Report - monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474/?em=0

Report Overview

Submitted URL
monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474/?em=0
IP
52.5.54.148
ASN
#14618 AMAZON-AES
Submitted
2023-03-31 20:06:37
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-31T20:44:48Z	2.0 kB	75 kB	216.58.207.227
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-31T07:51:33Z	3.8 kB	70 kB	34.120.237.76
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-31T20:19:47Z	443 B	167 kB	142.250.74.35
s3.amazonaws.com	unknown	2020-05-13T22:53:44Z	2023-04-01T00:00:52Z	1.2 kB	64 kB	54.231.129.136
monthlysweeps.us	unknown	2017-12-18T21:14:21Z	2023-03-31T12:51:38Z	8.0 kB	260 kB	3.228.163.244
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-31T18:42:09Z	827 B	68 kB	104.17.25.14
api.trustedform.com	23021	2012-10-29T06:30:13Z	2023-03-31T23:51:57Z	1.4 kB	1.5 kB	52.2.76.17
d2m2wsoho8qq12.cloudfront.net	unknown	2013-05-25T05:15:49Z	2023-03-31T23:52:01Z	663 B	2.0 kB	54.230.245.201
cdn.jsdelivr.net	439	2012-09-30T02:15:09Z	2023-03-31T18:12:07Z	803 B	2.1 kB	104.16.87.20
stackpath.bootstrapcdn.com	2467	2018-06-15T22:36:43Z	2023-03-31T20:45:08Z	812 B	1.8 kB	104.18.11.207
ocsp.r2m02.amazontrust.com	unknown	2022-10-12T16:01:39Z	2023-03-31T21:26:20Z	2.1 kB	5.9 kB	54.230.80.227
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-31T18:12:03Z	3.4 kB	7.0 kB	142.250.74.131
tmgassets.azureedge.net	unknown	2022-06-27T00:01:19Z	2023-03-29T14:52:29Z	4.8 kB	128 kB	13.107.237.53
cdn.trustedform.com	24659	2020-08-27T01:38:48Z	2023-03-31T23:51:57Z	391 B	38 kB	54.230.111.103
deviceid.trueleadid.com	2097	2018-07-10T07:19:41Z	2023-04-01T04:57:01Z	670 B	2.5 kB	35.169.79.47
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-31T18:12:04Z	1.7 kB	4.4 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-31T18:14:44Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-31T18:18:04Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-31T18:12:09Z	333 B	391 B	34.117.237.239
use.fontawesome.com	942	2017-01-30T05:43:25Z	2023-03-31T18:12:59Z	1.4 kB	118 kB	172.64.133.15
ldsapi.tmginteractive.com	85617	2017-02-02T02:31:46Z	2023-03-29T14:52:28Z	2.8 kB	8.5 kB	209.151.244.116
pwrkr.s3.amazonaws.com	193576	2020-08-29T20:55:07Z	2023-03-31T22:58:26Z	429 B	818 B	3.5.28.101
beacon.aimtell.com	36605	2017-08-09T12:53:28Z	2023-03-31T22:58:27Z	1.2 kB	790 B	104.18.31.151
cdn.aimtell.io	9181	2019-01-17T22:21:31Z	2023-04-01T04:01:53Z	425 B	881 B	172.67.30.225
ads.pro-market.net	47212	2012-05-22T09:59:48Z	2023-03-31T23:46:12Z	381 B	1.4 kB	23.36.76.128
www.google.com	7	2015-05-10T13:11:19Z	2023-03-31T20:35:26Z	415 B	1.1 kB	142.250.74.132
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	946 B	54.230.245.118
ocsp.usertrust.com	899	2012-05-21T17:43:18Z	2023-03-31T18:15:06Z	342 B	1.0 kB	104.18.32.68
create.leadid.com	14598	2014-01-22T14:55:11Z	2023-03-31T23:52:00Z	3.5 kB	5.4 kB	52.6.30.198
create.lidstatic.com	24133	2015-09-23T21:42:02Z	2023-03-31T23:52:00Z	423 B	566 B	172.67.41.229
pbid.pro-market.net	6233	2012-10-30T06:59:16Z	2023-03-31T23:46:12Z	772 B	659 B	107.178.240.89
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-31T18:13:52Z	606 B	238 B	34.117.65.55
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-31T18:13:43Z	371 B	31 kB	69.16.175.10
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-31T23:45:41Z	340 B	964 B	104.18.32.68
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-31T21:42:43Z	373 B	21 kB	216.239.38.178
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-31T20:23:24Z	413 B	778 B	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-31	medium	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474/?em=0	Phishing
2023-03-31	medium	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474/?em=0	Phishing
2023-03-31	medium	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	Phishing
2023-03-31	medium	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	Phishing
2023-03-31	medium	monthlysweeps.us/assets/js/datepicker.js	Phishing
2023-03-31	medium	monthlysweeps.us/go/api/zip/undefined?get_param=value	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (60)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-19
Pretty URL code.jquery.com/jquery-3.3.1.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 19:50:31 Times Seen105332 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	64 B	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen203 Hash 43c10d2b2f042467d4d17140c6e4d179 df16bc29f5ac9468b35c32bb0d834221cf5171a4 6e67dc180a86d584ee19d9a3635ce615cc1fe3612f7adfac03df055d25066dc3 Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	2.2 kB	2023-04-01	2023-09-20
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:56:20 Last Seen2023-09-20 21:17:38 Times Seen51 Hash d8079174e2b32eda50a33eaa3bae683c 05fd99e2e76e10b30e16510ea0c99cb02fc4bb28 2d1f61dab042f60d28189639aaa148b5a192f31408b0a177a96c7f476f7e9332 Loading...

	cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js	18 kB	2023-03-07	2024-04-15
Pretty URL cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js IP 104.16.87.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-04-15 10:27:43 Times Seen259 Hash 35fd33d8c4423cfffc1d4d3ccc7540e8 838ac66c3ecac6b6136b049bdd0e14f2f022952c 219324a6611109fcb8c440e9e38af1802240ee8f1453d557353cc20cdaaead6e Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419	2.0 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen159 Hash aa9ff88f2d52cd1f5e46f8a07aec5e78 13a3853b6f53a862d8cb02346df5b1c555ccc6f6 e62184b995250b6cd0e3f0bccfa159ba6bd3751def6abc8c0f2c96df6ef27427 Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	397 B	2023-03-07	2024-01-19
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen579 Hash d54e487a455caded5dec88dad6038538 7aac4b5089e75a37a0281aee2080ae3081b4b387 5c263fa7f8418b34917b5ae5689fbd313530820aeaac85e768084e745c2ea239 Loading...

	ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1249169445554474&subid=1249169445554474	15 kB	2023-04-01	2023-04-01
Pretty URL ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1249169445554474&subid=1249169445554474 IP 209.151.244.116 ASN #11051 CYBERVERSE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:07:32 Last Seen2023-04-01 11:07:32 Times Seen1 Hash 71daa51389e1c7f20f1842aa59088e0a 030021000a20d604477cee1f2f6b3a98c142e70f 45b205a8900941f0512e7d54549c9146b9417fde380580ff6343b195eaa1eef8 Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	1.2 kB	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen131 Hash 290521b524b82ebb5e14abaa01b9c1d8 e19492d85482147f62fb918a12559d134613d1c6 6393e147bc9a141d678f284121df133e3602f8119776b958aeb9424420de193e Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	636 B	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen203 Hash 15b9512f5be4a2575dcc59ac37856c2e 061aea4612abe4faf05c4a3f0f0fac7e888c0546 be6eb2c523a276099bad06bc2e02f8917e998f73ac0cda2426521cb4632a2be1 Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	93 B	2023-03-11	2023-04-11
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:37:46 Last Seen2023-04-11 07:07:33 Times Seen11 Hash b3b1875da7cc2ad9cc39c0b3f3be33e7 ad06be5fd61b616620b342ebeecaba6880a17dfb c62cbb8df45199e50a13d25299c57082057b146a1f1541e4c5dbc3c5ce83b908 Loading...

	d2m2wsoho8qq12.cloudfront.net/iframe.html?token=55CB7129-0E77-A40C-B13E-7B319AC874AC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4	3.4 kB	2023-03-07	2023-04-05
Pretty URL d2m2wsoho8qq12.cloudfront.net/iframe.html?token=55CB7129-0E77-A40C-B13E-7B319AC874AC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 IP 54.230.245.201 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen430 Hash dd90e68a27b15b3378f44fa576f7cde5 64a9f1d55a2ff24678318bd48fde93fcec154397 5127171a2622e36e3899b78eaea4e123fffbc640879520918c6a3b79b0548037 Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	819 B	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen197 Hash b543295aeb728bc0b47cd37af1155cc3 4de5193a69a306a61a681f1b8bbcec3074dfa0a0 6827f7cf902367971025104b0c9e266cc9a8b2c133980f54eed0b3accc65baf6 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230209	3.0 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230209 IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen159 Hash b07baa2517c1f03c950406a88a1f6c99 0c3c68e0c2a3784374962534bffa9f2b269e891a 14350d698fd8a3e89854a22bb7602a63e1ef45bfd82b1a1f4f9abf2e5d140bf5 Loading...

	cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js	291 kB	2023-03-07	2024-01-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:58 Last Seen2024-01-19 16:43:41 Times Seen207 Hash 537fb5541479dbe0e06b56c5d21e5c73 cb2ba1c0cc5d244bf6484d74ec197efb074e9a6a 1fb32ef65d7b57f33a43580329dbf6ee37beb5b4b64272a6a0d705ca9abf3484 Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	60 B	2023-04-01	2023-04-01
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:07:32 Last Seen2023-04-01 11:07:32 Times Seen1 Hash 72a8d9cd15703ae912f12aa49e8a37f2 9b3c899f00207c4f4f722a0d756771e2666c13d1 4e545951b596f8e7b363309e81d9515d2501c1717c13f16323af106ec148bb97 Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	1.9 kB	2023-04-01	2023-04-01
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:07:32 Last Seen2023-04-01 11:07:32 Times Seen1 Hash 4c793721ed76f98db82535b3c5dd614a b34c4f493616c2d2b68eed5dd95a778919c20cd0 1b743922302ef104b87c541a4abd02c638d822bcc4e93ddce5b104d64bfe0306 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103	47 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen201 Hash 9425c8e694426b8078e0ebbaf1299fc2 d07edb40c26273a374d6f6f4863081df3c22de67 013a484e9d90cbc93f749fe4004a1408007f2da1a8a2b5493a502ff98c2ac211 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230209	142 kB	2023-03-13	2023-05-07
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230209 IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:48:27 Last Seen2023-05-07 23:16:42 Times Seen240 Hash 0bf2268fb1b8ffde5c52d6714c16dae2 3d8a0c5b978e8b2e1ef08f427caad9d6956b0681 d905964480db9884e5cfbd3ce9f5f3d19ee7499aa9bb53b082d7e41fd6b4f778 Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	59 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen131 Hash 3343475b76e305c87e4909ec17461632 d804d3249185ffc4b3194d122eba05ae7fa9068a bfc2a2ab607a55ce5886b480478989829ea8758da7facad490635683e6629e43 Loading...

	tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js	41 kB	2023-03-07	2023-06-01
Pretty URL tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-06-01 20:05:18 Times Seen262 Hash 26c749b13ae86712f7a25dcec26f3856 18065acf65c1d3ae276069cafc3b1ee60773ac7d c2bde97781b1ee79ac29c16508b257a62f14e5cc423c9d21007701bb30c51b71 Loading...

