP 208.91.196.46:80
ASN #40034 CONFLUENCE-NETWORK-INC
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sk-logabpstatus.php?a=Z1AyZlEwdXVWd21mMG5aSmltMmdPZjhkeXpNRlllZy9tRFNrQzdIN2JrS1QwdGV5WTkrdU5uV1kzYzlaQ0w3MStlbjlKWHI4QmlScG1SL0lhNVhPYXF3TldHcjJDcm05KzUzM0pZOHF0V0xrMXEyUzZLWDg2RVBRT2lZZ0YyYXk=&b=true HTTP/1.1
Host: ifdnzact.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 02 Dec 2023 02:18:10 GMT
Server: Apache
Content-Length: 0
Keep-Alive: timeout=5, max=122
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
i4.cdn-image.com/__media__/pics/29590/bg1.png
208.91.196.253200 OK 18 kB URL GET HTTP/1.1 i4.cdn-image.com/__media__/pics/29590/bg1.png
IP 208.91.196.253:80
ASN #40034 CONFLUENCE-NETWORK-INC
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
File type PNG image data, 1730 x 988, 4-bit colormap, non-interlaced\012- data
Hash 825ccd29ac102fcadaf92b2343d5917b
24472e766cfac5b82a73b219796556a0a3702bd6
0878fb2875c0ad852de8fb3e8f443afdf3064890f1443b3feccc274382f913cd
GET /__media__/pics/29590/bg1.png HTTP/1.1
Host: i4.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Dec 2023 02:18:10 GMT
Content-Type: image/png
Content-Length: 17986
Last-Modified: Fri, 25 Nov 2022 12:16:35 GMT
Connection: keep-alive
ETag: "6380b223-4642"
Expires: Sat, 16 Dec 2023 02:18:10 GMT
Cache-Control: max-age=1209600, public
Accept-Ranges: bytes
i4.cdn-image.com/__media__/pics/28905/arrrow.png
208.91.196.253200 OK 283 B URL GET HTTP/1.1 i4.cdn-image.com/__media__/pics/28905/arrrow.png
IP 208.91.196.253:80
ASN #40034 CONFLUENCE-NETWORK-INC
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
File type PNG image data, 17 x 27, 8-bit colormap, non-interlaced\012- data
Hash 80d42c82a6c37da90210fd60a2f36128
554ba7c84d2a27ecf3b1f29d03e62101936b54d8
a1626e2d9160a0890a0a8d6e3af9e7095d68a24f9fb5ac8a166000c9a2581e10
GET /__media__/pics/28905/arrrow.png HTTP/1.1
Host: i4.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Dec 2023 02:18:10 GMT
Content-Type: image/png
Content-Length: 283
Last-Modified: Tue, 04 Jan 2022 14:44:27 GMT
Connection: keep-alive
ETag: "61d45d4b-11b"
Expires: Sat, 16 Dec 2023 02:18:10 GMT
Cache-Control: max-age=1209600, public
Accept-Ranges: bytes
i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff
208.91.196.253200 OK 17 kB URL GET HTTP/1.1 i4.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff
IP 208.91.196.253:80
ASN #40034 CONFLUENCE-NETWORK-INC
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
File type Web Open Font Format, TrueType, length 17264, version 2.1\012- data
Hash a43b107861b42ce1335e41e43d4e4d00
99bdb1cec4a68ebe29249c46fefefb6880d009e5
a6542dc92d71eb412bac89d8fb06c70f15be74a64b1b4ef1633288b78f4f2ff2
GET /__media__/fonts/montserrat-regular/montserrat-regular.woff HTTP/1.1
Host: i4.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ifdnzact.com
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Dec 2023 02:18:10 GMT
Content-Type: application/font-woff
Content-Length: 17264
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
Connection: keep-alive
ETag: "600809b7-4370"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff
208.91.196.253200 OK 17 kB URL GET HTTP/1.1 i4.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff
IP 208.91.196.253:80
ASN #40034 CONFLUENCE-NETWORK-INC
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
File type Web Open Font Format, TrueType, length 17312, version 2.1\012- data
Hash bebe201d813feaad85a3e66607d0da3a
28b049502afa8e9db5340c1a92400591b39870e8
58bb75322beb862803b0d156e1a1d01fb1e7fde82ee93c929b08bf5aea9fc55b
GET /__media__/fonts/montserrat-bold/montserrat-bold.woff HTTP/1.1
