r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9313
Expires: Sat, 07 Jan 2023 17:30:14 GMT
Date: Sat, 07 Jan 2023 14:55:01 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 516b9d6951b09439a51d5284994ed92f
5c78edb38bae36caa8e2db8ed6635a32e46c91dd
eaaf4ebc59d2a06d02b552154c5adb7c713ffc4a7f5caabcff1c2b4cd6ec5c7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EAAF4EBC59D2A06D02B552154C5ADB7C713FFC4A7F5CAABCFF1C2B4CD6EC5C7B"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14396
Expires: Sat, 07 Jan 2023 18:54:57 GMT
Date: Sat, 07 Jan 2023 14:55:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 07 Jan 2023 14:48:08 GMT
content-type: application/json
age: 413
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5374
Expires: Sat, 07 Jan 2023 16:24:35 GMT
Date: Sat, 07 Jan 2023 14:55:01 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OC49VDzhakiiCgS16ULegNMUlGDCNy9sdXzURNc2gY6BmdO9Tq2jWBxRNeYqS4/RjPG8zoAMKic=
x-amz-request-id: 06NQMWEBK804NKR2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 07 Jan 2023 14:15:20 GMT
age: 2381
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
200 OK 7.0 kB URL HTTP/1.1 letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, Unicode text, UTF-8 text, with very long lines (18664)
Hash 4639c9b2942a2f6e6361b8d1d154a949
b352865d9f3bc50b9d214c1d7fcaab21067dc665
9ac074c09a015301f4021f6afedb78029edbeba7d0ea1950bcd52a8c72bb8f5b
Analyzer Verdict Alert fortinet Malware
NIDS Severity Alert suricata low ET HUNTING [TW] Likely Javascript-Obfuscator Usage Observed M1
GET /mx/tar/sur3box-500/91/a/supermarket HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, private
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajaFKr7N0nKsU5MgpmNIPGZGBDzgD%2BcFcAWhDijHw2YckpCvISnxLPAIdHaLFa%2BJom870GPaNkewRTH6WuAJs66prhpF%2BbWbm1UpTEjudr2DqdfR89aJONeggyfrcgySSNlA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 785d8832e92c0b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 07 Jan 2023 14:55:01 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP
File type ASCII text, with very long lines (65447)
Hash 899f0189aaf034bbba5340f724d91dfa
210ea9de03968edb9d839ba4a0ce2d48666a8ab8
949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://letsbewinners.com
Connection: keep-alive
Referer: http://letsbewinners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:55:02 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CNar5p0GEocBCiRhMzViOGY4NS04MWNiLTQ3NWQtODY1Yi1lODk5M2UxYTg4MWEQ+OiCoKvU+wIaBgjGj+adBiIMOTEuOTAuNDIuMTU0KLSMATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkNGQxZWY4ODUtZjAyNC00ZjQ1LTk0NGUtNmI0ODAxZmE1NDAzGJvxASIYCAISFGNkczIxMC5zazEuaHdjZG4ubmV0.ASPsbRP/PgMp15bKFfRzZp0CcfPt0k+E3x2W9XbBYtk=
x-hw: 1673103302.dop221.sk1.t,1673103302.cds221.sk1.hn,1673103302.cds210.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 101eeea17ae08a712763d24816169527
a5165223bb742687de33a98f74789d5fa82365a9
e864bb9cf301287ba6bcbf7acc07c1911b26cca3983318bd6330916eadb635b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2001
Cache-Control: max-age=131243
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:55:02 GMT
Etag: "63b8dda0-117"
Expires: Mon, 09 Jan 2023 03:22:25 GMT
Last-Modified: Sat, 07 Jan 2023 02:49:04 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 101eeea17ae08a712763d24816169527
a5165223bb742687de33a98f74789d5fa82365a9
e864bb9cf301287ba6bcbf7acc07c1911b26cca3983318bd6330916eadb635b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2001
Cache-Control: max-age=131243
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:55:02 GMT
Etag: "63b8dda0-117"
Expires: Mon, 09 Jan 2023 03:22:25 GMT
Last-Modified: Sat, 07 Jan 2023 02:49:04 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 471 B IP
Hash bcb3006290f4df3bab6455b91dc1fac4
7973a1d66f1dc075fd721a79530e4314ce72b45f
cd6c97e4f7862bf158ff2de703092b83e92563d2742094646406c8ec11c4ae5f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4874
Cache-Control: max-age=167586
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:55:02 GMT
Etag: "63b9605e-1d7"
Expires: Mon, 09 Jan 2023 13:28:08 GMT
Last-Modified: Sat, 07 Jan 2023 12:06:54 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 623e85ff33837eb6c59e11ae2759237a
cea1948490802e652e7f6678dc76694e0d6ab61a
1fb30f3579d3277435c860f472008bea3680db1202d838ad4669d943ec88ba65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:55:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/e1fb38cb96.css
200 OK 253 B URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/e1fb38cb96.css
IP
Hash 543197ed3ab7cd10cd12d68f3c4e17cd
a97b901fb834bab8223c18ec3272f281697c599f
54013b6f847d51e7a231a309ee63435f9d35bbaddd850ef5739a2ee9f935185a
GET /assets/slle0t/mxtar91-ytxbsupermarket500/plus/e1fb38cb96.css HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: W/"63b52a40-18b"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xD0MaxedjJJ8HyEx0kaaSENC10GXmdt%2FPzbCeWMwLioeDtN4mKZ5S1R%2FLFF269Pztw0rYzcjpClUJgiJgtBwEkKd9GWXY0JZR%2BipVOH5dZ2TLUq6yn%2BARyT4b30pEscmGFpd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d8835ffe0b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/cp1g5tlbua.js
200 OK 773 B URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/cp1g5tlbua.js