	s3.amazonaws.com/trackpush/trackpush.min.js	48 kB	2023-03-09	2023-06-01
Pretty URL s3.amazonaws.com/trackpush/trackpush.min.js IP 54.231.129.136 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:17:44 Last Seen2023-06-01 20:05:18 Times Seen631 Hash d470356148c00da67db3c9bdaecc90f9 d12a4df31633cf9a982bd6e8c3ffbc2449b1753f 5ea9947b55246bd7e281b10027a5ed301039077b0589afff470b73c561a93054 Loading...

	create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&uuid=1b08de55f8bd4f46845a2d9a04d51e45	0 B	2023-03-07	2024-04-19
Pretty URL create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&uuid=1b08de55f8bd4f46845a2d9a04d51e45 IP 52.6.30.198 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 19:54:32 Times Seen36966655 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.trustedform.com/trustedform-1.8.38.js	104 kB	2023-03-14	2023-05-12
Pretty URL cdn.trustedform.com/trustedform-1.8.38.js IP 54.230.111.103 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:12:06 Last Seen2023-05-12 17:46:56 Times Seen1009 Hash a71c6d4fa015e7b61cc1fc54ff9b242e a4564cb80c9d7b516360f361cbddbe66b7abb8aa d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js	20 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-19 19:50:31 Times Seen7539 Hash 6b08ddc901000d51fa1f06a35518f302 bafe987c18cbe0587de3e6360e7da40a2885614b 02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5 Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	251 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen133 Hash 5e5e656f3e03c73caf1e8041dc391cb9 2bdd8662597ed7b2cff53dcbe25c09c330405072 8b87151430dbd8fd8e394bd633281ec51254fe0cd5326d441a7ad56895e0e5c8 Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	31 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen132 Hash f0dd4e668cb669f70d1d71baf4e997d4 d50cf8f2eb31b6051f03ba1415a38c510cf1572e e96f51430063dc23626602bfa108e18b004b9a4f5f87fb2aee1144fed6cfca6c Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	1.5 kB	2023-03-07	2023-09-20
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:14 Last Seen2023-09-20 21:17:38 Times Seen64 Hash 4f91169d68d128219110c40214c01239 4bc464780a4ccc4a83fa6a1e32c604a7ec270682 cf173078aff3e3ac9400ebb812ebe508ea0d81fed186072e1eee06f0bd5861d9 Loading...

	ads.pro-market.net/ads/scripts/site-141028.js	2.2 kB	2023-03-07	2023-05-05
Pretty URL ads.pro-market.net/ads/scripts/site-141028.js IP 23.36.76.128 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-05-05 20:04:46 Times Seen629 Hash 365b5ee3c0302c78c16f7de2f16f2e9c 8c2e46af5cfe004d044f84067ce8e41a20bfa806 07f9667f25cfdb29c4bd56f3fc9d9f2fdc095ef87f0563b4f0bfc0dc66530b9a Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	592 B	2023-03-07	2024-01-19
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen746 Hash b7819f20ec3d377b9fb124f8f0e8ceb4 bc1c20068326ed8b2630a25df9f6f4b2dc281638 a4124d51bb27da6fe4eb67bb019de6d0999d38cfe588b59f38ceaebe7c409488 Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	355 B	2023-03-07	2024-01-19
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen582 Hash 75e4cb955a63d07fced3932d9d8f6fe0 d73015dc9bf416fd308c9f40d350945f0cfc1720 8d1c6afe9fcc4a69fd903b60adf921b932fa4baead70e2c5984550770588841a Loading...

	create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2	126 kB	2023-03-07	2024-01-16
Pretty URL create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 IP 172.67.41.229 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-16 16:52:02 Times Seen739 Hash 97495a102c98049f30e62264b1eb50f5 2826aca635888817ca3869a59dda0f1c53e32788 e3d44f6e098f5d3c6b47bb00453dbb1d58b7848332ffc70fc756009b189ba322 Loading...

	cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js	23 kB	2023-03-07	2024-04-03
Pretty URL cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js IP 104.16.87.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-04-03 15:26:41 Times Seen747 Hash c4499184878d17d8af6f4181c0d03102 c5a2ff013fa357c1d2a6571b5d8e658e670080ea aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860 Loading...

	monthlysweeps.us/assets/js/datepicker.js	17 kB	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/assets/js/datepicker.js IP 52.5.54.148 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:39 Times Seen275 Hash 50e8118195525667c97c698ae2063198 b81b9cdd700240e03f5a700577cf2f162b5d2cda 6d41c10e9bae08259ba5b58757e8dbf6713dfa033fee3330ae37e85660c85726 Loading...

	tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?2631k31j20232631j03ckl31llk138jkk062600	2.4 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?2631k31j20232631j03ckl31llk138jkk062600 IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen166 Hash f7082dbcfd1c56c968ab751a3ee9f0b0 930f3fa7714bb7fa94ea7f98e49cbc8c80e41878 505729c526d3287d1e914583830cb41750101d011da93b0e9670c5c397abd08d Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	236 B	2023-04-01	2023-04-01
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:07:32 Last Seen2023-04-01 11:07:32 Times Seen1 Hash 40e5c8c3c387c70d026b1ce8a2017a9d 3fdde699a7144e1b6ff4007220535c817fb7d2c8 b7f50f7c2e34195e506b41dcab0b697217770b8e8e098cd4e01c6978c2775f2f Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	3.9 kB	2023-03-11	2023-05-02
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:37:46 Last Seen2023-05-02 09:12:34 Times Seen21 Hash 57a81bade605db622c2a90e7ec139412 6d10bb95ffbc24f749948158a483f3cbb057c938 a6752d6494728a0eab791a3e59fa3d0bac229eeec40b1c2e5002851a4f5c58e9 Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	461 B	2023-04-01	2024-01-19
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 10:49:02 Last Seen2024-01-19 16:43:40 Times Seen414 Hash 95fbacefcf06d1f8e91799de1c2ad128 aa178b1965fdc13f459aa505214aeba0c086df98 244c64ba5bca79610402c6477ae8b3cca9b1d2448aa70e6ca34e3a8b1b7dab1c Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 216.239.38.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	deviceid.trueleadid.com/iframe.html?token=55CB7129-0E77-A40C-B13E-7B319AC874AC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4	4.1 kB	2023-03-07	2023-04-05
Pretty URL deviceid.trueleadid.com/iframe.html?token=55CB7129-0E77-A40C-B13E-7B319AC874AC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 IP 35.169.79.47 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen431 Hash 1d08eacf8810260f7f983057db5300af a6fa3b482a165ab84c34b418bee093c439f74034 61ea1ea5a132046ca584940a34a1eae6c007dc56062d2a76cf0dea486a52048b Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	278 B	2023-03-11	2023-05-02
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 19:37:46 Last Seen2023-05-02 09:12:34 Times Seen21 Hash 8f7e373b4d8ff4dcbcc090a157b6b585 6fe220755503b76f91a99c6ca67725c6bee1ffeb f04c0fa5a7827e5a4f62d1111198e14c39b13a87c7f9c3faa0cfe3901e64ccec Loading...

	www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js	415 kB	2023-03-29	2023-09-29
Pretty URL www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:35:31 Last Seen2023-09-29 03:14:46 Times Seen3321 Hash 733e4a30889fa7c9947958423e21e810 16a2cced6035295476141f8ac1cd928114cafebf 7d2c1727a32a92776f9a3078abb845bbeb77e6603c40a318f12ea1e1b5a040d7 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=y6q197p1p4w1	69 B	2023-03-07	2024-04-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=y6q197p1p4w1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-19 19:49:33 Times Seen99083 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=y6q197p1p4w1	40 kB	2023-04-01	2023-04-01
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&size=invisible&cb=y6q197p1p4w1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:07:32 Last Seen2023-04-01 11:07:32 Times Seen1 Hash 4269d97c80bdd0b999146b57b7ff332e 09da11a15aa78b64fc46fe462792a1bcdd8ccfab 0ea672aa23fe4bb95bc4364aa718a522f29cd84203e6cabbdc252b4661ba79e3 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-19
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-19 19:50:31 Times Seen6214 Hash ce6e785579ae4cb555c9de311d1b9271 5ef2c15b47d7290698c737676ba9c3056b45f2e8 0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339 Loading...

	ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1249169445554474&subid=1249169445554474	858 B	2023-04-01	2023-04-01
Pretty URL ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1249169445554474&subid=1249169445554474 IP 209.151.244.116 ASN #11051 CYBERVERSE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-01 11:07:32 Last Seen2023-04-01 11:07:32 Times Seen1 Hash 65586aa4c89b49b80650bd4b64a46e11 247c13461522e8251ac3f250ac18f17e1f57091f 2bab3d46fda06df6ae72ecccc2c9baa834204b771d8378432a223b0b2acf181c Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n	5.8 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n IP 13.107.237.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen159 Hash 10616855bf3a8c21b9b134fee239b3c6 dba045ba0742cfc54ef7a864e50d4372a8217919 0b248c5b1e6aa82997e9e8ac79a837e5ebe0b5e3478ea8e24500487cad65085c Loading...

	monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0	235 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 IP 3.228.163.244 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen132 Hash e41f80529cf4002c391833271af2f37b 4d7eb0ef27b477b04b992ca50da1c3bb19498c12 3a462ec73996538ce080b96a3e55af30dbedfda9e00e6e9cdd089aac8956a301 Loading...

	www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi	884 B	2023-03-29	2023-04-01
Pretty URL www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:01:39 Last Seen2023-04-01 11:09:03 Times Seen27 Hash 03af4178ae5e105b3e3c29165ff0ff6b 76210c09e5a1c042bafa3849f0db69e3fd4cca71 4e9648fdce68f1a3c81077a88caae81f14918dfac1f375e3f812529a1e15ec3a Loading...

	api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16802931872070.06227540137414578&invert_field_sensitivity=false	7.5 kB	2023-03-14	2023-05-12
Pretty URL api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16802931872070.06227540137414578&invert_field_sensitivity=false IP 52.2.76.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:12:06 Last Seen2023-05-12 17:46:55 Times Seen658 Hash 1b4d8abad5e0668a237e388577c6a93c cb8199d9e56f094c63ba8b451239035205422f0f 001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 4e718a0ff5fa126f04bdff704a6803b2	16 kB	2023-04-01	2023-04-18
Pretty Observations First Seen2023-04-01 10:50:34 Last Seen2023-04-18 13:05:47 Times Seen1580 Hash 4e718a0ff5fa126f04bdff704a6803b2 dc25db615e6c5420c0641a4969bb0295d83a6214 91c9bd2268eecf85fcd13452754b1f35b4a652927642dbc048bfa9354bc4d1b1 Loading...

	#2 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 19:54:32 Times Seen36966655 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#3 Eval - 915216ff08be0045694f421d74cbd4d5	22 B	2023-04-01	2023-04-18
Pretty Observations First Seen2023-04-01 10:50:34 Last Seen2023-04-18 13:05:47 Times Seen1584 Hash 915216ff08be0045694f421d74cbd4d5 6b78ef485bd0fe48aabce80e48d2d1b76627e90c b9468744100f71397e3f8311a172920219cc82df96a443392d18ae25358281d4 Loading...

	#4 Eval - cf170767329e9a0d356d6ad8e0f9c088	22 B	2023-04-01	2023-04-18
Pretty Observations First Seen2023-04-01 10:50:34 Last Seen2023-04-18 13:05:47 Times Seen1582 Hash cf170767329e9a0d356d6ad8e0f9c088 d6126d63ada5a9370cc59176634fa0a132e1cd38 0949cce28c8f79bb495b6a9c344573e8a23cc83035e2de72060f69301f64df30 Loading...

