zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
217.69.13.14301 Moved Permanently 893 B URL HTTP/1.1 zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
IP 217.69.13.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (560)
Hash 3cee7c53fff82fe83d1c0ea14d922947
7e07acf20f1fde4d52867184ff2971dccfac2e40
6166197cf7284df6b8e194c5b980d1d7e1243368e3c92e2df16b38ae577d2d57
GET /jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049 HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 08 Jan 2023 03:52:57 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 893
Connection: keep-alive
Location: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3325
Expires: Sun, 08 Jan 2023 04:48:23 GMT
Date: Sun, 08 Jan 2023 03:52:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 516b9d6951b09439a51d5284994ed92f
5c78edb38bae36caa8e2db8ed6635a32e46c91dd
eaaf4ebc59d2a06d02b552154c5adb7c713ffc4a7f5caabcff1c2b4cd6ec5c7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAF4EBC59D2A06D02B552154C5ADB7C713FFC4A7F5CAABCFF1C2B4CD6EC5C7B"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3934
Expires: Sun, 08 Jan 2023 04:58:32 GMT
Date: Sun, 08 Jan 2023 03:52:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 08 Jan 2023 03:41:27 GMT
content-type: application/json
age: 691
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3014
Expires: Sun, 08 Jan 2023 04:43:12 GMT
Date: Sun, 08 Jan 2023 03:52:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4HUW6McZ/mcbb4iIGiFk21MyS6FEI0z6gt5x1ArCa0l59/CGouVBOfw/T7Xwz0aWxPPrymRz0rI=
x-amz-request-id: Y5Y8CRPY26RWJ8WK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 08 Jan 2023 03:15:36 GMT
age: 2242
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
217.69.13.14200 OK 3.7 kB URL HTTP/2 zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
IP 217.69.13.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1012)
Hash 9a322069cbb9e5c3a3b2c553579cf136
bb0aa264b4cb85842190e0120e7335412cb0ae21
c1d00c37ba456007f82457e0386ccfa15e3b008d83453394038fa3161dda8147
GET /jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049 HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Wed, 23 Nov 2022 11:27:02 GMT
etag: W/"2e77-5ee2191436d80"
content-encoding: br
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/img/landers/prizewheel-fb/prizewheel_spinner.jpg
217.69.13.14200 OK 32 kB URL HTTP/2 zmforever.digital/jopropzm/img/landers/prizewheel-fb/prizewheel_spinner.jpg
IP 217.69.13.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1002x1002, components 3\012- data
Hash d4655cba21d806e849eed4e4119fbe1a
6453039d85005643e9d65074ca022f63b5d47cdd
90f2363aaebaf03f06fb20c6c02fb2e97497d7cd54b611281303ce7e10335ee7
GET /jopropzm/img/landers/prizewheel-fb/prizewheel_spinner.jpg HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: image/jpeg
content-length: 32496
last-modified: Mon, 15 Feb 2021 11:09:46 GMT
etag: "7ef0-5bb5e06071280"
accept-ranges: bytes
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/img/prizes/iphone-12-pro-max/default@0.5x.png
217.69.13.14200 OK 36 kB URL HTTP/2 zmforever.digital/jopropzm/img/prizes/iphone-12-pro-max/default@0.5x.png
IP 217.69.13.14:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 3425f87a8def62d878b3fbf8f930dee2
961688eb1d3c97e9ed61199b0fcd32e60d1d3467
7f9f5fb4a3340704664a8adba3c74c63d425c92999aed97e078bc3b87d06b64d
GET /jopropzm/img/prizes/iphone-12-pro-max/default@0.5x.png HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: image/png
content-length: 35519
last-modified: Mon, 15 Feb 2021 11:06:10 GMT
etag: "8abf-5bb5df9272c80"
accept-ranges: bytes
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/img/landers/prizewheel-fb/loader.gif
217.69.13.14200 OK 5.1 kB URL HTTP/2 zmforever.digital/jopropzm/img/landers/prizewheel-fb/loader.gif
IP 217.69.13.14:0
File type GIF image data, version 89a, 50 x 50\012- data
Hash ed786659a534e0d183c09a90c50abc9d
a6c3d90bfaa86a7cda490bc5d04c8939c31a414e
cbaeb154dcb93bff5f6e382cede5d51a11175a2295e56bb2790611910280ba97
GET /jopropzm/img/landers/prizewheel-fb/loader.gif HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: image/gif
content-length: 5083
last-modified: Mon, 15 Feb 2021 11:09:46 GMT
