Overview

URLamclicks.com/x/7768/16944/0/4874966/590413665212051457/kOkrLEpHjF/0/0/0/
IP 54.161.23.57 (United States)
ASN#14618 AMAZON-AES
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-09-04 22:07:15 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (38)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-04 05:49:57 UTC 143.204.55.49
d2m2wsoho8qq12.cloudfront.net (1) 0 2020-12-08 10:48:40 UTC 2022-09-04 20:07:46 UTC 143.204.42.49 Unknown ranking
fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-04 12:21:00 UTC 142.250.74.10
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-04 15:57:32 UTC 143.204.55.115
ads.pro-market.net (1) 47212 2012-06-23 19:49:26 UTC 2022-09-04 15:16:33 UTC 23.36.76.115
fonts.gstatic.com (5) 0 2014-08-29 13:43:22 UTC 2022-09-04 04:35:59 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-04 04:36:34 UTC 142.251.1.157
cdn.trustedform.com (2) 24659 2022-06-03 13:50:59 UTC 2022-09-04 21:21:27 UTC 54.230.111.103
amclicks.com (3) 112152 2012-08-07 15:37:23 UTC 2022-09-04 22:05:29 UTC 44.194.247.48
monthlysweeps.us (13) 0 2017-12-18 20:14:21 UTC 2022-09-03 21:58:46 UTC 44.194.247.48 Unknown ranking
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-04 13:12:05 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-04 17:25:26 UTC 142.250.74.174
pbid.pro-market.net (1) 6233 2012-10-30 05:59:16 UTC 2022-09-04 15:16:33 UTC 107.178.240.89
stackpath.bootstrapcdn.com (2) 2467 2018-04-05 04:41:29 UTC 2022-09-04 15:10:48 UTC 104.18.11.207
in.hotjar.com (1) 1746 2018-10-22 17:15:59 UTC 2022-09-04 04:36:35 UTC 99.80.161.153
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-04 04:35:24 UTC 34.117.237.239
ocsp.sca1b.amazontrust.com (6) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.118
cdnjs.cloudflare.com (2) 235 2020-10-20 10:17:36 UTC 2022-09-04 07:35:10 UTC 104.17.24.14
ldsapi.tmginteractive.com (3) 85617 2017-02-02 01:31:46 UTC 2022-09-03 21:58:46 UTC 209.151.244.116
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-04 04:44:39 UTC 34.120.237.76
static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2022-09-04 04:35:34 UTC 54.230.111.113
vars.hotjar.com (1) 1014 2020-11-05 10:13:14 UTC 2022-09-04 11:22:23 UTC 143.204.55.118
r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-09-04 05:57:13 UTC 23.36.76.226
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-04 05:16:40 UTC 52.43.253.52
ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2022-09-04 05:00:30 UTC 104.18.21.226
use.fontawesome.com (3) 942 2017-01-30 04:43:25 UTC 2022-09-04 05:20:33 UTC 104.21.63.54
ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-04 17:45:43 UTC 104.18.32.68
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2022-09-04 04:36:31 UTC 151.101.85.229
ocsp.pki.goog (11) 175 2017-06-14 07:23:31 UTC 2022-09-04 04:49:47 UTC 142.250.74.3
tmgassets.azureedge.net (10) 0 2022-06-26 22:01:19 UTC 2022-09-03 21:58:47 UTC 13.107.213.53 Domain (azureedge.net) ranked at: 2986
api.trustedform.com (2) 23021 2021-07-20 09:00:44 UTC 2022-09-04 14:13:53 UTC 34.231.74.145
create.leadid.com (4) 14598 2020-05-29 11:27:16 UTC 2022-09-04 21:21:27 UTC 107.22.230.101
deviceid.trueleadid.com (1) 2097 2018-07-10 05:19:41 UTC 2022-09-04 17:57:34 UTC 23.23.142.3
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-09-04 16:49:15 UTC 93.184.220.29
code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2022-09-04 05:51:49 UTC 69.16.175.42
script.hotjar.com (1) 887 2020-11-05 16:23:46 UTC 2022-09-04 19:05:33 UTC 143.204.55.46
ws8.hotjar.com (2) 65631 2018-10-05 13:59:49 UTC 2022-09-04 14:51:17 UTC 54.246.176.35
www.google.com (1) 7 2017-01-29 11:48:58 UTC 2022-09-04 16:58:37 UTC 142.250.74.164

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-04 2 monthlysweeps.us/assets/js/datepicker.js Phishing
2022-09-04 2 monthlysweeps.us/go/api/zip/undefined?get_param=value Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 54.161.23.57
Date UQ / IDS / BL URL IP
2023-01-06 10:10:06 +0000 0 - 0 - 7 simplereward.net/go/to/72d25f/key/bd309d4d95a (...) 54.161.23.57
2023-01-06 09:11:51 +0000 0 - 0 - 5 monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae8 (...) 54.161.23.57
2023-01-06 09:11:50 +0000 0 - 0 - 3 monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae8 (...) 54.161.23.57
2023-01-06 09:11:21 +0000 0 - 0 - 6 monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a6 (...) 54.161.23.57
2023-01-06 09:11:14 +0000 0 - 0 - 3 monthlysweeps.us/go/to/59bdf0/key/5cbf043f03f (...) 54.161.23.57


Last 5 reports on ASN: AMAZON-AES
Date UQ / IDS / BL URL IP
2023-03-23 10:56:46 +0000 0 - 8 - 0 rebrand.ly/83d077 18.215.80.143
2023-03-23 10:47:33 +0000 0 - 0 - 2 www.yellkey.com/drug 54.196.16.164
2023-03-23 10:46:17 +0000 0 - 2 - 0 link.privatefundscfo.com/click/30919618.26204 (...) 3.226.166.212
2023-03-23 10:45:57 +0000 0 - 2 - 0 link.privatefundscfo.com/click/30919618.26204 (...) 107.20.71.201
2023-03-23 10:01:12 +0000 0 - 0 - 0 traffick.jivox.com 35.174.70.207


Last 5 reports on domain: amclicks.com
Date UQ / IDS / BL URL IP
2023-03-13 17:20:37 +0000 0 - 0 - 5 amclicks.com/x/5205/10899/0/665256/1227654035 (...) 3.228.163.244
2023-03-12 06:32:59 +0000 0 - 0 - 1 amclicks.com/x/5205/10899/0/665256/1227025825 (...) 54.157.27.160
2023-03-09 19:45:16 +0000 0 - 0 - 6 amclicks.com/clk.php?c=7548&p=10899&s1=617475 (...) 3.218.15.210
2023-03-09 19:45:17 +0000 0 - 0 - 6 amclicks.com/x/7548/10899/0/617475/1225786538 (...) 3.218.15.210
2023-03-09 16:36:05 +0000 0 - 0 - 2 amclicks.com/clk.php 3.218.15.210


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-03-01 00:09:44 +0000 0 - 0 - 6 monthlysweeps.us/go/to/4mmjuy/key/4ca26d0ba76 (...) 3.218.15.210
2023-03-01 00:09:39 +0000 0 - 0 - 4 monthlysweeps.us/go/to/4mmjuy/key/4ca26d0ba76 (...) 3.222.87.17
2023-02-28 00:20:57 +0000 0 - 0 - 4 monthlysweeps.us/go/to/4mmjuy/key/b23ae7c999a (...) 3.222.87.17
2023-02-28 00:20:55 +0000 0 - 0 - 4 monthlysweeps.us/go/to/4mmjuy/key/b23ae7c999a (...) 3.218.15.210
2023-02-28 00:20:52 +0000 0 - 0 - 5 monthlysweeps.us/go/to/4mmjuy/key/b23ae7c999a (...) 3.218.15.210

JavaScript

Executed Scripts (50)