	#5 Eval - b0ccdb30cd3f4a640ddd3dbe52995a68	16 kB	2023-04-01	2023-04-01
Pretty Observations First Seen2023-04-01 11:07:32 Last Seen2023-04-01 11:07:32 Times Seen1 Hash b0ccdb30cd3f4a640ddd3dbe52995a68 ef81b5255765f51787cdf20c2d14a647de5f1557 4360e8bf96a9cd887c45e85b871e3897a13101e658f2fadc0d22755ad79ff0ef Loading...

	#6 Eval - c14af51221bafda7c60ace9c312fbd21	39 B	2023-04-01	2023-04-01
Pretty Observations First Seen2023-04-01 11:07:32 Last Seen2023-04-01 11:07:32 Times Seen1 Hash c14af51221bafda7c60ace9c312fbd21 db680874c1923b4f4df417e4a3c54a99fb951a84 130f56ee8cf8d7c736e1246afa2cd185978cd3b361ab1ba2e647b5588720c9e9 Loading...

	#7 Eval - 5923e6a91fd004cc0815f0a5494f6368	14 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-18 12:28:01 Times Seen2526 Hash 5923e6a91fd004cc0815f0a5494f6368 6f0cc8f774ac9d8240ffe81a9c659c9612d7bb70 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33 Loading...

	#8 Eval - bd5d4a79b8b6cde301f570673ad19e18	27 B	2023-03-07	2023-12-29
Pretty Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen200 Hash bd5d4a79b8b6cde301f570673ad19e18 7de704c433042a1827654062d3e0ec8dc3c9349e 52b43864b9f1786d8c0d2d679562e90dc2a00c9d68ea80188a37d9b01d23dd47 Loading...

	#9 Eval - 12b134abbf4587d8f296dc019220371b	62 B	2023-04-01	2023-04-18
Pretty Observations First Seen2023-04-01 10:50:34 Last Seen2023-04-18 13:05:47 Times Seen1583 Hash 12b134abbf4587d8f296dc019220371b e2252e70f5d9317bcc0de265ec9524fe22d5e318 4d1951b96539e06c18820eb0c298d0ca9f7cd757c4342057990e30d4bd8c8f4b Loading...

		Size	First Seen	Last Seen
	#1 Write - edb335f33ed56071c0fae4b037c48a40	830 B	2023-04-01	2023-04-01
Pretty Observations First Seen2023-04-01 11:07:32 Last Seen2023-04-01 11:07:32 Times Seen1 Hash edb335f33ed56071c0fae4b037c48a40 10fa3a85603ce7a321b634fefb2dd89b3ae76a5e bb6285e8bac11840c6b82dca498f1eee060e2fcd865665be05f3cc0098b249d9 Loading...

	#2 Write - 99234f3b8fc4547332693b95306d6e4b	15 kB	2023-04-01	2023-04-01
Pretty Observations First Seen2023-04-01 11:07:32 Last Seen2023-04-01 11:07:32 Times Seen1 Hash 99234f3b8fc4547332693b95306d6e4b e88e3390fa89afb330ad7e586b9b8fa09f360dd6 9b87eccc8c212ca5a283fddd6dc7a568c1e8f7f678162eb3ced7f6cd822410b1 Loading...

HTTP Transactions (107)

URL IP Response Size

monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474/?em=0

3.228.163.244

301 Moved Permanently

134 B

URL HTTP/1.1
monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474/?em=0
IP
3.228.163.244:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474/?em=0 HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 31 Mar 2023 20:06:24 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://monthlysweeps.us:443/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474/?em=0

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10711
Expires: Fri, 31 Mar 2023 23:04:56 GMT
Date: Fri, 31 Mar 2023 20:06:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5619
Expires: Fri, 31 Mar 2023 21:40:04 GMT
Date: Fri, 31 Mar 2023 20:06:25 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 19:28:25 GMT
content-type: application/json
age: 2280
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
374c9e295a804e605c402f48ae7e2446
967394b36ecdff2dd32842f878887f061024c6b3
7652dfcb9e2d620ce1d033be8ecc53166d2881154c15decd60899415e5ac2706

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7652DFCB9E2D620CE1D033BE8ECC53166D2881154C15DECD60899415E5AC2706"
Last-Modified: Thu, 30 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4393
Expires: Fri, 31 Mar 2023 21:19:38 GMT
Date: Fri, 31 Mar 2023 20:06:25 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: AZ9JNLDk2G4zVZLeDkzJe9p0pWnwYMvi6aEpfKkfrUCb4NIc9Zb6mTMRT/Xd/HM1x+vYU4JHUBQ=
x-amz-request-id: 3ARJXQD469BWM993
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 19:12:18 GMT
age: 3247
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 20:06:25 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ab61862f016dea85f8aa55e59369d905
a5e81f13052b9e9184caf05a9740c345a40d1f22
e0d580c313088d524a5338e63e4acf9f3f3cb45a54f2528c5d1c4915d71b255b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E0D580C313088D524A5338E63E4ACF9F3F3CB45A54F2528C5D1C4915D71B255B"
Last-Modified: Thu, 30 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10493
Expires: Fri, 31 Mar 2023 23:01:18 GMT
Date: Fri, 31 Mar 2023 20:06:25 GMT
Connection: keep-alive

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
466b02e85418b6daefac5aa813625a02
01ba68a8e17a3bcf9852c433a816c4d00bbf65d8
582609843bfc134541079a7bbab3baa3e028089e4977d244f61ec01f13372ad2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=123240
Date: Fri, 31 Mar 2023 20:06:25 GMT
Etag: "64267b70-1d7"
Expires: Sun, 02 Apr 2023 06:20:25 GMT
Last-Modified: Fri, 31 Mar 2023 06:19:28 GMT
Server: ECAcc (bsa/EB2E)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NzJwt_m_NYwYfxm3guBuffu8gt5wGfGjnNoANEZBNvN6Wi69wJqmkg==
Age: 58

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Expires, Cache-Control, Content-Length, Retry-After, Last-Modified, Pragma, ETag, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 19:14:39 GMT
age: 3106
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474/?em=0

52.5.54.148

301 Moved Permanently

307 B

URL HTTP/2
monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474/?em=0
IP
52.5.54.148:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
307 B (307 bytes)
Hash
60213d5dd88b6fb81e4cee83c80867af
1d626f668cb2135a91fe5b293cc1193458ba65a5
36b0a1ea35b57b7092688319df256f33969d2ed3cc5feecd69f773029fd94f67

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474/?em=0 HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Fri, 31 Mar 2023 20:06:25 GMT
content-type: text/html; charset=iso-8859-1
content-length: 307
location: http://monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0
server: Apache/2.4.41 (Ubuntu)
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.117.65.55

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.117.65.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kH2gUoqyF+gMbO2pQ5pFcw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oiz5Ol8sGMDJI6VLDEHBX+0bmEI=
Date: Fri, 31 Mar 2023 20:06:25 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0

3.228.163.244

301 Moved Permanently

134 B

URL HTTP/1.1
monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0
IP
3.228.163.244:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 31 Mar 2023 20:06:25 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://monthlysweeps.us:443/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0

monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0

52.5.54.148

200 OK

9.8 kB

URL HTTP/2
monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0
IP
52.5.54.148:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (939)
Size
9.8 kB (9799 bytes)
Hash
97611b9b5138c51634ff545e2cdda6e0
f6865c360f41f1a5f31d930e1073a90ee46d6343
b6dafdd2c9e26ca574d439bf218fe04595160de25568d05528144d8ef1254142

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0 HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:25 GMT
content-type: text/html; charset=UTF-8
content-length: 9799
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=679a5r8espp0kipdvdtvagu3e157vedu; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

monthlysweeps.us/assets/css/sweeps.css

52.5.54.148

200 OK

1.6 kB

URL HTTP/2
monthlysweeps.us/assets/css/sweeps.css
IP
52.5.54.148:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
1.6 kB (1625 bytes)
Hash
c28664e8a572002e8c40366db5c9ec54
2dad53df7b306f3da189bea83bba518e76fa06e9
dbcf80364964bc8c431864fdd3b73ab58b5a228002f04ad1075d7a3b60b57772

HTTP Headers

GET /assets/css/sweeps.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0
Cookie: ci_session=679a5r8espp0kipdvdtvagu3e157vedu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: text/css
content-length: 1625
server: Apache/2.4.41 (Ubuntu)
last-modified: Wed, 01 Mar 2023 16:02:09 GMT
etag: "170a-5f5d8d5a5e368-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

monthlysweeps.us/assets/css/loading_icon_1.css

52.5.54.148

200 OK

580 B

URL HTTP/2
monthlysweeps.us/assets/css/loading_icon_1.css
IP
52.5.54.148:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
580 B (580 bytes)
Hash
b6b8913a6a3ad6881037667493551ec5
3daae516738f878875bb15766ca06a2ed9ee442b
cc46b8ab8bf6a609d0c9336a46ef8b217c15fb2ecdef548c5c4d6ce6ebdb52cf

HTTP Headers

GET /assets/css/loading_icon_1.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0
Cookie: ci_session=679a5r8espp0kipdvdtvagu3e157vedu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: text/css
content-length: 580
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:07 GMT
etag: "db0-5c80ac2ce37a0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

monthlysweeps.us/assets/css/datepicker.css

52.5.54.148

200 OK

818 B

URL HTTP/2
monthlysweeps.us/assets/css/datepicker.css
IP
52.5.54.148:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (3335), with no line terminators
Size
818 B (818 bytes)
Hash
3240fc33175e0e388f26fbac8bf8cff3
cf1a645948c9ce996e1560b9569f56822c4f9ba8
9077f43ae19f62f65d930304d4f77d3ce23ec0d4ba41e1284dac8702fbc05f96

HTTP Headers

GET /assets/css/datepicker.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0
Cookie: ci_session=679a5r8espp0kipdvdtvagu3e157vedu
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: text/css
content-length: 818
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:06 GMT
etag: "d07-5c80ac2c970f8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

104.17.25.14

200 OK

6.5 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (20322)
Size
6.5 kB (6458 bytes)
Hash
df9fe6d48e380554eb0ec9687bed3246
207263d754220200c1916edfbda262f62223ecf5
91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9

HTTP Headers

GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8518387
expires: Wed, 20 Mar 2024 20:06:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNVqIl4MtfzYEqmo5lARY5ZomBKOLghjidru3zI%2B3cxbsrPBFwDcXsYZQPouRnNHK0%2BMfASyLONQJNvx1b%2Fa9VrBOMB3p%2BW30wkKuSsxc8RAvejBjXjLz%2F9pw3ag3S0yfIDg8RmP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7b0b367d290ab511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

monthlysweeps.us/assets/img/sweepstakes250/one.png

52.5.54.148

200 OK

801 B

URL HTTP/2
monthlysweeps.us/assets/img/sweepstakes250/one.png
IP
52.5.54.148:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Size
801 B (801 bytes)
Hash
03744c9d39310c5d2af2cf2a23616580
603f0d70ddc7d77f6341dc0caf9e0740b33ae061
afbc2f9fe529022b98f966b254c8d3173a40998fdd01ee3739df99a8a3169a0b