IP
File type ASCII text, with very long lines (1910), with no line terminators
Hash cc2a16de566677bdb4d7b9e5be9384b2
e4287be8baa00c52d51dd523420474dc7b8b8764
033b4a81a5c6e3963f1f72fb4c51831d0c0eda8523c382fb131fb957f18a1ed9
Analyzer Verdict Alert fortinet Malware
GET /assets/slle0t/mxtar91-ytxbsupermarket500/plus/cp1g5tlbua.js HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: W/"63b52a40-776"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25JBwBJU%2F%2BnZ4uqUsARQXg4xW%2BJt%2BH%2Bl6xtFBN%2BEwbFV5dV4S4Xhd2lFdiNCZmM1oWHa%2FKdfhdEYVj%2Bfv%2Fsx3N%2FcgUi2V5nDn93pTXCcf%2F2%2BZNiulrx5v5Y582H1wNu3GLeK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d8835fe84b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/6fr4e6sytj.js
200 OK 3.3 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/6fr4e6sytj.js
IP
File type ASCII text, with very long lines (11734), with no line terminators
Hash 9b504708c2e0fd2b48e7780fd4a44eab
d697f4737820c12b19a4bcd1f96d7759cf579015
bc21e7caddde8ba3bc58148dc096ce423db74bc04b279919658b2fb6e12254c0
Analyzer Verdict Alert fortinet Malware
GET /assets/slle0t/mxtar91-ytxbsupermarket500/plus/6fr4e6sytj.js HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: W/"63b52a40-2dd6"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7UT4Wp3QzUr3kwKJAylV7l%2Fm2Q%2FjEalnjOd2jYQwczPy2%2F8eCcKpATdWdyO9m0UIa6HIwJ4UqxZeJ%2BEyx%2FQdfuB0yI1dINsuY%2FIr7rKZIZlBLhuFNHAw9MJ34x1R2JLaqVgF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d8835f9a21c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/uqvw5ya840.js
200 OK 1.1 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/uqvw5ya840.js
IP
File type ASCII text, with very long lines (3732), with no line terminators
Hash 02720f2019e5da9c8031d3002c43c3ec
99e9a4d6a02f89aa5a571a046ce672f28ceefbff
6b525ac17a683432304f2f7e10f740304e51723cfdf76906cf1391caf3337b61
Analyzer Verdict Alert fortinet Malware
GET /assets/slle0t/mxtar91-ytxbsupermarket500/plus/uqvw5ya840.js HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: W/"63b52a40-e94"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QHXEXzfrEKTp8utfaIraSd8tYU58HTOAmF%2FnIlJltQf%2FJlmusQ2XOdSH9xLPnJYNUG8Nq%2FCoZsC4%2BW7K2jl8gSSCA2LP82MWOJQhnVr50Yqu7nng0IgEPqzhnTac5mMWlaO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d8835fd12b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/38bcd57t45.js
200 OK 1.9 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/38bcd57t45.js
IP
File type ASCII text, with very long lines (6386), with no line terminators
Hash f71817f9195880c3a4374758c5dbef32
3bc1207ad7a547188872b3daf9aa23c790090bc9
feb1981a421cc47500bd4d00ed47e14274d3644db5adfe5ce5f3094a4319d8f6
Analyzer Verdict Alert fortinet Malware
GET /assets/slle0t/mxtar91-ytxbsupermarket500/plus/38bcd57t45.js HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: W/"63b52a40-18f2"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqhVyBjbL3Hs%2F70dYcVf2vKxzgU6i5f2DNTr0rRifMqJVYazF7YGTzIrsMwpN03d%2BxNhmLLAcft9Fk2CGy%2BKYjABF6TR8IBJvR5u7iK3rnGKnHvyxT64RwZU9PRFZWu61RA9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d8835ffcfb529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/7ak037gp25.css?v=202301040819
200 OK 2.2 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/7ak037gp25.css?v=202301040819
IP
File type ASCII text, with very long lines (7771), with no line terminators
Hash 04b6e8c0fdf74d7f7d2dda4ca50da78a
b42bb60ed5a9269a66d77dee57f9c8bf6e9da786
b480a48d820dc0aa955a512c4721ce16e9575d7ffc1578e572d34bc085f92968
Analyzer Verdict Alert fortinet Malware
GET /assets/slle0t/mxtar91-ytxbsupermarket500/plus/7ak037gp25.css?v=202301040819 HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: W/"63b52a40-1e5b"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXkfbiZ9iGIJPjJg3t%2FJF3%2BEI%2FQyw5dgLp7u%2Ff%2FGn2jQcKUnoQes0%2FWIfPL0Ce3%2BC3dd2CXrrbQ3Uta%2BaIMbT1YTndHW6ZGox9yHrcyuXlRp0%2FFiQCwrnbChiNIOyP29f%2FQD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d8835dba80b49-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 279 B IP
Hash 101eeea17ae08a712763d24816169527
a5165223bb742687de33a98f74789d5fa82365a9
e864bb9cf301287ba6bcbf7acc07c1911b26cca3983318bd6330916eadb635b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2001
Cache-Control: max-age=131243
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:55:02 GMT
Etag: "63b8dda0-117"
Expires: Mon, 09 Jan 2023 03:22:25 GMT
Last-Modified: Sat, 07 Jan 2023 02:49:04 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 623e85ff33837eb6c59e11ae2759237a
cea1948490802e652e7f6678dc76694e0d6ab61a
1fb30f3579d3277435c860f472008bea3680db1202d838ad4669d943ec88ba65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:55:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/qwfs3rp0o5.js
200 OK 1.0 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/qwfs3rp0o5.js
IP
File type ASCII text, with very long lines (3093), with no line terminators
Hash 663b5be9efaf95a32a068771a47991f3
1421859e5a980cffd969426c9d491d7ca39f8ef3
0ccb3760ed495ffae250e4b7f6866d9d25971b695d336c8ee765f089e8d943b1
Analyzer Verdict Alert fortinet Malware