etag: "13db-5bb5e06071280"
accept-ranges: bytes
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/img/landers/prizewheel-fb/prizewheel_static.png
217.69.13.14200 OK 3.4 kB URL HTTP/2 zmforever.digital/jopropzm/img/landers/prizewheel-fb/prizewheel_static.png
IP 217.69.13.14:0
File type PNG image data, 1002 x 1002, 4-bit colormap, non-interlaced\012- data
Hash dc484e0043b5ff6191b1880c8779863c
a5b67e3dff3dea3940eed090431aecbb36611b1d
30bc059973d84a6e1d22d16747bce062025561f2555cdd9cec012a87866abcb6
GET /jopropzm/img/landers/prizewheel-fb/prizewheel_static.png HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: image/png
content-length: 3370
last-modified: Mon, 15 Feb 2021 11:09:46 GMT
etag: "d2a-5bb5e06071280"
accept-ranges: bytes
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444
217.69.13.14200 OK 3.7 kB URL HTTP/2 zmforever.digital/jopropzm/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444
IP 217.69.13.14:0
File type ASCII text, with very long lines (3495), with no line terminators
Hash fd500c49e38ec45a63f0003bd336443d
d08f74ec178d5fca8a138df479ca495038880fff
e2ffe60bbd625e4ba03375e42bb72b0d47dc9b518f7e177e6cdf4d5c5cb9b2db
Analyzer Verdict Alert fortinet Phishing
GET /jopropzm/css/landers/prizewheel-fb/app.css?id=cd41123a11e97e0f2444 HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 15 Feb 2021 11:09:46 GMT
etag: W/"da7-5bb5e06071280"
content-encoding: br
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/img/profiles/african/male/3@0.25x.jpg
217.69.13.14200 OK 2.5 kB URL HTTP/2 zmforever.digital/jopropzm/img/profiles/african/male/3@0.25x.jpg
IP 217.69.13.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 2c188d082f97b0a5b29c92dbaf7a9787
f2a3828b68ba4d06d450832a977c48a22360d5eb
afc758b894177d4003b5d02d80cd023429c99cfc3cd880804570d237cf6a96f0
GET /jopropzm/img/profiles/african/male/3@0.25x.jpg HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: image/jpeg
content-length: 2518
last-modified: Mon, 15 Feb 2021 11:06:10 GMT
etag: "9d6-5bb5df9272c80"
accept-ranges: bytes
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/img/profiles/african/male/10@0.25x.jpg
217.69.13.14200 OK 2.3 kB URL HTTP/2 zmforever.digital/jopropzm/img/profiles/african/male/10@0.25x.jpg
IP 217.69.13.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 2ec37a714ba9202b2492cc1eff504041
29d005604784110044c80c13610ec1fe946a7d83
278b0f8b52650d39e549fc69ea49d62d3bdd0c41b3ffd939da265842b6e40369
GET /jopropzm/img/profiles/african/male/10@0.25x.jpg HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: image/jpeg
content-length: 2302
last-modified: Mon, 15 Feb 2021 11:06:10 GMT
etag: "8fe-5bb5df9272c80"
accept-ranges: bytes
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/img/profiles/african/female/6@0.25x.jpg
217.69.13.14200 OK 2.8 kB URL HTTP/2 zmforever.digital/jopropzm/img/profiles/african/female/6@0.25x.jpg
IP 217.69.13.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash af242991b9a56424739c63a6bd4090a7
7b41b3b2cfbbe69a865efa8863883bf029738b6e
c53bda952fa4ca1869dfb4fd7db948ef87f1a8c8f2e6633e2320465f01f0829f
GET /jopropzm/img/profiles/african/female/6@0.25x.jpg HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: image/jpeg
content-length: 2766
last-modified: Mon, 15 Feb 2021 11:06:10 GMT
etag: "ace-5bb5df9272c80"
accept-ranges: bytes
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5
217.69.13.14200 OK 53 kB URL HTTP/2 zmforever.digital/jopropzm/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5
IP 217.69.13.14:0
File type ASCII text, with very long lines (65475)
Hash 323decf34f66190669a786c78be81c8b
5ebe156ea80384823e474372de9def5062466c4c
d09268fc5ee053243ab8a0a0fe98b284012f0d617e16c9a7399f4aa34c6a8d06
Analyzer Verdict Alert fortinet Phishing
GET /jopropzm/js/landers/prizewheel-fb/app.js?id=da05cdf35760d77e97e5 HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 17 Feb 2021 10:43:18 GMT
etag: W/"24ab5-5bb85e30edd80"
content-encoding: br
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/img/prizes/iphone-12-pro-max/proof.jpg
217.69.13.14200 OK 23 kB URL HTTP/2 zmforever.digital/jopropzm/img/prizes/iphone-12-pro-max/proof.jpg