HTTP Headers

GET /assets/img/sweepstakes250/one.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0
Cookie: ci_session=679a5r8espp0kipdvdtvagu3e157vedu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: image/png
content-length: 801
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:31 GMT
etag: "321-5429f55d7e9c0"
accept-ranges: bytes
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.3.1.min.js

69.16.175.10

200 OK

30 kB

URL HTTP/2
code.jquery.com/jquery-3.3.1.min.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
30 kB (30288 bytes)
Hash
d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44

HTTP Headers

GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680293186.dop009.sk1.t,1680293186.cds257.sk1.hn,1680293186.cds240.sk1.c
X-Firefox-Spdy: h2

ads.pro-market.net/ads/scripts/site-141028.js

23.36.76.128

200 OK

1.1 kB

URL HTTP/1.1
ads.pro-market.net/ads/scripts/site-141028.js
IP
23.36.76.128:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (514), with CRLF line terminators
Size
1.1 kB (1101 bytes)
Hash
540b7c85a21cf48ee81735b2ffcc335f
e5eaedc157c73717aab322629e3f1ad8569bc0a1
aa2916440a5dc9e91cc213dc3503845a97fe91cfd12fe8e6cd92032b675a4da9

HTTP Headers

GET /ads/scripts/site-141028.js HTTP/1.1
Host: ads.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Last-Modified: Tue, 23 Jul 2019 13:39:45 GMT
Server: nginx/1.0.15
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 1101
Cache-Control: max-age=86400
Date: Fri, 31 Mar 2023 20:06:26 GMT
Connection: keep-alive
Vary: Accept-Encoding

cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js

104.17.25.14

200 OK

59 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65274)
Size
59 kB (58913 bytes)
Hash
a63b2977b01b6e2d2e2086c3f63a3c9a
560409f64e40f5078e1ba8d496657badd7a3a6ee
4a477bb786727bd8c49a1dbc25dd37dcce7f2ceece74576dffd8a3da739b034f

HTTP Headers

GET /ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 58913
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-46f6d"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 23336360
expires: Wed, 20 Mar 2024 20:06:26 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUSsF5kERHu5aeQ80ila1PCmZdpnze8BxIR6YM9UNRYPrLMgbZimDhuSJohJLA2IqKwbz0Fky5Jn%2FDwu0kYsnkHQkJBZXuM1P%2FCj6txTwD9WnVJfjh%2FBpjikDi9cjp2llpRdcIPC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7b0b367d291cb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

monthlysweeps.us/assets/img/sweepstakes250/two.png

52.5.54.148

200 OK

915 B

URL HTTP/2
monthlysweeps.us/assets/img/sweepstakes250/two.png
IP
52.5.54.148:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Size
915 B (915 bytes)
Hash
a1914f8236d7704856f5c5762e86c109
ea40712fad474fab16b7e2f1505bcb42302cd6ec
6c21621aeb7ad165ee758074b65bbf2fa35498a74320a940c52a3208375ef26d

HTTP Headers

GET /assets/img/sweepstakes250/two.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0
Cookie: ci_session=679a5r8espp0kipdvdtvagu3e157vedu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: image/png
content-length: 915
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:30 GMT
etag: "393-5429f55c8a780"
accept-ranges: bytes
X-Firefox-Spdy: h2

monthlysweeps.us/assets/js/datepicker.js

52.5.54.148

200 OK

5.3 kB

URL HTTP/2
monthlysweeps.us/assets/js/datepicker.js
IP
52.5.54.148:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (16878)
Size
5.3 kB (5285 bytes)
Hash
6c28af1b6fa9301701dfefc5dbfe5159
134cfa1c0a5a837f002034b8ea1a8c6243b96bac
4a47c7c7ccb099528d7387eadcc4989bbbc17d75981507635d015da4711bb932

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/datepicker.js HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0
Cookie: ci_session=679a5r8espp0kipdvdtvagu3e157vedu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: application/javascript
content-length: 5285
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:09 GMT
etag: "42ac-5c80ac2fab258-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
741a2f47aab81a2c7ed0fadaa1fa74e3
be34e0df4a5f272589a017ce77ece974d890f27c
4ea1737c8246072ea1072314ae684c1f7e518a81a5200c46374e47378bfb6b63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:06:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e2d5e4593c830bd9a297e9d820fce16b
a48bacab5839fbc2a379e0e1f8703da462f3c31d
c273a26e5fb94b4aa7c494bd09daf02419f99307f90de3891951535ae93e8028

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:06:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi

142.250.74.132

200 OK

585 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
585 B (585 bytes)
Hash
3ad4f5b64ed2d55ed09fdc69d209ab15
09e53133d01cd9ad832f58cdb1c71426cc9d73b7
23ab378c59388d1dd35825d3919924f846eec6519ea989cdc73d0d6ba6b5a814

HTTP Headers

GET /recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Fri, 31 Mar 2023 20:06:26 GMT
date: Fri, 31 Mar 2023 20:06:26 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a5ac29d7d71ef6c0cc7547974c8c4f7b
29108a8370757ef63f347d1fd2ae696f5842342c
3371093d6dab54c7c3b612e3774435f0a592bee4e40fbcc2edd55d29d7715c26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:06:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a013b8698c4ff7b527a98379d21f8d51
4cffc2d5925e6daea086b70fecc3e12fd2a75b8d
28f02fdf4c2167dbfc6bd7530f24586626b50b5440f4d1747d31be0d800946f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:06:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5ac54bb3628890e12111d64757053dac
882c767217269bad8ce48c525f3fc09b0b463524
c1ad6c172550ea4fe7b49ec5f913099a74b95f887cb31bfde78e4895b016bc01

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:06:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2

172.64.133.15

200 OK

78 kB

URL HTTP/2
use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Size
78 kB (78268 bytes)
Hash
d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

HTTP Headers

GET /releases/v5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: font/woff2
content-length: 78268
x-amz-id-2: f4R3/B6WEbsBMnxSteN2pN9aFbTQ735dhOx5BK+j7P7Ve1cuejDnzZOm77OQcR25FL2CQSCu6/w=
x-amz-request-id: T75RWJWAK7Y1GS56
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 4
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8XTNTXUZP6wReMnmx4n1I4Lix9kgZ6q7qpoEK4tObPX0mluSWkSklMvX7Sg55BItSustjAVaV9Phc0LAvNWqnQOI0rW%2BunzjgO8V5Vsocr6%2FigNx095xxpoYCV6cnOcODURnyNH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0b367e9c00068a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

216.58.207.227

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Size
18 kB (17908 bytes)
Hash
e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

HTTP Headers

GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:39:11 GMT
expires: Wed, 27 Mar 2024 10:39:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
age: 293235
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:32:16 GMT
expires: Wed, 27 Mar 2024 10:32:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
age: 293650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.15.4/css/fontawesome.css

172.64.133.15

200 OK

36 kB

URL HTTP/2
use.fontawesome.com/releases/v5.15.4/css/fontawesome.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (57687)
Size
36 kB (36176 bytes)
Hash
0a7609ef82eac96876d02b1e2fa4f933
4ae5e91453b676a9b2b2cde16af9418a96e1bb5b
d7a01f2261cf5363516ee89d5283a30b59020665db5f6396e82a3e66baa147cc

HTTP Headers

GET /releases/v5.15.4/css/fontawesome.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: text/css
x-amz-id-2: 438/TJoijgw7h0eNtAwdXztbwAzDfYlUraDWX0FEaxVunE2EoNl86ZJHsr5q5ooIxMLMXi8qw9M=
x-amz-request-id: TA8EPE10SJM7STSG
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a227f005fa7ae066c1068ac4b963514c"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 23847
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eShKLwxTP43KqvrfIRTU%2FXu1rpW3Ty2xF2tVMIJuRYytwS9ebyhIZ6GnAgBejGJzzPJn6O6eoRNFKjRchX9%2Fe33pkGb8HQRMmzqL1WqjF2AFLxSv%2Ftzgb6zhw0zk60vkLxHVMVA7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0b367e0b79068a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff36ec2657d8ee3b0f78d0a8b2bc9c96
7ce770b27771a2417292364a24af2d65bb9085a5
7c6a6029f3d8b5c88c0d52cfa1d8a6d79fe57080cbd88951ce40456d1ae214e0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:06:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
651a8f0d2018e1c0efd74b9e803f2810
1722d406ae683ab47f364a99a698c225de48ed31
233dab83ed6342f20d3d66101100a462a10cda285ad093235c966b2f0112b40f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:06:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 31 Mar 2023 02:10:14 GMT
Expires: Fri, 07 Apr 2023 02:10:13 GMT
Etag: "1722d406ae683ab47f364a99a698c225de48ed31"
Cache-Control: max-age=539626,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7b0b367ee93db529-OSL

monthlysweeps.us/assets/img/campaign/1249_welcome.png

52.5.54.148

200 OK

24 kB

URL HTTP/2
monthlysweeps.us/assets/img/campaign/1249_welcome.png
IP
52.5.54.148:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 500 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
24 kB (23920 bytes)
Hash
2e24581b6aac99ec3e2297b320425e76
98e9aa8c6a5ab7064f6cf148f4e92fe07d31c914
79ec893d60a62640fa88f45c8c4900e67036a253cf4cddac29fc6da403fa2ff0

HTTP Headers

GET /assets/img/campaign/1249_welcome.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0
Cookie: ci_session=679a5r8espp0kipdvdtvagu3e157vedu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: image/png
content-length: 23920
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:33:23 GMT
etag: "5d70-5d7afdc8e1548"
accept-ranges: bytes
X-Firefox-Spdy: h2

ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1249169445554474&subid=1249169445554474

209.151.244.116

200 OK

700 B

URL HTTP/1.1
ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1249169445554474&subid=1249169445554474
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (852), with CRLF line terminators
Size
700 B (700 bytes)
Hash
8add9f78c499e5499b6c873d1dd3caf3
eb4e7ce95c47acdd41bcc3c08037bb66007f9e53
170bc0f35c3c51f3187494cee66be67aee3d92fc58c66301976a51a3dd460ea4

HTTP Headers

GET /generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1249169445554474&subid=1249169445554474 HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 109
Date: Fri, 31 Mar 2023 20:06:26 GMT
Content-Length: 700

monthlysweeps.us/assets/img/campaign/1249_bg.jpg

52.5.54.148

200 OK

205 kB

URL HTTP/2
monthlysweeps.us/assets/img/campaign/1249_bg.jpg
IP
52.5.54.148:0
ASN
#14618 AMAZON-AES

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size
205 kB (205247 bytes)
Hash
73d2b31df9ec1fe0c4e66a01e5e785b0
5fe301ad5e2579be8b15c0f3a1fa85e83e144741
ec9b940fa1d7e84102af2028679eaad91995a59b4f47728f2144efac555928c7

HTTP Headers

GET /assets/img/campaign/1249_bg.jpg HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0
Cookie: ci_session=679a5r8espp0kipdvdtvagu3e157vedu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: image/jpeg
content-length: 205247
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:33:23 GMT
etag: "321bf-5d7afdc8ca618"
accept-ranges: bytes
X-Firefox-Spdy: h2

ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1249169445554474&subid=1249169445554474

209.151.244.116

200 OK

4.8 kB

URL HTTP/1.1
ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1249169445554474&subid=1249169445554474
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document, ASCII text, with very long lines (15112), with CRLF line terminators
Size
4.8 kB (4846 bytes)
Hash
11a60f016f276c96e55676b171a801fb
5cfabc35c3cb78b352fc68ae6c65a56391b36a0f
14925a064072367e143f63ae8e1705ee71db237c7e6899a55c056779b23ab6e7