GET /assets/slle0t/mxtar91-ytxbsupermarket500/plus/qwfs3rp0o5.js HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: W/"63b52a40-c15"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2Blw%2F1Wvmz7ynnI81mBk%2Bb5vWAQ2ViajvgddhqPK%2BWWHiV1WPKXyVvB5HvoZ8Pvr0mu8jD%2FHjLWSpMUuXARCtZpasVmQozb%2F8auuEp1EYbiN0u0xZZ2MA8zx19dULa4beQDO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d8836ef81b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/tbl8df7b83.css
200 OK 553 B URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/tbl8df7b83.css
IP
Hash 78dcb8820075dadee7dd89c6723ce196
553b70a930bd9fc8cb34144667093d42153d89bb
17c92f4876d9bb4760a4d2b74897b864616cce54bed948e2323dd273e2fa58d6
GET /assets/slle0t/mxtar91-ytxbsupermarket500/plus/tbl8df7b83.css HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: W/"63b52a40-575"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iv%2FlQk%2FMIkWKO%2Bvd6Q7DphVZV9qA9E8QwuO%2F0MWfvasjpJUdPurMEE%2FOzPr2wf%2Fic07OBRIhNs9AleUoBhg1YvdJxI%2F5%2Fa1wOnM1rkIn8PmRIHva8KPjEfv2cb26TEPy%2Bbdf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d8836e8afb4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/styzj3x528.css?v=202301040819
200 OK 910 B URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/styzj3x528.css?v=202301040819
IP
Hash 7898362e46c3818a1cc1306e271382bd
620bb0681e4260a6e2880b7db3e950af69644734
dad3c637161fdacd5f37ce6ba114d4515fe6118556a0002177b630a845e3a59e
Analyzer Verdict Alert fortinet Malware
GET /assets/slle0t/mxtar91-ytxbsupermarket500/plus/styzj3x528.css?v=202301040819 HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: W/"63b52a40-ead"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eky176HSjXHug36kvmcD6SYWCPXvFskWwCR37UhuKPke5II2dSPoJ93GqVYcEo%2BJavEbcB1RbqcIK4PPkWxeSO6dyezTFo5GKhBUWGA1%2FTMAN15SUt%2BAfsQSyzelNvU48vik"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d8836fa641c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8b64a17d9b8c33515817fc19dd6f60d7
a752305109964bc1ef3537debed9c40c44198cea
8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:55:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://letsbewinners.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:13 GMT
expires: Sat, 06 Jan 2024 13:33:13 GMT
cache-control: public, max-age=31536000
age: 91309
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 294742535da40d02498d9e1c865d4014
99d45ec581ccba41915745f22da696aa9c5758ea
645f09beffda2d924626cedd5aa832a5a0e1b136ddf3fdc0b65fd9526f8b5531
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:55:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/4menljg62u.js
200 OK 5.9 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/4menljg62u.js
IP
File type ASCII text, with very long lines (23002)
Hash a62a3779b5f841322e0ba70c4397765c
81c2e98d57cfa3d5d3bdcb23cf11a8f36891bf56
9f34ff97b80af6c7cbdadafa4f87ed4ae55dc700473c7e63a24e1233779acbcc
Analyzer Verdict Alert fortinet Malware
GET /assets/slle0t/mxtar91-ytxbsupermarket500/plus/4menljg62u.js HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: W/"63b52a40-5b44"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssocjRt4mJ%2B8gSPCHZGtZnNlpqOw1aea9Z44rrOur%2FEarbJgh9ua0jSrQOE%2FFlWIU1iDtL%2FjoLbDZ96uYK%2F93cbBcAMOLUMmBuUpDRcugKEvtFlzb%2BdDDlQJKGYudPPUhzlG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d88370997b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/78jzx13fsw.css
200 OK 359 B URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/plus/78jzx13fsw.css
IP
File type ASCII text, with very long lines (1038), with no line terminators
Hash 77352b39bade81477fc5ca3c48ea754b
57d0ed2e30b236a4042f150d8788ac55a080c2c5
5f3c181baa4a3a52f3807ee6088c9df3c258ea2587acc8fbeeca3517cfed0db9
GET /assets/slle0t/mxtar91-ytxbsupermarket500/plus/78jzx13fsw.css HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: W/"63b52a40-40e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLikI65hEtUkzWD4VhvpNsNbUhJNgWivEgoJT3Jt3q%2BbOeNF2vM5cFxswPKvKyqMQNA4IVW7CWJxujN45rO7xM1aIYJU5HXzmX5m9StdFDYG5JW%2B13pV0WhYVaDKCFON3luN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d88370e43b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 07 Jan 2023 14:33:40 GMT
age: 1282
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://letsbewinners.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:33:54 GMT
expires: Thu, 04 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 242468
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/ng2u5sb7d2.jpg
200 OK 1.6 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/ng2u5sb7d2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3\012- data
Hash 8572ef996363f351c70dd22cae741a7c
773dad2ae936b34263d8a08bd53d212ce80bea41
8258b36d28e7ab1928adfc0416a7347721e6dde2cae51f175bd5ff318732f597
GET /assets/slle0t/mxtar91-ytxbsupermarket500/ng2u5sb7d2.jpg HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: image/jpeg
Content-Length: 1569
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-621"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttdt9jiDPM%2FDyrCIqryGDn8M%2FCmoCvgmx8XfFWMOForblsG4JqleEkqMtft6OFfRKc1yDbRIbYbWg1gOQ0oWR1UoBpnChW5qRHg6V49vx4xXGF7nHoZmer%2B5Dj%2FtGsqsGf10"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d88388928b500-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 279 B IP
Hash a566429adfd393f47ada6704f74a7497
2d6ef4ba5190b80a1babb3d584acda4d68eda42a