IP 217.69.13.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 339x450, components 3\012- data
Hash 029d38095e06ced0688fd67a58e70781
b5bdaddeb39b947c35f883f001f34dd163bcb362
5e41534f027f676ce89db3b87319ffbdc1a1e7515e379f80f476e0989fa4bcc1
GET /jopropzm/img/prizes/iphone-12-pro-max/proof.jpg HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: image/jpeg
content-length: 23152
last-modified: Mon, 15 Feb 2021 11:06:10 GMT
etag: "5a70-5bb5df9272c80"
accept-ranges: bytes
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/img/profiles/african/female/5@0.25x.jpg
217.69.13.14200 OK 2.0 kB URL HTTP/2 zmforever.digital/jopropzm/img/profiles/african/female/5@0.25x.jpg
IP 217.69.13.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 732da0e5f3968ec3d9014a6bbb62c04a
5d306c8778fdcac19f03542fccaf31df1cb8a783
d3eefd5709b25e1bb1129cccb1da22e54816cb2d15a2ed4cfa045b57579a7ef8
GET /jopropzm/img/profiles/african/female/5@0.25x.jpg HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: image/jpeg
content-length: 1960
last-modified: Mon, 15 Feb 2021 11:06:10 GMT
etag: "7a8-5bb5df9272c80"
accept-ranges: bytes
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/img/profiles/african/female/1@0.25x.jpg
217.69.13.14200 OK 2.8 kB URL HTTP/2 zmforever.digital/jopropzm/img/profiles/african/female/1@0.25x.jpg
IP 217.69.13.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 9ef452251daa9ff9fbdc5fe827a35061
2cb40a02efce5fd8772f57b8e9737018fed3f9ba
355126576c7a0bdbbe771a2b039d093c855efe6805941a36456324a2076e2ce1
GET /jopropzm/img/profiles/african/female/1@0.25x.jpg HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: image/jpeg
content-length: 2781
last-modified: Mon, 15 Feb 2021 11:06:10 GMT
etag: "add-5bb5df9272c80"
accept-ranges: bytes
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/img/profiles/african/male/2@0.25x.jpg
217.69.13.14200 OK 2.1 kB URL HTTP/2 zmforever.digital/jopropzm/img/profiles/african/male/2@0.25x.jpg
IP 217.69.13.14:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 128x128, components 3\012- data
Hash 0f15632c24d4646c58f30feaa3baaa8a
a7f319366432f5a63d7f11d30b0a6c9cb6398b64
4118d09fb21a7f34160f470078f6dcba042e8a07e2b4e32de12a4dcd9c5e7da8
GET /jopropzm/img/profiles/african/male/2@0.25x.jpg HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: image/jpeg
content-length: 2053
last-modified: Mon, 15 Feb 2021 11:06:10 GMT
etag: "805-5bb5df9272c80"
accept-ranges: bytes
X-Firefox-Spdy: h2
loli.allprize.digital/js/pub.min.js
108.178.23.117200 OK 1.5 kB URL HTTP/2 loli.allprize.digital/js/pub.min.js
IP 108.178.23.117:0
File type ASCII text, with very long lines (2752)
Hash 31c303586c1b78e33984bd252b8e2644
8083e2aad4cbf8242a4e6fb53657d49552b85f82
d2c713c2734353dc0ef2896d057021e9b04f35bb7c851d920d390941769c66be
GET /js/pub.min.js HTTP/1.1
Host: loli.allprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:59 GMT
content-type: application/javascript
content-length: 1482
last-modified: Fri, 09 Sep 2022 11:46:08 GMT
vary: Accept-Encoding
etag: "631b2780-5ca"
content-encoding: gzip
expires: Mon, 09 Jan 2023 03:52:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubdomains;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8589b6a84dd5a09ec546aff38bbd2515
1c3a3d8a69ae7a3ebda64292caf0e0f5968e81f7
f013da155203f0509d56e8174c2ae5ed23aad413b4391f276efd388519743b17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1735
Cache-Control: max-age=106966
Content-Type: application/ocsp-response
Date: Sun, 08 Jan 2023 03:52:59 GMT
Etag: "63b9362a-1d7"
Expires: Mon, 09 Jan 2023 09:35:45 GMT
Last-Modified: Sat, 07 Jan 2023 09:06:50 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 08 Jan 2023 03:17:21 GMT
age: 2138
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
loli.allprize.digital/sw.js
108.178.23.117200 OK 776 B URL HTTP/2 loli.allprize.digital/sw.js
IP 108.178.23.117:0
Hash f72a11763f13b05c1f2379d13387dd05
002fbf7672d3f4655b89b6413d160e4185ce9900
70d744bbd19a0cc35c8d9f1d8ba181c6cdc902f95799ac750da4adc3ad987b11
GET /sw.js HTTP/1.1
Host: loli.allprize.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:59 GMT
content-type: application/javascript
content-length: 776
last-modified: Mon, 03 Oct 2022 07:40:54 GMT
