| cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.js | 104.17.24.14 | 200 OK | 36 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.js IP104.17.24.14:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (620) Hash4d456e43291a691699c12a9027f1f13a e2e691b338e64a94e68be7f4d2aded08fcca0759 9a4a11a15db88d5fab08f59c1c34796b03f1f15bb3cc928dd226e1c59f7f59a3
GET /ajax/libs/bootstrap/5.3.3/js/bootstrap.bundle.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://letsbewinners.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:13:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 36257
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65d4c5f6-8da1"
last-modified: Tue, 20 Feb 2024 15:32:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3037258
expires: Wed, 16 Apr 2025 23:13:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A2vCcY%2BnUbSuwGm7k7dJI2LQBneG1UE1GabDDMWNmq%2FBLoK1Db5wgfoLCHfhcMTOVNUunMPmsKUMxK3gHalHhuEiuCtq%2BfktxBVqr3pkUXreb8Q6Xbr2oPp9C3gVmzF1AMS0II5E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87aa442a19530b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js | 104.17.24.14 | 200 OK | 27 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js IP104.17.24.14:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://letsbewinners.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:13:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 27446
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ed75bb-6b36"
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 73226
expires: Wed, 16 Apr 2025 23:13:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l4baHOgm1KGHzxGjaXVosBZnRf0DS16hwv4%2B4wsCOdpgXCICw28Dd1Ugny13Mj9WjZJyhhTMTuoQ3aYB4EJzqJ7WAX71f%2BEMhGelP%2Bda%2BgWnNHhMijD7qruLexRgPISzgNeDb5WQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87aa442a19500b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css | 104.17.24.14 | 200 OK | 10 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css IP104.17.24.14:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (59119) Hashecd507b3125edc4d2a03aa6ae5d07da9 a57ee68d11601b0fd8e5037fc241ff65a754473c 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
GET /ajax/libs/font-awesome/5.15.4/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://letsbewinners.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:13:56 GMT
content-type: text/css; charset=utf-8
content-length: 10462
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613fa20b-28de"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 175758
expires: Wed, 16 Apr 2025 23:13:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Qc1hP8wbH2JOIP7Of72o%2FH%2F7%2Br5sEYT9lIaDWo1SNibgVLKpuYbmHwRU3CMzp0QwKcNajrUP%2BwvqyFhfFKVNRF4agd6wh2BxXX4EzhgRM%2Fz5V7OjRcmBRCIrQiqcsmI9%2B%2FAGP8F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87aa442a19520b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css | 104.17.24.14 | 200 OK | 23 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css IP104.17.24.14:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeUnicode text, UTF-8 text, with very long lines (65342) Hasha549af2a81cd9900ee897d8bc9c4b5e9 c5ac1dee961cb59a045256ec203f69e317872f7c 3c8f27e6009ccfd710a905e6dcf12d0ee3c6f2ac7da05b0572d3e0d12e736fc8
GET /ajax/libs/bootstrap/5.3.3/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://letsbewinners.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:13:56 GMT
content-type: text/css; charset=utf-8
content-length: 22709
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "65d4c5f6-58b5"
last-modified: Tue, 20 Feb 2024 15:32:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1921493