HTTP Headers

GET /GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1249169445554474&subid=1249169445554474 HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 109
Date: Fri, 31 Mar 2023 20:06:26 GMT
Content-Length: 4846

tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif

13.107.237.53

200 OK

43 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /amsus/ldsapi/assets/images/spacer.gif HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
content-type: image/gif
content-md5: MlRyYBVx8x4b8AZ0w2jTNQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
x-cache: TCP_HIT
x-ms-request-id: c5327f8d-e01e-004d-2ae2-629211000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ccUmZAAAAAAJmbwk8Tv5QLKdUQv935b4RlJBMjMxMDUwNDE3MDMzADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ==
x-azure-ref: 0Qz0nZAAAAAA99xapzUt7QbNb6jObRy27Q1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 31 Mar 2023 20:06:26 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419

13.107.237.53

200 OK

520 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (520), with no line terminators
Size
520 B (520 bytes)
Hash
004c48ee12ed64e223dae51fffda80ca
a3a70b71586d8573a400bd4a2a0eb9bf8ec39c17
735903b0b0ffc434c5dd315d19c20594526dd23bcc44480e69edfbe20f4fb117

HTTP Headers

GET /amsus/ns/assets/awesome-font/font-awesome.css?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 520
content-type: text/css
content-md5: AExI7hLtZOIj2uUf/9qAyg==
last-modified: Fri, 21 May 2021 11:01:09 GMT
etag: 0x8D91C47BDA9A147
x-cache: TCP_HIT
x-ms-request-id: cb597fbf-701e-000c-6be5-60ba02000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0YRMmZAAAAAAedI07wS8gQJx9hOK6Ba3lRlJBMjMxMDUwNDE4MDE3ADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ==
x-azure-ref: 0Qz0nZAAAAACMJ+VtHSJfT7aKMGhH+vjbQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 31 Mar 2023 20:06:26 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230209

13.107.237.53

200 OK

25 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230209
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
25 kB (24967 bytes)
Hash
006dcc2d1d085d2b4da757585335a591
b3333b43364dd46ad7b0521324aab5a91c2cee83
a76e7144e368cec6e94642eb3c8f93b113e52cfe4d1e63ec240d794cc479a592

HTTP Headers

GET /amsus/ldsapi/assets/script/common.min.js?version=20230209 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: C/Imj7G4/95cUtZxTBba4g==
last-modified: Thu, 09 Feb 2023 14:51:24 GMT
etag: 0x8DB0AAD1DCE4D7E
x-cache: TCP_HIT
x-ms-request-id: 21fdd863-b01e-001a-47cf-627b9c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0YRMmZAAAAADiY6wbLVLLQab72+6nlERaRlJBMjMxMDUwNDE3MDIzADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ==
x-azure-ref: 0Qz0nZAAAAADzt1thyJVYQ6bv6WdC1tggQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 31 Mar 2023 20:06:26 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
14539c5e0ca6ce826e62bdadad738bbd
92ce1bbc7f338d3e48e35d637513ab0aba610a98
58e8d186f5d0531c2597d267b0a92bb46909e8fa162b2b5f7fa6e50b2e0af357

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58E8D186F5D0531C2597D267B0A92BB46909E8FA162B2B5F7FA6E50B2E0AF357"
Last-Modified: Fri, 31 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4329
Expires: Fri, 31 Mar 2023 21:18:36 GMT
Date: Fri, 31 Mar 2023 20:06:27 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9859 bytes)
Hash
da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: c00efe5b-7fdb-445a-a924-75ddd461b72b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: COQPtHizoAMF7-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfa64-3eb90ae703b78e8a06130540;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:06:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: nZfXy-IsoHliuLodEocEZlH-IvmIV9G-noSmSEU1wmuMPfBx3rLJ9w==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 00:11:32 GMT
age: 71695
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10271 bytes)
Hash
424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:44:51 GMT
age: 80496
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6380 bytes)
Hash
8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 3paQf8BhyRcZoZNox8660Zyzz0WaiQxJuHmDbj4wpo-rgbDdkxrYgQ==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:47:23 GMT
age: 80344
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11061 bytes)
Hash
39bdd16276747b1445a79e674a2a3347
d0676f63738484298a78b7abf7e4934c3d256065
67aa526299060c2a39c4baa10fd03f121497dccd5e765676639ed73ac529c34b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6350b4c-fa14-49e1-a21b-44b6f311dbdc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11061
x-amzn-requestid: 428128ec-c441-4ff7-9c84-880a01672b00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnVFnFf0IAMFTvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260223-185c48300f161931310fa35f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:41:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: gc77o7y-moH1HuMEZFe9-00DVAda9baa-5VEPlMA4SIZDJNzQ8jUlA==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:49:08 GMT
etag: "d0676f63738484298a78b7abf7e4934c3d256065"
content-type: image/jpeg
age: 80239
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10490 bytes)
Hash
0530376e431b6563796e4abb0db0bc4e
6921f4bd83a806e1ea8247854ad4c045fa7ee298
d6371c81d5494d5e50fd5cc1cfe1ce28213dfa70ea5a94df82c9f4b3e6430a53

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba3e3682-3d0e-4ac1-8330-9ea9ebe92041.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: 0525e5c4-485e-47eb-ab95-1136e4d5c29a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUnTEztoAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260161-54b47454475ff6ee4d880534;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: AdbJgoCBGJGvjP53lBj3_GWyuRF8O_fgNTPPEjUmFmyRxMQl2pgTzw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:54:29 GMT
age: 79918
etag: "6921f4bd83a806e1ea8247854ad4c045fa7ee298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5806 bytes)
Hash
8600e41520408df4865627256a0a0736
dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef
9163d80d7b6087b804e6682a50d4f66339d339894cf1c5808f2e5c2e0b3de930

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cbd721e-872e-4eec-8eb5-363663d0ab36.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5806
x-amzn-requestid: cee5b166-592b-405e-b5f1-e36eb249ec59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUllFFooAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-01840fa47177285667bca060;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Jktkwc3JLU31AY5B5pC5JTjPGARjflqoJRZiD6IpF5-10IO6UNlH_Q==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:46:33 GMT
age: 80394
etag: "dffeaf1a8f73ae9f6247b9dc7f05301fefc00aef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsPlacement.aspx?hKey=1358382325&affid=1249169445554474&subid=1249169445554474&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=

209.151.244.116

200 OK

663 B

URL HTTP/1.1
ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsPlacement.aspx?hKey=1358382325&affid=1249169445554474&subid=1249169445554474&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
663 B (663 bytes)
Hash
8c37ccea24868e7fad610f3bbbe33dd2
e8edd6672ec13e9ce4fd87b8015a46e9d02ac968
26c3b5a7e548fe2cb899094ef01fadbae85f9aa6ebb80b4c8b656d5d3ac76c48

HTTP Headers

POST /ManageImpressions/ReportViaJsPlacement.aspx?hKey=1358382325&affid=1249169445554474&subid=1249169445554474&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Fri, 31 Mar 2023 20:06:27 GMT
Content-Length: 663

ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1358382325&affid=1249169445554474&subid=1249169445554474&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=

209.151.244.116

200 OK

709 B

URL HTTP/1.1
ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1358382325&affid=1249169445554474&subid=1249169445554474&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (351), with CRLF line terminators
Size
709 B (709 bytes)
Hash
e0b8267a2d5921978ac114343623ffc2
e155ec18226d4a3d8f2055b49354730799496c7b
559999180721bea2effab731a796078da5c7783a656be1abf8fc7ed58fbad283

HTTP Headers

POST /ManageImpressions/ReportViaJsCampaign.aspx?hKey=1358382325&affid=1249169445554474&subid=1249169445554474&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Fri, 31 Mar 2023 20:06:27 GMT
Content-Length: 709

tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0

13.107.237.53

200 OK

84 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format, TrueType, length 83760, version 1.0\012- data
Size
84 kB (83760 bytes)
Hash
fdf491ce5ff5b2da02708cd0e9864719
7f2f3c55c2de192387c351b995115f6b79e09173
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

HTTP Headers

GET /amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://tmgassets.azureedge.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 83760
content-type: font/woff
content-md5: /fSRzl/1stoCcIzQ6YZHGQ==
last-modified: Fri, 21 May 2021 11:01:16 GMT
etag: 0x8D91C47C18878E8
x-cache: TCP_HIT
x-ms-request-id: e8818b30-601e-003a-25c4-631750000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0c8UmZAAAAABssm4dWWheT5K2bZAW6KBoRlJBMjMxMDUwNDE4MDE5ADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ==
access-control-allow-headers: *
access-control-allow-methods: GET
x-azure-ref: 0RD0nZAAAAACyhiyJnxvDTYoWBATgL4kLQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 31 Mar 2023 20:06:27 GMT
X-Firefox-Spdy: h2

ocsp.usertrust.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
ae3ea87480a120c0c32dd3d0e1c1f665
0092290f86c7fbc0b2d6add350e500613b31d65d
f3f8f1be09db4e6661b6cca329b003cee56830e23162ed3f8ed3d7b126a633dc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 20:06:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 29 Mar 2023 10:10:21 GMT
Expires: Wed, 05 Apr 2023 10:10:20 GMT
Etag: "0092290f86c7fbc0b2d6add350e500613b31d65d"
Cache-Control: max-age=604095,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 352
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b0b3689caa30b4d-OSL

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
4bbd65bc6b236b9fd33d83f168cefb9b
95001bf9d79764b9563fa13c06c63229837c4dd6
bdaa98c0a79e6b6af9fac88344603adf734b3924579f72470203abbc7c70d171

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152496
Date: Fri, 31 Mar 2023 20:06:28 GMT
Etag: "6426d6b7-1d7"
Expires: Sun, 02 Apr 2023 14:28:04 GMT
Last-Modified: Fri, 31 Mar 2023 12:48:55 GMT
Server: ECAcc (nya/79CE)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jbW7CWuSjBB4Xntopx0OFIYv6OQ12JtV0wOx7gXK7G_8hhxs78DoBQ==
Age: 5949

monthlysweeps.us/go/api/zip/undefined?get_param=value

52.5.54.148

200 OK

111 B

URL HTTP/2
monthlysweeps.us/go/api/zip/undefined?get_param=value
IP
52.5.54.148:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
111 B (111 bytes)
Hash
4072747d6757278fe77c6970474ad27d
7404af04b7ef1db62f26e0a08fe82ab5a184e901
7d911cc2e66702b54cfca359fb39a67a65259e9ed6706c4a78516d20a4670e6f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/api/zip/undefined?get_param=value HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0
Cookie: ci_session=679a5r8espp0kipdvdtvagu3e157vedu
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:28 GMT
content-type: application/json; charset=UTF-8
content-length: 111
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: ci_session=679a5r8espp0kipdvdtvagu3e157vedu; path=/; HttpOnly; SameSite=Lax
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2861dcb4dcae0f11fed6021eefcb116e
7b303aaf4248c057fdbd5daa03c27052e33fed22
fb61f93ac93296dd47504278c4dfdd053a5c482d5b347d30545ff1bb0df318b6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132138
Date: Fri, 31 Mar 2023 20:06:28 GMT
Etag: "642687f2-1d7"
Expires: Sun, 02 Apr 2023 08:48:46 GMT
Last-Modified: Fri, 31 Mar 2023 07:12:50 GMT
Server: ECAcc (nya/799C)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dcfpZFAgv7rBjfJi02GySugQSialw9aX8OxWTZJlThXzyTgxb9Hx4Q==
Age: 5756