Host: i4.cdn-image.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ifdnzact.com
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Dec 2023 02:18:10 GMT
Content-Type: application/font-woff
Content-Length: 17312
Last-Modified: Wed, 20 Jan 2021 10:45:11 GMT
Connection: keep-alive
ETag: "600809b7-43a0"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
a.delivery.consentmanager.net/delivery/info/?id=68884&did=1&cfdid=26415&t=pv.d_ncs.d_ancs.d_bncs.cp.d_ds.cf.cfx.d_dnsx&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&o=1701483495845&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=16&dv=28&
87.230.98.74200 OK 43 B URL GET HTTP/1.1 a.delivery.consentmanager.net/delivery/info/?id=68884&did=1&cfdid=26415&t=pv.d_ncs.d_ancs.d_bncs.cp.d_ds.cf.cfx.d_dnsx&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&o=1701483495845&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=16&dv=28&
IP 87.230.98.74:443
ASN #61157 PlusServer GmbH
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
Certificate IssuerLet's Encrypt
Subjecta.delivery.consentmanager.net
Fingerprint44:49:A8:C0:AF:F7:D9:6E:D0:B5:35:77:3B:05:89:CC:80:9A:8D:50
ValidityWed, 15 Nov 2023 00:31:04 GMT - Tue, 13 Feb 2024 00:31:03 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /delivery/info/?id=68884&did=1&cfdid=26415&t=pv.d_ncs.d_ancs.d_bncs.cp.d_ds.cf.cfx.d_dnsx&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&o=1701483495845&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=16&dv=28& HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 02 Dec 2023 02:18:10 GMT
Cache-Control: no-store, no-cache, must-revalidate
Edge-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Sat, 02 Dec 2023 02:18:10 GMT
Content-Length: 43
Content-Type: image/gif
cdn.consentmanager.net/delivery/customdata/bV8xLndfNjg4ODQucl9HRFBSLmxfZW4uZF8yNjQxNS54XzI4LnYucC50XzI2NDE1Lnh0XzI4.js
185.76.9.14200 OK 72 kB URL GET HTTP/2 cdn.consentmanager.net/delivery/customdata/bV8xLndfNjg4ODQucl9HRFBSLmxfZW4uZF8yNjQxNS54XzI4LnYucC50XzI2NDE1Lnh0XzI4.js
IP 185.76.9.14:443
ASN #60068 Datacamp Limited
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
Certificate IssuerLet's Encrypt
Subject1376624012.rsc.cdn77.org
Fingerprint40:27:9C:9D:30:35:40:79:7E:8D:6A:C2:06:C0:6F:B7:C6:8E:6A:2F
ValidityMon, 13 Nov 2023 17:00:32 GMT - Sun, 11 Feb 2024 17:00:31 GMT
File type ASCII text, with very long lines (41766)
Hash b1443f606c44cd759486074830775d3c
11043f465a5fdcc1292f1127aa81d7302c62a651
41d942361f38b705c882957b1b4705363aac4889347a0f283de907786a79ee80
GET /delivery/customdata/bV8xLndfNjg4ODQucl9HRFBSLmxfZW4uZF8yNjQxNS54XzI4LnYucC50XzI2NDE1Lnh0XzI4.js HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 02:18:10 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
x-xss-protection: 0
expires: Sat, 02 Dec 2023 02:47:40 GMT
cache-control: public, max-age=1800
edge-control: public, max-age=1800
last-modified: Sat, 02 Dec 2023 02:17:40 GMT
x-77-nzt: EwwBuUwJDQGz2AYAAAwBuUwKCQH3HgAAAAwB1GY4nAGzCQcAAA
x-77-nzt-ray: c0a4cc284b0e218ce2936a65c4088920
x-accel-expires: @1701485260
x-accel-date: 1701481738
x-77-cache: HIT
x-77-age: 3583
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, EXPIRED
x-age-lb: 30, 1752
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=2&id=68884&o=1701483489&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&&l=en&odw=0&dlt=1&l=en
87.230.98.74200 OK 956 B URL GET HTTP/1.1 a.delivery.consentmanager.net/delivery/cmp.php?__cmpcc=2&id=68884&o=1701483489&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&&l=en&odw=0&dlt=1&l=en
IP 87.230.98.74:443
ASN #61157 PlusServer GmbH