Executed Evals (9)
#1 JavaScript::Eval (size: 27) - SHA256: 52b43864b9f1786d8c0d2d679562e90dc2a00c9d68ea80188a37d9b01d23dd47
lOptionDocumentNumber_10023
#2 JavaScript::Eval (size: 14) - SHA256: 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33
/*@cc_on!@*/ !1
#3 JavaScript::Eval (size: 15546) - SHA256: b567d8d3f25ae74524cbfe7d1d08dc783baf2d0713a65a961255050856f54b7c
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var W = this || self,
        q = function(u, N) {
            if ((N = (u = null, W.trustedTypes), !N) || !N.createPolicy) return u;
            try {
                u = N.createPolicy("bg", {
                    createHTML: G,
                    createScript: G,
                    createScriptURL: G
                })
            } catch (w) {
                W.console && W.console.error(w.message)
            }
            return u
        },
        G = function(u) {
            return u
        };
    (0, eval)(function(u, N) {
        return (N = q()) && 1 === u.eval(N.createScript("1")) ? function(w) {
            return N.createScript(w)
        } : function(w) {
            return "" + w
        }
    }(W)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var y=function(u){return u},q1=function(u,w,W,G,Q){if((G=u[0],G)==V)w.o=25,w.A(u);else if(G==S){Q=u[1];try{W=w.l||w.A(u)}catch(N){B(w,N),W=w.l}Q(W)}else if(G==m)w.A(u);else if(G==Y)w.A(u);else if(G==u3){try{for(W=0;W<w.D.length;W++)try{Q=w.D[W],Q[0][Q[1]](Q[2])}catch(N){}}catch(N){}(0,u[1])(function(N,q){w.h(N,true,q)},(w.D=[],function(N){E(w,(N=!w.O.length,[N1])),N&&n(true,false,w)}))}else{if(G==w7)return W=u[2],e(55,w,u[6]),e(25,w,W),w.A(u);G==N1?(w.U=null,w.L=[],w.F=[]):G==GZ&&"loading"===T.document.readyState&&(w.H=function(N,q){function v(){q||(q=true,N())}T.document.addEventListener("DOMContentLoaded",(q=false,v),F),T.addEventListener("load",v,F)})}},sw=function(u,w,W,G,Q){for(G=((u.d7=Qb({get:function(){return this.concat()}},(u.bN=u[u.YJ=(u.AA=vW,Cq),S],u.C)),u).Cf=h[u.C](u.d7,{value:{value:{}}}),Q=[],0);128>G;G++)Q[G]=String.fromCharCode(G);n(true,((E((E(u,[(e(23,u,(e((e(464,u,(e(353,u,(e(137,((e(438,(e((e(48,(u.qJ=((e(487,(e(465,(e(509,(u.Bx=(e(310,(e(25,(e(384,(e(102,(e(459,u,(e(481,(e(67,(e(452,u,(e(466,u,(e((e(6,u,(e(503,u,(e(448,u,(e(105,u,(e(420,u,(e(474,u,(e(446,(e(31,(e(344,(e(378,u,(e(482,u,(e(315,(e(263,u,(e(3,(e(440,u,(u.iN=(u.Z=(u.R=void 0,u.i=(u.G=8001,0),u.I=(u.Y=void 0,u.D=[],u.MJ=function(N){this.P=N},u.S=1,G=(u.B=0,u.N=void 0,u.H=null,u.lN=false,window.performance||{}),u.U=[],(u.O=[],u.l=(u.P=u,u.g=0,void 0),u.W=void 0,u).FV=(u.J=void 0,0),u.u=(u.o=(u.V=void 0,25),!(u.r7=[],1)),0),u.F=[],u.s=0,0),G.timeOrigin)||(G.timing||{}).navigationStart||0,(u.X=false,u).L=[],0)),e(26,u,0),u),function(){}),function(N){yb(4,N)})),u),function(N,q,v,C,X,x,z){for(C=(x=(X=R(N,(v=(q=(z=J(N),Vb(N)),""),424)),X.length),0);q--;)C=((C|0)+(Vb(N)|0))%x,v+=Q[X[C]];e(z,N,v)}),function(N,q,v,C,X,x,z,O,t,L,r,M){function c(A,f){for(;t<A;)O|=b(N)<<t,t+=8;return O>>=(f=O&(1<<A)-(t-=A,1),A),f}for(q=(r=(M=(O=t=(L=J(N),0),(c(3)|0)+1),c(5)),z=[],x=0);q<r;q++)X=c(1),z.push(X),x+=X?0:1;for(q=(v=(x=((x|0)-1).toString(2).length,[]),0);q<r;q++)z[q]||(v[q]=c(x));for(x=0;x<r;x++)z[x]&&(v[x]=J(N));for(C=[];M--;)C.push(R(N,J(N)));e(L,N,function(A,f,k,WW,H){for(WW=(k=[],H=0,[]);H<r;H++){if(!(f=v[H],z[H])){for(;f>=k.length;)k.push(J(A));f=k[f]}WW.push(f)}(A.J=xF(A,C.slice()),A).Y=xF(A,WW)})})),0)),u.Kf=0,u),function(N,q,v,C){!D(N,q,false,true)&&(q=SK(N),v=q.Px,C=q.v,N.P==N||C==N.MJ&&v==N)&&(e(q.UG,N,C.apply(v,q.K)),N.B=N.T())}),u),[]),u),[160,0,0]),function(N,q){(N=R((q=J(N),N.P),q),N)[0].removeEventListener(N[1],N[2],F)})),function(N,q){zZ((q=R(N,J(N)),q),N.P)})),function(N,q,v,C){e((q=R((v=R((C=(q=J(N),J(N)),N),C),N),q),C),N,v+q)})),function(N){Ow(N,3)})),943)),e(51,u,function(N){yb(1,N)}),function(N,q,v,C,X){(C=R((v=R(N,(v=J((q=J((X=(C=J(N),J(N)),N)),N)),v)),q=R(N,q),N.P),C),X=R(N,X),0!==C)&&(v=Lq(N,1,q,v,C,X),C.addEventListener(X,v,F),e(378,N,[C,X,v]))})),418),u,function(N,q,v,C){v=R(N,(C=(q=J((C=J((v=J(N),N)),N)),R(N,C)),v)),e(q,N,v in C|0)}),function(N,q,v,C,X){for(v=(C=(q=J(N),Vb(N)),X=[],0);v<C;v++)X.push(b(N));e(q,N,X)})),e(69,u,T),function(N,q,v){D(N,q,false,true)||(q=J(N),v=J(N),e(v,N,function(C){return eval(C)}(X2(R(N.P,q)))))})),u),function(N,q,v,C){q=J((C=J(N),v=J(N),N)),e(q,N,R(N,C)||R(N,v))}),u),function(N,q,v){e((q=J((v=J(N),N)),q),N,""+R(N,v))}),0)),u),function(N,q,v,C){if(q=N.r7.pop()){for(v=b(N);0<v;v--)C=J(N),q[C]=N.U[C];(q[23]=(q[31]=N.U[31],N).U[23],N).U=q}else e(440,N,N.i)}),u),function(N,q,v,C,X){e((C=R((q=R(N,(C=J((q=(v=J(N),J(N)),N)),X=J(N),q)),N),C),X=R(N,X),v),N,Lq(N,X,q,C))}),u),{}),u),function(N,q,v,C,X,x){D(N,q,false,true)||(x=SK(N.P),C=x.Px,X=x.K,q=x.UG,v=X.length,x=x.v,C=0==v?new C[x]:1==v?new C[x](X[0]):2==v?new C[x](X[0],X[1]):3==v?new C[x](X[0],X[1],X[2]):4==v?new C[x](X[0],X[1],X[2],X[3]):2(),e(q,N,C))}),0),u),[]),u),u),u),function(N,q,v,C){e((v=(C=b((q=J(N),N)),J)(N),v),N,R(N,q)>>>C)}),e)(94,u,function(N,q,v){0!=R(N,(q=R((q=J((v=J(N),N)),N),q),v))&&e(440,N,q)}),0),u),function(N,q,v){e((q=BW((q=R(N,(v=(q=J(N),J)(N),q)),q)),v),N,q)}),245),u,[0,0,0]),e(365,u,function(N){Ow(N,4)}),u),Z(4)),e)(386,u,function(N,q,v,C,X,x){if(!D(N,q,true,true)){if("object"==(N=R((X=(v=R((q=(x=J((X=(v=J(N),q=J(N),J)(N),N)),R(N,q)),N),v),R(N,X)),N),x),BW)(v)){for(C in x=[],v)x.push(C);v=x}for(x=(X=0<X?X:1,C=v.length,0);x<C;x+=X)q(v.slice(x,(x|0)+(X|0)),N)}}),u),function(N,q,v,C){e((q=R(N,(v=R(N,(C=J((v=(q=J(N),J)(N),N)),v)),q))==v,C),N,+q)}),function(N,q,v,C,X){(X=J((C=J(N),N)),q=J(N),N.P)==N&&(v=R(N,C),X=R(N,X),q=R(N,q),v[X]=q,150==C&&(N.N=void 0,2==X&&(N.W=d(32,false,N),N.N=void 0)))})),function(N,q,v,C){(C=(v=(q=(v=J((C=J(N),N)),J(N)),R)(N,v),R(N,C)),e)(q,N,C[v])})),240),u,function(N){tf(4,N)}),2048)),GZ)]),u),[Y,w]),E)(u,[u3,W]),true),u)},P,BW=function(u,w,W){if(w=typeof u,"object"==w)if(u){if(u instanceof Array)return"array";if(u instanceof Object)return w;if("[object Window]"==(W=Object.prototype.toString.call(u),W))return"object";if("[object Array]"==W||"number"==typeof u.length&&"undefined"!=typeof u.splice&&"undefined"!=typeof u.propertyIsEnumerable&&!u.propertyIsEnumerable("splice"))return"array";if("[object Function]"==W||"undefined"!=typeof u.call&&"undefined"!=typeof u.propertyIsEnumerable&&!u.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==w&&"undefined"==typeof u.call)return"object";return w},i3=function(u,w,W,G,Q,N){if(!u.l){u.I++;try{for(Q=(N=0,void 0),G=u.i;--w;)try{if((W=void 0,u).J)Q=mJ(u,u.J);else{if((N=R(u,440),N)>=G)break;Q=R((W=(e(26,u,N),J(u)),u),W)}Q&&Q.call?Q(u,w):l([p,21,W],0,u),D(u,w,false,false)}catch(q){R(u,503)?l(q,22,u):e(503,u,q)}if(!w){if(u.OG){i3(u,(u.I--,512217763218));return}l([p,33],0,u)}}catch(q){try{l(q,22,u)}catch(v){B(u,v)}}u.I--}},I=function(u,w,W,G){for(W=(G=[],(w|0)-1);0<=W;W--)G[(w|0)-1-(W|0)]=u>>8*W&255;return G},Lq=function(u,w,W,G,Q,N){function q(){if(u.P==u){if(u.U){var v=[w7,W,G,void 0,Q,N,arguments];if(2==w)var C=n(false,false,(E(u,v),u));else if(1==w){var X=!u.O.length;E(u,v),X&&n(false,false,u)}else C=q1(v,u);return C}Q&&N&&Q.removeEventListener(N,q,F)}}return q},J=function(u,w){if(u.J)return mJ(u,u.Y);return(w=d(8,true,u),w)&128&&(w^=128,u=d(2,true,u),w=(w<<2)+(u|0)),w},YF=function(u,w,W,G,Q,N,q,v){return((Q=h[w.C]((W=[27,-76,(q=u&7,-60),48,-12,-97,W,(N=ok,97),-7,-58],w).d7),Q)[w.C]=function(C){q+=6+(v=C,7*u),q&=7},Q).concat=function(C){return(v=(C=(C=(C=G%16+1,-C*v)+39*v*v+q-117*G*G*v+(N()|0)*C-3627*v- -2964*G*v+W[q+19&7]*G*C+3*G*G*C,W[C]),void 0),W)[(q+61&7)+(u&2)]=C,W[q+(u&2)]=-76,C},Q},r7=function(u,w,W,G){function Q(){}return W=Ew((G=void 0,u),function(N){Q&&(w&&g(w),G=N,Q(),Q=void 0)},!!w)[0],{invoke:function(N,q,v,C){function X(){G(function(x){g(function(){N(x)})},v)}if(!q)return q=W(v),N&&N(q),q;G?X():(C=Q,Q=function(){g((C(),X))})}}},E=function(u,w){u.O.splice(0,0,w)},D=function(u,w,W,G,Q,N,q,v,C){if((u.P=((v=(Q=(W=(N=(G||u.V++,0<(q=W?255:G?5:2,u.g)&&u.u&&u.lN)&&1>=u.I&&!u.J&&!u.H&&(!G||1<u.G-w)&&0==document.hidden,4)==u.V)||N?u.T():u.B,C=Q-u.B,C>>14),u).W&&(u.W^=v*(C<<2)),v||u.P),u.S+=v,W)||N)u.B=Q,u.V=0;if(!N||Q-u.Z<u.g-q)return false;return!(u.H=((e((W=R(u,(u.G=w,G?26:440)),440),u,u.i),u).O.push([m,W,G?w+1:w]),g),0)},F={passive:true,capture:true},mJ=function(u,w){return(w=w.create().shift(),u).J.create().length||u.Y.create().length||(u.J=void 0,u.Y=void 0),w},xF=function(u,w,W){return(W=h[u.C](u.Cf),W[u.C]=function(){return w},W).concat=function(G){w=G},W},tf=function(u,w,W,G){for(W=J(w),G=0;0<u;u--)G=G<<8|b(w);e(W,w,G)},T=this||self,Z=function(u,w){for(w=[];u--;)w.push(255*Math.random()|0);return w},Af=function(u,w){return w[u]<<24|w[(u|0)+1]<<16|w[(u|0)+2]<<8|w[(u|0)+3]},Vb=function(u,w){return(w=b(u),w&128)&&(w=w&127|b(u)<<7),w},M1=function(u,w,W){if(3==u.length){for(W=0;3>W;W++)w[W]+=u[W];for(W=(u=[13,8,13,12,16,5,3,10,15],0);9>W;W++)w[3](w,W%3,u[W])}},nq=function(u,w,W){return u.h(function(G){W=G},false,w),W},U=function(u,w,W,G,Q,N){if(w.P==w)for(N=R(w,W),438==W?(W=function(q,v,C,X){if(N.JA!=(X=((v=N.length,v)|0)-4>>3,X)){X=((C=(X<<3)-4,N).JA=X,[0,0,Q[1],Q[2]]);try{N.w7=fq(X,Af((C|0)+4,N),Af(C,N))}catch(x){throw x;}}N.push(N.w7[v&7]^q)},Q=R(w,245)):W=function(q){N.push(q)},G&&W(G&255),w=u.length,G=0;G<w;G++)W(u[G])},Ew=function(u,w,W,G){return(G=P[u.substring(0,3)+"_"])?G(u.substring(3),w,W):eK(w,u)},TZ=function(u,w){(w.push(u[0]<<24|u[1]<<16|u[2]<<8|u[3]),w).push(u[4]<<24|u[5]<<16|u[6]<<8|u[7]),w.push(u[8]<<24|u[9]<<16|u[10]<<8|u[11])},Ow=function(u,w,W,G,Q){U((G=(W=(G=J((Q=w&4,w&=3,u)),J(u)),R(u,G)),Q&&(G=F2(""+G)),w&&U(I(G.length,2),u,W),G),u,W)},fq=function(u,w,W,G,Q){for(u=(Q=(G=u[2]|0,0),u[3]|0);15>Q;Q++)w=w>>>8|w<<24,w+=W|0,u=u>>>8|u<<24,w^=G+823,W=W<<3|W>>>29,u+=G|0,G=G<<3|G>>>29,W^=w,u^=Q+823,G^=u;return[W>>>24&255,W>>>16&255,W>>>8&255,W>>>0&255,w>>>24&255,w>>>16&255,w>>>8&255,w>>>0&255]},F2=function(u,w,W,G,Q){for(Q=(w=W=(u=u.replace(/\\r\\n/g,"\\n"),0),[]);W<u.length;W++)G=u.charCodeAt(W),128>G?Q[w++]=G:(2048>G?Q[w++]=G>>6|192:(55296==(G&64512)&&W+1<u.length&&56320==(u.charCodeAt(W+1)&64512)?(G=65536+((G&1023)<<10)+(u.charCodeAt(++W)&1023),Q[w++]=G>>18|240,Q[w++]=G>>12&63|128):Q[w++]=G>>12|224,Q[w++]=G>>6&63|128),Q[w++]=G&63|128);return Q},b=function(u){return u.J?mJ(u,u.Y):d(8,true,u)},yb=function(u,w,W,G){U((G=J((W=J(w),w)),I(R(w,W),u)),w,G)},zZ=function(u,w){e(440,((w.r7.push(w.U.slice()),w.U)[440]=void 0,w),u)},hf=function(u,w,W,G){try{G=u[((w|0)+2)%3],u[w]=(u[w]|0)-(u[((w|0)+1)%3]|0)-(G|0)^(1==w?G<<W:G>>>W)}catch(Q){throw Q;}},cW=function(u,w,W,G){for(;u.O.length;){G=(u.H=null,u.O.pop());try{W=q1(G,u)}catch(Q){B(u,Q)}if(w&&u.H){(w=u.H,w)(function(){n(true,true,u)});break}}return W},d=function(u,w,W,G,Q,N,q,v,C,X,x,z,O,t){if(X=R(W,440),X>=W.i)throw[p,31];for(x=(C=W.bN.length,Q=u,v=0,X);0<Q;)t=x>>3,z=x%8,O=8-(z|0),N=W.F[t],O=O<Q?O:Q,w&&(q=W,q.N!=x>>6&&(q.N=x>>6,G=R(q,150),q.R=fq([0,0,G[1],G[2]],q.N,q.W)),N^=W.R[t&C]),v|=(N>>8-(z|0)-(O|0)&(1<<O)-1)<<(Q|0)-(O|0),Q-=O,x+=O;return e(440,(w=v,W),(X|0)+(u|0)),w},n=function(u,w,W,G,Q,N){if(W.O.length){((W.u&&0(),W).lN=u,W).u=true;try{Q=W.T(),W.Z=Q,W.B=Q,W.V=0,G=cW(W,u),N=W.T()-W.Z,W.s+=N,N<(w?0:10)||0>=W.o--||(N=Math.floor(N),W.L.push(254>=N?N:254))}finally{W.u=false}return G}},Jf=function(u,w){if((u=(w=null,T.trustedTypes),!u)||!u.createPolicy)return w;try{w=u.createPolicy("bg",{createHTML:y,createScript:y,createScriptURL:y})}catch(W){T.console&&T.console.error(W.message)}return w},SK=function(u,w,W,G,Q,N){for(w=(G=((Q=J((N=u[Rk]||{},u)),N.UG=J(u),N).K=[],u.P==u)?(b(u)|0)-1:1,J(u)),W=0;W<G;W++)N.K.push(J(u));for(;G--;)N.K[G]=R(u,N.K[G]);return N.v=R(u,Q),N.Px=R(u,w),N},R=function(u,w){if(void 0===(u=u.U[w],u))throw[p,30,w];if(u.value)return u.create();return(u.create(3*w*w+-76*w+93),u).prototype},g=T.requestIdleCallback?function(u){requestIdleCallback(function(){u()},{timeout:4})}:T.setImmediate?function(u){setImmediate(u)}:function(u){setTimeout(u,0)},K,a=function(u,w,W){W=this;try{sw(this,w,u)}catch(G){B(this,G),u(function(Q){Q(W.l)})}},b3=function(u,w,W,G){return R(u,(e((i3(u,(G=R(u,440),u.F&&G<u.i?(e(440,u,u.i),zZ(w,u)):e(440,u,w),W)),440),u,G),25))},B=function(u,w){u.l=((u.l?u.l+"~":"E:")+w.message+":"+w.stack).slice(0,2048)},e=function(u,w,W){if(440==u||26==u)w.U[u]?w.U[u].concat(W):w.U[u]=xF(w,W);else{if(w.X&&150!=u)return;446==u||438==u||509==u||31==u||245==u?w.U[u]||(w.U[u]=YF(78,w,W,u)):w.U[u]=YF(65,w,W,u)}150==u&&(w.W=d(32,false,w),w.N=void 0)},eK=function(u,w){return u(function(W){W(w)}),[function(){return w}]},Qb=function(u,w){return h[w](h.prototype,{document:u,pop:u,stack:u,console:u,length:u,floor:u,propertyIsEnumerable:u,parent:u,replace:u,call:u,splice:u,prototype:u})},l=function(u,w,W,G,Q,N){if(!W.X){if((u=(0==(G=R(W,(N=void 0,u&&u[0]===p&&(w=u[1],N=u[2],u=void 0),31)),G.length)&&(Q=R(W,26)>>3,G.push(w,Q>>8&255,Q&255),void 0!=N&&G.push(N&255)),w="",u&&(u.message&&(w+=u.message),u.stack&&(w+=":"+u.stack)),R(W,23)),3)<u){W.P=(N=(w=(w=w.slice(0,(u|0)-3),u-=(w.length|0)+3,F2)(w),W).P,W);try{U(I(w.length,2).concat(w),W,438,9)}finally{W.P=N}}e(23,W,u)}},Rk=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),p={},GZ=[],V=(a.prototype.ZE=(a.prototype.j="toString",void 0),a.prototype.Qd=(a.prototype.OG=false,void 0),[]),S=[],Y=[],w7=[],u3=[],m=[],N1=[],ok=((((((TZ,function(){})(Z),hf,function(){})(M1),K=a.prototype,K).T=(window.performance||{}).now?function(){return this.iN+window.performance.now()}:function(){return+new Date},K).aX=function(){return Math.floor(this.T())},K.Hx=function(){return Math.floor(this.s+(this.T()-this.Z))},a).prototype.C="create",K.mf=function(u,w,W,G,Q,N){for(W=(N=[],G=0);W<u.length;W++)for(Q=Q<<w|u[W],G+=w;7<G;)G-=8,N.push(Q>>G&255);return N},K.h=function(u,w,W,G,Q){if(W="array"===BW(W)?W:[W],this.l)u(this.l);else try{G=[],Q=!this.O.length,E(this,[V,G,W]),E(this,[S,u,G]),w&&!Q||n(w,true,this)}catch(N){B(this,N),u(this.l)}},void 0),h=(K.pf=function(u,w,W,G,Q){for(Q=G=0;Q<u.length;Q++)G+=u.charCodeAt(Q),G+=G<<10,G^=G>>6;return(G=new Number((G+=G<<3,G^=G>>11,u=G+(G<<15)>>>0,u&(1<<w)-1)),G)[0]=(u>>>w)%W,G},K.TE=function(u,w,W){return u^((w=(w^=w<<13,w^=w>>17,(w^w<<5)&W))||(w=1),w)},p).constructor;a.prototype.A=function(u,w){return ok=(w={},function(){return u==w?93:38}),u={},function(W,G,Q,N,q,v,C,X,x,z,O,t,L,r,M){u=(z=u,w);try{if(t=W[0],t==Y){G=W[1];try{for(Q=(M=(N=(L=atob(G),0),[]),0);Q<L.length;Q++)r=L.charCodeAt(Q),255<r&&(M[N++]=r&255,r>>=8),M[N++]=r;e(150,this,[0,0,((this.F=M,this).i=this.F.length<<3,0)])}catch(c){l(c,17,this);return}i3(this,8001)}else if(t==V)W[1].push(R(this,23),R(this,446).length,R(this,509).length,R(this,438).length),e(25,this,W[2]),this.U[216]&&b3(this,R(this,216),8001);else{if(t==S){this.P=(X=(q=I((R((N=W[2],this),446).length|0)+2,2),this.P),this);try{v=R(this,31),0<v.length&&U(I(v.length,2).concat(v),this,446,10),U(I(this.S,1),this,446,109),U(I(this[S].length,1),this,446),L=0,x=R(this,438),L-=(R(this,446).length|0)+5,L+=R(this,459)&2047,4<x.length&&(L-=(x.length|0)+3),0<L&&U(I(L,2).concat(Z(L)),this,446,15),4<x.length&&U(I(x.length,2).concat(x),this,446,156)}finally{this.P=X}if(C=(((Q=Z(2).concat(R(this,446)),Q)[1]=Q[0]^6,Q[3]=Q[1]^q[0],Q)[4]=Q[1]^q[1],this.nf(Q)))C="!"+C;else for(L=0,C="";L<Q.length;L++)O=Q[L][this.j](16),1==O.length&&(O="0"+O),C+=O;return(R(this,((e(23,this,(M=C,N.shift())),R(this,446)).length=N.shift(),509)).length=N.shift(),R(this,438)).length=N.shift(),M}if(t==m)b3(this,W[1],W[2]);else if(t==w7)return b3(this,W[1],8001)}}finally{u=z}}}();var Cq,vW=((a.prototype.NJ=(a.prototype[u3]=[0,0,1,1,0,1,1],0),a.prototype).ff=(a.prototype.nf=function(u,w,W,G){if(W=window.btoa){for(w="",G=0;G<u.length;G+=8192)w+=String.fromCharCode.apply(null,u.slice(G,G+8192));u=W(w).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else u=void 0;return u},0),/./),DR=Y.pop.bind(a.prototype[V]),X2=function(u,w){return(w=Jf())&&1===u.eval(w.createScript("1"))?function(W){return w.createScript(W)}:function(W){return""+W}}(((Cq=(vW[a.prototype.j]=DR,Qb)({get:DR},a.prototype.C),a).prototype.Wx=void 0,T));(40<(P=T.botguard||(T.botguard={}),P.m)||(P.m=41,P.bg=r7,P.a=Ew),P).nBK_=function(u,w,W){return W=new a(w,u),[function(G){return nq(W,G)}]};}).call(this);'));
}).call(this);
#4 JavaScript::Eval (size: 18542) - SHA256: 02db8cf9ee88a3ae25800a1753a5d1322bacba6c1dc23bfd5e78a8474d2ca522
(function() {
    var y = function(u) {
            return u
        },
        q1 = function(u, w, W, G, Q) {
            if ((G = u[0], G) == V) w.o = 25, w.A(u);
            else if (G == S) {
                Q = u[1];
                try {
                    W = w.l || w.A(u)
                } catch (N) {
                    B(w, N), W = w.l
                }
                Q(W)
            } else if (G == m) w.A(u);
            else if (G == Y) w.A(u);
            else if (G == u3) {
                try {
                    for (W = 0; W < w.D.length; W++) try {
                        Q = w.D[W], Q[0][Q[1]](Q[2])
                    } catch (N) {}
                } catch (N) {}(0, u[1])(function(N, q) {
                    w.h(N, true, q)
                }, (w.D = [], function(N) {
                    E(w, (N = !w.O.length, [N1])), N && n(true, false, w)
                }))
            } else {
                if (G == w7) return W = u[2], e(55, w, u[6]), e(25, w, W), w.A(u);
                G == N1 ? (w.U = null, w.L = [], w.F = []) : G == GZ && "loading" === T.document.readyState && (w.H = function(N, q) {
                    function v() {
                        q || (q = true, N())
                    }
                    T.document.addEventListener("DOMContentLoaded", (q = false, v), F), T.addEventListener("load", v, F)
                })
            }
        },
        sw = function(u, w, W, G, Q) {
            for (G = ((u.d7 = Qb({get: function() {
                        return this.concat()
                    }
                }, (u.bN = u[u.YJ = (u.AA = vW, Cq), S], u.C)), u).Cf = h[u.C](u.d7, {
                    value: {
                        value: {}
                    }
                }), Q = [], 0); 128 > G; G++) Q[G] = String.fromCharCode(G);
            n(true, ((E((E(u, [(e(23, u, (e((e(464, u, (e(353, u, (e(137, ((e(438, (e((e(48, (u.qJ = ((e(487, (e(465, (e(509, (u.Bx = (e(310, (e(25, (e(384, (e(102, (e(459, u, (e(481, (e(67, (e(452, u, (e(466, u, (e((e(6, u, (e(503, u, (e(448, u, (e(105, u, (e(420, u, (e(474, u, (e(446, (e(31, (e(344, (e(378, u, (e(482, u, (e(315, (e(263, u, (e(3, (e(440, u, (u.iN = (u.Z = (u.R = void 0, u.i = (u.G = 8001, 0), u.I = (u.Y = void 0, u.D = [], u.MJ = function(N) {
                this.P = N
            }, u.S = 1, G = (u.B = 0, u.N = void 0, u.H = null, u.lN = false, window.performance || {}), u.U = [], (u.O = [], u.l = (u.P = u, u.g = 0, void 0), u.W = void 0, u).FV = (u.J = void 0, 0), u.u = (u.o = (u.V = void 0, 25), !(u.r7 = [], 1)), 0), u.F = [], u.s = 0, 0), G.timeOrigin) || (G.timing || {}).navigationStart || 0, (u.X = false, u).L = [], 0)), e(26, u, 0), u), function() {}), function(N) {
                yb(4, N)
            })), u), function(N, q, v, C, X, x, z) {
                for (C = (x = (X = R(N, (v = (q = (z = J(N), Vb(N)), ""), 424)), X.length), 0); q--;) C = ((C | 0) + (Vb(N) | 0)) % x, v += Q[X[C]];
                e(z, N, v)
            }), function(N, q, v, C, X, x, z, O, t, L, r, M) {
                function c(A, f) {
                    for (; t < A;) O |= b(N) << t, t += 8;
                    return O >>= (f = O & (1 << A) - (t -= A, 1), A), f
                }
                for (q = (r = (M = (O = t = (L = J(N), 0), (c(3) | 0) + 1), c(5)), z = [], x = 0); q < r; q++) X = c(1), z.push(X), x += X ? 0 : 1;
                for (q = (v = (x = ((x | 0) - 1).toString(2).length, []), 0); q < r; q++) z[q] || (v[q] = c(x));
                for (x = 0; x < r; x++) z[x] && (v[x] = J(N));
                for (C = []; M--;) C.push(R(N, J(N)));
                e(L, N, function(A, f, k, WW, H) {
                    for (WW = (k = [], H = 0, []); H < r; H++) {
                        if (!(f = v[H], z[H])) {
                            for (; f >= k.length;) k.push(J(A));
                            f = k[f]
                        }
                        WW.push(f)
                    }(A.J = xF(A, C.slice()), A).Y = xF(A, WW)
                })
            })), 0)), u.Kf = 0, u), function(N, q, v, C) {
                !D(N, q, false, true) && (q = SK(N), v = q.Px, C = q.v, N.P == N || C == N.MJ && v == N) && (e(q.UG, N, C.apply(v, q.K)), N.B = N.T())
            }), u), []), u), [160, 0, 0]), function(N, q) {
                (N = R((q = J(N), N.P), q), N)[0].removeEventListener(N[1], N[2], F)
            })), function(N, q) {
                zZ((q = R(N, J(N)), q), N.P)
            })), function(N, q, v, C) {
                e((q = R((v = R((C = (q = J(N), J(N)), N), C), N), q), C), N, v + q)
            })), function(N) {
                Ow(N, 3)
            })), 943)), e(51, u, function(N) {
                yb(1, N)
            }), function(N, q, v, C, X) {
                (C = R((v = R(N, (v = J((q = J((X = (C = J(N), J(N)), N)), N)), v)), q = R(N, q), N.P), C), X = R(N, X), 0 !== C) && (v = Lq(N, 1, q, v, C, X), C.addEventListener(X, v, F), e(378, N, [C, X, v]))
            })), 418), u, function(N, q, v, C) {
                v = R(N, (C = (q = J((C = J((v = J(N), N)), N)), R(N, C)), v)), e(q, N, v in C | 0)
            }), function(N, q, v, C, X) {
                for (v = (C = (q = J(N), Vb(N)), X = [], 0); v < C; v++) X.push(b(N));
                e(q, N, X)
            })), e(69, u, T), function(N, q, v) {
                D(N, q, false, true) || (q = J(N), v = J(N), e(v, N, function(C) {
                    return eval(C)
                }(X2(R(N.P, q)))))
            })), u), function(N, q, v, C) {
                q = J((C = J(N), v = J(N), N)), e(q, N, R(N, C) || R(N, v))
            }), u), function(N, q, v) {
                e((q = J((v = J(N), N)), q), N, "" + R(N, v))
            }), 0)), u), function(N, q, v, C) {
                if (q = N.r7.pop()) {
                    for (v = b(N); 0 < v; v--) C = J(N), q[C] = N.U[C];
                    (q[23] = (q[31] = N.U[31], N).U[23], N).U = q
                } else e(440, N, N.i)