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b2595847b4b5ca7c8bfc690c5911b584
1e3792813466972917ff6967d0214971f8efce26
b8e168c47e30fd9e1e28301c88d84704a6ea061b3469e7a0f7595cb1124988d7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 31 Mar 2023 20:06:28 GMT
Last-Modified: Fri, 31 Mar 2023 18:57:47 GMT
Server: ECAcc (bsa/EB26)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tOkwwBpZLrGiY_EPF0NDnLDR9Y6Do6MJDrtrhy54P4z-JT1FMqOTMQ==
Age: 4122

api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16802931872070.06227540137414578&invert_field_sensitivity=false

52.2.76.17

301 Moved Permanently

134 B

URL HTTP/2
api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16802931872070.06227540137414578&invert_field_sensitivity=false
IP
52.2.76.17:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /trustedform.js?provide_referrer=false&field=trusted_form&l=16802931872070.06227540137414578&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Fri, 31 Mar 2023 20:06:28 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16802931872070.06227540137414578&invert_field_sensitivity=false
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js

13.107.237.53

200 OK

8.1 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (349), with CRLF line terminators
Size
8.1 kB (8086 bytes)
Hash
e9429e3ffb7d8514beafbba3637a28c3
000c0e3b64f9606f3cfc4e00838cc4ff942d5cdb
13de171f3d8923becf41b04d1e5f2d86f3f5d641317c3e92f8d3355e8d41261e

HTTP Headers

GET /amsus/ns/js/offers_extended_functions.min.js HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=60
content-type: application/javascript
content-encoding: br
content-md5: JsdJsTroZxL3ol3Owm84Vg==
last-modified: Mon, 07 Mar 2022 22:37:07 GMT
etag: 0x8DA008B03257DBD
x-cache: TCP_HIT
x-ms-request-id: 56d4f130-d01e-000a-570c-644d7a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0CT0nZAAAAABYkHSadIE+RK1735bUfnf3RlJBMjMxMDUwNDE3MDM3ADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ==
x-azure-ref: 0RD0nZAAAAACuwAyWJ7u+R5sLygwf/V8aQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 31 Mar 2023 20:06:27 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fc0bc67cb73720019a64ebe2e6cc00a8
1caa960bc9bf478f88d9401ac9784d42641f513e
a8053d663c8bfb024620c710e40c226c0fc1c82620c511ffed5379ad4191acd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:06:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js

142.250.74.35

200 OK

166 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (597)
Size
166 kB (166058 bytes)
Hash
4043af37a3392a9db521ff9ab62d9608
83828688e7a2259ed2f77345851a16122383b422
ee076822f35390ee382cda71759a2eec8f4db2bc18e4e3acd586173c29dab321

HTTP Headers

GET /recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166058
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 31 Mar 2023 08:38:04 GMT
expires: Sat, 30 Mar 2024 08:38:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 41304
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

216.239.38.178

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.239.38.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 31 Mar 2023 20:05:12 GMT
expires: Fri, 31 Mar 2023 22:05:12 GMT
cache-control: public, max-age=7200
age: 76
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

monthlysweeps.us/favicon.ico

52.5.54.148

200 OK

5.4 kB

URL HTTP/2
monthlysweeps.us/favicon.ico
IP
52.5.54.148:0
ASN
#14618 AMAZON-AES

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
5.4 kB (5430 bytes)
Hash
b0a102991e7332643ae57365023c00c8
4ea4c55c982e08bda104d2e8e981594c067cef24
1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/25b563076276d52d92d18595e56dbc9a/aid/16944/s1/5554474?em=0
Cookie: ci_session=679a5r8espp0kipdvdtvagu3e157vedu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:28 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:08 GMT
etag: "1536-5c80ac2e78fe8"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5b6731341a66be32757ea461f5bd605a
f9a017cd1195d1eafb3839a899baf75f2e71958f
4bda8352f303d3fb71b8c4b2ecc9fbe75dcfc91dd2232260afb1e37ebbf139fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:06:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d2m2wsoho8qq12.cloudfront.net/iframe.html?token=55CB7129-0E77-A40C-B13E-7B319AC874AC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4

54.230.245.201

200 OK

1.4 kB

URL HTTP/1.1
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=55CB7129-0E77-A40C-B13E-7B319AC874AC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP
54.230.245.201:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.4 kB (1449 bytes)
Hash
ef825b8a88a51cd76a51d08dfc1d4f99
5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b
2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1

HTTP Headers

GET /iframe.html?token=55CB7129-0E77-A40C-B13E-7B319AC874AC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Wed, 22 Mar 2023 16:44:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Thu, 30 Mar 2023 23:14:37 GMT
ETag: W/"641b3057-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1ZICRtskR5506tnb6BKPv8WU1cUeVuQ2vdoxmjo63SuRYMM-AXZtXw==
Age: 75112

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
2612a94918728af876b04e1dd7e79531
1c1631eba46390f53fbb7dfedd0f7ecc97607c8e
e0e8b890edb62defb19b76b2c6d19891dad7fd33a1586cdd9466ac69f2a4cb9e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159811
Date: Fri, 31 Mar 2023 20:06:29 GMT
Etag: "6426fe40-1d7"
Expires: Sun, 02 Apr 2023 16:30:00 GMT
Last-Modified: Fri, 31 Mar 2023 15:37:36 GMT
Server: ECAcc (nya/79CE)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PE6NV4NFUsmkC6ugEbBkuNkE8esghq532oFHujDHfaqTeiRk-g9LVQ==
Age: 3144

ldsapi.tmginteractive.com/api/hitsnap.ashx

209.151.244.116

200 OK

21 B

URL HTTP/1.1
ldsapi.tmginteractive.com/api/hitsnap.ashx
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
JSON data\012- , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
8736cdfe08480bca66cffeee06268705
81af0417f969f93848b1cf30fce1db93884facc1
838a7c62adda8d131d694ae13ba2c5b73579aeb0f327d9f23e23880943a8a289

HTTP Headers

POST /api/hitsnap.ashx HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 10688
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Fri, 31 Mar 2023 20:06:28 GMT
Content-Length: 21

tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230209

13.107.237.53

200 OK

549 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230209
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (3045), with no line terminators
Size
549 B (549 bytes)
Hash
50d0a2a6130b2059ebc3cd0f1ea01b42
f17d7b497d2d6091d09e81a798d2fdf7cb08ec15
698bc18bb6db793cd5cdf8792ff22b51002d0d064173661663c66542b182129a

HTTP Headers

GET /amsus/ldsapi/assets/script/common-extentions.min.js?20230209 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: G3v7pHqbSC0Gvp9zsfwXIA==
last-modified: Wed, 09 Jun 2021 12:26:50 GMT
etag: 0x8D92B41DB6898DE
x-cache: TCP_HIT
x-ms-request-id: 01adf3b2-201e-003d-30e2-62e1d5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ccUmZAAAAACiGqsBqF3IT5PyPmaCW7yjRlJBMjMxMDUwNDE4MDIzADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ==
x-azure-ref: 0Qz0nZAAAAACXkBpw00rlQZyr/oMkpne4Q1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 31 Mar 2023 20:06:26 GMT
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
d9e641278a473ad3a4564170b14ace42
9e5c7f2f178bd355c0736617e171ce8bc4290e6f
6b4e8999331e182f6c7fbc56ff76aecd34bbcd17a76aa790fc2668d492e471e7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 31 Mar 2023 20:06:29 GMT
Last-Modified: Fri, 31 Mar 2023 19:30:54 GMT
Server: ECAcc (nya/79CE)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mlxueTfwmJ2GoGC9RYGSabG2oNOEDiAsLIUfjXrSo_aSNTrP5B6Rgw==
Age: 2135

create.leadid.com/2.11.9/GenerateToken?msn=1&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&_=38994218

52.6.30.198

200 OK

527 B

URL HTTP/2
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&_=38994218
IP
52.6.30.198:0
ASN
#14618 AMAZON-AES

File type
data
Size
527 B (527 bytes)
Hash
1b806c79e5fd5b05724ce8362b71aecc
d8ba87e16b15c885d95e7ae18150e9053ca77553
5ec528fc36643325d320f3fe910107a7869d31293b365d26afd8e36ff2ec2fea

HTTP Headers

POST /2.11.9/GenerateToken?msn=1&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&_=38994218 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 259
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:28 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 20:06:28 GMT; Max-Age=2592000; path=/
rguserid=7cc813b3-39f9-4950-9d58-427c31626fac; expires=Sun, 30-Apr-2023 20:06:28 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 20:06:28 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 20:06:28 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

s3.amazonaws.com/trackpush/trackpush.min.js

54.231.129.136

200 OK

13 kB

URL HTTP/1.1
s3.amazonaws.com/trackpush/trackpush.min.js
IP
54.231.129.136:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (47625), with no line terminators
Size
13 kB (13264 bytes)
Hash
cbd14612441d2cca730df2e3c9f185c1
4eadf4f9bbfecbb7b74b97fd9c238ae1d72fa422
827fb357a0c85abb534c1ab6087be71218ecd5cf480e643ea10cb167ded0abc5

HTTP Headers

GET /trackpush/trackpush.min.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: qunO6EZjFbmKmTnsNynEU+u9kC386e3jQcbDHcOI/7r+WSqX7MKRlAfNl2VE7FjOQm9DrnLC3KY=
x-amz-request-id: S4B4385P8FP4YYC8
Date: Fri, 31 Mar 2023 20:06:30 GMT
Last-Modified: Thu, 03 Nov 2022 18:51:50 GMT
ETag: "cbd14612441d2cca730df2e3c9f185c1"
Cache-Control: max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 13264

create.leadid.com/2.11.9/SaveDom?msn=2&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&_=38994219

52.6.30.198

200 OK

63 B

URL HTTP/2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&_=38994219
IP
52.6.30.198:0
ASN
#14618 AMAZON-AES

File type
data
Size
63 B (63 bytes)
Hash
470a9dd204e80ec863ccfe8718f01007
7fe9a0c387cd762d772d1f7918733a769f263403
ce10314f90bff2aed46f8f5fea9845ee4c8d956a0c1d98a89e5045619aa2d322

HTTP Headers

POST /2.11.9/SaveDom?msn=2&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&_=38994219 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 512
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:29 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 20:06:29 GMT; Max-Age=2592000; path=/
rguserid=0979361a-37a2-4c7f-8c29-6628c137cb7c; expires=Sun, 30-Apr-2023 20:06:29 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 20:06:29 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 20:06:29 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:31:35 GMT
expires: Wed, 27 Mar 2024 10:31:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 293694
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Mar 2023 10:31:03 GMT
expires: Wed, 27 Mar 2024 10:31:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 293726
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4eec701fec69b73ab6ff1af2c178806f
5de0d4c444297364831a311b4c13954aa31976b0
fda1ec0d2c39aafdb994d336b4d8b5d819fcd064a64b43649598609dac04f512

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&uuid=1b08de55f8bd4f46845a2d9a04d51e45

52.6.30.198

200 OK

21 B

URL HTTP/2
create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&uuid=1b08de55f8bd4f46845a2d9a04d51e45
IP
52.6.30.198:0
ASN
#14618 AMAZON-AES

File type
data
Size
21 B (21 bytes)
Hash
7eb22cb333d4955db9707321011c19b1
5db98288598f62a696088b5411c3e13e07438907
366a16b5d201e93dfa1ffedbb1be460d635941b34de09edceea792288fea3270