8b08d2a1a9833fe75cf0511162c959c468055a86d963488e1435208ba1f1d36a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6341
Cache-Control: max-age=89887
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:55:02 GMT
Etag: "63b82b20-117"
Expires: Sun, 08 Jan 2023 15:53:09 GMT
Last-Modified: Fri, 06 Jan 2023 14:07:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
shaumtol.com/pfe/current/micro.tag.min.js?z=4807864&sw=/sw-check-permissions-96c32.js
200 OK 14 kB URL HTTP/1.1 shaumtol.com/pfe/current/micro.tag.min.js?z=4807864&sw=/sw-check-permissions-96c32.js
IP
File type C source, ASCII text, with very long lines (39559), with no line terminators
Hash 710afc5f904ea87801da7e4974cf1979
8e8351827329a8671b337441784391195dc27c4f
24e7227f0bed8ca17bcc0a344c550167c34016d0160111bfff4136b570f82ca8
GET /pfe/current/micro.tag.min.js?z=4807864&sw=/sw-check-permissions-96c32.js HTTP/1.1
Host: shaumtol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: application/javascript
Last-Modified: Wed, 21 Dec 2022 12:58:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63a302ea-9a87"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
ocsp.digicert.com/
200 OK 279 B IP
Hash a566429adfd393f47ada6704f74a7497
2d6ef4ba5190b80a1babb3d584acda4d68eda42a
8b08d2a1a9833fe75cf0511162c959c468055a86d963488e1435208ba1f1d36a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6341
Cache-Control: max-age=89887
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:55:02 GMT
Etag: "63b82b20-117"
Expires: Sun, 08 Jan 2023 15:53:09 GMT
Last-Modified: Fri, 06 Jan 2023 14:07:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/ndk77qat2b.png
200 OK 17 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/ndk77qat2b.png
IP
File type PNG image data, 481 x 350, 8-bit colormap, non-interlaced\012- data
Hash 6752d8a824a70f0dfe30b8fec9ceb968
fe2f9bcfa68b7f1bc56b2a2b82b8f9a56e8b9c92
210c8878adee1c189b705d4c7a5b94856e92fe0c02da62cc3c62630dc0b5e2dc
GET /assets/slle0t/mxtar91-ytxbsupermarket500/ndk77qat2b.png HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: image/png
Content-Length: 17220
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-4344"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2B3B9V%2BAm6Lyrar9cxUG6rze2ciRFE8XdGp77PT1bCLyEI4eCxmDqrEJIQ9hC2Hi0D28%2B9rmzt%2BceNyePlffOk44CcjoCWd9Kx1msCSrIeSaqjPcGbzUFaBvRsUjws0l2V8%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d88387974b4f4-OSL
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/6fdnb1ct6j.png
200 OK 1.7 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/6fdnb1ct6j.png
IP
File type PNG image data, 65 x 65, 8-bit colormap, non-interlaced\012- data
Hash c620e08a7480feac4ad94c3d5eb5f1bc
8a73cb9321b3d862cff318d9a75bbb4d08440270
2a3e64e51cecce743ddada701ad6cace9a9a4f293a791295bce4b8fd65f6e78a
GET /assets/slle0t/mxtar91-ytxbsupermarket500/6fdnb1ct6j.png HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: image/png
Content-Length: 1705
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-6a9"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioe6mMjp%2Fdh0hs%2F7WEBY79s7PeleTeQymX718QtU8rYCUnRkWsHdsVuXxdC%2B6Y2iAVRIarvOq1I6gtLrpTCGFM8VxIM1EknIUO%2BXSAPzAN5JWVS6rrfH5%2B1vssiMV5%2F5nsPU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d88387b5cb529-OSL
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/sbfi3g15ab.png
200 OK 466 B URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/sbfi3g15ab.png
IP
File type PNG image data, 15 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d9c764991a1ebba259ce1afc777c756
fedbba216589a0a40fabb2e0cb24911e663e679e
7adac1888791ad42f547c97c9c9dad37faee15dfb5e76f20eabc8a0a0b6168e9
GET /assets/slle0t/mxtar91-ytxbsupermarket500/sbfi3g15ab.png HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: image/png
Content-Length: 466
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-1d2"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRxULhMwZjWIGzEc5jopi5huP7SfGHcaqeb4lckkEvlj6pAOVYbmmBqiBLD9YHMoqR4sLTezhHlnukqritseUJxUa19Y2BSKYE2PVSN3msnPwfRYUO%2FkENhL2HpJLwlODOPh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d88389dc40b49-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 279 B IP
Hash a566429adfd393f47ada6704f74a7497
2d6ef4ba5190b80a1babb3d584acda4d68eda42a
8b08d2a1a9833fe75cf0511162c959c468055a86d963488e1435208ba1f1d36a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6341
Cache-Control: max-age=89887
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:55:02 GMT
Etag: "63b82b20-117"
Expires: Sun, 08 Jan 2023 15:53:09 GMT
Last-Modified: Fri, 06 Jan 2023 14:07:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/j15f36fs7h.png
200 OK 15 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/j15f36fs7h.png
IP
File type PNG image data, 481 x 350, 8-bit colormap, non-interlaced\012- data
Hash 36e3412fe65be9c8d38842942df5f357
c437394ce164b31fe79114b689c677474c22f569
bb24611af80ff56579bdb395806bed53c9071d5e7127de423479d30b8ff73617
GET /assets/slle0t/mxtar91-ytxbsupermarket500/j15f36fs7h.png HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: image/png
Content-Length: 15241
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-3b89"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3d4SJG43fVqg1QLXX1XJiS5P9juL7ZPCx%2BB98nnkZN7lCZ8A9wYL1fNEgv5Te6ughU%2FVsV2qJfq3UjoMRey5TIF0Rm78KEgb9N%2BnnCxsgMV8kRATZgiD0f5t9O29Y4uIpy6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d88387bd41c02-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 471 B IP
Hash 8589b6a84dd5a09ec546aff38bbd2515
1c3a3d8a69ae7a3ebda64292caf0e0f5968e81f7
f013da155203f0509d56e8174c2ae5ed23aad413b4391f276efd388519743b17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1263
Cache-Control: max-age=153171
Content-Type: application/ocsp-response
Date: Sat, 07 Jan 2023 14:55:02 GMT
Etag: "63b9362a-1d7"
Expires: Mon, 09 Jan 2023 09:27:53 GMT
Last-Modified: Sat, 07 Jan 2023 09:06:50 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/6oqy716eh5.jpg
200 OK 1.6 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/6oqy716eh5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3\012- data
Hash 29dbfef26da237ee255dd6473ad194cc
b1bad0c3665a522f3e701d78b6cb05d538c105d6
cf07e6c9ce6b7489a4fc10988499f30d9ed971789d1a24326722b1e07bc02043
GET /assets/slle0t/mxtar91-ytxbsupermarket500/6oqy716eh5.jpg HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: image/jpeg
Content-Length: 1567
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-61f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVL300olll0yESDOoK1kWKJbBg68M6Qw3Sdqq1WnGNJ3fwajBxUHtg2GqXlJdZaOmqlJspAMfDPc315%2FaCSXoMNgIxiQYr%2B8rRUO7ugzINMwyO0VNqBmV%2FBwLRYOGoDhqRGe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d88390a11b500-OSL
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/oi72g3q7fu.png
200 OK 65 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/oi72g3q7fu.png
IP
File type PNG image data, 500 x 333, 8-bit colormap, non-interlaced\012- data
Hash 70ca7a48d4019dda243262eb3352985e
dd9b8f84c2797515d48ceb69fcdd0d11c36beb91
c00ac70d7289e71ffaee8b0fc8a236a3199d6150067be2296552bfc2ef0ace78
GET /assets/slle0t/mxtar91-ytxbsupermarket500/oi72g3q7fu.png HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: image/png
Content-Length: 64665
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-fc99"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUOlHCUoV4grjsIfgLvvuw7TuD%2Bv5IB9yCXmTEWCBwUsH2FnwfC0%2BQTzUcSmDVOpI4oUN9YyI6KQdIO1582txTvu%2FO33wzlqEzzvumQtA%2BHaPce0Z9RVw19CxReOk5knMnwx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d88387adeb4ff-OSL
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/4mkb6g2np1.png
200 OK 8.7 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/4mkb6g2np1.png
IP
File type PNG image data, 288 x 77, 8-bit/color RGBA, non-interlaced\012- data
Hash f2a3eeed83e87bf5a6be244147f8fcf7
a8ad65faf9ed791b15ef5bf564909659a63f24c8
9d3167174c63deceb7e5586d5fc5f49885c2fbeb0d0475654cd86cf86771d084
GET /assets/slle0t/mxtar91-ytxbsupermarket500/4mkb6g2np1.png HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: image/png
Content-Length: 8706
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-2202"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5rE%2FMcU9MhWf344upS157vOaQ38bEkc8rDAJyNMAl1DZG6Krk64H6ggj31hKiXhR6HQh4N1AEIRnXFwHP%2B2Kl0ImempX%2BvJPRDELUn%2FTDmIiy0JnsE4ZNjqOFUQ7FxvQ165"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d88398af4b4f4-OSL
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/tn73bgpf2m.jpg
200 OK 1.1 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/tn73bgpf2m.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3\012- data
Hash 22e826fac985ad01a604afc1c538836f
cdab6687f8c6330be890adb7057f3acffcc6f9a5
55262f65747f8e876e69854791352b15c5d7fa6efc12bc271dda72241d375f00
GET /assets/slle0t/mxtar91-ytxbsupermarket500/tn73bgpf2m.jpg HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: image/jpeg
Content-Length: 1081
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-439"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vkr4sc%2FRO9gl1UoEGMzkFzQAlIjEV7l8laWaLKhO%2BzZfWplVfKmZ%2BS3kPCYDNpt7uMFBn2qcswe%2BsS4uWZ5wVW1880ct0OpVucJg554Kgkq0gx3tnVluewDLWa0KFCSUKQsv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d8839acb4b529-OSL
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/n2376mfvdb.jpg
200 OK 1.6 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/n2376mfvdb.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3\012- data
Hash b4ac5e226af59ac2651ece3885177edb
a296cb8274783b59870a282abff5a31cb31a9d41
ea4ae2d3726e3d8a0b55ee1d1e5251c02f5e0744600fd01727838ecb58bf322a
GET /assets/slle0t/mxtar91-ytxbsupermarket500/n2376mfvdb.jpg HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: image/jpeg
Content-Length: 1581
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-62d"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IONyXom9fO3zTVVxLLK8ja0HnR4iC53a14WopuKR9c5peTRK4sVJH335iTi30CoJ%2FIHXvGX57gPIdlmV2%2Bew0U%2F1qPS1AZLPnJTgiJeS%2BAIkT3qRApY1Xj2xC2pSPljB1Q6K"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d8839dec90b49-OSL
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/dvchoua382.jpg
200 OK 2.0 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/dvchoua382.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3\012- data
Hash 6f0a4f6cd6920f9cd581052f20fee43f
207ade2aa69f5dde71cba9638a927b506a50f834
c41ecbdc44a4f24df67a253d5f79ae0e20afce3216a976d74fca0618080d43f0
GET /assets/slle0t/mxtar91-ytxbsupermarket500/dvchoua382.jpg HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: image/jpeg
Content-Length: 1957
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-7a5"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3i30ARgJVwudTYFTGT0ojhB66%2FseEFydmsp5cuMSXCSWJ1k6A1xYA%2F8AP6fU4Zg4c45GFuw%2FjvWAXVJTCd4hzDbrFhzzVBb43PX0MJgXPCfgtG7UgWzxwqVVs0OWAptAR2AL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d8839fce91c02-OSL
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/761ogthv8n.jpg
200 OK 6.6 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/761ogthv8n.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 189x139, components 3\012- data
Hash c7d02fb03c79346895ae8ecd5107d802
82c847abd64faf4d9875eeef2adbf50fa6d17908
1ea57d7e7d4e051ed408ab9d7a5eb212d5ff352ff1a45a4e1c62fcc4125c6a7b
GET /assets/slle0t/mxtar91-ytxbsupermarket500/761ogthv8n.jpg HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: image/jpeg
Content-Length: 6606
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-19ce"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVN%2FtEHSSf2tBdYv5e0l%2FmMWn4%2BZ2qKeMubkKQFIJHVlhk6k5fAleGwenJPT4fR08ptDiIPdlPhmDvCghohelI8hIhiCDZRWvZ7kSYj0zTDT%2BNZRK1%2FAzBNkmHimonGGAZQ3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d883aefae0b49-OSL
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/r76qevg6dz.jpg
200 OK 1.4 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/r76qevg6dz.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3\012- data
Hash f247f4c67249a0e0a25c1ea107d10216
2180c0cb5f1545366af800b044fb8bd0bc7572a9
52e3d36c66c303fbcda3504ed78cdc1eac7dcd4bedf45abff2a733615f771794
GET /assets/slle0t/mxtar91-ytxbsupermarket500/r76qevg6dz.jpg HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:02 GMT
Content-Type: image/jpeg
Content-Length: 1438
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-59e"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YL3J3jty%2FR2orOF2xPrnlDgmtGa%2BD7qmGSPfb%2BdG9Do0qo60xiWw%2FpwLzDed4qEpHoa9FJF%2Fyz0QZHYd84ucV1XqmC1Ffj3ma2oRttviK0s9hDkiTl7Cer680PhToo3Scix5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d883a5cb9b500-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wW4o72BKJV7C+6hf/s+3Aw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 22j3jJmqzBhoan3IzZXm5aniDO4=
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/w258c7zdbr.jpg
200 OK 1.4 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/w258c7zdbr.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3\012- data
Hash bbfac874a909c3a314a53b0872b52833
d22cc2f176e0a2cd6c2c7d590caaf8f970ea1775
9d634d10d285550cc0a743ef1fba4bca40193a457f5d670c96707e4708aaddf5
GET /assets/slle0t/mxtar91-ytxbsupermarket500/w258c7zdbr.jpg HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:03 GMT
Content-Type: image/jpeg
Content-Length: 1430
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-596"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jW3jr%2BZ3dtmRzYL9LUwNscTnexgPoVdh7cGUu7otbSTwP4ttYawU2LgUSjZxX2ePCm9RSqkzm2lOjlR9J9CuggGf519PnF25a4TliQFNCUfuM%2F2a6EnaWFEueH0ElW0PSiQi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d883a9da1b4ff-OSL
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/0qd2mfv6f6.png
200 OK 3.9 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/0qd2mfv6f6.png
IP
File type PNG image data, 80 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash e9652312159680cd5ec528f3ef12474d
88317a623b994468dcfeaa00fc9b8f3bba26c832
a2c28aa966adf7091f08796465d74d078e42b66f4c157751d549384291d612b1
GET /assets/slle0t/mxtar91-ytxbsupermarket500/0qd2mfv6f6.png HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:03 GMT
Content-Type: image/png
Content-Length: 3850
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-f0a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhSKQa3tE77xT16CI%2BchBqPEktusqAnJ6yTBVsmxQpk4zae2dSgWYKxBlCxDD%2F6FNNvuZNNdZ7sCqYV4QolklAiiR%2BUn4Z8krR5uu1QIpxDxDzBsAIWUuPhXBy8SQqRDF6vW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d883aeea2b529-OSL
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/c6rosn32t5.jpg
200 OK 1.6 kB URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/c6rosn32t5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 60x60, components 3\012- data
Hash 41db3f3feeaeec597f4b39e3c2c33e48
52894d096856870329387525a5c1a9cbb2ec44aa
247d328bcf32c4d41dc8c70eacbec6987d1dc4adddc50b51dfd1844000579505
GET /assets/slle0t/mxtar91-ytxbsupermarket500/c6rosn32t5.jpg HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:03 GMT
Content-Type: image/jpeg
Content-Length: 1561
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-619"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZZs%2B%2B4b63KBa9HHoP1NBtQzbSxIxoTlBJshwYyc4EKKAi%2FsDl7sRRDt79xNEaeZMekhfIsSy0OgVJtG4K5vqFYaZYunrdaJZDUekbJWbsxRvMvF2S%2BP74Kn3PpjN%2FSv7Mze"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d883accbcb4f4-OSL
alt-svc: h2=":443"; ma=60
letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/cjo78s35t6.png
200 OK 468 B URL HTTP/1.1 letsbewinners.com/assets/slle0t/mxtar91-ytxbsupermarket500/cjo78s35t6.png
IP
File type PNG image data, 21 x 21, 8-bit colormap, non-interlaced\012- data
Hash fb794c44e112b8f84cd149efa0e31313
b472f6b1650c932fb6431d0049eed30cd582ec88