vary: Accept-Encoding
etag: "633a9206-308"
content-encoding: gzip
content-security-policy: default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.35.78.219101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.78.219:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8eLHb0s6UM/Vk3/Q8FsX4A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nwR+pODXD0ZuyqXyVOEIAhT90tw=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3625
Expires: Sun, 08 Jan 2023 04:53:26 GMT
Date: Sun, 08 Jan 2023 03:53:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3625
Expires: Sun, 08 Jan 2023 04:53:26 GMT
Date: Sun, 08 Jan 2023 03:53:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3625
Expires: Sun, 08 Jan 2023 04:53:26 GMT
Date: Sun, 08 Jan 2023 03:53:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3625
Expires: Sun, 08 Jan 2023 04:53:26 GMT
Date: Sun, 08 Jan 2023 03:53:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3625
Expires: Sun, 08 Jan 2023 04:53:26 GMT
Date: Sun, 08 Jan 2023 03:53:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe514d6b4-d121-4306-bf86-188898b1c740.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe514d6b4-d121-4306-bf86-188898b1c740.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1d3a5afe71c33a0928253dc81735e84
25517ce8122b9437315c60d8b8c068f910c01be5
79e5d18713508554e76e4bfeeb641d11452474bcb5777d29b2d74128545bc8bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe514d6b4-d121-4306-bf86-188898b1c740.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10213
x-amzn-requestid: e7de15d5-c17e-445b-bab9-673e2a5705d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDuGHKeoAMFgbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e65a-79ada7ed7c2010b74f951166;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: onW_axkXuUl2JmLRjzOqJTy6pCmJpGpOjztM3pOkr-ZPAzzNtTmMPg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:44:42 GMT
age: 22099
etag: "25517ce8122b9437315c60d8b8c068f910c01be5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5941f04b-d952-4fae-85f3-c1bff0c5cdf4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5941f04b-d952-4fae-85f3-c1bff0c5cdf4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50dd2e696e0a1a48dbcd4d1b8bc907e7
e2e91a662b66969e9f848927911128abf06121d2
ccef677139534fdf8de161c8dc8f4bd48f92546bfa0f3ae23d1457e381d5b3b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5941f04b-d952-4fae-85f3-c1bff0c5cdf4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5399
x-amzn-requestid: 8a055705-ca07-4b8d-8767-210322697e27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eMnz9FQkIAMFUBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4ece5-292906a73d727ee2454e6a11;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 03:05:09 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Nug5Gd-a5TFCM1EXrg7DcKRe7KR5Yr5M_Qxz_NS6da4YkblpH1oFkg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 07:09:23 GMT
age: 74618
etag: "e2e91a662b66969e9f848927911128abf06121d2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9dc47a4-a4c6-419a-a3a4-8f9104d7903d.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9dc47a4-a4c6-419a-a3a4-8f9104d7903d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa7c2273cc951c105b70b0609924ba61
4e6b0302f3aa61553128d453e4c9fed886773500
320f73b9188e0d59868a47bb60c5fabf45d4f754fd934cb5082ef6ef98d4cc57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9dc47a4-a4c6-419a-a3a4-8f9104d7903d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10285
x-amzn-requestid: 720699b5-142f-40e8-b42f-ebf8b0fac767
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDuqGP8IAMFhtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e65d-480527ba582bb5a458ce1b24;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hacziPAK6XADBjc0ewKd4EUwY49f3xDpl6r3xzJMsYPGuJQe4hBfFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:44:42 GMT
age: 22099
etag: "4e6b0302f3aa61553128d453e4c9fed886773500"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: H3uGFYbyPSwFZQCvn99EtVQw1Xz9DBbTgrK2FmfoKYBcZXkj60CbuQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 13:36:28 GMT
age: 51393