            }), u), function(N, q, v, C, X) {
                e((C = R((q = R(N, (C = J((q = (v = J(N), J(N)), N)), X = J(N), q)), N), C), X = R(N, X), v), N, Lq(N, X, q, C))
            }), u), {}), u), function(N, q, v, C, X, x) {
                D(N, q, false, true) || (x = SK(N.P), C = x.Px, X = x.K, q = x.UG, v = X.length, x = x.v, C = 0 == v ? new C[x] : 1 == v ? new C[x](X[0]) : 2 == v ? new C[x](X[0], X[1]) : 3 == v ? new C[x](X[0], X[1], X[2]) : 4 == v ? new C[x](X[0], X[1], X[2], X[3]) : 2(), e(q, N, C))
            }), 0), u), []), u), u), u), function(N, q, v, C) {
                e((v = (C = b((q = J(N), N)), J)(N), v), N, R(N, q) >>> C)
            }), e)(94, u, function(N, q, v) {
                0 != R(N, (q = R((q = J((v = J(N), N)), N), q), v)) && e(440, N, q)
            }), 0), u), function(N, q, v) {
                e((q = BW((q = R(N, (v = (q = J(N), J)(N), q)), q)), v), N, q)
            }), 245), u, [0, 0, 0]), e(365, u, function(N) {
                Ow(N, 4)
            }), u), Z(4)), e)(386, u, function(N, q, v, C, X, x) {
                if (!D(N, q, true, true)) {
                    if ("object" == (N = R((X = (v = R((q = (x = J((X = (v = J(N), q = J(N), J)(N), N)), R(N, q)), N), v), R(N, X)), N), x), BW)(v)) {
                        for (C in x = [], v) x.push(C);
                        v = x
                    }
                    for (x = (X = 0 < X ? X : 1, C = v.length, 0); x < C; x += X) q(v.slice(x, (x | 0) + (X | 0)), N)
                }
            }), u), function(N, q, v, C) {
                e((q = R(N, (v = R(N, (C = J((v = (q = J(N), J)(N), N)), v)), q)) == v, C), N, +q)
            }), function(N, q, v, C, X) {
                (X = J((C = J(N), N)), q = J(N), N.P) == N && (v = R(N, C), X = R(N, X), q = R(N, q), v[X] = q, 150 == C && (N.N = void 0, 2 == X && (N.W = d(32, false, N), N.N = void 0)))
            })), function(N, q, v, C) {
                (C = (v = (q = (v = J((C = J(N), N)), J(N)), R)(N, v), R(N, C)), e)(q, N, C[v])
            })), 240), u, function(N) {
                tf(4, N)
            }), 2048)), GZ)]), u), [Y, w]), E)(u, [u3, W]), true), u)
        },
        P, BW = function(u, w, W) {
            if (w = typeof u, "object" == w)
                if (u) {
                    if (u instanceof Array) return "array";
                    if (u instanceof Object) return w;
                    if ("[object Window]" == (W = Object.prototype.toString.call(u), W)) return "object";
                    if ("[object Array]" == W || "number" == typeof u.length && "undefined" != typeof u.splice && "undefined" != typeof u.propertyIsEnumerable && !u.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == W || "undefined" != typeof u.call && "undefined" != typeof u.propertyIsEnumerable && !u.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == w && "undefined" == typeof u.call) return "object";
            return w
        },
        i3 = function(u, w, W, G, Q, N) {
            if (!u.l) {
                u.I++;
                try {
                    for (Q = (N = 0, void 0), G = u.i; --w;) try {
                        if ((W = void 0, u).J) Q = mJ(u, u.J);
                        else {
                            if ((N = R(u, 440), N) >= G) break;
                            Q = R((W = (e(26, u, N), J(u)), u), W)
                        }
                        Q && Q.call ? Q(u, w) : l([p, 21, W], 0, u), D(u, w, false, false)
                    } catch (q) {
                        R(u, 503) ? l(q, 22, u) : e(503, u, q)
                    }
                    if (!w) {
                        if (u.OG) {
                            i3(u, (u.I--, 512217763218));
                            return
                        }
                        l([p, 33], 0, u)
                    }
                } catch (q) {
                    try {
                        l(q, 22, u)
                    } catch (v) {
                        B(u, v)
                    }
                }
                u.I--
            }
        },
        I = function(u, w, W, G) {
            for (W = (G = [], (w | 0) - 1); 0 <= W; W--) G[(w | 0) - 1 - (W | 0)] = u >> 8 * W & 255;
            return G
        },
        Lq = function(u, w, W, G, Q, N) {
            function q() {
                if (u.P == u) {
                    if (u.U) {
                        var v = [w7, W, G, void 0, Q, N, arguments];
                        if (2 == w) var C = n(false, false, (E(u, v), u));
                        else if (1 == w) {
                            var X = !u.O.length;
                            E(u, v), X && n(false, false, u)
                        } else C = q1(v, u);
                        return C
                    }
                    Q && N && Q.removeEventListener(N, q, F)
                }
            }
            return q
        },
        J = function(u, w) {
            if (u.J) return mJ(u, u.Y);
            return (w = d(8, true, u), w) & 128 && (w ^= 128, u = d(2, true, u), w = (w << 2) + (u | 0)), w
        },
        YF = function(u, w, W, G, Q, N, q, v) {
            return ((Q = h[w.C]((W = [27, -76, (q = u & 7, -60), 48, -12, -97, W, (N = ok, 97), -7, -58], w).d7), Q)[w.C] = function(C) {
                q += 6 + (v = C, 7 * u), q &= 7
            }, Q).concat = function(C) {
                return (v = (C = (C = (C = G % 16 + 1, -C * v) + 39 * v * v + q - 117 * G * G * v + (N() | 0) * C - 3627 * v - -2964 * G * v + W[q + 19 & 7] * G * C + 3 * G * G * C, W[C]), void 0), W)[(q + 61 & 7) + (u & 2)] = C, W[q + (u & 2)] = -76, C
            }, Q
        },
        r7 = function(u, w, W, G) {
            function Q() {}
            return W = Ew((G = void 0, u), function(N) {
                Q && (w && g(w), G = N, Q(), Q = void 0)
            }, !!w)[0], {
                invoke: function(N, q, v, C) {
                    function X() {
                        G(function(x) {
                            g(function() {
                                N(x)
                            })
                        }, v)
                    }
                    if (!q) return q = W(v), N && N(q), q;
                    G ? X() : (C = Q, Q = function() {
                        g((C(), X))
                    })
                }
            }
        },
        E = function(u, w) {
            u.O.splice(0, 0, w)
        },
        D = function(u, w, W, G, Q, N, q, v, C) {
            if ((u.P = ((v = (Q = (W = (N = (G || u.V++, 0 < (q = W ? 255 : G ? 5 : 2, u.g) && u.u && u.lN) && 1 >= u.I && !u.J && !u.H && (!G || 1 < u.G - w) && 0 == document.hidden, 4) == u.V) || N ? u.T() : u.B, C = Q - u.B, C >> 14), u).W && (u.W ^= v * (C << 2)), v || u.P), u.S += v, W) || N) u.B = Q, u.V = 0;
            if (!N || Q - u.Z < u.g - q) return false;
            return !(u.H = ((e((W = R(u, (u.G = w, G ? 26 : 440)), 440), u, u.i), u).O.push([m, W, G ? w + 1 : w]), g), 0)
        },
        F = {
            passive: true,
            capture: true
        },
        mJ = function(u, w) {
            return (w = w.create().shift(), u).J.create().length || u.Y.create().length || (u.J = void 0, u.Y = void 0), w
        },
        xF = function(u, w, W) {
            return (W = h[u.C](u.Cf), W[u.C] = function() {
                return w
            }, W).concat = function(G) {
                w = G
            }, W
        },
        tf = function(u, w, W, G) {
            for (W = J(w), G = 0; 0 < u; u--) G = G << 8 | b(w);
            e(W, w, G)
        },
        T = this || self,
        Z = function(u, w) {
            for (w = []; u--;) w.push(255 * Math.random() | 0);
            return w
        },
        Af = function(u, w) {
            return w[u] << 24 | w[(u | 0) + 1] << 16 | w[(u | 0) + 2] << 8 | w[(u | 0) + 3]
        },
        Vb = function(u, w) {
            return (w = b(u), w & 128) && (w = w & 127 | b(u) << 7), w
        },
        M1 = function(u, w, W) {
            if (3 == u.length) {
                for (W = 0; 3 > W; W++) w[W] += u[W];
                for (W = (u = [13, 8, 13, 12, 16, 5, 3, 10, 15], 0); 9 > W; W++) w[3](w, W % 3, u[W])
            }
        },
        nq = function(u, w, W) {
            return u.h(function(G) {
                W = G
            }, false, w), W
        },
        U = function(u, w, W, G, Q, N) {
            if (w.P == w)
                for (N = R(w, W), 438 == W ? (W = function(q, v, C, X) {
                        if (N.JA != (X = ((v = N.length, v) | 0) - 4 >> 3, X)) {
                            X = ((C = (X << 3) - 4, N).JA = X, [0, 0, Q[1], Q[2]]);
                            try {
                                N.w7 = fq(X, Af((C | 0) + 4, N), Af(C, N))
                            } catch (x) {
                                throw x;
                            }
                        }
                        N.push(N.w7[v & 7] ^ q)
                    }, Q = R(w, 245)) : W = function(q) {
                        N.push(q)
                    }, G && W(G & 255), w = u.length, G = 0; G < w; G++) W(u[G])
        },
        Ew = function(u, w, W, G) {
            return (G = P[u.substring(0, 3) + "_"]) ? G(u.substring(3), w, W) : eK(w, u)
        },
        TZ = function(u, w) {
            (w.push(u[0] << 24 | u[1] << 16 | u[2] << 8 | u[3]), w).push(u[4] << 24 | u[5] << 16 | u[6] << 8 | u[7]), w.push(u[8] << 24 | u[9] << 16 | u[10] << 8 | u[11])
        },
        Ow = function(u, w, W, G, Q) {
            U((G = (W = (G = J((Q = w & 4, w &= 3, u)), J(u)), R(u, G)), Q && (G = F2("" + G)), w && U(I(G.length, 2), u, W), G), u, W)
        },
        fq = function(u, w, W, G, Q) {
            for (u = (Q = (G = u[2] | 0, 0), u[3] | 0); 15 > Q; Q++) w = w >>> 8 | w << 24, w += W | 0, u = u >>> 8 | u << 24, w ^= G + 823, W = W << 3 | W >>> 29, u += G | 0, G = G << 3 | G >>> 29, W ^= w, u ^= Q + 823, G ^= u;
            return [W >>> 24 & 255, W >>> 16 & 255, W >>> 8 & 255, W >>> 0 & 255, w >>> 24 & 255, w >>> 16 & 255, w >>> 8 & 255, w >>> 0 & 255]
        },
        F2 = function(u, w, W, G, Q) {
            for (Q = (w = W = (u = u.replace(/\r\n/g, "\n"), 0), []); W < u.length; W++) G = u.charCodeAt(W), 128 > G ? Q[w++] = G : (2048 > G ? Q[w++] = G >> 6 | 192 : (55296 == (G & 64512) && W + 1 < u.length && 56320 == (u.charCodeAt(W + 1) & 64512) ? (G = 65536 + ((G & 1023) << 10) + (u.charCodeAt(++W) & 1023), Q[w++] = G >> 18 | 240, Q[w++] = G >> 12 & 63 | 128) : Q[w++] = G >> 12 | 224, Q[w++] = G >> 6 & 63 | 128), Q[w++] = G & 63 | 128);
            return Q
        },
        b = function(u) {
            return u.J ? mJ(u, u.Y) : d(8, true, u)
        },
        yb = function(u, w, W, G) {
            U((G = J((W = J(w), w)), I(R(w, W), u)), w, G)
        },
        zZ = function(u, w) {
            e(440, ((w.r7.push(w.U.slice()), w.U)[440] = void 0, w), u)
        },
        hf = function(u, w, W, G) {
            try {
                G = u[((w | 0) + 2) % 3], u[w] = (u[w] | 0) - (u[((w | 0) + 1) % 3] | 0) - (G | 0) ^ (1 == w ? G << W : G >>> W)
            } catch (Q) {
                throw Q;
            }
        },
        cW = function(u, w, W, G) {
            for (; u.O.length;) {
                G = (u.H = null, u.O.pop());
                try {
                    W = q1(G, u)
                } catch (Q) {
                    B(u, Q)
                }
                if (w && u.H) {
                    (w = u.H, w)(function() {
                        n(true, true, u)
                    });
                    break
                }
            }
            return W
        },
        d = function(u, w, W, G, Q, N, q, v, C, X, x, z, O, t) {
            if (X = R(W, 440), X >= W.i) throw [p, 31];
            for (x = (C = W.bN.length, Q = u, v = 0, X); 0 < Q;) t = x >> 3, z = x % 8, O = 8 - (z | 0), N = W.F[t], O = O < Q ? O : Q, w && (q = W, q.N != x >> 6 && (q.N = x >> 6, G = R(q, 150), q.R = fq([0, 0, G[1], G[2]], q.N, q.W)), N ^= W.R[t & C]), v |= (N >> 8 - (z | 0) - (O | 0) & (1 << O) - 1) << (Q | 0) - (O | 0), Q -= O, x += O;
            return e(440, (w = v, W), (X | 0) + (u | 0)), w
        },
        n = function(u, w, W, G, Q, N) {
            if (W.O.length) {
                ((W.u && 0(), W).lN = u, W).u = true;
                try {
                    Q = W.T(), W.Z = Q, W.B = Q, W.V = 0, G = cW(W, u), N = W.T() - W.Z, W.s += N, N < (w ? 0 : 10) || 0 >= W.o-- || (N = Math.floor(N), W.L.push(254 >= N ? N : 254))
                } finally {
                    W.u = false
                }
                return G
            }
        },
        Jf = function(u, w) {
            if ((u = (w = null, T.trustedTypes), !u) || !u.createPolicy) return w;
            try {
                w = u.createPolicy("bg", {
                    createHTML: y,
                    createScript: y,
                    createScriptURL: y
                })
            } catch (W) {
                T.console && T.console.error(W.message)
            }
            return w
        },
        SK = function(u, w, W, G, Q, N) {
            for (w = (G = ((Q = J((N = u[Rk] || {}, u)), N.UG = J(u), N).K = [], u.P == u) ? (b(u) | 0) - 1 : 1, J(u)), W = 0; W < G; W++) N.K.push(J(u));
            for (; G--;) N.K[G] = R(u, N.K[G]);
            return N.v = R(u, Q), N.Px = R(u, w), N
        },
        R = function(u, w) {
            if (void 0 === (u = u.U[w], u)) throw [p, 30, w];
            if (u.value) return u.create();
            return (u.create(3 * w * w + -76 * w + 93), u).prototype
        },
        g = T.requestIdleCallback ? function(u) {
            requestIdleCallback(function() {
                u()
            }, {
                timeout: 4
            })
        } : T.setImmediate ? function(u) {
            setImmediate(u)
        } : function(u) {
            setTimeout(u, 0)
        },
        K, a = function(u, w, W) {
            W = this;
            try {
                sw(this, w, u)
            } catch (G) {
                B(this, G), u(function(Q) {
                    Q(W.l)
                })
            }
        },
        b3 = function(u, w, W, G) {
            return R(u, (e((i3(u, (G = R(u, 440), u.F && G < u.i ? (e(440, u, u.i), zZ(w, u)) : e(440, u, w), W)), 440), u, G), 25))
        },
        B = function(u, w) {
            u.l = ((u.l ? u.l + "~" : "E:") + w.message + ":" + w.stack).slice(0, 2048)
        },
        e = function(u, w, W) {
            if (440 == u || 26 == u) w.U[u] ? w.U[u].concat(W) : w.U[u] = xF(w, W);
            else {
                if (w.X && 150 != u) return;
                446 == u || 438 == u || 509 == u || 31 == u || 245 == u ? w.U[u] || (w.U[u] = YF(78, w, W, u)) : w.U[u] = YF(65, w, W, u)
            }
            150 == u && (w.W = d(32, false, w), w.N = void 0)
        },
        eK = function(u, w) {
            return u(function(W) {
                W(w)
            }), [function() {
                return w
            }]
        },
        Qb = function(u, w) {
            return h[w](h.prototype, {
                document: u,
                pop: u,
                stack: u,
                console: u,
                length: u,
                floor: u,
                propertyIsEnumerable: u,
                parent: u,
                replace: u,
                call: u,
                splice: u,
                prototype: u
            })
        },
        l = function(u, w, W, G, Q, N) {
            if (!W.X) {
                if ((u = (0 == (G = R(W, (N = void 0, u && u[0] === p && (w = u[1], N = u[2], u = void 0), 31)), G.length) && (Q = R(W, 26) >> 3, G.push(w, Q >> 8 & 255, Q & 255), void 0 != N && G.push(N & 255)), w = "", u && (u.message && (w += u.message), u.stack && (w += ":" + u.stack)), R(W, 23)), 3) < u) {
                    W.P = (N = (w = (w = w.slice(0, (u | 0) - 3), u -= (w.length | 0) + 3, F2)(w), W).P, W);
                    try {
                        U(I(w.length, 2).concat(w), W, 438, 9)
                    } finally {
                        W.P = N
                    }
                }
                e(23, W, u)
            }
        },
        Rk = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        p = {},
        GZ = [],
        V = (a.prototype.ZE = (a.prototype.j = "toString", void 0), a.prototype.Qd = (a.prototype.OG = false, void 0), []),
        S = [],
        Y = [],
        w7 = [],
        u3 = [],
        m = [],
        N1 = [],
        ok = ((((((TZ, function() {})(Z), hf, function() {})(M1), K = a.prototype, K).T = (window.performance || {}).now ? function() {
            return this.iN + window.performance.now()
        } : function() {
            return +new Date
        }, K).aX = function() {
            return Math.floor(this.T())
        }, K.Hx = function() {
            return Math.floor(this.s + (this.T() - this.Z))
        }, a).prototype.C = "create", K.mf = function(u, w, W, G, Q, N) {
            for (W = (N = [], G = 0); W < u.length; W++)
                for (Q = Q << w | u[W], G += w; 7 < G;) G -= 8, N.push(Q >> G & 255);
            return N
        }, K.h = function(u, w, W, G, Q) {
            if (W = "array" === BW(W) ? W : [W], this.l) u(this.l);
            else try {
                G = [], Q = !this.O.length, E(this, [V, G, W]), E(this, [S, u, G]), w && !Q || n(w, true, this)
            } catch (N) {
                B(this, N), u(this.l)
            }
        }, void 0),
        h = (K.pf = function(u, w, W, G, Q) {
            for (Q = G = 0; Q < u.length; Q++) G += u.charCodeAt(Q), G += G << 10, G ^= G >> 6;
            return (G = new Number((G += G << 3, G ^= G >> 11, u = G + (G << 15) >>> 0, u & (1 << w) - 1)), G)[0] = (u >>> w) % W, G
        }, K.TE = function(u, w, W) {
            return u ^ ((w = (w ^= w << 13, w ^= w >> 17, (w ^ w << 5) & W)) || (w = 1), w)
        }, p).constructor;
    a.prototype.A = function(u, w) {
        return ok = (w = {}, function() {
                return u == w ? 93 : 38
            }), u = {},
            function(W, G, Q, N, q, v, C, X, x, z, O, t, L, r, M) {
                u = (z = u, w);
                try {
                    if (t = W[0], t == Y) {
                        G = W[1];
                        try {
                            for (Q = (M = (N = (L = atob(G), 0), []), 0); Q < L.length; Q++) r = L.charCodeAt(Q), 255 < r && (M[N++] = r & 255, r >>= 8), M[N++] = r;
                            e(150, this, [0, 0, ((this.F = M, this).i = this.F.length << 3, 0)])
                        } catch (c) {
                            l(c, 17, this);
                            return
                        }
                        i3(this, 8001)
                    } else if (t == V) W[1].push(R(this, 23), R(this, 446).length, R(this, 509).length, R(this, 438).length), e(25, this, W[2]), this.U[216] && b3(this, R(this, 216), 8001);
                    else {
                        if (t == S) {
                            this.P = (X = (q = I((R((N = W[2], this), 446).length | 0) + 2, 2), this.P), this);
                            try {
                                v = R(this, 31), 0 < v.length && U(I(v.length, 2).concat(v), this, 446, 10), U(I(this.S, 1), this, 446, 109), U(I(this[S].length, 1), this, 446), L = 0, x = R(this, 438), L -= (R(this, 446).length | 0) + 5, L += R(this, 459) & 2047, 4 < x.length && (L -= (x.length | 0) + 3), 0 < L && U(I(L, 2).concat(Z(L)), this, 446, 15), 4 < x.length && U(I(x.length, 2).concat(x), this, 446, 156)
                            } finally {
                                this.P = X
                            }
                            if (C = (((Q = Z(2).concat(R(this, 446)), Q)[1] = Q[0] ^ 6, Q[3] = Q[1] ^ q[0], Q)[4] = Q[1] ^ q[1], this.nf(Q))) C = "!" + C;
                            else
                                for (L = 0, C = ""; L < Q.length; L++) O = Q[L][this.j](16), 1 == O.length && (O = "0" + O), C += O;
                            return (R(this, ((e(23, this, (M = C, N.shift())), R(this, 446)).length = N.shift(), 509)).length = N.shift(), R(this, 438)).length = N.shift(), M
                        }
                        if (t == m) b3(this, W[1], W[2]);
                        else if (t == w7) return b3(this, W[1], 8001)
                    }
                } finally {
                    u = z
                }
            }
    }();
    var Cq, vW = ((a.prototype.NJ = (a.prototype[u3] = [0, 0, 1, 1, 0, 1, 1], 0), a.prototype).ff = (a.prototype.nf = function(u, w, W, G) {
            if (W = window.btoa) {
                for (w = "", G = 0; G < u.length; G += 8192) w += String.fromCharCode.apply(null, u.slice(G, G + 8192));
                u = W(w).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else u = void 0;
            return u
        }, 0), /./),
        DR = Y.pop.bind(a.prototype[V]),
        X2 = function(u, w) {
            return (w = Jf()) && 1 === u.eval(w.createScript("1")) ? function(W) {
                return w.createScript(W)
            } : function(W) {
                return "" + W
            }
        }(((Cq = (vW[a.prototype.j] = DR, Qb)({get: DR
        }, a.prototype.C), a).prototype.Wx = void 0, T));
    (40 < (P = T.botguard || (T.botguard = {}), P.m) || (P.m = 41, P.bg = r7, P.a = Ew), P).nBK_ = function(u, w, W) {
        return W = new a(w, u), [function(G) {
            return nq(W, G)
        }]
    };
}).call(this);
#5 JavaScript::Eval (size: 39) - SHA256: a5f5cd67a070efd360d3e352af87cc4a3b0c081f084c3fa813251146474607c7
tmgShowingLiveViewOnly_1298769904 = true;
#6 JavaScript::Eval (size: 64) - SHA256: 2a8f90ef94dcf0f3dd18881204616164dde36cc3ba07fdcd5f2314f2450d0e81
0,
function(N, q, v) {
    e((v = (q = J((v = J(N), N)), N).U[v] && R(N, v), q), N, v)
}
#7 JavaScript::Eval (size: 22) - SHA256: 6ddbb6fb253572fccb27b7b001942bec78058fe7e601b7a68ce0a3d605f19cef
0,
function(N) {
    tf(2, N)
}
#8 JavaScript::Eval (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
#9 JavaScript::Eval (size: 22) - SHA256: 60883648cbc1953e3aa6caa43e404222a86b2a5e151a43bc34be22d0ed4838fb
0,
function(N) {
    tf(1, N)
}

Executed Writes (2)
#1 JavaScript::Write (size: 14992) - SHA256: 83da9705edd3e8dafc507d090db961a8b8fc0aece8a377f7032eb1346d360907
< style type = 'text/css' > .TMG - Creative - MoreInfo - Container {
        background - color: # fdecd7!important;
        border: 1 px solid # f3dfc8!important;
    }.TMG - Creative - MoreInfo - Container - HeaderBar {
        background - color: # f3dfc8!important;
    }.TMG - Creative - MoreInfo - Container - HeaderBar - Icon {
        color: # c4a176!important;
    }.TMG - Creative - MoreInfo - Container a {
        color: # dca926!important;
    }.TmgOffersArea {
        width: 370 px!important;font - family: Sans - Serif!important;font - size: 14 px!important;font - variant: normal!important;color: #212529!important;padding:0px 0px 0px 0px;margin:0px 0px 0px 0px;}.TmgOfferTopSpace{width:370px!important;float:left!important;height:0px!important;}.TmgOfferHeaderImage{width:370px!important;float:left!important;display:none;border:0px solid # FFF!important;
    }.TmgOfferHeaderImage img {
        height: 0 px!important;width: 0 px!important;
    }.TmgOfferBlankTop {
        width: 370 px!important;float: left!important;margin: 5 px 0 px
    }.TmgOffers {
        width: 370 px!important;float: left!important;
    }.TmgOffer {
        width: 370 px!important;float: left!important;
    }.TmgFloat {
        float: left!important;
    }.TmgOfferVerbiage {
        width: 370 px!important;float: left!important;display: none;padding: 0 px 0 px 0 px 0 px!important;margin: 0 px 0 px 0 px 0 px!important;font - family: Arial,
        Helvetica,
        sans - serif!important;font - weight: normal!important;font - size: 12 px!important;color: #000!important;border-style:0px solid # FFF!important;text - align: left!important;
    }.TmgOfferFooterImage {
        width: 370 px!important;float: left!important;display: none;border: 0 px solid # FFF!important;height: 0 px!important;width: 0 px!important;
    }.TmgOfferFooterImage img {
        height: 0 px!important;width: 0 px!important;
    }.TmgOfferBottomSpace {
        width: 370 px!important;float: left!important;height: 0 px!important;
    }.tmgCampaignlogoArea {
        display: none;width: 130 px!important;vertical - align: top;float: left!important;background - repeat: no - repeat;
    }.tmgCampaignlogoArea img {
        border: 1 px solid #000000 !important;}.TmgCampaignControlArea{display:block;width:25px!important;vertical-align:top;}.TmgCheckBoxButton{margin:1px 3px!important;}.TmgRadioButton{margin:1px 3px!important;}.tmgControlText{font-family:Sans-Serif!important;font-size:14px!important;font-weight:normal!important;color:# 212529!important;font - variant: normal!important;vertical - align: top!important;vertical - align: middle;display: inline - block;padding: 0 px!important;padding: 0 px 0 px 5 px 1 px;margin - left: 0 px!important;margin - left: -1 px;
    }.TmgCampaignCreativeArea {
        float: left!important;width: 325 px!important;vertical - align: top;display: block;
    }.TmgCampaignCreativeText {
        width: 325 px!important;font - family: Sans - Serif!important;font - size: 14 px!important;font - variant: normal!important;color: #212529!important;text-align:left!important;vertical-align:top!important;display:inline-block!important;overflow: hidden!important;}.TmgAdditionalFieldsArea{float:left!important;display:none;width:325px!important;font-family:Sans-Serif!important;font-variant:normal!important;color:# 212529!important;
    }.TmgBlankArea {
        float: left!important;width: 1 px!important;height: 1 px!important;padding: 0 px!important;margin: 0 px!important;
    }.TMG - Creative - MoreInfo - a - Collapse, .TMG - Creative - MoreInfo - a - Expand {
        cursor: pointer;color: #0000FF;text-decoration:underline;padding:0 5px;}.tmgFieldControlTheme{background-color:none;}.tmgFieldControlThemeRequired{background-color:# FF9999;
    }.TmgCampaignDisclaimer {
        font - size: 9 px!important;
        font - style: italic;
    }.tmgFieldOptionDirectionVertical {
        display: inline - table;
    }.TmgPoweredBy {
        float: left!important;font - family: Sans - Serif!important;font - size: 14 px!important;font - variant: normal!important;color: #9b9b9b!important;text-align:right!important;width:100%!important;}.TmgPoweredBy .initials-span{font-size:13px!important;}</style><script language= 'javascript'
        type = 'text/javascript' >
        var tmg_GlobalAssetsBaseURL = 'tmgassets.azureedge.net/amsus';
        var tmgPlacement = '13488000',
            tmgPublisher = '139136',
            tmgAffId = '1253169444874966',
            tmgSubId = '1253169444874966',
            tmgSSLKey = 's',
            tmgRedirectTo = '#',
            tmgMyURI = 'ldsapi.tmginteractive.com',
            tmgOfferPreCheck = false,
            tmgNumberOfOfferForPreCheck = 0,
            tmg_arrPreCheckCamps = [],
            tmgIsEmbeddedPlacement = true,
            tmgIsFieldDropOnButtonClick = false,
            tmgIsClientQueryStringPass = false,
            lUSER_PLATFORM = 0,
            lUSER_PLATFORM_SUB = 0,
            lUSER_IP_ADDRESS = '91.90.42.154',
            tmg_UserAgent = 'Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0',
            tmgHitUniqueKey = '1298769904',
            tmgTrustedFormFlag = false,
            tmgUniversalLeadidFlag = false,
            tmg_ptype = 'Embedded',
            tmg_psectype = 'EMBEDDED',
            tmg_hideCampOnClick = false,
            tmg_NumOfCampShowIntially = 0,
            tmg_ShowCampInBunchFunctionality = false,
            tmg_CampaignInABunch = 0,
            tmg_MainPlacement = '13488000',
            tmgAttachedInfo = 'Firefox;96.0;UNIX',
            tmgMoreInfoContext = '<i class=:SQ:fa fa-plus-circle:SQ: style=:SQ:color:#9E9E9E !important; font-size:16px !important;font-variant:normal !important; font-stretch:inherit !important; font-style:normal !important;font-weight:normal !important; background:none !important;border:none !important;text-decoration:none !important;text-transform:none !important;:SQ:></i>',
            tmgLessInfoContext = '<i class=:SQ:fa fa-minus-circle:SQ: style=:SQ:color:#A12227!important; font-size:16px!important;font-variant:normal !important;font-stretch:inherit !important; font-style:normal !important;font-weight:normal !important; background:none !important;border:none !important;text-decoration:none !important;text-transform:none !important;:SQ:></i>',
            tmgSiteName = 'monthlysweeps.us',
            tmgShowingLiveViewOnly_1298769904 = false,
            UserActivityTrackingSequence = 0,
            tmg_PostLeadOnOpt = false,
            tmgTrustedFormEnabledCampaigns = [],
            gMonths = [],
            gDays = [],
            gYears = [],
            gCountry = [],
            usStates = [],
            caStates = [],
            auStates = []; < /script><script src='https:/ / tmgassets.azureedge.net / amsus / ldsapi / assets / script / standard.min.js ? version = 20220221 n ' type='
        text / javascript '></script><script src='
        https : //tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103' type='text/javascript'></script><script src='https://tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20220828a' type='text/javascript'></script><script async src='https://tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419' type='text/javascript'></script><link href='https://tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?54k4j202254j09ckl04llk158jkk070500' rel='stylesheet' type='text/css' /><iframe security='restricted' id='tmgPost' height='1' width='1' style='display:none;'></iframe><img id='tmgCallPixelSrc' src='https://tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif' height='1' width='1' /><div id='TmgOffers' align='left' class='TmgOffersArea' style='display:none;'><div class='TmgOfferTopSpace'></div><div class='TmgOfferHeaderImage' title='&nbsp;'></div><div id='TmgOfferVerbiage13488000' class='TmgOfferVerbiage'></div><div class='TmgOfferBlankTop'></div><div id='tmgDisplayOfferContainer' class='TmgOffers'><div id='TMGOfferTD1' class='TmgOffer TmgOfferTheme' ></div><br class='tmg_ignore_br' style='clear:both;'/></div><div class='TmgOfferFooterImage' title=''></div><div class='TmgOfferBottomSpace'></div><div style='clear:both;'></div></div><div style='display:none;'><div id='TMGOfferTR$10023'><div class='TMGOfferDiv13488000'><div class='tmgOfferArea_CenterLeftLine'><div class='tmgOfferArea_CenterRightLine'><div class='tmgOfferArea_CenterTopLine'><div class='tmgOfferArea_TopLeftCorner'><div class='tmgOfferArea_TopRightCorner'><div class='tmgOfferArea_CenterBottomLine'><div class='tmgOfferArea_BottomLeftCorner'><div class='tmgOfferArea_BottomRightCorner'><div class='TmgBlankArea'></div><div id='TmgCampaignControl$10023' class='TmgFloat TmgCampaignControlTheme'><div align='left' valign='top' style='vertical-align:top!important;' class='TmgCampaignControlArea TmgCampaignControlAreaTheme'><input type='checkbox' id='tmgControl$10023$0' name='tmgControl$10023' class='TmgCheckBoxButton' onClick='javascript:TMG_CheckClick(this);' />&nbsp;</div></div><div id='TmgCampaignCreative$10023' class='TmgCampaignCreativeArea TmgCampaignCreativeAreaTheme'><span class='TmgCampaignCreativeText'><span id='TmgCampaignCreativeSection0' class='TmgCampaignCreativeSection0Theme'><label for='tmgControl$10023$0' style='cursor:pointer;display:inline;'>Get exclusive access to global deals and free apps for your smartphone! </label></span><span id='TmgCampaignCreativeSection1' class='TmgCampaignCreativeSection1Theme'> </span><br class='tmg_ignore_br' style='clear:left;'/><span class='TMG-Creative-MoreInfo-Span' id='CreativeMoreInfo$10023' style='display:none;'>&nbsp;<a href='https://ldsapi.tmginteractive.com/pp/' target='_blank'>Privacy Policy</a></span><a class='TMG-Creative-MoreInfo-a-Expand' id='TMGMoreInfoAnchor$10023' onclick='javascript:TMG_ClickForCreativeMoreInfo(this)'><i class='fa fa-plus-circle' style='color:#9E9E9E !important; font-size:16px !important;font-variant:normal !important; font-stretch:inherit !important; font-style:normal !important;font-weight:normal !important; background:none !important;border:none !important;text-decoration:none !important;text-transform:none !important;'></i></a></span></div><br class='tmg_ignore_br' style='clear:both;'/><div id='TmgAdditionalFields$10023' class='TmgAdditionalFieldsArea TmgAdditionalFieldsAreaTheme' style='padding-left:25px'><div><span style='font-size:11px!important;font-weight:normal!important;' name='TmgFieldValidationMsg' id='TmgFieldValidationMsg$10023'>Please complete the following fields:</span></div><div style='height:2px!important;'></div><div id='F_10023_FIRST_NAME_TABLE'><div><span id='F_10023_FIRST_NAME$heading' style='font-size:11px!important;' class='tmgFieldCaptionTheme'>First Name</span></div><div><input Id='F_10023_FIRST_NAME' name='F_10023_FIRST_NAME' style='width:200px;height:20px;' onChange=javascript:TMG_FillValueWithSameBaseField(this);TMG_ValidateCampaignsFieldsOnChange('F_10023_FIRST_NAME'); type='text' value='' class='tmgFieldTextBox tmgFieldControlTheme'></div></div><div style='height:2px!important;'></div><div id='F_10023_LAST_NAME_TABLE'><div><span id='F_10023_LAST_NAME$heading' style='font-size:11px!important;' class='tmgFieldCaptionTheme'>Last Name</span></div><div><input Id='F_10023_LAST_NAME' name='F_10023_LAST_NAME' style='width:200px;height:20px;' onChange=javascript:TMG_FillValueWithSameBaseField(this);TMG_ValidateCampaignsFieldsOnChange('F_10023_LAST_NAME'); type='text' value='' class='tmgFieldTextBox tmgFieldControlTheme'></div></div><div style='height:2px!important;'></div><div id='F_10023_EMAIL_TABLE'><div><span id='F_10023_EMAIL$heading' style='font-size:11px!important;' class='tmgFieldCaptionTheme'>Email</span></div><div><input Id='F_10023_EMAIL' name='F_10023_EMAIL' style='width:200px;height:20px;' onChange=javascript:TMG_FillValueWithSameBaseField(this);TMG_ValidateCampaignsFieldsOnChange('F_10023_EMAIL'); type='text' value='' class='tmgFieldTextBox tmgFieldControlTheme'></div></div><div style='height:2px!important;'></div><input name='F_10023_IP_ADDRESS' Id='F_10023_IP_ADDRESS' type='hidden' value='91.90.42.154'/><div style='height:2px!important;'></div><input name='F_10023_COUNTRY' Id='F_10023_COUNTRY' type='hidden' value=''/><div style='height:2px!important;'></div><input name='F_10023_USER_PLATFORM' Id='F_10023_USER_PLATFORM' type='hidden' value='0'/><div style='height:2px!important;'></div><div><span id='TmgSuccessMsg$10023' name='TmgSuccessMsg' style='font-size:11px!important;'>Once you have completed the required field(s) you will see a success message here.</span></div></div><div id='TmgSpacerTop$10023' class='TmgOffer SpacerImage' style='width:370px!important;height:5px!important;'><img src='https://tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif' height='1px' width='0px'></div><div class='TmgOffer TmgCampaignSepratorTheme' id='TmgCampaignSepratorId$10023' style='display:none;width:370px;border-bottom: 1px solid #000000!important;'></div><div id='TmgSpacerBottom$10023' class='TmgOffer SpacerImage' style='width:370px!important;height:5px!important;'><img src='https://tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif' height='1px' width='0px'></div><div class='tmg_ignore_br' style='clear:left;'></div></div></div></div></div></div></div></div></div></div></div></div><input name='hFieldAffId' Id='hFieldAffId' name='hFieldAffId' type='hidden' value='1253169444874966'/><input Id='hTMG_FetchingDataFromQuery' type='hidden' value='0'/><input Id='hTMG_MappedDateFormat' type='hidden' value='0'/><input name='hFieldSubId' Id='hFieldSubId' name='hFieldSubId' type='hidden' value='1253169444874966'/><script language='javascript' type='text/javascript'>var IsPrePingExecuteFromClientScript=false,lCampaigns_out_from_preping=[0],lMappedClientFields='ADDRESS,1,address,NAME--AffId,0,hFieldAffId,ID--CITY,0,city,ID--DATE_OF_BIRTH,2,month^day^year,ID--EMAIL,1,email-address,ID--FIRST_NAME,1,first_name,ID--GENDER,3,title,NAME--LAST_NAME,1,last_name,ID--PHONE,1,phone_number,ID--STATE,0,state,ID--SubId,0,hFieldSubId,ID--ZIP,1,postal_code,ID',lCPL_10023='0.00',lCPLEntryFor_10023='ADMIN',lOptionDocumentNumber_10023='10023/226/0/225',lCampaignFields_10023='F_10023_FIRST_NAME,F_10023_LAST_NAME,F_10023_EMAIL,F_10023_IP_ADDRESS,F_10023_COUNTRY,F_10023_USER_PLATFORM',lFinalOrderOfCampaignInDisplay='',lTrueTargetedCampaigns='',lFalseTargetedCampaigns='',lNumberOfCampaignsToDisplay='1',lAllCampaigns='10023',lAvoidValidateForIds='F_10023_IP_ADDRESS,F_10023_COUNTRY,F_10023_USER_PLATFORM',lFieldsContainChildField='',lHiddenFieldIds='F_10023_IP_ADDRESS,F_10023_COUNTRY,F_10023_USER_PLATFORM',lAnswerMandatoryFlag=false,lRadioButtonFieldIds='',lCheckBoxFieldIds='',lClientQueryString='',lPrePingCampaigns='',lNumberOfPrepingCampaign='0',lExecuteLines='',lMappedFor_GENDER='Mr~M,Ms~F',lPlacementImpressionOn='LOAD',lCampaignsImpressionOn='LOAD';</script><script language='javascript' type='text/javascript'>try{TMG_DisplayOffers();fn_MoreInfo_Absolute();}catch(ex){}</script><script language='javascript' type='text/javascript'>var oldonload=window.onload;if (typeof window.onload != 'function'){window.onload=function(){TMG_ExecuteOnPageLoad();fn_MoreInfo_Absolute();}} else {window.onload=function(){TMG_ExecuteOnPageLoad();fn_MoreInfo_Absolute();oldonload();}}</script><script>UserActivityTrackingSequence=1;</script><link href='https://tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419' rel='stylesheet' type='text/css' /><script src='https://tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?54k4j202254j09ckl04llk158jkk070500' type='text/javascript'></script><style>.tmg-loading{display:none;text-align:center;}</style><script async src='https://tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20220828a' type='text/javascript'></script><input Id='hConditionalStructureData' type='hidden' value=''/><script>try{ TrackTime.push('22:07:05.852','22:07:05.852','22:07:05.852','22:07:05.930','22:07:05.930','22:07:05.930','22:07:05.930','22:07:05.930','22:07:05.930');TrackTime.push(GetDateStringInFormat(new Date(),'hh:mm:ss.fff')) } catch(ex) { }</script>
#2 JavaScript::Write (size: 830) - SHA256: be97c3f8d436b506b3097caddaf36dfc43ef67cf35e0d9ea5557fe60676a9580
< script >
    var TrackTime = ['22:07:05.664', '22:07:05.664', '22:07:05.664'] < /script><style>.tmg-loading span{margin:0 auto;display:block;width:130px;font-size:large;font-variant:petite-caps;font-family:initial;text-align:center;}</style > < div id = 'tmgloading'
class = 'tmg-loading' > < span > Loading... < /span></div > < script > function TMG_CheckForClick() {
    try {
        var redirectTo = '#',
            tmpPlacement = '13488000';
        if ('#' != redirectTo) {
            var lurl = decodeURIComponent(redirectTo); - 1 != lurl.indexOf('http://') || -1 != lurl.indexOf('https://') ? window.location.href = lurl : eval(lurl)
        }
    } catch (r) {}
    return !0
} < /script><script src='https:/ / ldsapi.tmginteractive.com / GenericPlacementScriptDiv.aspx ? tmgrt = ancs & mainPlacement = 13488000 & hasLoadOptimation = 0 & hasMinAssets = 1 & placement = 13488000 & publisher = 139136 & affid = 1253169444874966 & subid = 1253169444874966 ' type='
text / javascript '></script>

HTTP Transactions (103)


Request Response
 
                                        
                                            GET /x/7768/16944/0/4874966/590413665212051457/kOkrLEpHjF/0/0/0/ HTTP/1.1 

                                        
                                            
Host: amclicks.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1
search 
                                         44.194.247.48

                                        
                                            HTTP/1.1 301 Moved Permanently 

                                        
                                            
Content-Type: text/html 

                                        
                                    
                                        

                                        
                                            
Server: awselb/2.0 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:03 GMT 

                                        
                                            
Content-Length: 134 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Location: https://amclicks.com:443/x/7768/16944/0/4874966/590413665212051457/kOkrLEpHjF/0/0/0/ 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   134

                                                Md5:    4aa7a432bb447f094408f1bd6229c605

                                                Sha1:   1965c4952cc8c082a6307ed67061a57aab6632fa

                                                Sha256: 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         143.204.55.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json 

                                        
                                    
                                        

                                        
                                            
Content-Length: 939 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Date: Sun, 04 Sep 2022 21:44:24 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: TCa7wyq2GUEouZJkYybH019Hc0Z9XgJBgzViMVkFx7euWjTzUg7nYA== 

                                        
                                            
Age: 1359 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    91dd975a7b17b2922dd23c0e49314e40

                                                Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2

                                                Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29" 

                                        
                                            
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6493 

                                        
                                            
Expires: Sun, 04 Sep 2022 23:55:16 GMT 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:03 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         143.204.55.49

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream 

                                        
                                    
                                        

                                        
                                            
content-length: 5348 

                                        
                                            
last-modified: Sat, 20 Aug 2022 23:18:05 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Sun, 04 Sep 2022 01:15:18 GMT 

                                        
                                            
etag: "742edb4038f38bc533514982f3d2e861" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: UTc_riaMSBI4ZrO9y5v9UBwe2R1obrQ3CkcTuUt2Yqp22Dv3394DmA== 

                                        
                                            
age: 75106 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    742edb4038f38bc533514982f3d2e861

                                                Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1

                                                Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:03 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         54.230.245.118

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:03 GMT 

                                        
                                            
Last-Modified: Sun, 04 Sep 2022 22:05:18 GMT 

                                        
                                            
Server: ECS (dcb/7FA7) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: UnYRg9szhZgACsPJ7MgMHFzEZT2RzGAoUCqoyEPFNLXv-u8FavV3kQ== 

                                        
                                            
Age: 105 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         143.204.55.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json 

                                        
                                    
                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Date: Sun, 04 Sep 2022 21:38:16 GMT 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Expires: Sun, 04 Sep 2022 22:08:19 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: pCahiIaX_VOYRcYIn3pCHXrnsa5NeSIt3kQ0ysZGcen2RJRznb6smA== 

                                        
                                            
Age: 1727 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /x/7768/16944/0/4874966/590413665212051457/kOkrLEpHjF/0/0/0/ HTTP/1.1 

                                        
                                            
Host: amclicks.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Sec-Fetch-User: ?1
search 
                                         44.194.247.48

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:03 GMT 

                                        
                                            
content-length: 189 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
expires: Thu, 19 Nov 1981 08:52:00 GMT 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate 

                                        
                                            
pragma: no-cache 

                                        
                                            
set-cookie: ci_session=3fslictje9lqcskbkgh6rv8phffitms2; expires=Mon, 05-Sep-2022 00:07:03 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax
ref=1; expires=Sun, 04-Sep-2022 23:07:03 GMT; Max-Age=3600 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document, ASCII text, with no line terminators

                                                Size:   189

                                                Md5:    1aaaaed07997f146eb378ddcff3a2ecd

                                                Sha1:   1b368a0215d9299689d0158dfabbcd79f90081d7

                                                Sha256: ba79b56d7b09fc9c10fefad73c8ddf0f87fdeeff91e2c777043fd0b0e4241f92

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4883 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:04 GMT 

                                        
                                            
Last-Modified: Sun, 04 Sep 2022 20:45:41 GMT 

                                        
                                            
Server: ECS (ska/F71C) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /x/7768/16944/0/4874966/590413665212051457/kOkrLEpHjF/0/0/0/ HTTP/1.1 

                                        
                                            
Host: amclicks.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://amclicks.com/x/7768/16944/0/4874966/590413665212051457/kOkrLEpHjF/0/0/0/ 

                                        
                                            
Cookie: ref=1; ci_session=3fslictje9lqcskbkgh6rv8phffitms2 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         44.194.247.48

                                        
                                            HTTP/2 302 Found 

                                        
                                            
content-type: text/html; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:04 GMT 

                                        
                                            
content-length: 0 

                                        
                                            
location: https://monthlysweeps.us/go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966/?em=0& 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
expires: Thu, 19 Nov 1981 08:52:00 GMT 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate 

                                        
                                            
pragma: no-cache 

                                        
                                            
set-cookie: ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: 24x7g69gFGQcUAb1j+Rjqg== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket
search 
                                         52.43.253.52

                                        
                                            HTTP/1.1 101 Switching Protocols 

                                        
                                    
                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: o2/2NR3La/xX5DXfAv56RbMcDyo= 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         54.230.245.118

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:04 GMT 

                                        
                                            
Last-Modified: Sun, 04 Sep 2022 21:46:00 GMT 

                                        
                                            
Server: ECS (nyb/1D2C) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: MkCg9qGKn_VNCTf-UByXycrtQ1ROJz0JEgSCDtEmkP4lPTkRMqbceQ== 

                                        
                                            
Age: 1265 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966/?em=0& HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://amclicks.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         44.194.247.48

                                        
                                            HTTP/2 301 Moved Permanently 

                                        
                                            
content-type: text/html; charset=iso-8859-1 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:04 GMT 

                                        
                                            
content-length: 312 

                                        
                                            
location: http://monthlysweeps.us/go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   312

                                                Md5:    af507637cbd79cbc886fad253481a604

                                                Sha1:   3d0f20d995969e2906fef3f640e47750a4d4034c

                                                Sha256: d14f7ab0ce6fedba5309da9dbf1ae3c68c0a115bfc786138bb9319f0b54d9e11

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1
search 
                                         44.194.247.48

                                        
                                            HTTP/1.1 301 Moved Permanently 

                                        
                                            
Content-Type: text/html 

                                        
                                    
                                        

                                        
                                            
Server: awselb/2.0 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:04 GMT 

                                        
                                            
Content-Length: 134 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Location: https://monthlysweeps.us:443/go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   134

                                                Md5:    4aa7a432bb447f094408f1bd6229c605

                                                Sha1:   1965c4952cc8c082a6307ed67061a57aab6632fa

                                                Sha256: 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         44.194.247.48

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:04 GMT 

                                        
                                            
content-length: 9945 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
set-cookie: ci_session=gklrgnhfp5hsjhq50aglq7p0n2h0r3b2; path=/; HttpOnly; SameSite=Lax 

                                        
                                            
expires: Thu, 19 Nov 1981 08:52:00 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (939)

                                                Size:   9945

                                                Md5:    f65e9d643433dd56c8fe785344ff61a0

                                                Sha1:   2a6c2822479779acb8f4b172061e051acbc654b2

                                                Sha256: f17ead2a2b81a2c071aae2fe377727017de628e50cf2fe99fba2544ed314fac8

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4812 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Last-Modified: Sun, 04 Sep 2022 20:46:53 GMT 

                                        
                                            
Server: ECS (ska/F71C) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /assets/css/datepicker.css HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& 

                                        
                                            
Cookie: ci_session=gklrgnhfp5hsjhq50aglq7p0n2h0r3b2 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         44.194.247.48

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
content-length: 818 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Mon, 26 Jul 2021 18:17:06 GMT 

                                        
                                            
etag: "d07-5c80ac2c970f8-gzip" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (3335), with no line terminators

                                                Size:   818

                                                Md5:    3240fc33175e0e388f26fbac8bf8cff3

                                                Sha1:   cf1a645948c9ce996e1560b9569f56822c4f9ba8

                                                Sha256: 9077f43ae19f62f65d930304d4f77d3ce23ec0d4ba41e1284dac8702fbc05f96

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /assets/css/loading_icon_1.css HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& 

                                        
                                            
Cookie: ci_session=gklrgnhfp5hsjhq50aglq7p0n2h0r3b2 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         44.194.247.48

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
content-length: 580 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Mon, 26 Jul 2021 18:17:07 GMT 

                                        
                                            
etag: "db0-5c80ac2ce37a0-gzip" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   580

                                                Md5:    b6b8913a6a3ad6881037667493551ec5

                                                Sha1:   3daae516738f878875bb15766ca06a2ed9ee442b

                                                Sha256: cc46b8ab8bf6a609d0c9336a46ef8b217c15fb2ecdef548c5c4d6ce6ebdb52cf

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /assets/css/sweeps.css HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& 

                                        
                                            
Cookie: ci_session=gklrgnhfp5hsjhq50aglq7p0n2h0r3b2 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         44.194.247.48

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
content-length: 1639 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Fri, 02 Sep 2022 17:56:19 GMT 

                                        
                                            
etag: "172c-5e7b572772120-gzip" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   1639

                                                Md5:    a5c77602d9ceb6c6450244ffb0baf0d1

                                                Sha1:   0a8756bf9ec23f2957f9165941196551cc046cf7

                                                Sha256: d1bdae39d462d3c7ccb9f86a413c69df0026d2c06558af9b691a0e98bf0cdd4e

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js HTTP/1.1 

                                        
                                            
Host: cdnjs.cloudflare.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         104.17.24.14

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
content-length: 58913 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=30672000 

                                        
                                            
content-encoding: br 

                                        
                                            
etag: "5eb03d8e-46f6d" 

                                        
                                            
last-modified: Mon, 04 May 2020 16:06:38 GMT 

                                        
                                            
cf-cdnjs-via: cfworker/kv 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 5372399 

                                        
                                            
expires: Fri, 25 Aug 2023 22:07:05 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Y0Wbb9jpAvzqnSN%2FXSesFDKUohmT416oCfKR%2BG%2FHl7oBZ9i6sH2GwYQAR8hQAxolz%2FnuUH52nLfbjK2gQDEsSqdYv%2F3qQgVggcKZWRTI0X8JPHtBzUxmgleM3edRcDb%2Bs4WkTRa"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
strict-transport-security: max-age=15780000 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 745a0938eb1cb506-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (65274)

                                                Size:   58913

                                                Md5:    a63b2977b01b6e2d2e2086c3f63a3c9a

                                                Sha1:   560409f64e40f5078e1ba8d496657badd7a3a6ee

                                                Sha256: 4a477bb786727bd8c49a1dbc25dd37dcce7f2ceece74576dffd8a3da739b034f

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /jquery-3.3.1.min.js HTTP/1.1 

                                        
                                            
Host: code.jquery.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         69.16.175.42

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
content-encoding: gzip 

                                        
                                            
content-length: 30288 

                                        
                                            
last-modified: Fri, 20 Aug 2021 17:47:53 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: nginx 

                                        
                                            
etag: W/"611feac9-1538f" 

                                        
                                            
cache-control: max-age=315360000, public 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-hw: 1662329225.dop015.sk1.t,1662329225.cds262.sk1.hn,1662329225.cds072.sk1.c 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65451)

                                                Size:   30288

                                                Md5:    d549b312f7a7d228b4ec229a6547dfdc

                                                Sha1:   0766794582ad530ec0f8c2595f741086afffa312

                                                Sha256: f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1 

                                        
                                            
Host: cdnjs.cloudflare.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         104.17.24.14

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
content-length: 6458 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=30672000 

                                        
                                            
content-encoding: br 

                                        
                                            
etag: "5eb03fa9-500f" 

                                        
                                            
last-modified: Mon, 04 May 2020 16:15:37 GMT 

                                        
                                            
cf-cdnjs-via: cfworker/kv 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 5372472 

                                        
                                            
expires: Fri, 25 Aug 2023 22:07:05 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6V6AdnOHZyDno9nMXC7NlfcBIoxAvhLeZ1VllG7XiqZO4EMce29z2SWWb5X9hdPU99wtD4ONRrsMxdjwAd5s04OevElKvXVJdIyx99%2F5voWuHQb569gPJPQcLxdyQpcjzWx6mrKp"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
strict-transport-security: max-age=15780000 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 745a0938eb1eb506-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (20322)

                                                Size:   6458

                                                Md5:    df9fe6d48e380554eb0ec9687bed3246

                                                Sha1:   207263d754220200c1916edfbda262f62223ecf5

                                                Sha256: 91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /ads/scripts/site-141028.js HTTP/1.1 

                                        
                                            
Host: ads.pro-market.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         23.36.76.115

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/x-javascript 

                                        
                                    
                                        

                                        
                                            
Last-Modified: Tue, 23 Jul 2019 13:39:45 GMT 

                                        
                                            
Server: nginx/1.0.15 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Content-Length: 1101 

                                        
                                            
Cache-Control: max-age=86400 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (514), with CRLF line terminators

                                                Size:   1101

                                                Md5:    540b7c85a21cf48ee81735b2ffcc335f

                                                Sha1:   e5eaedc157c73717aab322629e3f1ad8569bc0a1

                                                Sha256: aa2916440a5dc9e91cc213dc3503845a97fe91cfd12fe8e6cd92032b675a4da9

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4812 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Last-Modified: Sun, 04 Sep 2022 20:46:53 GMT 

                                        
                                            
Server: ECS (ska/F71C) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /jquery.validation/1.15.0/additional-methods.min.js HTTP/1.1 

                                        
                                            
Host: cdn.jsdelivr.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         151.101.85.229

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cache-control: public, max-age=31536000, s-maxage=31536000, immutable 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
etag: W/"4547-g4rGbD7KxrYTawSb3Q4U8vAilSw" 

                                        
                                            
content-encoding: gzip 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
age: 2925332 

                                        
                                            
x-served-by: cache-fra19122-FRA, cache-bma1681-BMA 

                                        
                                            
x-cache: HIT, HIT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-length: 5199 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (17590)

                                                Size:   5199

                                                Md5:    4c0e8d136f8e41d83cb99f52be04f280

                                                Sha1:   eecf9c91f361ac05dfaa6b7167aea6f0d4ddf7cd

                                                Sha256: 81659fd2d8cc8d38327f4450954654b19dbb8a95a2b1e402e47869f0ca9dddc6

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 

                                        
                                            
Host: ocsp.globalsign.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         104.18.21.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Etag: "3731F01556CB6C6A60A891B0F5EBBC36F4769634" 

                                        
                                            
Expires: Mon, 05 Sep 2022 08:00:00 GMT 

                                        
                                            
Last-Modified: Sun, 04 Sep 2022 20:00:00 UTC 

                                        
                                            
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 3354 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 745a09398fa6fab8-OSL 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1462

                                                Md5:    826f1ffec6122171746e30345846a293

                                                Sha1:   9321a8723c442c7a3cd74a028a89d33a7d0ce307

                                                Sha256: 842a67126bf15c19ea23146654365606720701c750a239bbcc632d626cfcaef6

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi HTTP/1.1 

                                        
                                            
Host: www.google.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         142.250.74.164

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
expires: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
cache-control: private, max-age=300 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
content-encoding: gzip 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
content-security-policy: frame-ancestors 'self' 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
content-length: 583 

                                        
                                            
server: GSE 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (884), with no line terminators

                                                Size:   583

                                                Md5:    3791f6cd969502e9e7b2904df8124169

                                                Sha1:   1531da6cc5b52d9d4eb8744eb4c055719a44d209

                                                Sha256: ed049f63c093cce75cf1df275b3785eabbaad2edf5b663cb55a948c0fb366e4a

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /releases/v5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1 

                                        
                                            
Host: use.fontawesome.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://use.fontawesome.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         104.21.63.54

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
content-length: 78268 

                                        
                                            
x-amz-id-2: mdiDvY0sbgHVjregnd781st54+0pccrOI/5iNzvFFVM+9ASH+6AQKRpcTZ716/8m9+nPLgncrSQ= 

                                        
                                            
x-amz-request-id: 95ZB14SR49ZZSQCK 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: GET 

                                        
                                            
access-control-max-age: 3000 

                                        
                                            
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding 

                                        
                                            
last-modified: Wed, 04 Aug 2021 20:43:47 GMT 

                                        
                                            
etag: "d824df7eb2e268626a2dd9a6a741ac4e" 

                                        
                                            
cache-control: max-age=31556926 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 158335 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmPBJ2RAAONfQuMXxcdE2veIA4Zy4BVU5%2F1so%2BQdOswRtpOYI2FTqr%2FFixvTwghd46BSRziTaQtJtYS9GsnB9ZjTE6Xhg5jn9UMYTmLBBad99OWdoY7UHaRSc6XXLxX1igOBm6Hs"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 745a0939ea57b524-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data

                                                Size:   78268

                                                Md5:    d824df7eb2e268626a2dd9a6a741ac4e

                                                Sha1:   0ccb2c814a7e4ca12c4778821633809cb0361eaa

                                                Sha256: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /assets/js/datepicker.js HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& 

                                        
                                            
Cookie: ci_session=gklrgnhfp5hsjhq50aglq7p0n2h0r3b2 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         44.194.247.48

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
content-length: 5285 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Mon, 26 Jul 2021 18:17:09 GMT 

                                        
                                            
etag: "42ac-5c80ac2fab258-gzip" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (16878)

                                                Size:   5285

                                                Md5:    6c28af1b6fa9301701dfefc5dbfe5159

                                                Sha1:   134cfa1c0a5a837f002034b8ea1a8c6243b96bac

                                                Sha256: 4a47c7c7ccb099528d7387eadcc4989bbbc17d75981507635d015da4711bb932

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Phishing

                                                    
                                                
                                                
                                                

                                                
                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /releases/v5.15.4/css/fontawesome.css HTTP/1.1 

                                        
                                            
Host: use.fontawesome.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         104.21.63.54

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
x-amz-id-2: 8SnHluPMPysAuQ+sdGb/5aer5x1/6BITEJiqsgGg3yik/6oo1VJQ6cuxzNsTEDm1Qd+Tihu6hTrGgnYBe0UyCg== 

                                        
                                            
x-amz-request-id: 782FGP6SSRT2E761 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: GET 

                                        
                                            
access-control-max-age: 3000 

                                        
                                            
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding 

                                        
                                            
last-modified: Wed, 04 Aug 2021 20:43:22 GMT 

                                        
                                            
etag: W/"a227f005fa7ae066c1068ac4b963514c" 

                                        
                                            
cache-control: max-age=31556926 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 133242 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXI0PGCLOrcdAcu7d0sfiKSqqeOI1ZEZ6%2F5X8nhaXVVbLStXKt%2FO%2B9DKAIgN95cA5WQIA85lMla8pBEFnceIq8mwcJZ1PNgoiS2Vmuym3zBP8IUMz0h%2FR%2Fy99vJs4bowwvcaS7ra"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 745a0938b912b524-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (57687)

                                                Size:   13067

                                                Md5:    a5e8c04e2ebda62913b141c75693ea50

                                                Sha1:   62c978d32a664bb3e09c0b3035e7558df0871ca0

                                                Sha256: be22c4326ad9e3481ba256dd303c2fdb50d35d43a890486a11d1cd4c706e8f55

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         142.250.74.163

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2 

                                        
                                    
                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 17908 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Mon, 29 Aug 2022 21:38:33 GMT 

                                        
                                            
expires: Tue, 29 Aug 2023 21:38:33 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 520112 

                                        
                                            
last-modified: Mon, 18 Jul 2022 19:23:34 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data

                                                Size:   17908

                                                Md5:    e46b4e2e3b47cc232937ebf72b4c537e

                                                Sha1:   2675bc06ee643b8c935370325a327efb74746e6a

                                                Sha256: d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /assets/img/sweepstakes250/one.png HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& 

                                        
                                            
Cookie: ci_session=gklrgnhfp5hsjhq50aglq7p0n2h0r3b2 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         44.194.247.48

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
content-length: 801 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Thu, 01 Dec 2016 21:16:31 GMT 

                                        
                                            
etag: "321-5429f55d7e9c0" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data

                                                Size:   801

                                                Md5:    03744c9d39310c5d2af2cf2a23616580

                                                Sha1:   603f0d70ddc7d77f6341dc0caf9e0740b33ae061

                                                Sha256: afbc2f9fe529022b98f966b254c8d3173a40998fdd01ee3739df99a8a3169a0b

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /assets/img/sweepstakes250/two.png HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& 

                                        
                                            
Cookie: ci_session=gklrgnhfp5hsjhq50aglq7p0n2h0r3b2 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         44.194.247.48

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
content-length: 915 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Thu, 01 Dec 2016 21:16:30 GMT 

                                        
                                            
etag: "393-5429f55c8a780" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data

                                                Size:   915

                                                Md5:    a1914f8236d7704856f5c5762e86c109

                                                Sha1:   ea40712fad474fab16b7e2f1505bcb42302cd6ec

                                                Sha256: 6c21621aeb7ad165ee758074b65bbf2fa35498a74320a940c52a3208375ef26d

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         142.250.74.163

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2 

                                        
                                    
                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 23040 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Tue, 30 Aug 2022 17:10:21 GMT 

                                        
                                            
expires: Wed, 30 Aug 2023 17:10:21 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 449804 

                                        
                                            
last-modified: Tue, 26 Apr 2022 15:56:42 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data

                                                Size:   23040

                                                Md5:    de69cf9e514df447d1b0bb16f49d2457

                                                Sha1:   2ac78601179c3a63ba3f3f3081556b12ddcaf655

                                                Sha256: c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://fonts.googleapis.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         142.250.74.163

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2 

                                        
                                    
                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 23580 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Tue, 30 Aug 2022 17:10:21 GMT 

                                        
                                            
expires: Wed, 30 Aug 2023 17:10:21 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 449804 

                                        
                                            
last-modified: Tue, 26 Apr 2022 15:48:56 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data

                                                Size:   23580

                                                Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab

                                                Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c

                                                Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /assets/img/campaign/1253_welcome.png HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& 

                                        
                                            
Cookie: ci_session=gklrgnhfp5hsjhq50aglq7p0n2h0r3b2 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         44.194.247.48

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
content-length: 258018 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Thu, 10 Feb 2022 18:45:24 GMT 

                                        
                                            
etag: "3efe2-5d7ae5a63e210" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 550 x 350, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   258018

                                                Md5:    4ab082dfa4d24ddc5faa6ae9be0b7e7a

                                                Sha1:   0a66d5fa8c56b01c42656bad7fd0358e35f0b5a7

                                                Sha256: c916d279aa3477141699255e5f01031b8d891bbea0cadf185ddad136866da02b

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /assets/img/campaign/1253_bg.jpg HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& 

                                        
                                            
Cookie: ci_session=gklrgnhfp5hsjhq50aglq7p0n2h0r3b2 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         44.194.247.48

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
content-length: 474838 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Thu, 10 Feb 2022 18:54:27 GMT 

                                        
                                            
etag: "73ed6-5d7ae7abcb0c8" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1920x1080, components 3\012- data

                                                Size:   474838

                                                Md5:    9f9ec0bd4b699f784446c17a1273a4ac

                                                Sha1:   e79666717b7b004f554e6bfec1d073b4627ed3a7

                                                Sha256: 9b092cd2a17b5e84e2e12622d1cad8c40f2df0aa44a8b0d7a320a1e1209aca41

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         104.18.32.68

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Content-Length: 472 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Fri, 02 Sep 2022 02:10:13 GMT 

                                        
                                            
Expires: Fri, 09 Sep 2022 02:10:12 GMT 

                                        
                                            
Etag: "72bfdf324d421ad2b5c85ce8889306548e469f72" 

                                        
                                            
Cache-Control: max-age=359586,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb3 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 745a093a7eee1c06-OSL 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63" 

                                        
                                            
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14646 

                                        
                                            
Expires: Mon, 05 Sep 2022 02:11:11 GMT 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63" 

                                        
                                            
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14646 

                                        
                                            
Expires: Mon, 05 Sep 2022 02:11:11 GMT 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63" 

                                        
                                            
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=14646 

                                        
                                            
Expires: Mon, 05 Sep 2022 02:11:11 GMT 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966 HTTP/1.1 

                                        
                                            
Host: ldsapi.tmginteractive.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         209.151.244.116

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
Cache-Control: private 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: Microsoft-IIS/10.0 

                                        
                                            
X-AspNet-Version: 4.0.30319 

                                        
                                            
X-Powered-By: ASP.NET 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-Service-Ip: 110 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:04 GMT 

                                        
                                            
Content-Length: 700 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (852), with CRLF line terminators

                                                Size:   700

                                                Md5:    bc0f1a642c70ed72a8408134af3c2bcd

                                                Sha1:   d0030cebf7ebd497c79f9cc3408c9ec7bca8c92f

                                                Sha256: ec9741f93d54e0b427beff13ac1d8e949b75f2ff7517506edb092f4acd0917f5

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F514b7fbd-ae99-4219-bd03-50e907f92b7b.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 14855 

                                        
                                            
x-amzn-requestid: 65cf850b-227a-4318-a00e-d7cd4ef81489 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: X5wjuGtpoAMFvvA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6313c7b1-54bc36741984491b0509d173;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:29 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: M9Y8U9vqVs1ATiPP9jLPybTJ-xwC--5oiRUpj9-imTWfh6_rmtL5Kw== 

                                        
                                            
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 04 Sep 2022 14:29:26 GMT 

                                        
                                            
age: 27459 

                                        
                                            
etag: "13b16ca74113dfd52ccf23e6bb39307fc713f984" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   14855

                                                Md5:    ca50f9c56ff869b0b63ca71b1a9f8170

                                                Sha1:   13b16ca74113dfd52ccf23e6bb39307fc713f984

                                                Sha256: 76b85dd7e018ab4b3d4b2610f90dbca61d0f05d38a3b905fee789af131ae7538

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa54e2726-407f-4a8a-8d19-21de249844f5.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 11380 

                                        
                                            
x-amzn-requestid: 61f37e21-33a8-49e6-b384-4ca1fcfbffa5 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: Xz8TLFA3oAMFQjg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63117414-42de5c4128eb9e011d848356;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:12 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: s0voKdiDdj0mq8-VRFSWcYcQXaWti7929bpdKSQMWDoVCmOAPepuDg== 

                                        
                                            
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 04 Sep 2022 03:48:57 GMT 

                                        
                                            
age: 65888 

                                        
                                            
etag: "6ce530af682094dc5413db9de02565691fab4da7" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   11380

                                                Md5:    fc4ceb10dd9fcaab21ae58dcf10c401f

                                                Sha1:   6ce530af682094dc5413db9de02565691fab4da7

                                                Sha256: 84ad58e126cce2ab6b1568ffe89a116bc1de0310bb72d4530eead2fb8191572c

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8688 

                                        
                                            
x-amzn-requestid: 1c5fbc89-8ce8-4792-b713-f2c0ceeab737 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: X5wifFJYoAMFi0g= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6313c7a9-214311e155c661ff77d89906;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Sep 2022 21:31:21 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: qWfbakQgavws0aT7URut5AdyniAYkEZcd3nz2mtU2zzT7ZhipObNEg== 

                                        
                                            
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 04 Sep 2022 21:44:32 GMT 

                                        
                                            
age: 1353 

                                        
                                            
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8688

                                                Md5:    6bb4b1d74f1443bc3328301ab3ae6464

                                                Sha1:   2768253dacaaad6cb498c6b2eb7694208b0ce0a6

                                                Sha256: 07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37a5a560-36c9-4ce4-9cd9-c63ef9dd80e0.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10349 

                                        
                                            
x-amzn-requestid: a1564fd3-2042-449b-baa8-7e06abf02fd2 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: X5w-6EHXIAMFQaw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6313c85f-26179fef7b74e89f05022fe7;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Sep 2022 21:34:23 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: RTb9HYlXQLizx__DP8Pd9FGTylC1RDwk_YoqL8ZbcFnAAu4s0EmTKQ== 

                                        
                                            
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 03 Sep 2022 22:13:00 GMT 

                                        
                                            
age: 86045 

                                        
                                            
etag: "ffe21e93486c5763ae6ee17fe39c6dbb0cb3e714" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10349

                                                Md5:    b827f0dcea3d5bfab9139d239e9f0155

                                                Sha1:   ffe21e93486c5763ae6ee17fe39c6dbb0cb3e714

                                                Sha256: de9a30cf34ccda6ee06845151a41f489b42a0f9072b481b717abef90095e3f35

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd43481e-3c33-4c05-9216-2cc734e840b4.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9690 

                                        
                                            
x-amzn-requestid: 614c99f8-116a-4603-bcde-3fbd5bfa14d5 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: X5wx1HInIAMFiYA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6313c80b-25c09c3227d72395408782f0;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:59 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: yzPHrri8V02gVOmIBfBfEiny6w522Ycn9U0Z_-L3VnHgUuhVkuWVdg== 

                                        
                                            
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sun, 04 Sep 2022 21:51:41 GMT 

                                        
                                            
age: 924 

                                        
                                            
etag: "babb88202741bbf2d4fd25e0731a4a7a6fcc28f8" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9690

                                                Md5:    1bdfdf7e36f78f2f0e4d7ede9fdb76a8

                                                Sha1:   babb88202741bbf2d4fd25e0731a4a7a6fcc28f8

                                                Sha256: 949ea108642789e1014150909060f11d99608f082760d0e868a90282f2768d43

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09148d75-a4a3-47e6-8d91-01e8dfad4bc7.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8931 

                                        
                                            
x-amzn-requestid: cfc0940f-ad6a-4535-91b7-70b200af68d5 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: X5wwGEVEoAMFriw= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6313c800-5b6e6e5e3401eba533fb63df;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Sep 2022 21:32:48 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: aa71ssSsXM8Z0Q2V4AitycF3hefEZXNqIYsr0vsJyhpE9cDpNEwh6Q== 

                                        
                                            
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 03 Sep 2022 22:14:56 GMT 

                                        
                                            
age: 85929 

                                        
                                            
etag: "5d5c724e26af57967b9a132a77d3986ba8d6ed9c" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8931

                                                Md5:    0eecb70391b63b662d13355e32d95ea1

                                                Sha1:   5d5c724e26af57967b9a132a77d3986ba8d6ed9c

                                                Sha256: 2c7f2aa1c725a5d39daf44ee746bb24b5c15aab41c67cf160814f7f87d1aacdf

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966 HTTP/1.1 

                                        
                                            
Host: ldsapi.tmginteractive.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         209.151.244.116

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
Cache-Control: private 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: Microsoft-IIS/10.0 

                                        
                                            
X-AspNet-Version: 4.0.30319 

                                        
                                            
X-Powered-By: ASP.NET 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-Service-Ip: 110 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
Content-Length: 4803 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (15023), with CRLF line terminators

                                                Size:   4803

                                                Md5:    3dc3ec8e80efb66cbc110be1921657ca

                                                Sha1:   7091cb21ab07c463f9d8bdf63618ac6d984988c8

                                                Sha256: c40370f29669b90634a49a048166972d6c0ec858f3d2b1d6eba8d3d3b4229a07

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ldsapi/assets/images/spacer.gif HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         13.107.213.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif 

                                        
                                    
                                        

                                        
                                            
content-length: 43 

                                        
                                            
content-md5: MlRyYBVx8x4b8AZ0w2jTNQ== 

                                        
                                            
last-modified: Fri, 21 May 2021 12:34:19 GMT 

                                        
                                            
etag: 0x8D91C54C1586655 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: d410f27b-701e-0025-7181-c0cc40000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0hiEVYwAAAAD7LpDAv+70SbA9XkCJaVNmRlJBMjMxMDUwNDE4MDMzADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 0iiEVYwAAAAD0oLfkycDrRabIbMdTJmN6U1RPRURHRTE4MTIAMjg1OWMwMzUtMGY3Zi00OWY5LThmNDctNWUxNThiZTMyYzU1 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    325472601571f31e1bf00674c368d335

                                                Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a

                                                Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ns/assets/awesome-font/font-awesome.css?version=120419 HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.107.213.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css 

                                        
                                    
                                        

                                        
                                            
content-length: 520 

                                        
                                            
content-md5: AExI7hLtZOIj2uUf/9qAyg== 

                                        
                                            
last-modified: Fri, 21 May 2021 11:01:09 GMT 

                                        
                                            
etag: 0x8D91C47BDA9A147 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 6d15716f-301e-0022-47d0-bf3ac5000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 07u4UYwAAAACEO2QM3qcET4yRVa4+gtsmRlJBMjMxMDUwNDE4MDIxADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 0iiEVYwAAAAB8mcTn7JexRoFnLohyMuW5U1RPRURHRTE4MTIAMjg1OWMwMzUtMGY3Zi00OWY5LThmNDctNWUxNThiZTMyYzU1 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (520), with no line terminators

                                                Size:   520

                                                Md5:    004c48ee12ed64e223dae51fffda80ca

                                                Sha1:   a3a70b71586d8573a400bd4a2a0eb9bf8ec39c17

                                                Sha256: 735903b0b0ffc434c5dd315d19c20594526dd23bcc44480e69edfbe20f4fb117

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ldsapi/assets/script/common.min.js?version=20220828a HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.107.213.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: C98KMsPh+rQSk6xnvM0d/A== 

                                        
                                            
last-modified: Sun, 28 Aug 2022 09:11:49 GMT 

                                        
                                            
etag: 0x8DA88D5570B7368 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 0fd97e06-e01e-0020-7a3a-bf383f000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0C84TYwAAAADRHdn2ZCL9TJX5eDQPKqu3QU1TMDRFREdFMTgwNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
x-azure-ref: 0iiEVYwAAAADufeMsLNURS5n3/CUKfEl+U1RPRURHRTE4MTIAMjg1OWMwMzUtMGY3Zi00OWY5LThmNDctNWUxNThiZTMyYzU1 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65536), with no line terminators

                                                Size:   24476

                                                Md5:    7a154094233c4d621b84909728fbb4e7

                                                Sha1:   59c6079921cd56c9bf6039cf677cc492cf207200

                                                Sha256: 6dc31efb8c0a4302b3990b03d7bacecf166a8961fa6fc840e1b9991dc2f0307e

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /ManageImpressions/ReportViaJsCampaign.aspx?hKey=1298769904&affid=1253169444874966&subid=1253169444874966&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1 

                                        
                                            
Host: ldsapi.tmginteractive.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain;charset=UTF-8 

                                        
                                            
Content-Length: 0 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         209.151.244.116

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
Cache-Control: private 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: Microsoft-IIS/8.5 

                                        
                                            
X-AspNet-Version: 4.0.30319 

                                        
                                            
X-Powered-By: ASP.NET 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-Service-Ip: 105 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:08 GMT 

                                        
                                            
Content-Length: 710 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (351), with CRLF line terminators

                                                Size:   710

                                                Md5:    9f0898b2c68d222f503f10c76a4a3947

                                                Sha1:   01eab3f237f8278fc48176b49eecf00838964929

                                                Sha256: 0048969af51e0176292d53cd6d5268ed22a7d2b7273854051d6144dbef9cf598

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://tmgassets.azureedge.net/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         13.107.213.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff 

                                        
                                    
                                        

                                        
                                            
content-length: 83760 

                                        
                                            
content-md5: /fSRzl/1stoCcIzQ6YZHGQ== 

                                        
                                            
last-modified: Fri, 21 May 2021 11:01:16 GMT 

                                        
                                            
etag: 0x8D91C47C18878E8 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 776fb09f-301e-000b-4bee-be4c87000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0hiEVYwAAAACteXyKTgWNQYnu7EQR50NJRlJBMjMxMDUwNDE3MDI1ADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
access-control-allow-headers: * 

                                        
                                            
access-control-allow-methods: GET 

                                        
                                            
x-azure-ref: 0iyEVYwAAAAC32i2w6vdFS5m0t97aonu7U1RPRURHRTE4MTIAMjg1OWMwMzUtMGY3Zi00OWY5LThmNDctNWUxNThiZTMyYzU1 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:06 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format, TrueType, length 83760, version 1.0\012- data

                                                Size:   83760

                                                Md5:    fdf491ce5ff5b2da02708cd0e9864719

                                                Sha1:   7f2f3c55c2de192387c351b995115f6b79e09173

                                                Sha256: 66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ldsapi/assets/script/common-extentions.min.js?20220828a HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         13.107.213.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: G3v7pHqbSC0Gvp9zsfwXIA== 

                                        
                                            
last-modified: Wed, 09 Jun 2021 12:26:50 GMT 

                                        
                                            
etag: 0x8D92B41DB6898DE 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 678ee566-901e-0049-0389-c06793000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 07u4UYwAAAAAI9aNqFPYkRr+D36EixsM4RlJBMjMxMDUwNDE3MDI5ADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 0iiEVYwAAAACkeOTXWB2xRpL49qhDMJ1/U1RPRURHRTE4MTIAMjg1OWMwMzUtMGY3Zi00OWY5LThmNDctNWUxNThiZTMyYzU1 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (3045), with no line terminators

                                                Size:   1017

                                                Md5:    c6c70da90a44b68370a1ca070ff5a845

                                                Sha1:   e8fed1d288baa4a964e25bb6c37ce1791a1094e0

                                                Sha256: a14fe1a6d959ce477d46dc7fa357ac73e5b08b0850510fbef73949f9c3bc010f

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /go/api/zip/undefined?get_param=value HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json, text/javascript, */*; q=0.01 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
X-Requested-With: XMLHttpRequest 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& 

                                        
                                            
Cookie: ci_session=gklrgnhfp5hsjhq50aglq7p0n2h0r3b2 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         44.194.247.48

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:07 GMT 

                                        
                                            
content-length: 111 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
expires: Thu, 19 Nov 1981 08:52:00 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
set-cookie: ci_session=gklrgnhfp5hsjhq50aglq7p0n2h0r3b2; path=/; HttpOnly; SameSite=Lax 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   111

                                                Md5:    4072747d6757278fe77c6970474ad27d

                                                Sha1:   7404af04b7ef1db62f26e0a08fe82ab5a184e901

                                                Sha256: 7d911cc2e66702b54cfca359fb39a67a65259e9ed6706c4a78516d20a4670e6f

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Phishing

                                                    
                                                
                                                
                                                

                                                
                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ns/js/13488000.min.js?54k4j202254j09ckl04llk158jkk070500 HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         13.107.213.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: 9wgtvP0cVsloq3UaPunwsA== 

                                        
                                            
last-modified: Mon, 14 Mar 2022 19:57:50 GMT 

                                        
                                            
etag: 0x8DA05F4EB4E2F58 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: e6358f31-401e-0062-5a3a-bf132b000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0C84TYwAAAADITWJnxQ2nTqB7Lgha+XGxQU1TMDRFREdFMTgxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
x-azure-ref: 0iiEVYwAAAADupdccY9VBS7ZKs7mZ5AoVU1RPRURHRTE4MTIAMjg1OWMwMzUtMGY3Zi00OWY5LThmNDctNWUxNThiZTMyYzU1 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with CRLF line terminators

                                                Size:   967

                                                Md5:    391eff08ffb2219dbe25f8c60c90fd73

                                                Sha1:   ccd0af4e9b5d00d800606aaa660b7fb02160846f

                                                Sha256: 630e1666c2510bfb7799db6736c8c02c1dae3a618d236804b83a180c4ea096d3

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         54.230.245.118

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:07 GMT 

                                        
                                            
Last-Modified: Sun, 04 Sep 2022 20:54:32 GMT 

                                        
                                            
Server: ECS (nyb/1D1F) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: LKe5fqRA36CViwatESzHv7F8KuZ9u0C42EI9MlX-c4XoQlOSQ6H-UA== 

                                        
                                            
Age: 4355 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js HTTP/1.1 

                                        
                                            
Host: www.gstatic.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         142.250.74.163

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript 

                                        
                                    
                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" 

                                        
                                            
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} 

                                        
                                            
content-length: 158056 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Fri, 02 Sep 2022 21:31:14 GMT 

                                        
                                            
expires: Sat, 02 Sep 2023 21:31:14 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
last-modified: Fri, 02 Sep 2022 18:40:58 GMT 

                                        
                                            
age: 174953 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document, ASCII text, with very long lines (579)

                                                Size:   158056

                                                Md5:    d63a69f898e1d00cfc7c871744ded8c4

                                                Sha1:   e166540eccb571c95c8c1135c2168cf5df306991

                                                Sha256: ed7892ca1498d6dfc0ff8b354ab8c409eed81b1fa77b427467815d0c7f45021c

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.107.213.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: E4ptMzZLxbawD4B7RV5YCQ== 

                                        
                                            
last-modified: Wed, 03 Nov 2021 09:07:36 GMT 

                                        
                                            
etag: 0x8D99EA961032FA1 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 1206a064-101e-0053-0fc7-be48fc000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 07u4UYwAAAACltqxDLZpQRrVRSj25PYkCRlJBMjMxMDUwNDE4MDUzADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 0iiEVYwAAAAAmSonY2exfR7FLq7bzNu6XU1RPRURHRTE4MTIAMjg1OWMwMzUtMGY3Zi00OWY5LThmNDctNWUxNThiZTMyYzU1 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (3119)

                                                Size:   16309

                                                Md5:    c0564f68f50733ebfc731b33d7256246

                                                Sha1:   8dda770ed93c68f35a14bb8d26b2bfb38829c517

                                                Sha256: 337560e3346bf6d79509306b46e40320197bf393fb40282b9a68e61f3e6805e1

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:07 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /analytics.js HTTP/1.1 

                                        
                                            
Host: www.google-analytics.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         142.250.74.174

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript 

                                        
                                    
                                        

                                        
                                            
strict-transport-security: max-age=10886400; includeSubDomains; preload 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 20006 

                                        
                                            
date: Sun, 04 Sep 2022 20:41:12 GMT 

                                        
                                            
expires: Sun, 04 Sep 2022 22:41:12 GMT 

                                        
                                            
cache-control: public, max-age=7200 

                                        
                                            
age: 5155 

                                        
                                            
last-modified: Wed, 13 Apr 2022 21:02:38 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (1325)

                                                Size:   20006

                                                Md5:    56f5d7f608e25d64207135f045f988cb

                                                Sha1:   901eb59372ae330ae85e1384da93479b21ae1082

                                                Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/b573df1d4fbe0d9e69819fb590c6512a/aid/16944/s1/4874966?em=0& 

                                        
                                            
Cookie: ci_session=gklrgnhfp5hsjhq50aglq7p0n2h0r3b2 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         44.194.247.48

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/vnd.microsoft.icon 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:07 GMT 

                                        
                                            
content-length: 5430 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Mon, 26 Jul 2021 18:17:08 GMT 

                                        
                                            
etag: "1536-5c80ac2e78fe8" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data

                                                Size:   5430

                                                Md5:    b0a102991e7332643ae57365023c00c8

                                                Sha1:   4ea4c55c982e08bda104d2e8e981594c067cef24

                                                Sha256: 1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:07 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         54.230.245.118

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:08 GMT 

                                        
                                            
Server: ECS (dcb/7F83) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: kKNpdLeGoq-J-WhnNgp7cd971uQObwjk-OUnul6F5dRVWR9Z_tiS-w== 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /c/hotjar-2865935.js?sv=6 HTTP/1.1 

                                        
                                            
Host: static.hotjar.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         54.230.111.113

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:03 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: max-age=60 

                                        
                                            
content-encoding: br 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
etag: W/cdf0fb79f7832bf25f64d0162a1e258b 

                                        
                                            
strict-transport-security: max-age=86400; includeSubDomains 

                                        
                                            
x-cache-hit: 1 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: dLPzTZZfMCgV74p-M4StaCoWXUv7soGqinzgea5D0EwVq42XzvbG1g== 

                                        
                                            
age: 4 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (3790)

                                                Size:   2293

                                                Md5:    34bc381ed92e8b6d5b1a4281a37ddb93

                                                Sha1:   670661137398fb33e7ade8101992ae2918487f26

                                                Sha256: 1d73f49826e5544faa33d7a2ead260c0fc8673a3016102e1e2d7285c0fbf945d

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /modules.d5eb3c97b67a0b8958ff.js HTTP/1.1 

                                        
                                            
Host: script.hotjar.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         143.204.55.46

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-length: 65509 

                                        
                                            
date: Fri, 02 Sep 2022 09:50:06 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
content-encoding: br 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
etag: "5a03435fb2b1019b1b00d7bc5c267f72" 

                                        
                                            
last-modified: Fri, 02 Sep 2022 09:49:47 GMT 

                                        
                                            
strict-transport-security: max-age=86400; includeSubDomains 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-robots-tag: none 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: 6XXq1HhbaPBl_Ib410oAx_jMa7EGdt_H-MVfKuJ5153TxhUu-NQfew== 

                                        
                                            
age: 217022 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (48715)

                                                Size:   65509

                                                Md5:    5a03435fb2b1019b1b00d7bc5c267f72

                                                Sha1:   6d9116f703cb7fced1cfb7eba229302f4950e4b0

                                                Sha256: 555555e6799149ac64f285eb30f78583dfa52fc0d23dbb75c357897873b8cb97

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.107.213.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: Shzc0tuaykHxXX+tfi+uUQ== 

                                        
                                            
last-modified: Fri, 21 May 2021 12:34:19 GMT 

                                        
                                            
etag: 0x8D91C54C1586655 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 6f071b76-a01e-002c-62ce-bed6ce000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0hiEVYwAAAAByfktztU7wRK1M3bE09VFLRlJBMjMxMDUwNDE4MDA5ADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 0iiEVYwAAAAAF0jVXrDO5SqZThZvCbyGFU1RPRURHRTE4MTIAMjg1OWMwMzUtMGY3Zi00OWY5LThmNDctNWUxNThiZTMyYzU1 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (2046), with no line terminators

                                                Size:   1006

                                                Md5:    f569068e6b95cdf047c7612b5e97295b

                                                Sha1:   5561fa721450c4edd2f2dde35c4d15f50ec58b3f

                                                Sha256: 33fe196d0425d8e62dc402be7a0e6b442c789f06273664d934d964b00edfa70b

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /box-1ada912494ba7fc7aca15fcef1c2a7ae.html HTTP/1.1 

                                        
                                            
Host: vars.hotjar.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         143.204.55.118

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html 

                                        
                                    
                                        

                                        
                                            
content-length: 1044 

                                        
                                            
date: Wed, 13 Jul 2022 08:33:06 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
content-encoding: br 

                                        
                                            
cross-origin-embedder-policy: require-corp 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66" 

                                        
                                            
last-modified: Wed, 13 Jul 2022 08:32:20 GMT 

                                        
                                            
strict-transport-security: max-age=86400; includeSubDomains 

                                        
                                            
x-robots-tag: none 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-C1 

                                        
                                            
x-amz-cf-id: S8lRMq37bxjnKGyw7f7ZZrp8lIsN6oVIQCX2Xqls3TvfvNjExtDfVA== 

                                        
                                            
age: 4628042 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators

                                                Size:   1044

                                                Md5:    0b3d3f4206ab84d8861a8cc4b2ddbe66

                                                Sha1:   4561b7c0419b65db5c1314be2143bd1734e88d89

                                                Sha256: ec42652b198c82469afbe5e6e69312a25425c1fd38d379cf3761b328ecd48e4a

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /engine?site=141028;size=1x1;e=0;dt=0;category=i1kh9%3A%20%20vgmtitpkdexx1%20ts%20of%20ao%20cveiuz%20b6f%20udgvcf2lv7sejli6599907s5s8ly413i%202zd%209f134%200s%20l8qciy5%20fu%20s%20-%202wcmoxv%2055mtqw;kw=nwelylh056dpt%20lk%20%7C%201jjfeu%207awt%20kjjc%20%7C%20lf5fyqla9l%200n6vpb1jcds;rnd=(1662329223259) HTTP/1.1 

                                        
                                            
Host: pbid.pro-market.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         107.178.240.89

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html 

                                        
                                    
                                        

                                        
                                            
server: Apache-Coyote/1.1 

                                        
                                            
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" 

                                        
                                            
anserver: gapp-eu-4.c.datonics-gcp-01.internal 

                                        
                                            
set-cookie: anProfile="0+1+4=21x+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s0=(6v)+s2=(rhphfv)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None; 

                                        
                                            
pragma: no-cache 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
expires: Mon, 1 Jan 1990 0:0:0 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-encoding: gzip 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:06 GMT 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-39232759-1&cid=1329409399.1662329224&jid=1092781993&gjid=55082511&_gid=711995765.1662329224&_u=IEBAAEAAAAAAAC~&z=1396571887 HTTP/1.1 

                                        
                                            
Host: stats.g.doubleclick.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Content-Length: 0 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         142.251.1.157

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain 

                                        
                                    
                                        

                                        
                                            
access-control-allow-origin: https://monthlysweeps.us 

                                        
                                            
strict-transport-security: max-age=10886400; includeSubDomains; preload 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:08 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
expires: Fri, 01 Jan 1990 00:00:00 GMT 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
last-modified: Sun, 17 May 1998 03:00:00 GMT 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
server: Golfe2 

                                        
                                            
content-length: 1 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  very short file (no magic)

                                                Size:   1

                                                Md5:    c4ca4238a0b923820dcc509a6f75849b

                                                Sha1:   356a192b7913b04c54574d18c28d46e6395428ab

                                                Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:08 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://www.google.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.google.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         142.250.74.163

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2 

                                        
                                    
                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 15344 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Sat, 03 Sep 2022 12:31:58 GMT 

                                        
                                            
expires: Sun, 03 Sep 2023 12:31:58 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 120910 

                                        
                                            
last-modified: Mon, 16 Oct 2017 17:32:55 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data

                                                Size:   15344

                                                Md5:    5d4aeb4e5f5ef754e307d7ffaef688bd

                                                Sha1:   06db651cdf354c64a7383ea9c77024ef4fb4cef8

                                                Sha256: 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 

                                        
                                            
Host: fonts.gstatic.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://www.google.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.google.com/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         142.250.74.163

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff2 

                                        
                                    
                                        

                                        
                                            
accept-ranges: bytes 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin; report-to="apps-themes" 

                                        
                                            
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
content-length: 15552 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
server: sffe 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
date: Fri, 02 Sep 2022 00:48:31 GMT 

                                        
                                            
expires: Sat, 02 Sep 2023 00:48:31 GMT 

                                        
                                            
cache-control: public, max-age=31536000 

                                        
                                            
age: 249517 

                                        
                                            
last-modified: Mon, 16 Oct 2017 17:33:02 GMT 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data

                                                Size:   15552

                                                Md5:    285467176f7fe6bb6a9c6873b3dad2cc

                                                Sha1:   ea04e4ff5142ddd69307c183def721a160e0a64e

                                                Sha256: 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /iframe.html?token=D3393727-BA22-2FAD-CDF5-CFD228DDEEF0&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1 

                                        
                                            
Host: d2m2wsoho8qq12.cloudfront.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         143.204.42.49

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html 

                                        
                                    
                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Server: nginx 

                                        
                                            
Last-Modified: Thu, 02 Jun 2022 15:26:15 GMT 

                                        
                                            
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Date: Sun, 04 Sep 2022 03:33:14 GMT 

                                        
                                            
ETag: W/"6298d697-dbb" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-C1 

                                        
                                            
X-Amz-Cf-Id: G7ouYDziGP1FgTlb8VByfAaWnCk-hLkjgclxAbDGq9vN9NyLysgtkQ== 

                                        
                                            
Age: 66834 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   1449

                                                Md5:    ef825b8a88a51cd76a51d08dfc1d4f99

                                                Sha1:   5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b

                                                Sha256: 2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         54.230.245.118

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:09 GMT 

                                        
                                            
Last-Modified: Sun, 04 Sep 2022 20:24:02 GMT 

                                        
                                            
Server: ECS (nyb/1D12) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: D6AuK-XIbn9KD9nje9ZGI_ZPf2rcX1MNZ27Jxsw8bpbxtyrQ9Y03_A== 

                                        
                                            
Age: 6187 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /certs HTTP/1.1 

                                        
                                            
Host: api.trustedform.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Content-Length: 642 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.231.74.145

                                        
                                            HTTP/2 201 Created 

                                        
                                            
content-type: application/json; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:09 GMT 

                                        
                                            
content-length: 475 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers:  

                                        
                                            
cache-control: max-age=0, private, must-revalidate 

                                        
                                            
server: Cowboy 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (475), with no line terminators

                                                Size:   475

                                                Md5:    afde3e196db51dcb11796767812edb53

                                                Sha1:   e37af10a633990253e85eedaabd4b50cb7a56be3

                                                Sha256: 22859e4931caee880b755956043367d66e13d5a9cf661ebf6b32de7aed2709ad

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /api/v2/client/ws HTTP/1.1 

                                        
                                            
Host: ws8.hotjar.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: iaP/6UNDnKPsPBwTgOzxxw== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket
search 
                                         54.246.176.35

                                        
                                            HTTP/1.1 101 Switching Protocols 

                                        
                                            
Content-Type: application/octet-stream 

                                        
                                    
                                        

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:09 GMT 

                                        
                                            
Connection: upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: m01O3h1PFEFH2bN/aeUQK1MCD3M= 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         54.230.245.118

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sun, 04 Sep 2022 22:07:09 GMT 

                                        
                                            
Last-Modified: Sun, 04 Sep 2022 21:12:31 GMT 

                                        
                                            
Server: ECS (nyb/1D0E) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: N_v7IKug1wHfRqqKPvaiKySt742urMUCmuodO6-yOklzv_Z-Tw6L4A== 

                                        
                                            
Age: 3278 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /certs/e8630cbbc18bb73cc412bd0003d52a22c4cb9e23/fingerprints HTTP/1.1 

                                        
                                            
Host: api.trustedform.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Content-Length: 262 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         34.231.74.145

                                        
                                            HTTP/2 204 No Content 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:09 GMT 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers:  

                                        
                                            
cache-control: max-age=0, private, must-revalidate 

                                        
                                            
server: Cowboy 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /2.11.9/InitFormData?msn=4&pid=417f2d84-5273-43d8-ade5-65f1722bd26d&token=D3393727-BA22-2FAD-CDF5-CFD228DDEEF0&_=980300258 HTTP/1.1 

                                        
                                            
Host: create.leadid.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-type: application/x-www-form-urlencoded 

                                        
                                            
Content-Length: 944 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         107.22.230.101

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain;charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:09 GMT 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: rgisanonymous=false; expires=Tue, 04-Oct-2022 22:07:09 GMT; Max-Age=2592000; path=/
rguserid=d8e9a48c-9376-4214-9cb2-3e6f9a25f249; expires=Tue, 04-Oct-2022 22:07:09 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Tue, 04-Oct-2022 22:07:09 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Tue, 04-Oct-2022 22:07:09 GMT; Max-Age=2592000; path=/ 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
expires: Sat, 26 Jul 1997 05:00:00 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-headers: X-Requested-With, Content-Type 

                                        
                                            
access-control-max-age: 1728000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /iframe.html?token=D3393727-BA22-2FAD-CDF5-CFD228DDEEF0&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1 

                                        
                                            
Host: deviceid.trueleadid.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://d2m2wsoho8qq12.cloudfront.net/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         23.23.142.3

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:09 GMT 

                                        
                                            
server: nginx 

                                        
                                            
last-modified: Mon, 13 Jun 2022 14:52:50 GMT 

                                        
                                            
etag: W/"62a74f42-1049" 

                                        
                                            
expires: Mon, 05 Sep 2022 22:07:09 GMT 

                                        
                                            
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS" 

                                        
                                            
cache-control: max-age=86400, public 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   10004

                                                Md5:    b6dd5d83436d7a304344f63521f71eb0

                                                Sha1:   139d0db8ad8ab89388c5956560ba305b566d02af

                                                Sha256: 696fa58c1d6c89e330a8cca18620971f4e802e96c0a79aa7570aba99bf23a033

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /releases/v5.15.4/css/solid.css HTTP/1.1 

                                        
                                            
Host: use.fontawesome.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         104.21.63.54

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
x-amz-id-2: fZ6g45sdiFZbxMzk14Z5TmdQknFHlKGV14pIuivrIyL2iIwuZeViNEDCvZiiP/IUuxLCrGFoqB4= 

                                        
                                            
x-amz-request-id: XFEQC6FH1WYKMEV3 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-methods: GET 

                                        
                                            
access-control-max-age: 3000 

                                        
                                            
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding 

                                        
                                            
last-modified: Wed, 04 Aug 2021 20:43:22 GMT 

                                        
                                            
etag: W/"685a6b10be9f3db25acf78c5e7ba7379" 

                                        
                                            
cache-control: max-age=31556926 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 158336 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BD5HP9Qz%2BXXLnvZwOv5%2Ba3I6p25uMQ0P5SACArwcGDjR8mQPUTXtpL5HP9wfY5J1eKrh%2BwyUfO3umPJsrd8xZQudmc7pK6oLUVl5IP0dhZav%2FNA%2FPECvLMi2cUrT%2BnuRVCULKXT8"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 745a0938c926b524-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1 

                                        
                                            
Host: stackpath.bootstrapcdn.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         104.18.11.207

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cdn-pullzone: 252412 

                                        
                                            
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 

                                        
                                            
cdn-requestcountrycode: DE 

                                        
                                            
cdn-edgestorageid: 565, 718, 718 

                                        
                                            
last-modified: Mon, 25 Jan 2021 22:04:05 GMT 

                                        
                                            
cdn-cachedat: 2021-06-08 18:02:12 

                                        
                                            
cdn-requestpullsuccess: True 

                                        
                                            
cdn-requestpullcode: 200 

                                        
                                            
cache-control: public, max-age=31919000 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
cdn-requestid: a9c552a6ef500abddb12a9852509d4ed 

                                        
                                            
cdn-status: 200 

                                        
                                            
cdn-cache: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 7775378 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 745a0938dc300b51-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ns/css/13488000.min.css?54k4j202254j09ckl04llk158jkk070500 HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.107.213.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: WEcI6Omll5/fQKo/f35d8g== 

                                        
                                            
last-modified: Mon, 14 Mar 2022 19:57:50 GMT 

                                        
                                            
etag: 0x8DA05F4EB4EA477 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 51bb2f24-801e-005d-473a-bfa4f7000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0C84TYwAAAAB8N2Wf9CVNR52L2uNxj1GPQU1TMDRFREdFMTkxMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
x-azure-ref: 0iiEVYwAAAACFdjE8d35dQIARnOPT1MIqU1RPRURHRTE4MTIAMjg1OWMwMzUtMGY3Zi00OWY5LThmNDctNWUxNThiZTMyYzU1 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /2.11.9/GenerateToken?msn=1&pid=417f2d84-5273-43d8-ade5-65f1722bd26d&_=980300255 HTTP/1.1 

                                        
                                            
Host: create.leadid.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-type: application/x-www-form-urlencoded 

                                        
                                            
Content-Length: 262 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         107.22.230.101

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain;charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:08 GMT 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: rgisanonymous=false; expires=Tue, 04-Oct-2022 22:07:08 GMT; Max-Age=2592000; path=/
rguserid=4abe188f-476d-430e-a2f3-732276e070ef; expires=Tue, 04-Oct-2022 22:07:08 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Tue, 04-Oct-2022 22:07:08 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Tue, 04-Oct-2022 22:07:08 GMT; Max-Age=2592000; path=/ 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
expires: Sat, 26 Jul 1997 05:00:00 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-headers: X-Requested-With, Content-Type 

                                        
                                            
access-control-max-age: 1728000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /css?family=Lato:400,700|Oswald:400,600,700 HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         142.250.74.10

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /2.11.9/SaveDom?msn=2&pid=417f2d84-5273-43d8-ade5-65f1722bd26d&token=D3393727-BA22-2FAD-CDF5-CFD228DDEEF0&_=980300256 HTTP/1.1 

                                        
                                            
Host: create.leadid.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-type: application/x-www-form-urlencoded 

                                        
                                            
Content-Length: 494 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         107.22.230.101

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain;charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:08 GMT 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: rgisanonymous=false; expires=Tue, 04-Oct-2022 22:07:08 GMT; Max-Age=2592000; path=/
rguserid=aa13513f-c669-46a4-bea4-e78f8de5c768; expires=Tue, 04-Oct-2022 22:07:08 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Tue, 04-Oct-2022 22:07:08 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Tue, 04-Oct-2022 22:07:08 GMT; Max-Age=2592000; path=/ 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
expires: Sat, 26 Jul 1997 05:00:00 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-headers: X-Requested-With, Content-Type 

                                        
                                            
access-control-max-age: 1728000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /2.11.9/InitFormData?msn=3&pid=417f2d84-5273-43d8-ade5-65f1722bd26d&token=D3393727-BA22-2FAD-CDF5-CFD228DDEEF0&_=980300257 HTTP/1.1 

                                        
                                            
Host: create.leadid.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-type: application/x-www-form-urlencoded 

                                        
                                            
Content-Length: 12855 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         107.22.230.101

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain;charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:09 GMT 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: rgisanonymous=false; expires=Tue, 04-Oct-2022 22:07:09 GMT; Max-Age=2592000; path=/
rguserid=8a2d9be0-49c1-4596-a699-aeeed559ddea; expires=Tue, 04-Oct-2022 22:07:09 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Tue, 04-Oct-2022 22:07:09 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Tue, 04-Oct-2022 22:07:09 GMT; Max-Age=2592000; path=/ 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
expires: Sat, 26 Jul 1997 05:00:00 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-headers: X-Requested-With, Content-Type 

                                        
                                            
access-control-max-age: 1728000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /api/v2/client/sites/2865935/visit-data?sv=6 HTTP/1.1 

                                        
                                            
Host: in.hotjar.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain; charset=UTF-8 

                                        
                                            
Content-Length: 114 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         99.80.161.153

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:09 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cache-control: no-cache, no-store 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-max-age: 86400 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /trustedform-1.8.27.js HTTP/1.1 

                                        
                                            
Host: cdn.trustedform.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         54.230.111.103

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
last-modified: Tue, 16 Aug 2022 18:53:06 GMT 

                                        
                                            
x-amz-version-id: 6olc5v40B1RpRJGb5GYISB93fSUp4tqK 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-encoding: gzip 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
etag: W/"2f557edcc84fd346c897a4d565e57ac0" 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: CW9r6NHAzGw53YrNek9ndIaVmN9sizj9s1wPG7MKnqyvT-1SprR8PA== 

                                        
                                            
age: 13 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ldsapi/assets/script/standard.min.js?version=20220221n HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.107.213.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: YTnb0ehLGLRubF63e3IyDA== 

                                        
                                            
last-modified: Mon, 21 Feb 2022 16:55:53 GMT 

                                        
                                            
etag: 0x8D9F55B05E46BD0 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: afc7f349-c01e-0015-0ab7-bf966a000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0C84TYwAAAAB9MHqruFZiQ5FyAXNvzVWkQU1TMDRFREdFMTkxNQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
x-azure-ref: 0iiEVYwAAAABywtlXKxSZR5GXZVnGKWGZU1RPRURHRTE4MTIAMjg1OWMwMzUtMGY3Zi00OWY5LThmNDctNWUxNThiZTMyYzU1 

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /api/v2/sites/2865935/recordings/content HTTP/1.1 

                                        
                                            
Host: ws8.hotjar.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain; charset=UTF-8 

                                        
                                            
Content-Length: 119290 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         54.246.176.35

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:09 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cache-control: no-cache, no-store 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-max-age: 86400 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /bootstrap/4.1.0/css/bootstrap.min.css HTTP/1.1 

                                        
                                            
Host: stackpath.bootstrapcdn.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         104.18.11.207

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:05 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cdn-pullzone: 252412 

                                        
                                            
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74 

                                        
                                            
cdn-requestcountrycode: SE 

                                        
                                            
cdn-edgestorageid: 723, 718, 718 

                                        
                                            
last-modified: Mon, 25 Jan 2021 22:04:04 GMT 

                                        
                                            
cdn-cachedat: 2021-04-23 06:51:23 

                                        
                                            
cdn-requestpullsuccess: True 

                                        
                                            
cdn-requestpullcode: 200 

                                        
                                            
cache-control: public, max-age=31919000 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
cdn-requestid: fb769ef43d6803d303a68c7d7f774d4c 

                                        
                                            
cdn-cache: HIT 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 10436323 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 745a0938bc190b51-OSL 

                                        
                                            
content-encoding: br 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16623292232840.11484924832126298&invert_field_sensitivity=false HTTP/1.1 

                                        
                                            
Host: cdn.trustedform.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         54.230.111.103

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
date: Sun, 04 Sep 2022 22:07:09 GMT 

                                        
                                            
last-modified: Tue, 16 Aug 2022 18:53:06 GMT 

                                        
                                            
x-amz-version-id: 9tpprjSXF1V1i663qaS1L8y.yb5CQ2dA 

                                        
                                            
etag: W/"97d91c9803cec4e7981c0f415c2c1923" 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-encoding: gzip 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: _PcgerVIw6dc3vHilvN76ciZMMQ0yE5MNDjX4-pq4Gehu2XdA6Ob3g== 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---