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
Certificate IssuerLet's Encrypt
Subjecta.delivery.consentmanager.net
Fingerprint44:49:A8:C0:AF:F7:D9:6E:D0:B5:35:77:3B:05:89:CC:80:9A:8D:50
ValidityWed, 15 Nov 2023 00:31:04 GMT - Tue, 13 Feb 2024 00:31:03 GMT
File type ASCII text, with very long lines (1018), with no line terminators
Hash 079e26f06c510de323df613d6a6ea439
c206e0eca9787b4fa595ac7d010fc18727a0ee7c
ef96b6a559ab142fb490684279c58f35b2216f3fbf15e7c8d5d696bf7b4d510a
GET /delivery/cmp.php?__cmpcc=2&id=68884&o=1701483489&h=http%3A%2F%2Fifdnzact.com%2F%3Fdn%3Dmorritas.ga%26pid%3D9PO755G95&&l=en&odw=0&dlt=1&l=en HTTP/1.1
Host: a.delivery.consentmanager.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 02 Dec 2023 02:18:10 GMT
Cache-Control: no-store, no-cache, must-revalidate
Edge-Control: no-store, no-cache, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Sat, 02 Dec 2023 02:18:10 GMT
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=utf-8
Content-Encoding: gzip
cdn.consentmanager.net/delivery/recall/logos/68884
185.76.9.14301 Moved Permanently 4.2 kB URL GET HTTP/2 cdn.consentmanager.net/delivery/recall/logos/68884
IP 185.76.9.14:443
ASN #60068 Datacamp Limited
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
Certificate IssuerLet's Encrypt
Subject1376624012.rsc.cdn77.org
Fingerprint40:27:9C:9D:30:35:40:79:7E:8D:6A:C2:06:C0:6F:B7:C6:8E:6A:2F
ValidityMon, 13 Nov 2023 17:00:32 GMT - Sun, 11 Feb 2024 17:00:31 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /delivery/recall/logos/68884 HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://ifdnzact.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sat, 02 Dec 2023 02:18:10 GMT
content-type: text/javascript; charset=utf-8
expires: Sat, 02 Dec 2023 20:13:08 GMT
cache-control: public, max-age=86400
edge-control: public, max-age=86400
location: /delivery/whitelabel/cmplogo.svg
x-77-nzt: EwwBuUwJDQH3iFUAAAwBuUwKAQH3BgAAAAwB1GY4nAH3AAAAAA
x-77-nzt-ray: c0a4cc284b0e218ce2936a65d8f57b2e
x-accel-expires: @1701547988
x-accel-date: 1701461594
x-77-cache: HIT
x-77-age: 21902
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 6, 21896
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
cdn.consentmanager.net/delivery/whitelabel/cmplogo.svg
185.76.9.14200 OK 4.2 kB URL GET HTTP/2 cdn.consentmanager.net/delivery/whitelabel/cmplogo.svg
IP 185.76.9.14:443
ASN #60068 Datacamp Limited
Requested by http://ifdnzact.com/?dn=morritas.ga&pid=9PO755G95
Certificate IssuerLet's Encrypt
Subject1376624012.rsc.cdn77.org
Fingerprint40:27:9C:9D:30:35:40:79:7E:8D:6A:C2:06:C0:6F:B7:C6:8E:6A:2F
ValidityMon, 13 Nov 2023 17:00:32 GMT - Sun, 11 Feb 2024 17:00:31 GMT
File type SVG Scalable Vector Graphics image\012- XML document, ASCII text, with very long lines (4425), with no line terminators
Hash 46d40c431f8e14f71ab8f2f31eee942b
4f2140ab124f17c65f4a1d7998301b4747d1f87b
042c930c16842f0c1a14d5c16d23429d075c1ebdd16cad3ddd6f0d94ab0ae0ae
GET /delivery/whitelabel/cmplogo.svg HTTP/1.1
Host: cdn.consentmanager.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ifdnzact.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 02:18:11 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 03 May 2023 16:01:17 GMT
etag: W/"104c-5facc2a822d40"
cache-control: max-age=31536000
expires: Wed, 27 Nov 2024 20:12:57 GMT
x-77-nzt: EwwBuUwJDQH3D0oEAAwBuUwKCQH3BgAAAAwBJRPCKAH3BQAAAA
x-77-nzt-ray: c0a4cc284b0e218ce3936a65ea78a925
x-accel-expires: @1732738377
x-accel-date: 1701202388
x-77-cache: HIT
x-77-age: 281114
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, HIT
x-age-lb: 6, 281103
x-77-pop: stockholmSE
X-Firefox-Spdy: h2