382cfd24776703d5eb156a2441dfb0066342b6b778d54cb45a8894ded8e4f975
GET /assets/slle0t/mxtar91-ytxbsupermarket500/cjo78s35t6.png HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://letsbewinners.com/mx/tar/sur3box-500/91/a/supermarket
HTTP/1.1 200 OK
Date: Sat, 07 Jan 2023 14:55:03 GMT
Content-Type: image/png
Content-Length: 468
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 07:26:56 GMT
ETag: "63b52a40-1d4"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSCPJ6WJlOjJGeIAa2V3yPbI%2FNQVCm9%2BkuTtuLaNoj42yBwTQeSHA0F5BHsCkQbkatSgDcQdfH%2F%2FTs8VgiMM2lV5Wap76EMki%2BjmwY3T5a3dJfZdhod2xp2BTKsr9CwbHlSR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785d883bff45b4ff-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6685
Expires: Sat, 07 Jan 2023 16:46:29 GMT
Date: Sat, 07 Jan 2023 14:55:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6685
Expires: Sat, 07 Jan 2023 16:46:29 GMT
Date: Sat, 07 Jan 2023 14:55:04 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 457ca75ed75785c514fb36a16792410f
fcc640c00713c93633d0b2887104c8fbc6c754f9
ff6a40bdaa6bc25eefb2d7ed130ea34460494d92c19c07dff4cc371c45d1ac44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF6A40BDAA6BC25EEFB2D7ED130EA34460494D92C19C07DFF4CC371C45D1AC44"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6685
Expires: Sat, 07 Jan 2023 16:46:29 GMT
Date: Sat, 07 Jan 2023 14:55:04 GMT
Connection: keep-alive
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=7deea0368b
200 OK 14 kB URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=7deea0368b
IP
File type ASCII text, with very long lines (26500)
Hash 503037ccfffad36d2c2db46549c27bad
938e7511fc391b875ea225c03ee125b72866982f
5da4c8320bda174a5e2c8b43fa22f9eac983b61f9e812258c7a16225b3a24545
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=7deea0368b HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://letsbewinners.com/
Origin: http://letsbewinners.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:55:02 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 368e5f2a7f5777c7bce3dc98a848df8a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C1
x-amz-cf-id: VmvR52dJqizhJSdZepTWpL_w3kb-ZJa3ruwBDunqiHVbeqrvt8l4Fw==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jV7VV2XfnTTSVW%2FLIXgGY5%2FmBVOlZCPJPJsmxj4sSEdVrK0l%2FhtTpVEBpfevS1gezcRE2hTEJ1tceQYW01iEZDmDajmc5qLGP%2FdFLCCxgTaTOM6sMGYuQUbUbQh3tb8zxK8HGGrq7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 785d88392e737789-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c0fd17757d97ed3b4570387623f465f
889b2e3d0db6f9bc03393ff59a5eb7bee816cac3
1035a9d3c973762adfc08529b59642c3839ef95a7e8cfcced63e61ec154ad092
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82e9dc28-a1b8-4185-9eb1-6856bb670646.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10695
x-amzn-requestid: ae69c1c3-22f6-49de-91ec-8e7a854e4b27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGCNWFo5IAMFUKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b24a55-75032a3e7ab3eb897382cad4;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 03:07:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: kkpb41RwNIWi4GQrpRiCAGUGsFyv9v-lpjPdStHiI1KxfkRi4tFCOQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:59:50 GMT
age: 60914
etag: "889b2e3d0db6f9bc03393ff59a5eb7bee816cac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vIFVXgt2RmoplkAVOtUrOkXj3LmhRw-XEPe7fugZ2-mv_iDY07XzUg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 08:42:42 GMT
age: 22342
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493cbfd8-f54c-4358-8e53-2e31e447a9a1.jpeg
200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493cbfd8-f54c-4358-8e53-2e31e447a9a1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e03d1dd10284f60d3e73a47cfbec28f2
3e57e253077e3b261e87dc4703a04f515f45380e
2653e264ed5c0957de7eafdb26a535f25e1d6bfea12d5a3cac3678827149d7f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F493cbfd8-f54c-4358-8e53-2e31e447a9a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2508
x-amzn-requestid: 554c1b4d-8105-4a3e-9cb7-33ed0acc365d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eMnz9Fi2IAMFtvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b4ece5-5d9c573158726c757574a9d3;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 03:05:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kBBlRrBDqWAksGuGBXqSVyM46CQ2A5EF0tMvKByi-OJhNKhPA-CmQA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 05:06:21 GMT
age: 35323
etag: "3e57e253077e3b261e87dc4703a04f515f45380e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3356bee662c2ea20cbebff5293e73340
625cfd3806740998c859fef8c1153efea72f5342
cd973426a15b28fa2c141e927ebf4e12faa05665780a3cd5010f874769b336e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe337b2fa-7f8d-45d1-9c3b-36a6e16363af.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13620
x-amzn-requestid: 0858cbd0-5965-477b-9d5f-015243f86e12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ePk56F4JoAMF5Uw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b61b72-705a9ad403bb7795397926fd;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 00:36:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DoKiNkOKV6r5zqczq2ckoyb9UJyMABXfyn6WE1NerYovg8yg-AeePQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 10:11:59 GMT
age: 16985
etag: "625cfd3806740998c859fef8c1153efea72f5342"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F947f1c49-6957-4cda-b8dd-6b5f93de9d39.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F947f1c49-6957-4cda-b8dd-6b5f93de9d39.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841dfabf529ce5e50ccb825ff518dedb
c208e348fddfaf8ba08e90717096c1b3047a8919
05c661cac438c912207bc9952799d4b9695ec65fb7556a7eb5b24bb8b91f8f39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F947f1c49-6957-4cda-b8dd-6b5f93de9d39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12452
x-amzn-requestid: f8d06e9b-4211-423e-ba36-89dd85f158df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP63ZGj8IAMF9MA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63e95-4c63bd1447f5149050c7b6bd;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:05:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ihrs641OXCZeeVud85FMMP6Ixp_W8skdNU4RExwIvmLjgUcKYohBsg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 07 Jan 2023 03:18:49 GMT
age: 41775
etag: "c208e348fddfaf8ba08e90717096c1b3047a8919"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
IP
GET /bootstrap/4.5.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://letsbewinners.com
Connection: keep-alive
Referer: http://letsbewinners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:55:02 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"3afe15e976734d9daac26310110c4594"
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-cachedat: 11/25/2022 23:03:19
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 24a54b0742bc90e20a67070d4af75662
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 785d883688b9b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.bundle.min.js
200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.bundle.min.js
IP
GET /bootstrap/4.5.0/js/bootstrap.bundle.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://letsbewinners.com
Connection: keep-alive
Referer: http://letsbewinners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:55:02 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"7fd2f04e75bd7ab1a79d80cdd4c33085"
last-modified: Mon, 25 Jan 2021 22:04:10 GMT
cdn-cachedat: 11/15/2022 10:39:27
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1054
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 3b409ea42c90acbcfebb0523a2942dd5
cdn-cache: HIT
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 785d8836a8e5b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kit.fontawesome.com/7deea0368b.js
200 OK 0 B URL HTTP/2 kit.fontawesome.com/7deea0368b.js
IP
GET /7deea0368b.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://letsbewinners.com
Connection: keep-alive
Referer: http://letsbewinners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:55:02 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FzgOlsw2gEnvnNYnBHqh
cf-cache-status: MISS
server: cloudflare
cf-ray: 785d8836abbb0b3d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=7deea0368b
200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=7deea0368b
IP
GET /releases/v5.15.4/css/free.min.css?token=7deea0368b HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://letsbewinners.com/
Origin: http://letsbewinners.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:55:02 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9132f1c6fe5ab3ea458d3abc7e3bc5d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR3-C1
x-amz-cf-id: C2zWYjkz-6K7SGKvJmWZorymYW2-fK4fKo2TWixj_LpD-MsZfUt9Ug==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vonjzEMImtxRK1EmjMXQ1G%2FCZS%2Bv2%2B6ujtrzxlrsszy0DI6ks4SMva2z1zITxxgqqKrZMj%2BRXOvBaxhmfG9OdR3o%2BfBVRQa%2BIpQd2aeLBv13jq1z1K0KgFIaMBU%2BDXry99HuIjGtjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 785d88392e6e7789-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=7deea0368b
200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=7deea0368b
IP
GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=7deea0368b HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://letsbewinners.com/
Origin: http://letsbewinners.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 07 Jan 2023 14:55:02 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a01b7aca64c6d4b437b814f64422d6c8.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: 8vtKAn-zo31E26fpCiwDI4JGnSSlwwSC0YpG0XUAN2WfrakuuC4asA==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsMcRiX6ftfZaNj9cDxiRsSmr4RaX91EgKF6SJ2Q7Kg75SdbxcUJd17R%2FPTtX1yX5mjJzGKR75K0NaZjEhDA7gCNgJw%2BT6l7Bepc2%2FMaGjRLHPwlbUS6MdX4rqLQ%2BycKszOc612Q1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 785d88392e777789-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext,greek,latin-ext
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext,greek,latin-ext
IP
GET /css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext,greek,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://letsbewinners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 07 Jan 2023 14:55:02 GMT
date: Sat, 07 Jan 2023 14:55:02 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
172.67.69.162
23.33.119.27
104.18.23.52
93.184.220.29