expires: Wed, 16 Apr 2025 23:13:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FLadttxMO%2FKaa%2FwKLIg0l33vLOsin4zrO3eLAzo2htrbeLoqR7pgfWZ0JS77QaqIgJVf1QBYhVPLQLXisWDAbWCNL69MzANzGgUwjzn9yZbK0bmlp65wIfqDD0xUgAJspoH6NVg5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87aa442a19550b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/themes/tar/66-hnfV/brand-logo.png | 104.26.10.153 | 200 OK | 31 kB |
URL GET HTTP/2letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/themes/tar/66-hnfV/brand-logo.png IP104.26.10.153:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerGoogle Trust Services LLC Subjectletsbewinners.com Fingerprint13:4A:50:C7:1F:9D:25:B3:07:7F:48:78:E3:49:6F:46:8B:CC:BA:67 ValidityFri, 01 Mar 2024 11:44:50 GMT - Thu, 30 May 2024 11:44:49 GMT
File typePNG image data, 500 x 300, 8-bit/color RGBA, non-interlaced Hash334afeb06073966ef36a1738f0d9720d 6a2aa57e4ffb2d2c7d0af3b37830144a5ffd0d59 4685b50d351c56d44bf6c3ce4823fdac5a60b5be6754ae6ed72d697d2d7b7113
GET /assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/themes/tar/66-hnfV/brand-logo.png HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:13:57 GMT
content-type: image/png
content-length: 31319
last-modified: Fri, 26 Apr 2024 12:42:25 GMT
etag: "662ba131-7a57"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RPXC%2Bd4wIBRexE7tIAfZmPQZu5fEudZ1T40hNR5kxIT%2Fupx%2B7Xi8wCpSOwT4l49%2FWoedtnQeSt9DOZWG661G%2BERdsGpmuZI7yRg0UaifxTmzoJyLBhYiBJGLpZaSqSc15paP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa442c2fb5b4ed-OSL
X-Firefox-Spdy: h2
|
|
| letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/seasons/162/letter-00.png | 104.26.10.153 | 200 OK | 25 kB |
URL GET HTTP/2letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/seasons/162/letter-00.png IP104.26.10.153:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerGoogle Trust Services LLC Subjectletsbewinners.com Fingerprint13:4A:50:C7:1F:9D:25:B3:07:7F:48:78:E3:49:6F:46:8B:CC:BA:67 ValidityFri, 01 Mar 2024 11:44:50 GMT - Thu, 30 May 2024 11:44:49 GMT
File typePNG image data, 258 x 184, 8-bit/color RGBA, non-interlaced Hashe45d217d96fcfdecd2f0d236e06b6b30 82ece521c195148c117d760e536fc17b9a0e4801 084e31c469393993b821513561acd20fd163fd41836affac626b5c868ec06720
GET /assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/seasons/162/letter-00.png HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:13:57 GMT
content-type: image/png
content-length: 25236
last-modified: Fri, 26 Apr 2024 12:42:25 GMT
etag: "662ba131-6294"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GBSFV0zOUKuunj2p6iVCX%2FFlDCZQ7b1KCPQNBEYxuKHgPXW8IPui9iZ%2BhR9tqsi2svYOAZFkV6G91u2nxua%2FLRajJHBFsaq%2FmrbNGrGBriBC%2Bzd22hMj1s0am4zVAwl16DtK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa442c2fb8b4ed-OSL
X-Firefox-Spdy: h2
|
|
| woudaufe.net/zone?&pub=0&zone_id=5759770&is_mobile=false&domain=letsbewinners.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=1899b0eb-96b9-4d67-8c79-76614333b32c&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2woudaufe.net/zone?&pub=0&zone_id=5759770&is_mobile=false&domain=letsbewinners.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=1899b0eb-96b9-4d67-8c79-76614333b32c&action=prerequest IP139.45.197.251:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerLet's Encrypt Subjectwoudaufe.net Fingerprint97:B7:E3:B4:46:26:82:1A:84:6C:4D:15:C2:B7:B8:FE:0F:00:67:F5 ValidityMon, 15 Apr 2024 05:41:42 GMT - Sun, 14 Jul 2024 05:41:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=5759770&is_mobile=false&domain=letsbewinners.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=1899b0eb-96b9-4d67-8c79-76614333b32c&action=prerequest HTTP/1.1
Host: woudaufe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://letsbewinners.com
DNT: 1
Connection: keep-alive
Referer: https://letsbewinners.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:13:57 GMT
content-length: 0
x-trace-id: a147229f4896cc3002b721ab7bb7e2bf
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://letsbewinners.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js | 139.45.197.251 | 200 OK | 15 kB |
URL GET HTTP/2woudaufe.net/pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js IP139.45.197.251:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerLet's Encrypt Subjectwoudaufe.net Fingerprint97:B7:E3:B4:46:26:82:1A:84:6C:4D:15:C2:B7:B8:FE:0F:00:67:F5 ValidityMon, 15 Apr 2024 05:41:42 GMT - Sun, 14 Jul 2024 05:41:41 GMT
File typegzip compressed data, max speed, from Unix Hash79ab4f5f20178d8996c060bb397118cb 1c4b2573fec4c28a0fabe5f38102b69cac5b9e97 05c6f230d524bab329e3cd7e74295e02df901851cc6350c1759b308d2ee09038
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?z=5759770&sw=/sw-check-permissions-82431.js HTTP/1.1
Host: woudaufe.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://letsbewinners.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:13:57 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:48:52 GMT
etag: W/"662a3514-9116"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 255
Origin: https://letsbewinners.com
DNT: 1
Connection: keep-alive
Referer: https://letsbewinners.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:13:57 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 75bc55ab93e555dca6fb39983fac8f24
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://letsbewinners.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/favicon/favicon_6.png | 104.26.10.153 | 200 OK | 321 B |
URL GET HTTP/2letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/favicon/favicon_6.png IP104.26.10.153:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerGoogle Trust Services LLC Subjectletsbewinners.com Fingerprint13:4A:50:C7:1F:9D:25:B3:07:7F:48:78:E3:49:6F:46:8B:CC:BA:67 ValidityFri, 01 Mar 2024 11:44:50 GMT - Thu, 30 May 2024 11:44:49 GMT
File typePNG image data, 21 x 21, 8-bit colormap, non-interlaced Hash8c9de0f1dbca86c6b8c142772044e6ac dea334af778f28c7b51392d0b0f9d807e3af6bec d693088a5f77ad6b49a29e765c0bd30e3f83b9881acf6118d452649490bfc517
GET /assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/favicon/favicon_6.png HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:13:57 GMT
content-type: image/png
content-length: 321
last-modified: Fri, 26 Apr 2024 12:34:00 GMT
etag: "662b9f38-141"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TpzBXmkR7gCHilxww%2By7jVJ%2Bk5Rc0Kd2btgwGSyVCgXiTH0eG4DhdRwBh432wMyVjJDZEuYn0M%2BqWCVXQQnmv5GDEJGp2U13WeIbhvIOOKnT9mCDWZK5zdS4ZjBGAXEctG9%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa442e8916b4ed-OSL
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 256
Origin: https://letsbewinners.com
DNT: 1
Connection: keep-alive
Referer: https://letsbewinners.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:13:57 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a1ec9ecd819b3467c6c0475d892d4cef
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://letsbewinners.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://letsbewinners.com/
Origin: https://letsbewinners.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:13:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://letsbewinners.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash23b980847f27ca4d0f2b33e52f676e66 7325a66f4a396906777c37914a32789c439b33ff 11acc34fa2850b933a3ead85c0f708426e861d7ef5b4a20037c8632ca343c76d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://letsbewinners.com/
Content-Type: application/json
Content-Length: 874
Origin: https://letsbewinners.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 26 Apr 2024 23:13:57 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://letsbewinners.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| letsbewinners.com/sw-check-permissions-82431.js?zoneId=5759770 | 104.26.10.153 | 200 OK | 777 B |