HTTP Headers

GET /2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&uuid=1b08de55f8bd4f46845a2d9a04d51e45 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:29 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 20:06:29 GMT; Max-Age=2592000; path=/
rguserid=7fdf9205-da85-427d-87ed-66d68c6ed981; expires=Sun, 30-Apr-2023 20:06:29 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 20:06:29 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 20:06:29 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4eec701fec69b73ab6ff1af2c178806f
5de0d4c444297364831a311b4c13954aa31976b0
fda1ec0d2c39aafdb994d336b4d8b5d819fcd064a64b43649598609dac04f512

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 31 Mar 2023 20:06:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

deviceid.trueleadid.com/iframe.html?token=55CB7129-0E77-A40C-B13E-7B319AC874AC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4

35.169.79.47

200 OK

2.2 kB

URL HTTP/2
deviceid.trueleadid.com/iframe.html?token=55CB7129-0E77-A40C-B13E-7B319AC874AC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP
35.169.79.47:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4108)
Size
2.2 kB (2216 bytes)
Hash
0048a7818b62f4f09427b83f8f128c32
8855584c094a0a0d2dd660bf3f9ef97768288f1b
de8aae8b47106bda4b1da0e0f4f84fa3d69b2ca3d9b3593da33d80b938363914

HTTP Headers

GET /iframe.html?token=55CB7129-0E77-A40C-B13E-7B319AC874AC&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:29 GMT
content-type: text/html
server: nginx
last-modified: Thu, 30 Mar 2023 19:50:33 GMT
etag: W/"6425e809-1049"
expires: Sat, 01 Apr 2023 20:06:29 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2

monthlysweeps.us/push-worker.js

52.5.54.148

200 OK

145 B

URL HTTP/2
monthlysweeps.us/push-worker.js
IP
52.5.54.148:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with CRLF line terminators
Size
145 B (145 bytes)
Hash
fe599ac90a5d089094e20cef9c0c08e8
ee095715a9b9de121f16d94ef9df57590c770cd3
dc428d7b76090a674a14b66345c68325359ecacf9a9d4c9d996c6df320442617

HTTP Headers

GET /push-worker.js HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: ci_session=679a5r8espp0kipdvdtvagu3e157vedu; leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=55CB7129-0E77-A40C-B13E-7B319AC874AC; _ga=GA1.2.1607847458.1680293188; _gid=GA1.2.553850265.1680293188; _gat=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:30 GMT
content-type: application/javascript
content-length: 145
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 09 Sep 2021 02:04:46 GMT
etag: "84-5cb866c4454f8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

api.trustedform.com/certs

52.2.76.17

201 Created

475 B

URL HTTP/2
api.trustedform.com/certs
IP
52.2.76.17:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Size
475 B (475 bytes)
Hash
b56685586b14ea10be4e91d915dbbbba
ca896aa7bb78742ca61cc85ba3ad4e20c7f2d43f
7d9cde2db075f327e3f61b03af136334446130cb725ed4c4240e2cdef529cdb9

HTTP Headers

POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 650
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 201 Created
date: Fri, 31 Mar 2023 20:06:30 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

cdn.trustedform.com/trustedform-1.8.38.js

54.230.111.103

200 OK

38 kB

URL HTTP/2
cdn.trustedform.com/trustedform-1.8.38.js
IP
54.230.111.103:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (37873 bytes)
Hash
7eb95f6f84ff86ad6c7513782d1a9f13
8184f06fd098110d60b54960bd3688c83bd5c384
0b220f6b6f0035ad6aba7ec255f0abbc52a1b96609f257e4184b7ecf462918cd

HTTP Headers

GET /trustedform-1.8.38.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
x-amz-version-id: ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp
server: AmazonS3
content-encoding: gzip
date: Fri, 31 Mar 2023 20:06:26 GMT
etag: W/"a71c6d4fa015e7b61cc1fc54ff9b242e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f4H_yC63W8FUedn-W8ljHmdtRV4I1BKr6JwJwL9PoUXNFOmR4zWaCw==
age: 6
X-Firefox-Spdy: h2

api.trustedform.com/certs/36811e5af632cedc512d06992b35cd5acafb6f5e/fingerprints

52.2.76.17

204 No Content

0 B

URL HTTP/2
api.trustedform.com/certs/36811e5af632cedc512d06992b35cd5acafb6f5e/fingerprints
IP
52.2.76.17:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/36811e5af632cedc512d06992b35cd5acafb6f5e/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 262
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 31 Mar 2023 20:06:30 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0a395d7554772b84d05ac5c5c9c27224
0bd348769a9c330f04d37afccf9c883db0322450
ca5d4f2605b83d2cc57842c25027300150138daf2071bf24bce3fd03da5db2b0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 31 Mar 2023 20:06:30 GMT
Last-Modified: Fri, 31 Mar 2023 19:17:28 GMT
Server: ECAcc (nya/79EB)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8NXhHeF8clM5ipeIBBvccdVFIs2DhSSoQf7GHbPyKSpnT5o0MXxDRg==
Age: 2942

pwrkr.s3.amazonaws.com/push-worker-sdk-APME8HL1.js

3.5.28.101

200 OK

367 B

URL HTTP/1.1
pwrkr.s3.amazonaws.com/push-worker-sdk-APME8HL1.js
IP
3.5.28.101:0
ASN
#0

File type
ASCII text
Size
367 B (367 bytes)
Hash
e6e29e5b53a48515ba5b8afc060ea55a
c67668fc2bf42efe14838171456ce32832a9fa2d
bedb7e98995e5777dc7aaf73904888cc93b4276ea7bc8ed1c09cbb01b3eeaffd

HTTP Headers

GET /push-worker-sdk-APME8HL1.js HTTP/1.1
Host: pwrkr.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: jcWm/RUHUyzKfUHmGkBJcepvdi1TrDI9+vC6yJ1vs8m/4s2CK/NI7yA2itSt2cqDQLxgSejg7d5UARHbbHJB2A0aIZ2QfJ4IH14eXgamkbA=
x-amz-request-id: TJTRV9GZZA5CXEQ1
Date: Fri, 31 Mar 2023 20:06:31 GMT
Last-Modified: Thu, 09 Jun 2022 16:10:49 GMT
ETag: "e6e29e5b53a48515ba5b8afc060ea55a"
x-amz-version-id: 8fBuDwMnTZo4Sut646vzud_Whhs.kZbz
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 367

s3.amazonaws.com/pushext.com/sdk.js

54.231.129.136

200 OK

23 kB

URL HTTP/1.1
s3.amazonaws.com/pushext.com/sdk.js
IP
54.231.129.136:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
23 kB (22849 bytes)
Hash
aebb02625a88929e30942b652e8f2b7d
91cecdf0a9366af023fadb64bff83eddec47f512
a647271f05cccc799689862210b1e2c19d8241bc5ac65e01543fcdebd56670a9

HTTP Headers

GET /pushext.com/sdk.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 39/H3kJ2kzY5HQSudXpdcL+2Pz5zloHgJQrYJP1rvC4GS+H7nQn8H4Wpt6LBPkqI6wiaICnIqz4=
x-amz-request-id: DK1CV0HG5GVBN6VQ
Date: Fri, 31 Mar 2023 20:06:32 GMT
Last-Modified: Fri, 20 Jan 2023 20:55:11 GMT
ETag: "aebb02625a88929e30942b652e8f2b7d"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 22849

s3.amazonaws.com/trackpush/push-worker-sdk.js

54.231.129.136

200 OK

27 kB

URL HTTP/1.1
s3.amazonaws.com/trackpush/push-worker-sdk.js
IP
54.231.129.136:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
27 kB (26966 bytes)
Hash
f0834052f3448c4f995a31d0740f29a2
019b05dfbc4df676d8fc782a726346b2756c366e
c3fd2e5232b6ba0e3344091c2b99feeef327452f1aad7a8f7b9eee4f0ea6fd1e

HTTP Headers

GET /trackpush/push-worker-sdk.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: QJjzWsftfJhFjCaR9ulYqVyID6B6iEi1aBYGSlBDlB7E4o1LBxMKa/bvwLui7dRdF9zyi+PfPY4=
x-amz-request-id: DK1AXY1J2PBBP43K
Date: Fri, 31 Mar 2023 20:06:32 GMT
Last-Modified: Tue, 15 Nov 2022 21:58:35 GMT
ETag: "f0834052f3448c4f995a31d0740f29a2"
Cache-Control: max-age=0
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 26966

beacon.aimtell.com/suppression?id_sites=12398,12400,12401,12402,12403,12404,12405,12406,12407,12409,12410,12411,12412,12414,12415,12416,12417,12418,12419,12421,12422,14763

104.18.31.151

200 OK

1 B

URL HTTP/2
beacon.aimtell.com/suppression?id_sites=12398,12400,12401,12402,12403,12404,12405,12406,12407,12409,12410,12411,12412,12414,12415,12416,12417,12418,12419,12421,12422,14763
IP
104.18.31.151:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

HTTP Headers

OPTIONS /suppression?id_sites=12398,12400,12401,12402,12403,12404,12405,12406,12407,12409,12410,12411,12412,12414,12415,12416,12417,12418,12419,12421,12422,14763 HTTP/1.1
Host: beacon.aimtell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://monthlysweeps.us/
Origin: https://monthlysweeps.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:31 GMT
content-type: text/plain;charset=UTF-8
content-length: 1
access-control-allow-origin: https://monthlysweeps.us
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b0b369dc8c6b505-OSL
X-Firefox-Spdy: h2

beacon.aimtell.com/suppression?id_sites=12398,12400,12401,12402,12403,12404,12405,12406,12407,12409,12410,12411,12412,12414,12415,12416,12417,12418,12419,12421,12422,14763

104.18.30.151

200 OK

1 B

URL HTTP/2
beacon.aimtell.com/suppression?id_sites=12398,12400,12401,12402,12403,12404,12405,12406,12407,12409,12410,12411,12412,12414,12415,12416,12417,12418,12419,12421,12422,14763
IP
104.18.30.151:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
cfcd208495d565ef66e7dff9f98764da
b6589fc6ab0dc82cf12099d1c2d40ab994e8410c
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

HTTP Headers

GET /suppression?id_sites=12398,12400,12401,12402,12403,12404,12405,12406,12407,12409,12410,12411,12412,12414,12415,12416,12417,12418,12419,12421,12422,14763 HTTP/1.1
Host: beacon.aimtell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:31 GMT
content-type: text/plain;charset=UTF-8
content-length: 1
access-control-allow-origin: https://monthlysweeps.us
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b0b369dde94b51b-OSL
X-Firefox-Spdy: h2

cdn.aimtell.io/config/12408-041e2bdba891.json

172.67.30.225

200 OK

104 B

URL HTTP/2
cdn.aimtell.io/config/12408-041e2bdba891.json
IP
172.67.30.225:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
2e9a47727caf9c4def7ceb9e72845ea1
51fc4ea90da7273ba12e7f11141b66ad14925007
6f8c9ee80dd0c5ddff6fd4f82f260d86777bed1edc91fcedf77be69e3a842fe0