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc3fbba-c748-477d-b1a9-4218da052cc0.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc3fbba-c748-477d-b1a9-4218da052cc0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fc604aed78008733f09b024b71a6fda9
0f3f633b0b34ac3662febdc45704362c49622a42
7c4f5871e571148c25f83b8676846ab1b0e82be3f4a1b3fb7c05bfe23e29c1b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc3fbba-c748-477d-b1a9-4218da052cc0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9644
x-amzn-requestid: 63281b3f-e673-4836-9729-7f595b0fb8b3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZDu5FkioAMF9tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b9e65f-5869b987090de6f758472be9;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 21:38:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JsNm98uTnFfNyDnk651OGxB92JTaNKc7H92yP3FCBhUb9BBsFs-Ygg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 21:44:42 GMT
age: 22099
etag: "0f3f633b0b34ac3662febdc45704362c49622a42"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F973f3653-99a9-4d8b-a3ca-26124b0a7350.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F973f3653-99a9-4d8b-a3ca-26124b0a7350.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c7a07834f3ef5cfbd27c91b49c2df3e
5f53a0fd71f8ba434419f6c43e922d785302a7fa
43fe896ad03ec8ca66cccca45cf4edebf2d6b2801fe0b10e5cf215a753fb1d34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F973f3653-99a9-4d8b-a3ca-26124b0a7350.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11694
x-amzn-requestid: 840b4dd7-e46f-4e7c-8d4f-711d2aab8595
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJ4C9GjVIAMFfhg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b3d3ac-134744d563ff9f7455c10c72;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 07:05:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: NKMYtNmSuvrXPstZaEeOXBgJm7TW-AahjcU_3HotwVdyx5pryt06_Q==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 12:50:43 GMT
age: 54138
etag: "5f53a0fd71f8ba434419f6c43e922d785302a7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/js/app.js?id=0601d5f2aaa1656cef1f
217.69.13.14200 OK 0 B URL HTTP/2 zmforever.digital/jopropzm/js/app.js?id=0601d5f2aaa1656cef1f
IP 217.69.13.14:0
Analyzer Verdict Alert fortinet Phishing
GET /jopropzm/js/app.js?id=0601d5f2aaa1656cef1f HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 15 Feb 2021 11:09:46 GMT
etag: W/"3d1-5bb5e06071280"
content-encoding: br
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/css/app.css?id=c588c17324f2be0e0ec9
217.69.13.14200 OK 0 B URL HTTP/2 zmforever.digital/jopropzm/css/app.css?id=c588c17324f2be0e0ec9
IP 217.69.13.14:0
GET /jopropzm/css/app.css?id=c588c17324f2be0e0ec9 HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 15 Feb 2021 11:09:46 GMT
etag: W/"21-5bb5e06071280"
content-encoding: br
X-Firefox-Spdy: h2
zmforever.digital/jopropzm/img/fb-like.svg
217.69.13.14200 OK 0 B URL HTTP/2 zmforever.digital/jopropzm/img/fb-like.svg
IP 217.69.13.14:0
Analyzer Verdict Alert fortinet Phishing
GET /jopropzm/img/fb-like.svg HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zmforever.digital/jopropzm/index.html?cep=wMvCjqqiCjTiYaXMaapOkaw39qtSPzJ3UACp5xgAcB5DjgADwE3zdfXXNWtwM-Wcj8FvuFUzeDgQ4Lt8qlMOICDhoGPKK2IYvd11Kowk-FNEWTswjosES4JuPU59k-A5rdBKrcZqTDUi5xDQexeZ2MhA18UUJcI-SBOwVRfJz5QQjKnk-47Rml5JEZb0j_7HwdypxVRWNJ_bBDTC2_8a7nOyzLD4__WgaVf8lA_vIH0KiWnxfqDY2W91YrLmMkPqw6jL-sEft7qO0SymTbirf2_kxeoVeoapFlv9msdJcKBCzjgXTu6enhpVM_K6qUZbaIKMuX-QdgfF7rNHzJ6pE1YrQ8bVC0IdPPuZU1AEUWl5qPSOh9DsG0G8kcvBXQr4sYbt3WyIEjLHNMZwAmRI-lBQB9ZPvKUoOp-kCPaf2fI&lptoken=16d27287305b28b11049
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:58 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 15 Feb 2021 11:09:46 GMT
etag: W/"1213-5bb5e06071280"
content-encoding: br
X-Firefox-Spdy: h2
zmforever.digital/sw.js?v=1673149967151
217.69.13.14200 OK 0 B URL HTTP/2 zmforever.digital/sw.js?v=1673149967151
IP 217.69.13.14:0
GET /sw.js?v=1673149967151 HTTP/1.1
Host: zmforever.digital
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 08 Jan 2023 03:52:59 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 23 Nov 2022 09:08:58 GMT
etag: W/"35-5ee1fa37f9e80"
content-encoding: br
X-Firefox-Spdy: h2