URL GET HTTP/2letsbewinners.com/sw-check-permissions-82431.js?zoneId=5759770 IP104.26.10.153:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerGoogle Trust Services LLC Subjectletsbewinners.com Fingerprint13:4A:50:C7:1F:9D:25:B3:07:7F:48:78:E3:49:6F:46:8B:CC:BA:67 ValidityFri, 01 Mar 2024 11:44:50 GMT - Thu, 30 May 2024 11:44:49 GMT
Hash474c689de7bf42a9bf302a1966faadd4 97ec04f5d3a14113c4746c7419754d5940463355 780daf251fd4ef79cf506ee2eef1d1f6411f3df6ea277fbb296108c89bf9e484
GET /sw-check-permissions-82431.js?zoneId=5759770 HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://letsbewinners.com/page
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:13:57 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 12:34:00 GMT
etag: W/"662b9f38-236"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jqnwLpxus7s9Ki4OjDf5SZex5ZxMr%2FZTLbAkywrkgcMuDlettwD9jdyLs6KnhQyvHyL4wM4S%2Bp3DvYxPlEwS5gWHKnfHF%2B%2F%2FNACA6EUMexKuH0WYDiofBPl2rV1h4O0d8rIy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa442ef964b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/assets/css/style.min.css?v=1.13 | 104.26.10.153 | 200 OK | 8.0 kB |
URL GET HTTP/2letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/assets/css/style.min.css?v=1.13 IP104.26.10.153:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerGoogle Trust Services LLC Subjectletsbewinners.com Fingerprint13:4A:50:C7:1F:9D:25:B3:07:7F:48:78:E3:49:6F:46:8B:CC:BA:67 ValidityFri, 01 Mar 2024 11:44:50 GMT - Thu, 30 May 2024 11:44:49 GMT
File typeASCII text, with very long lines (7965), with no line terminators Hash2262c2e53a8b322777b6eb511d29af7c a29de156da1bd664d0efa52a29a99972876875ed 332d038e0a8f9aa4d78be40da4977133f4679121160024b2590f8f513afcea44
GET /assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/assets/css/style.min.css?v=1.13 HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:13:56 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 12:34:00 GMT
etag: W/"662b9f38-1f1b"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FaP9px6X09%2B%2FjwY2JtY9dAKLedgNYXT7oQVdNpSdEq8QxMwTmKruZwBAkQz5acHZiIx0r8p7oAYBH0Olz91fCfP8RnBnOHWXT5XDk3wvRqA7eJ2YAwfs34tE82zeGMHp3w64"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa44298e28b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Roboto:wght@400;700;900&display=swap IP142.250.74.106:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hashc57dda42e147d534c4425d1a6cf618e5 eb64157c4ef177493086e723d5698d8f2b6b3709 18146c688d3c8e77c146776b6e3927c0805f12ef86db5b9d4a3929b917b39564
GET /css2?family=Roboto:wght@400;700;900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://letsbewinners.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 23:13:56 GMT
date: Fri, 26 Apr 2024 23:13:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 | 104.26.10.153 | 200 OK | 13 kB |
URL User Request GET HTTP/2letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 IP104.26.10.153:443
CertificateIssuerGoogle Trust Services LLC Subjectletsbewinners.com Fingerprint13:4A:50:C7:1F:9D:25:B3:07:7F:48:78:E3:49:6F:46:8B:CC:BA:67 ValidityFri, 01 Mar 2024 11:44:50 GMT - Thu, 30 May 2024 11:44:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:13:56 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3EDBrBGmPb3OKMrkItzqxkLPi07hFsheAyRNL%2FS3vImjlnp9lFboXz0p3DP0fCw70qfRBIsVFQZAwiyzoeKA0oXigsMLdg%2FfbYNcVWDNN1pFjTlQhqS8hxKAVWD6xwlgKqcN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa44258bdeb4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/assets/templates/box/box_letter.css?v=1.13 | 104.26.10.153 | 200 OK | 3.2 kB |
URL GET HTTP/2letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/assets/templates/box/box_letter.css?v=1.13 IP104.26.10.153:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerGoogle Trust Services LLC Subjectletsbewinners.com Fingerprint13:4A:50:C7:1F:9D:25:B3:07:7F:48:78:E3:49:6F:46:8B:CC:BA:67 ValidityFri, 01 Mar 2024 11:44:50 GMT - Thu, 30 May 2024 11:44:49 GMT
File typeASCII text, with very long lines (3396), with no line terminators Hashba6242d390b0c782b79ba07cbe5118fe 2f60a5d46063f9005f3d7b641a834c4113a11e1e 219ee9df98776c5d29468ba8deb3c5622f88a7b08edda067dcb1d3645d9463c0
GET /assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/assets/templates/box/box_letter.css?v=1.13 HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:13:56 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 12:34:00 GMT
etag: W/"662b9f38-c8b"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2B5h8w8oUJDQe1jiXIcqsnD9ZitGVTjAKKMi76KYnHa3zQRmn4xLwyI1BtneOLAYzfXksaysJGHzCR1MNn09%2FTHXu2%2FrHDDKLNR8H075jxOJXcuJRndvQYOM0Yec8kj9WdR1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa44299e2fb4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/assets/js/box_o.js?v=1.13 | 104.26.10.153 | 200 OK | 4.2 kB |
URL GET HTTP/2letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/assets/js/box_o.js?v=1.13 IP104.26.10.153:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerGoogle Trust Services LLC Subjectletsbewinners.com Fingerprint13:4A:50:C7:1F:9D:25:B3:07:7F:48:78:E3:49:6F:46:8B:CC:BA:67 ValidityFri, 01 Mar 2024 11:44:50 GMT - Thu, 30 May 2024 11:44:49 GMT
File typeJavaScript source, ASCII text, with very long lines (4184), with no line terminators Hash540bfe138c793172e999f49b394ee71e d9bd4b33fc83ba9c878365eb93b214f0e8f1b44b b38ef2303ee7080d8fa982a22f79ebbfc138ac7f69bbc27f2d61ed1c9d60c7f1
GET /assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/assets/js/box_o.js?v=1.13 HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:13:56 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 12:34:00 GMT
etag: W/"662b9f38-1053"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=veGBvXK%2FPYM0Hqp%2FhVbOmgr7LKykssXbcEq5ssWxnIfyMc5nifMTueT7w%2BJqz52xwpkggBhmHm2cswPwPQdPByWlj6r7g%2FwC5C8D%2FVz4e97wid8om%2BXY3pkVBTkFnGpGz006"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa44299e30b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/assets/js/preload_o.min.js?v=1.13 | 104.26.10.153 | 200 OK | 18 kB |
URL GET HTTP/2letsbewinners.com/assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/assets/js/preload_o.min.js?v=1.13 IP104.26.10.153:443
Requested byhttps://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976 CertificateIssuerGoogle Trust Services LLC Subjectletsbewinners.com Fingerprint13:4A:50:C7:1F:9D:25:B3:07:7F:48:78:E3:49:6F:46:8B:CC:BA:67 ValidityFri, 01 Mar 2024 11:44:50 GMT - Thu, 30 May 2024 11:44:49 GMT
File typeJavaScript source, ASCII text, with very long lines (17559), with no line terminators Hasha32d40b2f01f5a74c8077e46a4a8a73d 7abaeaf47545c71abc18c731d7bdfcbabcda087f b55e30ce0e6f42daacd35842c1edfc675673aa5d436a26ff8d8b796932ceda6c
GET /assets/101dnmi/pttar66-hnfvSobres1hr4mqp/395/assets/js/preload_o.min.js?v=1.13 HTTP/1.1
Host: letsbewinners.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://letsbewinners.com/page/1hr4mqp/395?campaign=ThUkJPQ&cost=0.005900¤cy=usd&aff_source=7304029&request_var=NQTVIGF3px&aff_transaction_id=807863417552510976
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:13:56 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 12:34:00 GMT
etag: W/"662b9f38-4497"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpzi71wmIrXxdUV9RAweLmEFSdxTeVK%2B%2FjEgTrr4lCiRA6TGhESPPtgFxRxuSoe3LynzAMb16y%2FufznOfl7W33RaDEPcKHHYWhNGV7LgraXgkFOR5uMNcdpTED0vIqZeCGeZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa44299e2eb4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|