HTTP Headers

GET /config/12408-041e2bdba891.json HTTP/1.1
Host: cdn.aimtell.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:31 GMT
content-type: application/json
content-length: 104
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: ETag
access-control-max-age: 3000
last-modified: Tue, 16 Mar 2021 17:50:56 GMT
content-encoding: gzip
accept-ranges: bytes
cache-control: max-age=86400
etag: "2e9a47727caf9c4def7ceb9e72845ea1"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: RefreshHit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2sOEujTniOneV12ya4W6ykJ7uk_79IHKdzZnrIMJQJLsKkNEMlv_uQ==
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7b0b369e1c1cb4f3-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8795 bytes)
Hash
d1e861b518e06e17ce657c5f9fc15daf
214322b88798120159ab55c7121c8775727b8fc7
3438eb2b7e18d784416c139b42c036eefff3759602e4ce553815c628e1cb5016

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8795
x-amzn-requestid: 33d91f7c-7d04-405b-8060-33e438ed09f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAz2GwKoAMFW5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae7e-54ba3517206ac61c50167c3e;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:46 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: nORkLBTHqZ_ZrUuEkg9BcVT2TJzP7OLBRQtfUUzRgvwP9Q9dZtMFbg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:45:51 GMT
age: 80443
etag: "214322b88798120159ab55c7121c8775727b8fc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=4&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&_=38994221

52.6.30.198

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&_=38994221
IP
52.6.30.198:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/InitFormData?msn=4&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&_=38994221 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 944
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:30 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 20:06:30 GMT; Max-Age=2592000; path=/
rguserid=9f521c86-b36e-4f6b-8906-e9191aab778d; expires=Sun, 30-Apr-2023 20:06:30 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 20:06:30 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 20:06:30 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js

104.16.87.20

200 OK

0 B

URL HTTP/2
cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js
IP
104.16.87.20:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jquery.validation/1.15.0/jquery.validate.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: W/"58a0-xaL/AT+jV8HSplcbXY5ljmcAgOo"
x-served-by: cache-fra-eddf8230115-FRA, cache-yyz4566-YYZ
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 3235075
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bpe9k5WftUGxHuAz%2F%2BXeBERqHxG1QNKbc8TApzlLSuyriWl2vNdDidoYtSVGuugEN8YOKh83pqMw2SZqpMkd94906mv0%2FnnjND8qQmAlm4j4rxf3oJ1sefv%2BkmauILMSp4o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0b367d2ff7b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n

13.107.237.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ldsapi/assets/script/standard.min.js?version=20220221n HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: YTnb0ehLGLRubF63e3IyDA==
last-modified: Mon, 21 Feb 2022 16:55:53 GMT
etag: 0x8D9F55B05E46BD0
x-cache: TCP_HIT
x-ms-request-id: 17e4c47d-901e-0060-67c4-6311d1000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ccUmZAAAAACtFRxnV/iUTYJwFjT0HDLYRlJBMjMxMDUwNDE4MDMzADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ==
x-azure-ref: 0Qz0nZAAAAACRbWkP1VWFT6ABbjirLuYiQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 31 Mar 2023 20:06:26 GMT
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=5&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&_=38994222

52.6.30.198

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=5&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&_=38994222
IP
52.6.30.198:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/InitFormData?msn=5&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&_=38994222 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1064
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:30 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 20:06:30 GMT; Max-Age=2592000; path=/
rguserid=64836540-0950-459d-bb66-f5936152400c; expires=Sun, 30-Apr-2023 20:06:30 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 20:06:30 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 20:06:30 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=3&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&_=38994220

52.6.30.198

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&_=38994220
IP
52.6.30.198:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/InitFormData?msn=3&pid=ddf92f5a-08e5-4217-8d61-a7c94c86a2f4&token=55CB7129-0E77-A40C-B13E-7B319AC874AC&_=38994220 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 12855
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:29 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 30-Apr-2023 20:06:29 GMT; Max-Age=2592000; path=/
rguserid=3638249b-ea07-4a00-8f84-f7e27a16533c; expires=Sun, 30-Apr-2023 20:06:29 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 30-Apr-2023 20:06:29 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 30-Apr-2023 20:06:29 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2

172.67.41.229

200 OK

0 B

URL HTTP/2
create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
IP
172.67.41.229:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:28 GMT
content-type: text/javascript
x-amz-id-2: FJL1lRjYRx7SksiKM9zA8yGg5OQC0pptK2hAK6FBKkxPvFIT1C6iZXADyl5KHgXym9pqeIlBOBc=
x-amz-request-id: RHB91EP0SNPD5M2T
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 00:55:16 GMT
etag: W/"97495a102c98049f30e62264b1eb50f5"
cache-control: max-age=1800
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG
cf-cache-status: HIT
age: 352
vary: Accept-Encoding
server: cloudflare
cf-ray: 7b0b3689cb4eb517-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?2631k31j20232631j03ckl31llk138jkk062600

13.107.237.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?2631k31j20232631j03ckl31llk138jkk062600
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ns/css/13488000.min.css?2631k31j20232631j03ckl31llk138jkk062600 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=60
content-type: text/css
content-encoding: br
content-md5: WEcI6Omll5/fQKo/f35d8g==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4EA477
x-cache: TCP_HIT
x-ms-request-id: 8a366dc8-501e-0032-190c-640c23000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0CD0nZAAAAAAku/mzRz+ZQ4c/j9OE1l6XRlJBMjMxMDUwNDE3MDIzADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ==
x-azure-ref: 0Qz0nZAAAAABtz3SwwttvTJdj3P/RIHwkQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 31 Mar 2023 20:06:26 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato:400,700|Oswald:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 31 Mar 2023 20:06:26 GMT
date: Fri, 31 Mar 2023 20:06:26 GMT
cache-control: private, max-age=86400
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

pbid.pro-market.net/engine?site=141028;size=1x1;e=0;dt=0;category=i1kh9%3A%20%20vgmtitpkdexx1%20ts%20of%20ao%2001u7jo%20b6f%20ldkx531fxuo6wdb582e9zxq5xdf5acai%202zd%209f134%200s%20m5ocdz3%20fu%20s-%20dvtfnwo%204g3a1v;kw=nwelylh056dpt%20lk%20%7C%20ul5nnbt4k%20g1n2%20basl%20%7C%20u6wo7hcjic%209wxmyksalmj;rnd=(1680293187190)

107.178.240.89

200 OK

0 B

URL HTTP/2
pbid.pro-market.net/engine?site=141028;size=1x1;e=0;dt=0;category=i1kh9%3A%20%20vgmtitpkdexx1%20ts%20of%20ao%2001u7jo%20b6f%20ldkx531fxuo6wdb582e9zxq5xdf5acai%202zd%209f134%200s%20m5ocdz3%20fu%20s-%20dvtfnwo%204g3a1v;kw=nwelylh056dpt%20lk%20%7C%20ul5nnbt4k%20g1n2%20basl%20%7C%20u6wo7hcjic%209wxmyksalmj;rnd=(1680293187190)
IP
107.178.240.89:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /engine?site=141028;size=1x1;e=0;dt=0;category=i1kh9%3A%20%20vgmtitpkdexx1%20ts%20of%20ao%2001u7jo%20b6f%20ldkx531fxuo6wdb582e9zxq5xdf5acai%202zd%209f134%200s%20m5ocdz3%20fu%20s-%20dvtfnwo%204g3a1v;kw=nwelylh056dpt%20lk%20%7C%20ul5nnbt4k%20g1n2%20basl%20%7C%20u6wo7hcjic%209wxmyksalmj;rnd=(1680293187190) HTTP/1.1
Host: pbid.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
anserver: gapp-eu-4.c.datonics-gcp-01.internal
set-cookie: anProfile="0+1+4=21x+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s0=(2h)+s2=(rseiis)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None;
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 1 Jan 1990 0:0:0 GMT
access-control-allow-origin: *
content-type: text/html
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 31 Mar 2023 20:06:27 GMT
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.1.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 718, 718
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 2021-04-13 02:48:26
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: b584a7f7756eea1e54b5f28d657ba679
cdn-cache: HIT
cf-cache-status: HIT
age: 6187992
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b0b367cda5ab4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

104.18.11.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 2021-06-08 18:02:12
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: a9c552a6ef500abddb12a9852509d4ed
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 25739339
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b0b367d1b12b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?2631k31j20232631j03ckl31llk138jkk062600

13.107.237.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?2631k31j20232631j03ckl31llk138jkk062600
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ns/js/13488000.min.js?2631k31j20232631j03ckl31llk138jkk062600 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=60
content-type: application/javascript
content-encoding: br
content-md5: 9wgtvP0cVsloq3UaPunwsA==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4E2F58
x-cache: TCP_HIT
x-ms-request-id: a81292df-801e-005d-030c-64a4f7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0CD0nZAAAAADZDT+/RFbZTa/Ihl4dqvH8RlJBMjMxMDUwNDE4MDIzADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ==
x-azure-ref: 0Qz0nZAAAAADNGC3HN3bNS5aHv3H5QP72Q1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 31 Mar 2023 20:06:26 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103

13.107.237.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: E4ptMzZLxbawD4B7RV5YCQ==
last-modified: Wed, 03 Nov 2021 09:07:36 GMT
etag: 0x8D99EA961032FA1
x-cache: TCP_HIT
x-ms-request-id: 63fe7d4c-b01e-0033-77de-620dde000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ccUmZAAAAABxiNCirpmgQbtL4Ji3OdGARlJBMjMxMDUwNDE3MDUxADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ==
x-azure-ref: 0Qz0nZAAAAABqinFf8tiMQYIwMskvQl+sQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 31 Mar 2023 20:06:26 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419

13.107.237.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419
IP
13.107.237.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: Shzc0tuaykHxXX+tfi+uUQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
x-cache: TCP_HIT
x-ms-request-id: 172a8f36-301e-0044-051d-63889f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ccUmZAAAAADf520hxKktTptPugGEoJc1RlJBMjMxMDUwNDE3MDA5ADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ==
x-azure-ref: 0Qz0nZAAAAACIjPWT0w8JQ4OWIbEVX729Q1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 31 Mar 2023 20:06:26 GMT
X-Firefox-Spdy: h2

cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js

104.16.87.20

200 OK

0 B

URL HTTP/2
cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js
IP
104.16.87.20:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jquery.validation/1.15.0/additional-methods.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: W/"4547-g4rGbD7KxrYTawSb3Q4U8vAilSw"
x-served-by: cache-fra-eddf8230101-FRA, cache-yyz4546-YYZ
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 546891
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9OVoB8LFMl%2FVIOJVJQ43yLjxhFaqx8cXZwfBT%2FBwmbmmCfKOX0iZzhyuxMTxf0cznv5oDVK6oqkArcTn20RA3zbWUrPs9kIYHxcOaJ9WsMsIlrTdWo4%2FxGkYqHWFByiI1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0b367d1fcab51b-OSL
content-encoding: br
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.15.4/css/solid.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.15.4/css/solid.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.15.4/css/solid.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 31 Mar 2023 20:06:26 GMT
content-type: text/css
x-amz-id-2: SJ0WxCqEjHWI1VrlwkivplrCGyfHmSc/RhrYo3UbisMp/XXqrCI6E1OFxqV/I/xjUMlYq0ctMEY=
x-amz-request-id: RG23N6SX9TA76EPS
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"685a6b10be9f3db25acf78c5e7ba7379"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 5
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0468TwD%2FhUiL1Okos%2B3xmFxqeEWFq5KXiWnyQIbDdAhY74v49eKakG603EzyyiKgni%2BFG7UTblxTTMfk3TTsGlUmM5NqaFP1WeU%2FRjXYvFw3yBcKwSmcCAS3uinR3P7nCWRGhEW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b0b367dfb74068a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (60)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML