Report - monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968

Report Overview

Submitted URL
monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968
IP
3.218.15.210
ASN
#14618 AMAZON-AES
Submitted
2023-02-28 00:21:22
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.20.226
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	632 B	54.230.111.113
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	826 B	1.8 kB	104.18.11.207
deviceid.trueleadid.com	2097	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	670 B	332 B	34.203.186.234
ads.pro-market.net	47212	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	1.4 kB	95.101.10.9
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.187.220.96
ldsapi.tmginteractive.com	85617	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	7.5 kB	209.151.244.116
tmgassets.azureedge.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	120 kB	13.107.238.53
d2m2wsoho8qq12.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	663 B	2.0 kB	143.204.42.159
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	67 kB	142.250.74.35
create.leadid.com	14598	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	4.5 kB	54.198.13.191
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	69 kB	143.204.55.96
cdn.trustedform.com	24659	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	865 B	39 kB	54.230.111.103
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	59 kB	34.120.237.76
ocsp.usertrust.com	899	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	1.0 kB	172.64.155.188
monthlysweeps.us	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.8 kB	264 kB	3.222.87.17
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	81 kB	172.64.132.15
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	166 kB	142.250.74.35
api.trustedform.com	23021	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	1.5 kB	3.95.92.232
create.lidstatic.com	24133	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423 B	566 B	104.22.38.182
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	1.1 kB	142.250.74.164
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	104.18.32.68
ocsp.r2m02.amazontrust.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	2.9 kB	143.204.48.16
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	605 B	592 B	64.233.165.157
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	827 B	68 kB	104.17.25.14
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	803 B	14 kB	151.101.65.229
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.3 kB	142.250.74.131
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.8 kB	93.184.220.29
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	630 B	142.250.74.106
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	700 B	1.9 kB	143.204.42.88
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	31 kB	69.16.175.42
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	21 kB	142.250.74.46

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-28	medium	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	Phishing
2023-02-28	medium	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	Phishing
2023-02-28	medium	monthlysweeps.us/assets/js/datepicker.js	Phishing
2023-02-28	medium	monthlysweeps.us/go/api/zip/undefined?get_param=value	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (59)

	URL	Size	First Seen	Last Seen
	deviceid.trueleadid.com/iframe.html?token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4	4.1 kB	2023-03-07	2023-04-05
Pretty URL deviceid.trueleadid.com/iframe.html?token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 IP 34.203.186.234 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen431 Hash 1d08eacf8810260f7f983057db5300af a6fa3b482a165ab84c34b418bee093c439f74034 61ea1ea5a132046ca584940a34a1eae6c007dc56062d2a76cf0dea486a52048b Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js	20 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-25 08:01:40 Times Seen7672 Hash 6b08ddc901000d51fa1f06a35518f302 bafe987c18cbe0587de3e6360e7da40a2885614b 02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5 Loading...

	tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?1327k27j20231327j02ckl27llk160jkk211300	2.4 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?1327k27j20231327j02ckl27llk160jkk211300 IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen166 Hash f7082dbcfd1c56c968ab751a3ee9f0b0 930f3fa7714bb7fa94ea7f98e49cbc8c80e41878 505729c526d3287d1e914583830cb41750101d011da93b0e9670c5c397abd08d Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	236 B	2023-03-14	2023-03-14
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:36:17 Last Seen2023-03-14 13:36:17 Times Seen1 Hash ce42cfd26f04e39156804e301c49b241 67be934f20d1748f86ce7d6f76d1aced8b65b63b ae2399e8c20fb1b23e2cb8ba043aea71d30aa6a6d57cbd5e275f8180ec9b452a Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	278 B	2023-03-07	2023-09-20
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:13 Last Seen2023-09-20 20:59:49 Times Seen42 Hash 78891b06274b0952bed6502afccefd42 33c1540d931f825ef5581981f5249811455ed74a f15d84acd2c5c28f08fec3b506ef485d14f9aa9e0a3d6e22198d99efba9b7bc7 Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	1.7 kB	2023-03-07	2023-03-14
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-03-14 14:48:28 Times Seen1 Hash e2d13fd4f7fa628af9e7221ac625cb4d 7adf1e183fad43adbdb7429d3ee49d0b9633c103 eb563c1ffd43f1d1e55fe65fe511858ba969c30c8e1f7878cf6606d01f24d3b5 Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	592 B	2023-03-07	2024-01-19
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen746 Hash b7819f20ec3d377b9fb124f8f0e8ceb4 bc1c20068326ed8b2630a25df9f6f4b2dc281638 a4124d51bb27da6fe4eb67bb019de6d0999d38cfe588b59f38ceaebe7c409488 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=z4f9c454sfzk	39 kB	2023-03-14	2023-03-14
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=z4f9c454sfzk IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:36:18 Last Seen2023-03-14 13:36:18 Times Seen1 Hash 0f8f856aca6617acde5a4f368e3436db ce12eb3f83fc8242e0ca778b8fd8414cf4ddd5cf 507cff17a96f6791edc3a8770fb83990945bb9de3d31d53584bf92d7fdf76d2f Loading...

	tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js	41 kB	2023-03-07	2023-06-01
Pretty URL tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-06-01 20:05:18 Times Seen262 Hash 26c749b13ae86712f7a25dcec26f3856 18065acf65c1d3ae276069cafc3b1ee60773ac7d c2bde97781b1ee79ac29c16508b257a62f14e5cc423c9d21007701bb30c51b71 Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	251 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen133 Hash 5e5e656f3e03c73caf1e8041dc391cb9 2bdd8662597ed7b2cff53dcbe25c09c330405072 8b87151430dbd8fd8e394bd633281ec51254fe0cd5326d441a7ad56895e0e5c8 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230209	142 kB	2023-03-13	2023-05-07
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230209 IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 20:48:27 Last Seen2023-05-07 23:16:42 Times Seen240 Hash 0bf2268fb1b8ffde5c52d6714c16dae2 3d8a0c5b978e8b2e1ef08f427caad9d6956b0681 d905964480db9884e5cfbd3ce9f5f3d19ee7499aa9bb53b082d7e41fd6b4f778 Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	31 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen132 Hash f0dd4e668cb669f70d1d71baf4e997d4 d50cf8f2eb31b6051f03ba1415a38c510cf1572e e96f51430063dc23626602bfa108e18b004b9a4f5f87fb2aee1144fed6cfca6c Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	1.5 kB	2023-03-07	2023-09-20
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-09-20 20:59:49 Times Seen47 Hash 27875989441cd92580e0591b9c5ad8ed 25e5a519bdc2b85e555f150dc10997dd7d2ce6da 33713f9baf9bae88007545802311714b5263079f62a611b484dc431f79fcd90a Loading...

	ads.pro-market.net/ads/scripts/site-141028.js	2.2 kB	2023-03-07	2023-05-05
Pretty URL ads.pro-market.net/ads/scripts/site-141028.js IP 95.101.10.9 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-05-05 20:04:46 Times Seen629 Hash 365b5ee3c0302c78c16f7de2f16f2e9c 8c2e46af5cfe004d044f84067ce8e41a20bfa806 07f9667f25cfdb29c4bd56f3fc9d9f2fdc095ef87f0563b4f0bfc0dc66530b9a Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	355 B	2023-03-07	2024-01-19
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen582 Hash 75e4cb955a63d07fced3932d9d8f6fe0 d73015dc9bf416fd308c9f40d350945f0cfc1720 8d1c6afe9fcc4a69fd903b60adf921b932fa4baead70e2c5984550770588841a Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	397 B	2023-03-07	2024-01-19
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen579 Hash d54e487a455caded5dec88dad6038538 7aac4b5089e75a37a0281aee2080ae3081b4b387 5c263fa7f8418b34917b5ae5689fbd313530820aeaac85e768084e745c2ea239 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-25
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-25 08:01:40 Times Seen6314 Hash ce6e785579ae4cb555c9de311d1b9271 5ef2c15b47d7290698c737676ba9c3056b45f2e8 0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 08:17:23 Times Seen37057704 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	60 B	2023-03-14	2023-03-14
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:36:18 Last Seen2023-03-14 13:36:18 Times Seen1 Hash 6c561be2108403c79a8d604344c6d9f2 93216cc2726defc2afb998b11f58935a90f305c4 12d235df0374677c01d070f37480767e9fb8c27a9768ff68d3577f4f47a1d8e5 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n	5.8 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen159 Hash 10616855bf3a8c21b9b134fee239b3c6 dba045ba0742cfc54ef7a864e50d4372a8217919 0b248c5b1e6aa82997e9e8ac79a837e5ebe0b5e3478ea8e24500487cad65085c Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	1.2 kB	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen131 Hash 290521b524b82ebb5e14abaa01b9c1d8 e19492d85482147f62fb918a12559d134613d1c6 6393e147bc9a141d678f284121df133e3602f8119776b958aeb9424420de193e Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	59 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen131 Hash 3343475b76e305c87e4909ec17461632 d804d3249185ffc4b3194d122eba05ae7fa9068a bfc2a2ab607a55ce5886b480478989829ea8758da7facad490635683e6629e43 Loading...

	static.hotjar.com/c/hotjar-2865935.js?sv=6	9.5 kB	2023-03-14	2023-03-14
Pretty URL static.hotjar.com/c/hotjar-2865935.js?sv=6 IP 54.230.111.113 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:36:13 Last Seen2023-03-14 13:36:18 Times Seen1 Hash 1e0168156f2af65a6c178eec6dbd713b 672aee56d25885e7d7aa4a76cbc34a7f9bd75bea cc2d8c078cfab2b949368729466ebe89e141239e1839f859825311c1a7537706 Loading...

	cdn.trustedform.com/trustedform-1.8.38.js	104 kB	2023-03-14	2023-05-12
Pretty URL cdn.trustedform.com/trustedform-1.8.38.js IP 54.230.111.103 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:12:06 Last Seen2023-05-12 17:46:56 Times Seen1009 Hash a71c6d4fa015e7b61cc1fc54ff9b242e a4564cb80c9d7b516360f361cbddbe66b7abb8aa d22e5b3da98c742670542cd674a454a835e785e905f52225f1f713757521c54e Loading...

	d2m2wsoho8qq12.cloudfront.net/iframe.html?token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4	3.4 kB	2023-03-07	2023-04-05
Pretty URL d2m2wsoho8qq12.cloudfront.net/iframe.html?token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 IP 143.204.42.159 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen430 Hash dd90e68a27b15b3378f44fa576f7cde5 64a9f1d55a2ff24678318bd48fde93fcec154397 5127171a2622e36e3899b78eaea4e123fffbc640879520918c6a3b79b0548037 Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	399 B	2023-03-07	2023-05-08
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-05-08 11:53:33 Times Seen4 Hash 5c82890d7436d8ec5f068fb6c7a26c25 2e25a5ad23209c32bc02e4fa3aa982b429c3468e b335bc100f2c8821c1de9742b26482417d79a44e3fcb865125e7e0a5f8f46727 Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	1.9 kB	2023-03-14	2023-03-14
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:36:18 Last Seen2023-03-14 13:36:18 Times Seen1 Hash 739218a1c0aaf9d0b53d2a279e8aa986 02a650fd9886f30016c56a95b6e52d545ed0f0be b88ed3084f1ded1f1b3410d21622790c9b66ad8453c585eba54b4ea8a9f84eeb Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419	2.0 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen159 Hash aa9ff88f2d52cd1f5e46f8a07aec5e78 13a3853b6f53a862d8cb02346df5b1c555ccc6f6 e62184b995250b6cd0e3f0bccfa159ba6bd3751def6abc8c0f2c96df6ef27427 Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	636 B	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen203 Hash 15b9512f5be4a2575dcc59ac37856c2e 061aea4612abe4faf05c4a3f0f0fac7e888c0546 be6eb2c523a276099bad06bc2e02f8917e998f73ac0cda2426521cb4632a2be1 Loading...

	create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2	126 kB	2023-03-07	2024-01-16
Pretty URL create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 IP 104.22.38.182 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-16 16:52:02 Times Seen739 Hash 97495a102c98049f30e62264b1eb50f5 2826aca635888817ca3869a59dda0f1c53e32788 e3d44f6e098f5d3c6b47bb00453dbb1d58b7848332ffc70fc756009b189ba322 Loading...

	api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16775436743180.087687121904659&invert_field_sensitivity=false	7.5 kB	2023-03-14	2023-05-12
Pretty URL api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16775436743180.087687121904659&invert_field_sensitivity=false IP 3.95.92.232 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:12:06 Last Seen2023-05-12 17:46:55 Times Seen658 Hash 1b4d8abad5e0668a237e388577c6a93c cb8199d9e56f094c63ba8b451239035205422f0f 001fec1d89b5cda58d62fff00a17723313d92f195680b5fd1a4ad52e7a1fb37c Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=z4f9c454sfzk	69 B	2023-03-07	2024-04-25
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=Nh10qRQB5k2ucc5SCBLAQ4nA&size=invisible&cb=z4f9c454sfzk IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-25 08:07:36 Times Seen99446 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	93 B	2023-03-07	2023-04-06
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-06 08:01:36 Times Seen41 Hash 290e1020d6435490460b723251a04a45 3b74154d10fd5569931956d10fe681de25b8cadb 21dd80a702dd1d770c4f1737cf267c522e5d1bacbfbf5d568ef870308540e3d2 Loading...

	code.jquery.com/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-25
Pretty URL code.jquery.com/jquery-3.3.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 08:17:23 Times Seen106058 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js	18 kB	2023-03-07	2024-04-15
Pretty URL cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-04-15 10:27:43 Times Seen259 Hash 35fd33d8c4423cfffc1d4d3ccc7540e8 838ac66c3ecac6b6136b049bdd0e14f2f022952c 219324a6611109fcb8c440e9e38af1802240ee8f1453d557353cc20cdaaead6e Loading...

	ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1252169444874968&subid=1252169444874968	858 B	2023-03-14	2023-03-14
Pretty URL ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1252169444874968&subid=1252169444874968 IP 209.151.244.116 ASN #11051 CYBERVERSE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:36:18 Last Seen2023-03-14 13:36:18 Times Seen1 Hash e149a739435b6b7eac4aad335d1fe4fe e512d636383d548cde4e6266d8ea9ceeea16cb8d ae05b9517b60e5b8c1f7d2f95a99d9b9b6ad72e02e3cba13b34b300794406e84 Loading...

	monthlysweeps.us/assets/js/datepicker.js	17 kB	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/assets/js/datepicker.js IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:39 Times Seen275 Hash 50e8118195525667c97c698ae2063198 b81b9cdd700240e03f5a700577cf2f162b5d2cda 6d41c10e9bae08259ba5b58757e8dbf6713dfa033fee3330ae37e85660c85726 Loading...

	ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1252169444874968&subid=1252169444874968	15 kB	2023-03-14	2023-03-14
Pretty URL ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1252169444874968&subid=1252169444874968 IP 209.151.244.116 ASN #11051 CYBERVERSE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 13:36:18 Last Seen2023-03-14 13:36:18 Times Seen1 Hash 7916ee1b3bbc20c4e1424b027b101152 23ac9c32854c3bdf5b8de22d996bed52088b11e2 8dbc6aa24a6242336773fa1db5f0cb14577804f273538280e84cf8bed909571e Loading...

	www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi	884 B	2023-03-14	2023-03-14
Pretty URL www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:58:58 Last Seen2023-03-14 19:52:16 Times Seen1 Hash 316ce34e04d55901d06146223f8ed7ff a482e11fea17a99c637d0745dd22e9c173cfffc0 6b07b9216318b267db0bfb8d7492ae571ce12f06e390b1b814a88fcf7bf76003 Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	819 B	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen197 Hash b543295aeb728bc0b47cd37af1155cc3 4de5193a69a306a61a681f1b8bbcec3074dfa0a0 6827f7cf902367971025104b0c9e266cc9a8b2c133980f54eed0b3accc65baf6 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103	47 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen201 Hash 9425c8e694426b8078e0ebbaf1299fc2 d07edb40c26273a374d6f6f4863081df3c22de67 013a484e9d90cbc93f749fe4004a1408007f2da1a8a2b5493a502ff98c2ac211 Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	64 B	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen203 Hash 43c10d2b2f042467d4d17140c6e4d179 df16bc29f5ac9468b35c32bb0d834221cf5171a4 6e67dc180a86d584ee19d9a3635ce615cc1fe3612f7adfac03df055d25066dc3 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230209	3.0 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230209 IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen159 Hash b07baa2517c1f03c950406a88a1f6c99 0c3c68e0c2a3784374962534bffa9f2b269e891a 14350d698fd8a3e89854a22bb7602a63e1ef45bfd82b1a1f4f9abf2e5d140bf5 Loading...

	cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js	23 kB	2023-03-07	2024-04-03
Pretty URL cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-04-03 15:26:41 Times Seen747 Hash c4499184878d17d8af6f4181c0d03102 c5a2ff013fa357c1d2a6571b5d8e658e670080ea aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860 Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	235 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen132 Hash e41f80529cf4002c391833271af2f37b 4d7eb0ef27b477b04b992ca50da1c3bb19498c12 3a462ec73996538ce080b96a3e55af30dbedfda9e00e6e9cdd089aac8956a301 Loading...

	monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968	3.9 kB	2023-03-07	2023-09-20
Pretty URL monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 IP 3.222.87.17 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:14 Last Seen2023-09-20 20:59:49 Times Seen42 Hash 7d1ad87b9f617991770f63550715f503 f20db40dbf0fa5d0aad9ab8c6c65fe53fd312d55 2a0cfe37b6085b2f66ecdbd824ad28450d60f59bbe126027a4a300e114f1193f Loading...

	www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js	415 kB	2023-03-14	2023-05-25
Pretty URL www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 08:14:21 Last Seen2023-05-25 07:46:17 Times Seen4 Hash fc58191abd3c514a822c509e9be701ff 991c99fb8f9214a921397ad74513696440d9bc0f ff4055198c989e026a212f803ab8f5f967e3319fb0d9b02b9ebba28e14537683 Loading...

		Size	First Seen	Last Seen
	#1 Eval - bd5d4a79b8b6cde301f570673ad19e18	27 B	2023-03-07	2023-12-29
Pretty Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen200 Hash bd5d4a79b8b6cde301f570673ad19e18 7de704c433042a1827654062d3e0ec8dc3c9349e 52b43864b9f1786d8c0d2d679562e90dc2a00c9d68ea80188a37d9b01d23dd47 Loading...

	#2 Eval - 544d0dfaa5dddbf475d110341ec20f35	22 B	2023-03-14	2023-03-14
Pretty Observations First Seen2023-03-14 00:38:29 Last Seen2023-03-14 18:23:49 Times Seen1 Hash 544d0dfaa5dddbf475d110341ec20f35 e44f92e9c8888f196ee602c7b4d1d2c39dcf93d8 83f176f793f102ad6ec9b472dc4a681bba32cf8374977bf351deefa1141728e2 Loading...

	#3 Eval - 9f02b6e5a433c750f3a25d92a4a5a982	39 B	2023-03-14	2023-03-14
Pretty Observations First Seen2023-03-14 13:36:18 Last Seen2023-03-14 13:36:18 Times Seen1 Hash 9f02b6e5a433c750f3a25d92a4a5a982 ea93f4dd30a290debdc7ec964b7dd648494bd26b 4bcd2e1e5d8173f7f7c1f003801e7722cc5997c835ad59d34373fc1915d302dc Loading...

	#4 Eval - 3c5cf8791561322f43c4268b04721472	16 kB	2023-03-14	2023-03-14
Pretty Observations First Seen2023-03-14 07:49:58 Last Seen2023-03-14 13:36:18 Times Seen1 Hash 3c5cf8791561322f43c4268b04721472 7efb7771a7137ee0313daf525a936ba9637c2631 3283d0c5dd0ca3312a11906ac20a391d9d69a0d84e7bbb35993cfa68ae105c77 Loading...

	#5 Eval - 244d46e337c1e5530ea7dcfffc3c2fef	62 B	2023-03-14	2023-03-14
Pretty Observations First Seen2023-03-14 00:38:29 Last Seen2023-03-14 18:23:49 Times Seen1 Hash 244d46e337c1e5530ea7dcfffc3c2fef 22d7129c08e7f1e107e04100af9c8a5c6ed31199 93693c0c81927c5af1bc585d43511df29879c75f2895797cd20946422951d057 Loading...

	#6 Eval - 5923e6a91fd004cc0815f0a5494f6368	14 B	2023-03-07	2024-04-21
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-21 23:55:26 Times Seen2540 Hash 5923e6a91fd004cc0815f0a5494f6368 6f0cc8f774ac9d8240ffe81a9c659c9612d7bb70 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33 Loading...

	#7 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 08:17:23 Times Seen37057704 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#8 Eval - d7f72539a71c1d031f958d1f6164f5f8	16 kB	2023-03-14	2023-03-14
Pretty Observations First Seen2023-03-14 00:38:29 Last Seen2023-03-14 18:23:49 Times Seen1 Hash d7f72539a71c1d031f958d1f6164f5f8 bac977a2283323b0a3bac58e1f824851041bc9ec e71c3e566ea449c633b1c98f493c1e748d6f3a3fa61f66ee77730ef9423f5106 Loading...

	#9 Eval - 92444eb85d0a3c7d14cd9b1e460f2eea	22 B	2023-03-14	2023-03-14
Pretty Observations First Seen2023-03-14 00:38:29 Last Seen2023-03-14 18:23:49 Times Seen1 Hash 92444eb85d0a3c7d14cd9b1e460f2eea c0e89a3fd330d5d79f4223bb6059853caafba2d9 216e39ae916e84eb6435b545851fb086037bffc1311ac5c3598b4f560db42a0c Loading...

		Size	First Seen	Last Seen
	#1 Write - 3698b1745390f5c12d386aab9eb09e67	830 B	2023-03-14	2023-03-14
Pretty Observations First Seen2023-03-14 13:36:18 Last Seen2023-03-14 13:36:18 Times Seen1 Hash 3698b1745390f5c12d386aab9eb09e67 295b1abf27a77926b5a3ddf329404a3ce69c778f 629bafc691bc53a766c1b28227f940037772030d338467abc99232963ee1889e Loading...

	#2 Write - 9d1828166599b5805467e90631425a1c	15 kB	2023-03-14	2023-03-14
Pretty Observations First Seen2023-03-14 13:36:18 Last Seen2023-03-14 13:36:18 Times Seen1 Hash 9d1828166599b5805467e90631425a1c 2427eb565a70ac984c9e7a0e1e6e77a65c65de5a dc7fb200d08f31f0cff9cfc11be161eb61769478ebdcde0184bc12a8d7de3601 Loading...

HTTP Transactions (99)

URL IP Response Size

monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968

3.222.87.17

301 Moved Permanently

134 B

URL HTTP/1.1
monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968
IP
3.222.87.17:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Tue, 28 Feb 2023 00:21:11 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://monthlysweeps.us:443/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b8854b6a0eaa3a76834547cc82814041
d1c1584c274b03c2a994e256b4e0c1758748d455
4684f749b1d40a3d906b334c6bcd0b7aa11cce450285e49b22aaeccc795dedaf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4684F749B1D40A3D906B334C6BCD0B7AA11CCE450285E49B22AAECCC795DEDAF"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12349
Expires: Tue, 28 Feb 2023 03:47:00 GMT
Date: Tue, 28 Feb 2023 00:21:11 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fa03c1ea82feaa081cf4094641ce1152
5c62e5281662a4010eb4cb45f3bd4bacae1c9153
7b72ac559134398cedcb17bbca3ea3e5467a05a7da769ee2f83f4f762af62918

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7B72AC559134398CEDCB17BBCA3EA3E5467A05A7DA769EE2F83F4F762AF62918"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4325
Expires: Tue, 28 Feb 2023 01:33:16 GMT
Date: Tue, 28 Feb 2023 00:21:11 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 28 Feb 2023 00:12:40 GMT
content-type: application/json
age: 511
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d533446f79adb9523ba9ed92587833da
442454b9811f80ef90768d154036ebd349b8770d
f329f0e623ed8981e9ce3eddb63add02a524ce0d95367ec106730a3dc105973c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F329F0E623ED8981E9CE3EDDB63ADD02A524CE0D95367EC106730A3DC105973C"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3611
Expires: Tue, 28 Feb 2023 01:21:22 GMT
Date: Tue, 28 Feb 2023 00:21:11 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: C/WcuLyDTHTDvFAIIqR75v68R8yibNhbXgWjgVlTrSk3mnJ3W+TgOR7w0E5/BEXyo0qhP9gdtV0=
x-amz-request-id: T77GTTBRK5XTZKFC
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 28 Feb 2023 00:14:20 GMT
age: 411
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 28 Feb 2023 00:21:11 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6ec49e151e8ef22650565b6b98a79564
d93e562d48fe85b6c2a80dfb6d37da89680da229
6e4e89c2386c0fc634210e74bd05104635f5b832a245320238c2496a02db22bb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=98170
Date: Tue, 28 Feb 2023 00:21:11 GMT
Etag: "63fc2571-1d7"
Expires: Wed, 01 Mar 2023 03:37:21 GMT
Last-Modified: Mon, 27 Feb 2023 03:37:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P5gxvINlq4DCHpzV1c2c_svOioWIdea_E6Ev-ridl_IZmZImZNbLhQ==

monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968

3.222.87.17

200 OK

9.9 kB

URL HTTP/2
monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968
IP
3.222.87.17:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (939)
Size
9.9 kB (9936 bytes)
Hash
c8c3851c7e79ea82712b44b98fc1ef81
acb5bb934dc7b74b672514d113e6f269c12c5052
69e074448d6145034ed5adb4b7e2e321eefb1bfe2955427bc0a7966878f8f3c1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968 HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:11 GMT
content-type: text/html; charset=UTF-8
content-length: 9936
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=qtfiuar0p9o1h1n67h8r3eu8u3ombn0k; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

monthlysweeps.us/assets/css/loading_icon_1.css

3.222.87.17

200 OK

580 B

URL HTTP/2
monthlysweeps.us/assets/css/loading_icon_1.css
IP
3.222.87.17:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
580 B (580 bytes)
Hash
b6b8913a6a3ad6881037667493551ec5
3daae516738f878875bb15766ca06a2ed9ee442b
cc46b8ab8bf6a609d0c9336a46ef8b217c15fb2ecdef548c5c4d6ce6ebdb52cf

HTTP Headers

GET /assets/css/loading_icon_1.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968
Cookie: ci_session=qtfiuar0p9o1h1n67h8r3eu8u3ombn0k
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: text/css
content-length: 580
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:07 GMT
etag: "db0-5c80ac2ce37a0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

monthlysweeps.us/assets/css/datepicker.css

3.222.87.17

200 OK

818 B

URL HTTP/2
monthlysweeps.us/assets/css/datepicker.css
IP
3.222.87.17:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (3335), with no line terminators
Size
818 B (818 bytes)
Hash
3240fc33175e0e388f26fbac8bf8cff3
cf1a645948c9ce996e1560b9569f56822c4f9ba8
9077f43ae19f62f65d930304d4f77d3ce23ec0d4ba41e1284dac8702fbc05f96

HTTP Headers

GET /assets/css/datepicker.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968
Cookie: ci_session=qtfiuar0p9o1h1n67h8r3eu8u3ombn0k
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: text/css
content-length: 818
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:06 GMT
etag: "d07-5c80ac2c970f8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js

104.17.25.14

200 OK

59 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65274)
Size
59 kB (58913 bytes)
Hash
a63b2977b01b6e2d2e2086c3f63a3c9a
560409f64e40f5078e1ba8d496657badd7a3a6ee
4a477bb786727bd8c49a1dbc25dd37dcce7f2ceece74576dffd8a3da739b034f

HTTP Headers

GET /ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 58913
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-46f6d"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 20586846
expires: Sun, 18 Feb 2024 00:21:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IKFWUV6%2BXl2aDYlHg3Yk0wdSqjLJrao8TNsLLaN36D5Luu%2Ffp74js99QXa3EJEitYoXrseJFtYmRXVNc%2BIfJQiU7AV57t2EbygTNUm1e3kplScV4pCNm6cEU9kKqMu0v4s0qY1%2BY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7a04ffafc8d60b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

monthlysweeps.us/assets/css/sweeps.css

3.222.87.17

200 OK

1.6 kB

URL HTTP/2
monthlysweeps.us/assets/css/sweeps.css
IP
3.222.87.17:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
1.6 kB (1639 bytes)
Hash
a5c77602d9ceb6c6450244ffb0baf0d1
0a8756bf9ec23f2957f9165941196551cc046cf7
d1bdae39d462d3c7ccb9f86a413c69df0026d2c06558af9b691a0e98bf0cdd4e

HTTP Headers

GET /assets/css/sweeps.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968
Cookie: ci_session=qtfiuar0p9o1h1n67h8r3eu8u3ombn0k
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: text/css
content-length: 1639
server: Apache/2.4.41 (Ubuntu)
last-modified: Fri, 02 Sep 2022 17:56:19 GMT
etag: "172c-5e7b572772120-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

104.17.25.14

200 OK

6.5 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (20322)
Size
6.5 kB (6458 bytes)
Hash
df9fe6d48e380554eb0ec9687bed3246
207263d754220200c1916edfbda262f62223ecf5
91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9

HTTP Headers

GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5768873
expires: Sun, 18 Feb 2024 00:21:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klX%2FbMVNvMyotDx9IyDUxsAwJ8ZJE%2FOSOo1CiUylrYEOnkKLKKh4pa6pDPggtsDVk1PlQh3VfuQ%2FVVYNqSiXyRBKvAEEm%2BiW0gXxVmPzOQvjbPTAZVkv%2Fs%2FFrrO%2B0LAnhXtte2fH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7a04ffb008ee0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js

151.101.65.229

200 OK

5.2 kB

URL HTTP/2
cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (17590)
Size
5.2 kB (5199 bytes)
Hash
4c0e8d136f8e41d83cb99f52be04f280
eecf9c91f361ac05dfaa6b7167aea6f0d4ddf7cd
81659fd2d8cc8d38327f4450954654b19dbb8a95a2b1e402e47869f0ca9dddc6

HTTP Headers

GET /jquery.validation/1.15.0/additional-methods.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"4547-g4rGbD7KxrYTawSb3Q4U8vAilSw"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 28 Feb 2023 00:21:12 GMT
age: 489634
x-served-by: cache-fra-eddf8230101-FRA, cache-bma1657-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5199
X-Firefox-Spdy: h2

ads.pro-market.net/ads/scripts/site-141028.js

95.101.10.9

200 OK

1.1 kB

URL HTTP/1.1
ads.pro-market.net/ads/scripts/site-141028.js
IP
95.101.10.9:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (514), with CRLF line terminators
Size
1.1 kB (1101 bytes)
Hash
540b7c85a21cf48ee81735b2ffcc335f
e5eaedc157c73717aab322629e3f1ad8569bc0a1
aa2916440a5dc9e91cc213dc3503845a97fe91cfd12fe8e6cd92032b675a4da9

HTTP Headers

GET /ads/scripts/site-141028.js HTTP/1.1
Host: ads.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Last-Modified: Tue, 23 Jul 2019 13:39:45 GMT
Server: nginx/1.0.15
Content-Encoding: gzip
Content-Length: 1101
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Date: Tue, 28 Feb 2023 00:21:12 GMT
Connection: keep-alive
Vary: Accept-Encoding

code.jquery.com/jquery-3.3.1.min.js

69.16.175.42

200 OK

30 kB

URL HTTP/2
code.jquery.com/jquery-3.3.1.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
30 kB (30288 bytes)
Hash
d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44

HTTP Headers

GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1677543672.dop002.sk1.t,1677543672.cds013.sk1.hn,1677543672.cds240.sk1.c
X-Firefox-Spdy: h2

cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js

151.101.65.229

200 OK

7.3 kB

URL HTTP/2
cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (22550)
Size
7.3 kB (7320 bytes)
Hash
17f3f2c0dd873827d21aec4b7c7da443
e10d2e3deff107d85726cb4f14eee82f96f2594e
5f0adea83e4171c32048eafe7032ef01093d96794c62b988fb9935041e35a998

HTTP Headers

GET /jquery.validation/1.15.0/jquery.validate.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"58a0-xaL/AT+jV8HSplcbXY5ljmcAgOo"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 28 Feb 2023 00:21:12 GMT
age: 489633
x-served-by: cache-fra-eddf8230115-FRA, cache-bma1657-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7320
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b1e856a0ebbdc1a22b0a9253398f992
e712ead8041d97b860f587501f7ba13d3e29cf53
937f7555179a0dcbab6da37e4e31598853e25e7dfd52edb1ea9a3f24611c779e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Feb 2023 00:21:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
aa3e4f17fd64fc4a3b90da9438732938
91a30a028f2c8160f8fba6b3b5e010405a509791
e61c17088dda810b1405cf7fd4b9bd1ab3138e9853644e8118206b436796518f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3097
Cache-Control: max-age=131837
Content-Type: application/ocsp-response
Date: Tue, 28 Feb 2023 00:21:12 GMT
Etag: "63fc9cdc-117"
Expires: Wed, 01 Mar 2023 12:58:29 GMT
Last-Modified: Mon, 27 Feb 2023 12:06:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
aa3e4f17fd64fc4a3b90da9438732938
91a30a028f2c8160f8fba6b3b5e010405a509791
e61c17088dda810b1405cf7fd4b9bd1ab3138e9853644e8118206b436796518f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4236
Cache-Control: max-age=132976
Content-Type: application/ocsp-response
Date: Tue, 28 Feb 2023 00:21:12 GMT
Etag: "63fc9cdc-117"
Expires: Wed, 01 Mar 2023 13:17:28 GMT
Last-Modified: Mon, 27 Feb 2023 12:06:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3fdddc7cbd8ba19f4dde13325bc11ac8
5c8ea22f609187f7952c658a029d9fa9dc1c7fec
023903e256b75a839fa44d71f252cfa51f9ec26529c0a37a98cdbd6c10384365

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "023903E256B75A839FA44D71F252CFA51F9EC26529C0A37A98CDBD6C10384365"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11265
Expires: Tue, 28 Feb 2023 03:28:57 GMT
Date: Tue, 28 Feb 2023 00:21:12 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
30149dbfd11f741ca77b1a5979bd4925
13507a2a39661801c6277343969e5e6628af16d3
08f02af83b2e11b93bed5682c2cdf655e3813a0197d047c1276132117413037b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Feb 2023 00:21:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Cache-Control, Backoff, Pragma, Expires, Last-Modified, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 28 Feb 2023 00:12:25 GMT
age: 527
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.20.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
935746feb1958f9dabbd71e792a598e8
bdb0f95c07918fee818db7d2d142bd55ad50ef28
e98b6590383562d53bd8b030b9128e90db7f0d81db603c75856fd9a6024d14f3

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Feb 2023 00:21:12 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "A690B2B521CFE7315A7147D09C8EF86A96B22F02"
Expires: Tue, 28 Feb 2023 11:00:00 GMT
Last-Modified: Mon, 27 Feb 2023 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2656
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a04ffb0eb18b51d-OSL

www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi

142.250.74.164

200 OK

583 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
583 B (583 bytes)
Hash
f6bb4023385c31da08feb9d84026b4f7
786b309f9be7a906255ad7a1b630475073526729
77e2062dc1a5f80e2567c13db326c66d3d0382fb8cc7952e9e0ce2b898dc1b85

HTTP Headers

GET /recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Tue, 28 Feb 2023 00:21:12 GMT
date: Tue, 28 Feb 2023 00:21:12 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
aa3e4f17fd64fc4a3b90da9438732938
91a30a028f2c8160f8fba6b3b5e010405a509791
e61c17088dda810b1405cf7fd4b9bd1ab3138e9853644e8118206b436796518f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3097
Cache-Control: max-age=131837
Content-Type: application/ocsp-response
Date: Tue, 28 Feb 2023 00:21:12 GMT
Etag: "63fc9cdc-117"
Expires: Wed, 01 Mar 2023 12:58:29 GMT
Last-Modified: Mon, 27 Feb 2023 12:06:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6b1e856a0ebbdc1a22b0a9253398f992
e712ead8041d97b860f587501f7ba13d3e29cf53
937f7555179a0dcbab6da37e4e31598853e25e7dfd52edb1ea9a3f24611c779e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Feb 2023 00:21:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

monthlysweeps.us/assets/js/datepicker.js

3.222.87.17

200 OK

5.3 kB

URL HTTP/2
monthlysweeps.us/assets/js/datepicker.js
IP
3.222.87.17:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (16878)
Size
5.3 kB (5285 bytes)
Hash
6c28af1b6fa9301701dfefc5dbfe5159
134cfa1c0a5a837f002034b8ea1a8c6243b96bac
4a47c7c7ccb099528d7387eadcc4989bbbc17d75981507635d015da4711bb932

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/datepicker.js HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968
Cookie: ci_session=qtfiuar0p9o1h1n67h8r3eu8u3ombn0k
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: application/javascript
content-length: 5285
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:09 GMT
etag: "42ac-5c80ac2fab258-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

monthlysweeps.us/assets/img/sweepstakes250/two.png

3.222.87.17

200 OK

915 B

URL HTTP/2
monthlysweeps.us/assets/img/sweepstakes250/two.png
IP
3.222.87.17:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Size
915 B (915 bytes)
Hash
a1914f8236d7704856f5c5762e86c109
ea40712fad474fab16b7e2f1505bcb42302cd6ec
6c21621aeb7ad165ee758074b65bbf2fa35498a74320a940c52a3208375ef26d

HTTP Headers

GET /assets/img/sweepstakes250/two.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968
Cookie: ci_session=qtfiuar0p9o1h1n67h8r3eu8u3ombn0k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: image/png
content-length: 915
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:30 GMT
etag: "393-5429f55c8a780"
accept-ranges: bytes
X-Firefox-Spdy: h2

monthlysweeps.us/assets/img/sweepstakes250/one.png

3.222.87.17

200 OK

801 B

URL HTTP/2
monthlysweeps.us/assets/img/sweepstakes250/one.png
IP
3.222.87.17:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Size
801 B (801 bytes)
Hash
03744c9d39310c5d2af2cf2a23616580
603f0d70ddc7d77f6341dc0caf9e0740b33ae061
afbc2f9fe529022b98f966b254c8d3173a40998fdd01ee3739df99a8a3169a0b

HTTP Headers

GET /assets/img/sweepstakes250/one.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968
Cookie: ci_session=qtfiuar0p9o1h1n67h8r3eu8u3ombn0k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: image/png
content-length: 801
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:31 GMT
etag: "321-5429f55d7e9c0"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
afb6a7c968579f5e2727d761397e5ad9
14d9fb104f834e204f6da4e929be239672ca931c
3968cdb1877f085839bc7b634bbb62247f8b33efb7fc79c7a262d83201fbf018

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Feb 2023 00:21:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2

172.64.132.15

200 OK

78 kB

URL HTTP/2
use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Size
78 kB (78268 bytes)
Hash
d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

HTTP Headers

GET /releases/v5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: font/woff2
content-length: 78268
x-amz-id-2: vsMskajPiY6JLWcxGuw2l3Lql5ROpz4sgF7ScP2vs45apRqSm88q1IO1dQau1Un6l1UCFGdRtKU=
x-amz-request-id: C2QRXRHRVCDHGTVF
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 37
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqL70V4zh0oCNfdlc0sKlu6hT7lD3yu7GLBjX9lDkgbYeC0WQuJBFsvt%2BZOPpsIULa9aTOa3I2hsq9llbvy5FPVECAtyFT8Pph%2BVvg3H4qD9SHInCcyAnwkVAz5AxN%2FJGGUUaH3Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a04ffb19cae496e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1be805f5f157120fc14f26487dc269b5
d1514812c38c9be968883fe2634a34918e98048e
8c94e6e92f7e34c279e6fbd36d926cd147c653484206ecf68dacd1a0660569fc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Feb 2023 00:21:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

142.250.74.35

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Size
18 kB (17908 bytes)
Hash
e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

HTTP Headers

GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Feb 2023 02:36:14 GMT
expires: Wed, 21 Feb 2024 02:36:14 GMT
cache-control: public, max-age=31536000
age: 596698
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.35

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 26 Feb 2023 10:25:03 GMT
expires: Mon, 26 Feb 2024 10:25:03 GMT
cache-control: public, max-age=31536000
age: 136569
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.35

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Feb 2023 04:29:09 GMT
expires: Wed, 21 Feb 2024 04:29:09 GMT
cache-control: public, max-age=31536000
age: 589923
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.187.220.96

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.220.96:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7hqGi3/GCCV0nsq+Nu17Zg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cu5wEZFtMjO3r+xwbL0wS2hvPSo=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1be805f5f157120fc14f26487dc269b5
d1514812c38c9be968883fe2634a34918e98048e
8c94e6e92f7e34c279e6fbd36d926cd147c653484206ecf68dacd1a0660569fc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Feb 2023 00:21:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
9a7f3d9e2cee88084bfea96323909534
0547b22bffe50ad99dee7ef9d20330b59c81d1ee
ea1451667aa7d4de6896c427301967ce6d7f815d16f56d6a8920ca547e51f8db

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Feb 2023 00:21:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 24 Feb 2023 02:10:14 GMT
Expires: Fri, 03 Mar 2023 02:10:13 GMT
Etag: "0547b22bffe50ad99dee7ef9d20330b59c81d1ee"
Cache-Control: max-age=265140,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a04ffb188d3b505-OSL

ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1252169444874968&subid=1252169444874968

209.151.244.116

200 OK

699 B

URL HTTP/1.1
ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1252169444874968&subid=1252169444874968
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (852), with CRLF line terminators
Size
699 B (699 bytes)
Hash
e8d9d684b484fb78ac0b74370d2041e2
d25ea69125c44e3e9d00849fdb72248e1b04f637
73da39595f7dce3e29c7d168530b5660757567fdfa6a183ab164c40617a21aea

HTTP Headers

GET /generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1252169444874968&subid=1252169444874968 HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Tue, 28 Feb 2023 00:21:12 GMT
Content-Length: 699

ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1252169444874968&subid=1252169444874968

209.151.244.116

200 OK

4.8 kB

URL HTTP/1.1
ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1252169444874968&subid=1252169444874968
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document, ASCII text, with very long lines (15112), with CRLF line terminators
Size
4.8 kB (4845 bytes)
Hash
df01d1cb5af5a03dae54d5ce30acd03c
95f9629722425efc77c5f5f12861a67df17baf8a
e57fd0db30176e772bd006a34fcf1b1429d8d24a96bb1b1bf431fb31ca3e18eb

HTTP Headers

GET /GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1252169444874968&subid=1252169444874968 HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Tue, 28 Feb 2023 00:21:12 GMT
Content-Length: 4845

tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif

13.107.238.53

200 OK

43 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /amsus/ldsapi/assets/images/spacer.gif HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
content-type: image/gif
content-md5: MlRyYBVx8x4b8AZ0w2jTNQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 3495cd24-201e-005b-590a-4b538f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 01Ej9YwAAAADZ2PmaPcSfT4S3T/C71dpCQU1TMDRFREdFMTkxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0+Uj9YwAAAAAiqW4heFhNTYvQiGuJezT0U1ZHMjBFREdFMDUxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 28 Feb 2023 00:21:12 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419

13.107.238.53

200 OK

520 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (520), with no line terminators
Size
520 B (520 bytes)
Hash
004c48ee12ed64e223dae51fffda80ca
a3a70b71586d8573a400bd4a2a0eb9bf8ec39c17
735903b0b0ffc434c5dd315d19c20594526dd23bcc44480e69edfbe20f4fb117

HTTP Headers

GET /amsus/ns/assets/awesome-font/font-awesome.css?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 520
content-type: text/css
content-md5: AExI7hLtZOIj2uUf/9qAyg==
last-modified: Fri, 21 May 2021 11:01:09 GMT
etag: 0x8D91C47BDA9A147
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 60e0f297-e01e-0020-62a6-48383f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 01Ej9YwAAAAAfXciIvktWQIY8MUG1KSXYQU1TMDRFREdFMTgxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0+Uj9YwAAAADqi+O5lIFbRay15+6AgsHXU1ZHMjBFREdFMDUxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 28 Feb 2023 00:21:12 GMT
X-Firefox-Spdy: h2

monthlysweeps.us/assets/img/campaign/1252_bg.jpg

3.222.87.17

200 OK

235 kB

URL HTTP/2
monthlysweeps.us/assets/img/campaign/1252_bg.jpg
IP
3.222.87.17:0
ASN
#14618 AMAZON-AES

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size
235 kB (234777 bytes)
Hash
664b071df631b9d8d0ad94ed7983585d
d85f8f5260f2dc118011010f83ba62be1a1f2193
a3e2a9b0292a99decaf42fcf3cd4883b9c491083c3acb407eced850dc0c66e0e

HTTP Headers

GET /assets/img/campaign/1252_bg.jpg HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968
Cookie: ci_session=qtfiuar0p9o1h1n67h8r3eu8u3ombn0k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: image/jpeg
content-length: 234777
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:33:23 GMT
etag: "39519-5d7afdc927660"
accept-ranges: bytes
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230209

13.107.238.53

200 OK

25 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230209
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
25 kB (25124 bytes)
Hash
cb00f4b37f6c3ce12a4124a700c2ef45
b291b14fdab1b41701b05a7605707e455df78df2
09fe455b55b680617da53b019c62bb1d21bfe03c5f838d3727451efb582b159f

HTTP Headers

GET /amsus/ldsapi/assets/script/common.min.js?version=20230209 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: C/Imj7G4/95cUtZxTBba4g==
last-modified: Thu, 09 Feb 2023 14:51:24 GMT
etag: 0x8DB0AAD1DCE4D7E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 595e5dae-401e-0062-430a-4b132b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 01Ej9YwAAAABGSo2Zx5byRoIjvIu6oLodQU1TMDRFREdFMTkyMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0+Uj9YwAAAABfGAUqIEKHRoRG0E1POkLaU1ZHMjBFREdFMDUxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 28 Feb 2023 00:21:12 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3832f6a88f40012d5b398e620abae7a7
1adf92bafe271660fc4582228137562c9f0da2db
d546818cbd4ba1b7ae00d0a759556e330e2aa4fef0bca65ac98453a19cb7e09a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D546818CBD4BA1B7AE00D0A759556E330E2AA4FEF0BCA65AC98453A19CB7E09A"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5556
Expires: Tue, 28 Feb 2023 01:53:50 GMT
Date: Tue, 28 Feb 2023 00:21:14 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3832f6a88f40012d5b398e620abae7a7
1adf92bafe271660fc4582228137562c9f0da2db
d546818cbd4ba1b7ae00d0a759556e330e2aa4fef0bca65ac98453a19cb7e09a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D546818CBD4BA1B7AE00D0A759556E330E2AA4FEF0BCA65AC98453A19CB7E09A"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5556
Expires: Tue, 28 Feb 2023 01:53:50 GMT
Date: Tue, 28 Feb 2023 00:21:14 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3832f6a88f40012d5b398e620abae7a7
1adf92bafe271660fc4582228137562c9f0da2db
d546818cbd4ba1b7ae00d0a759556e330e2aa4fef0bca65ac98453a19cb7e09a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D546818CBD4BA1B7AE00D0A759556E330E2AA4FEF0BCA65AC98453A19CB7E09A"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5556
Expires: Tue, 28 Feb 2023 01:53:50 GMT
Date: Tue, 28 Feb 2023 00:21:14 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3832f6a88f40012d5b398e620abae7a7
1adf92bafe271660fc4582228137562c9f0da2db
d546818cbd4ba1b7ae00d0a759556e330e2aa4fef0bca65ac98453a19cb7e09a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D546818CBD4BA1B7AE00D0A759556E330E2AA4FEF0BCA65AC98453A19CB7E09A"
Last-Modified: Mon, 27 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5556
Expires: Tue, 28 Feb 2023 01:53:50 GMT
Date: Tue, 28 Feb 2023 00:21:14 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3381 bytes)
Hash
4726917eabc29a977873ad26e264e70d
4619a0418ee08d6618ead537f31823c98f355b5a
d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3381
x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A-PNPFynoAMFn8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: T5UAptcWvFeDybgWGfi_WuBecPhhrWDHEV8-D5hGlnl56jpSd7_y-Q==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 b618c0f73dc30c968057784ed0185d7a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Feb 2023 08:13:11 GMT
age: 58083
etag: "4619a0418ee08d6618ead537f31823c98f355b5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1ed5953-9a52-48d8-8c04-773371481cfc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12392 bytes)
Hash
2ad77b981b7d4dcee854c3b4cdaa51e5
60c58b1da70d5ccaf2808e8855bd16af3abc5091
02aaa7b6e45ec41bb23a00c2818b57ba11bfb067afff596e077996b4c204182b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1ed5953-9a52-48d8-8c04-773371481cfc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12392
x-amzn-requestid: 756aa1f8-e551-4579-ae1a-a9d8997d14d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BBI8OHqFoAMFyQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fd21e7-58d6305b723057565f143df1;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ko8F0vTKX9AI0Qc1uS9HYRbeyCVeCl4VxVBC011z3ffeC19wV4sE8g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Feb 2023 22:07:20 GMT
age: 8034
etag: "60c58b1da70d5ccaf2808e8855bd16af3abc5091"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e02c64-639c-4f05-b3cf-20409c83958f.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12560 bytes)
Hash
9b3eea57a1e2f30ca653881fec23a469
5ef9a8b112a861f76f8e9535d5177b87d2b94101
45402417031fdbcfab70ff00418353fc13030b07dafab046c454cc2c8e59765f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e02c64-639c-4f05-b3cf-20409c83958f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12560
x-amzn-requestid: 10e07436-1099-442a-ac5b-79cbc171f293
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BBI7eEHToAMFRcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fd21e2-2954354823c91c3977c1dad3;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 21:34:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 6ql6MT5TFSIRflJZ8L8-Epz3dnQwJvvd9lebuyJbZU8hmDr2P0Tcfw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 b2d3922a177f6cecf9222a78a0a1ad32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Feb 2023 21:39:36 GMT
age: 9698
etag: "5ef9a8b112a861f76f8e9535d5177b87d2b94101"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496d9ca3-1298-4c86-b146-fbbf2f41a947.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5142 bytes)
Hash
29ecdc1c9ef030ef78e15c53b9c38336
de02c427695429e312515460e33accd950b19d33
dbb40e4d9741045ea52337c9ae3e482702c975fded33599f3a20e7c6995c9090

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496d9ca3-1298-4c86-b146-fbbf2f41a947.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5142
x-amzn-requestid: 190b38bb-de7f-4bb3-8420-6e40bf210cc9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BBKa9FpgoAMF_sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fd2445-6d1eabaf42bfb0110a06bd71;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 21:44:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DNHrSN2hm1ZBEzLHzDOkHg_vRxNzWtrPvOpThLpcFKlt75xu-t7Lfg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Feb 2023 22:22:33 GMT
age: 7121
etag: "de02c427695429e312515460e33accd950b19d33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F105f07cf-6106-48d2-99c3-affa6c6e0a6d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9904 bytes)
Hash
2d46291156ff3bdbd40f1d4a4c42e77f
f2e79f97208b8fddcd63e7f70d59607ae05b8a13
90edb5cb98d0f66e25a3fe5d30f9687638b5e07550021e61710928f1404fee70

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F105f07cf-6106-48d2-99c3-affa6c6e0a6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9904
x-amzn-requestid: 54efba49-df2e-4a21-b00e-149f63c17bc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A_KtTH27IAMFdDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fc57ee-7810c1223498fa426807fcbf;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 07:12:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: j-aP77dEQSSq7hSGIDN_TUhpybI4lIPNeMnFa_o051s9RasUR-Oqxg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Feb 2023 07:16:28 GMT
age: 61486
etag: "f2e79f97208b8fddcd63e7f70d59607ae05b8a13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ab89bda-b5ae-4fc9-ae25-9735e6a09253.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8956 bytes)
Hash
64333124e6917c70cfdfda426657cf03
cf14d5b8be44b398f1591bb99f4f02475439d46d
2b70a1caf282d895a0f125a3f6ddbe4027b30aff53cfef5763081ce65cd15327

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ab89bda-b5ae-4fc9-ae25-9735e6a09253.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8956
x-amzn-requestid: 121fc6f6-4828-4494-8a7c-607c9ab18751
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BBI8SERsIAMFUwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fd21e7-026a30452770078772a812ba;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 21:34:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: G6UwUMeX-zuxuvNDYFlxSFuii-G9wATg_SIOQNgWurgTX8Z3hLQZUQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Feb 2023 22:17:08 GMT
age: 7446
etag: "cf14d5b8be44b398f1591bb99f4f02475439d46d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1348252695&affid=1252169444874968&subid=1252169444874968&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=

209.151.244.116

200 OK

707 B

URL HTTP/1.1
ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1348252695&affid=1252169444874968&subid=1252169444874968&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (351), with CRLF line terminators
Size
707 B (707 bytes)
Hash
c1852f6f1486db0806cfceca5d131f26
9a04bf0b0335ce393b19856b40129abd741db83b
8ac95eeefad88a5834c8e72338baebf45eb76fd2cb275023480af7a820551969

HTTP Headers

POST /ManageImpressions/ReportViaJsCampaign.aspx?hKey=1348252695&affid=1252169444874968&subid=1252169444874968&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 110
Date: Tue, 28 Feb 2023 00:21:13 GMT
Content-Length: 707

tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0

13.107.238.53

200 OK

84 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format, TrueType, length 83760, version 1.0\012- data
Size
84 kB (83760 bytes)
Hash
fdf491ce5ff5b2da02708cd0e9864719
7f2f3c55c2de192387c351b995115f6b79e09173
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

HTTP Headers

GET /amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://tmgassets.azureedge.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 83760
content-type: font/woff
content-md5: /fSRzl/1stoCcIzQ6YZHGQ==
last-modified: Fri, 21 May 2021 11:01:16 GMT
etag: 0x8D91C47C18878E8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 99e7aaa4-201e-0014-8030-499797000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 01kj9YwAAAAAnZIXOxDi4SIq9/VeFXQ9LQU1TMDRFREdFMTkyMQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
access-control-allow-headers: *
access-control-allow-methods: GET
x-azure-ref: 0+kj9YwAAAAAY/R0GTCz7R6T5BG36pNsCU1ZHMjBFREdFMDUxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 28 Feb 2023 00:21:13 GMT
X-Firefox-Spdy: h2

ocsp.usertrust.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
8686dffb2ff95a924e9faf298cd28edc
d1d66539309a6f184666c9de2b9a0364735c0141
ed1cad35dd8318172336daa444e8a52903c4fdee2b0a1ba18f3a22fef2371dc8

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Feb 2023 00:21:14 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 25 Feb 2023 22:10:19 GMT
Expires: Sat, 04 Mar 2023 22:10:18 GMT
Etag: "d1d66539309a6f184666c9de2b9a0364735c0141"
Cache-Control: max-age=602483,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a04ffbce963b52d-OSL

monthlysweeps.us/go/api/zip/undefined?get_param=value

3.222.87.17

200 OK

111 B

URL HTTP/2
monthlysweeps.us/go/api/zip/undefined?get_param=value
IP
3.222.87.17:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
111 B (111 bytes)
Hash
4072747d6757278fe77c6970474ad27d
7404af04b7ef1db62f26e0a08fe82ab5a184e901
7d911cc2e66702b54cfca359fb39a67a65259e9ed6706c4a78516d20a4670e6f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/api/zip/undefined?get_param=value HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968
Cookie: ci_session=qtfiuar0p9o1h1n67h8r3eu8u3ombn0k
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:14 GMT
content-type: application/json; charset=UTF-8
content-length: 111
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: ci_session=qtfiuar0p9o1h1n67h8r3eu8u3ombn0k; path=/; HttpOnly; SameSite=Lax
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js

142.250.74.35

200 OK

165 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (839)
Size
165 kB (164689 bytes)
Hash
7f27adb1216e4ddb02884fd68a1ec297
a33a85dfc58ca995fa184035b8fdb896866c361f
aeea36b977f073b902c2c5536b21f43e931fc2ac5ba3601db228e686457e9bc8

HTTP Headers

GET /recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164689
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Feb 2023 09:18:57 GMT
expires: Fri, 23 Feb 2024 09:18:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 399737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

143.204.48.16

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
143.204.48.16:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
fabef76228b69993cda91c5ea6c2ada4
22dc5886fdc438dceea82cd609b03e6728a57fb2
b153fcfd9b450c448989447fc039567b9373131dd2f5848f0df5c0a094c024d2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118292
Date: Tue, 28 Feb 2023 00:21:14 GMT
Etag: "63fc65f6-1d7"
Expires: Wed, 01 Mar 2023 09:12:46 GMT
Last-Modified: Mon, 27 Feb 2023 08:12:38 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lZCTI-VDqsdtHDSF44txzqJYwU5qq11pkP4o0QJw9L9iggn6623wEA==
Age: 3608

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
076eedbcf858a5bc7af274b03a97b3e4
72343aa2dcc369fbd86c73772850f8212b387187
09aa0c021d4b122fdba0f551225c335bb5d8d31af8c825de7bb43065d5c32d85

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Feb 2023 00:21:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 28 Feb 2023 00:12:30 GMT
expires: Tue, 28 Feb 2023 02:12:30 GMT
cache-control: public, max-age=7200
age: 524
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

monthlysweeps.us/favicon.ico

3.222.87.17

200 OK

5.4 kB

URL HTTP/2
monthlysweeps.us/favicon.ico
IP
3.222.87.17:0
ASN
#14618 AMAZON-AES

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
5.4 kB (5430 bytes)
Hash
b0a102991e7332643ae57365023c00c8
4ea4c55c982e08bda104d2e8e981594c067cef24
1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d70d466f13ec7b440f2367/aid/16944/s1/4874968
Cookie: ci_session=qtfiuar0p9o1h1n67h8r3eu8u3ombn0k
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:14 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:08 GMT
etag: "1536-5c80ac2e78fe8"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
076eedbcf858a5bc7af274b03a97b3e4
72343aa2dcc369fbd86c73772850f8212b387187
09aa0c021d4b122fdba0f551225c335bb5d8d31af8c825de7bb43065d5c32d85

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Feb 2023 00:21:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16775436743180.087687121904659&invert_field_sensitivity=false

3.95.92.232

301 Moved Permanently

134 B

URL HTTP/2
api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16775436743180.087687121904659&invert_field_sensitivity=false
IP
3.95.92.232:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /trustedform.js?provide_referrer=false&field=trusted_form&l=16775436743180.087687121904659&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Tue, 28 Feb 2023 00:21:14 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16775436743180.087687121904659&invert_field_sensitivity=false
X-Firefox-Spdy: h2

ldsapi.tmginteractive.com/api/hitsnap.ashx

209.151.244.116

200 OK

21 B

URL HTTP/1.1
ldsapi.tmginteractive.com/api/hitsnap.ashx
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
JSON data\012- , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
8736cdfe08480bca66cffeee06268705
81af0417f969f93848b1cf30fce1db93884facc1
838a7c62adda8d131d694ae13ba2c5b73579aeb0f327d9f23e23880943a8a289

HTTP Headers

POST /api/hitsnap.ashx HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 10688
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 110
Date: Tue, 28 Feb 2023 00:21:14 GMT
Content-Length: 21

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c5767ddaa90364c73da9c901fca2475c
2845daaed6593dde22b53272d5ce50965fe3a54e
296dafe92c796844b2a57e1b685885467183bf6de5cf0845405d3ed399658f0b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 28 Feb 2023 00:21:15 GMT
Last-Modified: Mon, 27 Feb 2023 23:11:59 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ImMQBFNuxeggt7sMHPYs0s0DbwlKulWerH5Ek4D-Rh1Mymqer2hr4Q==
Age: 4156

script.hotjar.com/modules.3bdf981e73ecd1bf9fca.js

143.204.55.96

200 OK

69 kB

URL HTTP/2
script.hotjar.com/modules.3bdf981e73ecd1bf9fca.js
IP
143.204.55.96:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48737)
Size
69 kB (68683 bytes)
Hash
ebfd5ece1732ea77a9b33e8ec7afb91a
aa0a45d972de12f2092491616f340572bcee81f5
666c32150e720b282d8c2ca12dd23d6ac15d5253edb87a9c648de133db2ccd29

HTTP Headers

GET /modules.3bdf981e73ecd1bf9fca.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68683
date: Mon, 27 Feb 2023 09:09:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "ebfd5ece1732ea77a9b33e8ec7afb91a"
last-modified: Mon, 27 Feb 2023 09:08:08 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lpCDJxVVWmQzUcLxTG55V0dG2x6rnWyF_HGyn0qFw15LPaV1feVJwQ==
age: 54729
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

143.204.48.16

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
143.204.48.16:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3045a0a9adcb52a4974623d94a6b7288
f6ab5a3a6a385ef989a40fe1cdbe2eca6d2f1094
988dcec8bb38a4ec5d00420d20be07795c2125591e3e007bfc2cd6bbb23897e7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 28 Feb 2023 00:21:15 GMT
Last-Modified: Mon, 27 Feb 2023 23:40:55 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WZvhrVRm1LiX6bDIPyGiGFx1UWPt1gLCgsCB3B0KOdB1_Y48VrFgFg==
Age: 2420

create.leadid.com/2.11.9/GenerateToken?msn=1&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&_=626710361

54.198.13.191

200 OK

527 B

URL HTTP/2
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&_=626710361
IP
54.198.13.191:0
ASN
#14618 AMAZON-AES

File type
data
Size
527 B (527 bytes)
Hash
ea467ad1cba49e2d9e50ba0c39e82823
bedd8f69a5234d473fb0f52fce8569670996bd06
56097cc383ba50787a40b9b8738610f9e4248af62ffb9ab39606a2a26f9366b8

HTTP Headers

POST /2.11.9/GenerateToken?msn=1&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&_=626710361 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 250
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:15 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 30-Mar-2023 00:21:15 GMT; Max-Age=2592000; path=/
rguserid=f9e7c145-d785-4960-80f0-ec731e807fcb; expires=Thu, 30-Mar-2023 00:21:15 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 30-Mar-2023 00:21:15 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 30-Mar-2023 00:21:15 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-39232759-1&cid=804034743.1677543676&jid=1647231028&gjid=789023702&_gid=649509822.1677543676&_u=IEBAAEAAAAAAACAAI~&z=859364479

64.233.165.157

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-39232759-1&cid=804034743.1677543676&jid=1647231028&gjid=789023702&_gid=649509822.1677543676&_u=IEBAAEAAAAAAACAAI~&z=859364479
IP
64.233.165.157:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-39232759-1&cid=804034743.1677543676&jid=1647231028&gjid=789023702&_gid=649509822.1677543676&_u=IEBAAEAAAAAAACAAI~&z=859364479 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://monthlysweeps.us
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Feb 2023 00:21:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

d2m2wsoho8qq12.cloudfront.net/iframe.html?token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4

143.204.42.159

200 OK

1.4 kB

URL HTTP/1.1
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP
143.204.42.159:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.4 kB (1449 bytes)
Hash
ef825b8a88a51cd76a51d08dfc1d4f99
5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b
2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1

HTTP Headers

GET /iframe.html?token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 14 Feb 2023 20:01:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Mon, 27 Feb 2023 20:31:31 GMT
ETag: W/"63ebe88f-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DEPPua-iyYhrq0Xi56JO8zDXCHKgr3QooQLNgl_TTlF1iei7wYkRQQ==
Age: 13854

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e7ebc6d40ad9e3d17636661b9ad1894f
3d788a72b2dbbc9bdb564f9e3ea35119c1d1f36c
278038c0f1df43f70e2a9b9ced5aa862318b3c0deff785d21d4e52515f514934

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Feb 2023 00:21:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.r2m02.amazontrust.com/

143.204.48.16

200 OK

471 B

URL HTTP/1.1
ocsp.r2m02.amazontrust.com/
IP
143.204.48.16:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3c9e04c0fa56c85ee6e7c8467ab8ae72
9399f4efba62fec034a1bed5cc8fe7bd58ca13c8
388908c6673afba352f5482436e1cbcbf390bae6b0e095b231cacbf7cf2465be

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 28 Feb 2023 00:21:16 GMT
Last-Modified: Mon, 27 Feb 2023 23:17:42 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rhHwazITnaPafBjOadnX60gETW4PigY5VLysikAT9RBA1M6SE0jyag==
Age: 3815

api.trustedform.com/certs

3.95.92.232

201 Created

475 B

URL HTTP/2
api.trustedform.com/certs
IP
3.95.92.232:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Size
475 B (475 bytes)
Hash
a37ac22bd014981ea955982bed9bb575
4ec340e482ae11baab7705dc8ff4a3b3e89bc993
a33be4e902884423c6263b760d6ccff4c05e1cbee73340e456c6271d0fe3272e

HTTP Headers

POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 644
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 201 Created
date: Tue, 28 Feb 2023 00:21:17 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

cdn.trustedform.com/trustedform-1.8.38.js

54.230.111.103

200 OK

38 kB

URL HTTP/2
cdn.trustedform.com/trustedform-1.8.38.js
IP
54.230.111.103:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (37681 bytes)
Hash
506d3cc06482362bfb969f33657d1cf5
502a032cb3cce083c958d2148a61234456f9844a
db537390d79ea43c10a13c70a2fcde64e80fe84d97375e0972f10ad4c6a24c2b

HTTP Headers

GET /trustedform-1.8.38.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
x-amz-version-id: ffJa67w_.T4JjuAeq9bT6P3fBUPuRaPp
server: AmazonS3
content-encoding: gzip
date: Tue, 28 Feb 2023 00:21:16 GMT
etag: W/"a71c6d4fa015e7b61cc1fc54ff9b242e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lcxbF88rw2fvzq7YgLl9Knyds7rcLW7Yf5F2WV2-AibcQ_5GprtOVA==
age: 11
X-Firefox-Spdy: h2

api.trustedform.com/certs/904b65ba648428c04d25bbd0bdddadbd5c9d79b9/fingerprints

3.95.92.232

204 No Content

0 B

URL HTTP/2
api.trustedform.com/certs/904b65ba648428c04d25bbd0bdddadbd5c9d79b9/fingerprints
IP
3.95.92.232:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/904b65ba648428c04d25bbd0bdddadbd5c9d79b9/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 262
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Tue, 28 Feb 2023 00:21:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=5&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&_=626710365

54.198.13.191

200 OK

20 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=5&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&_=626710365
IP
54.198.13.191:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

POST /2.11.9/InitFormData?msn=5&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&_=626710365 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1064
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:17 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 30-Mar-2023 00:21:17 GMT; Max-Age=2592000; path=/
rguserid=01620b55-cc45-409d-8891-8a3e73e9d8a9; expires=Thu, 30-Mar-2023 00:21:17 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 30-Mar-2023 00:21:17 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 30-Mar-2023 00:21:17 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419

13.107.238.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: Shzc0tuaykHxXX+tfi+uUQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 8f5f6d12-001e-004c-5798-4a93ec000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 01Ej9YwAAAADccm5KPr3CSYVPU1hUqsEqQU1TMDRFREdFMTgxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0+Uj9YwAAAAAYYlv4Xw/bRoDdzlreno9oU1ZHMjBFREdFMDUxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 28 Feb 2023 00:21:12 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?1327k27j20231327j02ckl27llk160jkk211300

13.107.238.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?1327k27j20231327j02ckl27llk160jkk211300
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ns/css/13488000.min.css?1327k27j20231327j02ckl27llk160jkk211300 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=60
content-type: text/css
content-encoding: br
content-md5: WEcI6Omll5/fQKo/f35d8g==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4EA477
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 16ba056d-c01e-0051-6f0a-4b4a06000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 01Ej9YwAAAABxDHLZiER1Ra0SRLEB+qLoQU1TMDRFREdFMTgxOQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0+Uj9YwAAAACOL03KvZmaT4EYIm5813azU1ZHMjBFREdFMDUxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 28 Feb 2023 00:21:12 GMT
X-Firefox-Spdy: h2

cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16775436743180.087687121904659&invert_field_sensitivity=false

54.230.111.103

200 OK

0 B

URL HTTP/2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16775436743180.087687121904659&invert_field_sensitivity=false
IP
54.230.111.103:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16775436743180.087687121904659&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monthlysweeps.us/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 28 Feb 2023 00:21:16 GMT
last-modified: Fri, 24 Feb 2023 16:04:14 GMT
x-amz-version-id: oadcnJCg2vYrfrS_vSmPkc6nBoYFDxSV
etag: W/"1b4d8abad5e0668a237e388577c6a93c"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kbqvjOctcFS8a5YtVtg8iO1agud83nYnW04LJI4K6izQ-zRUREf7hw==
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=4&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&_=626710364

54.198.13.191

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&_=626710364
IP
54.198.13.191:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/InitFormData?msn=4&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&_=626710364 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 944
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:16 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 30-Mar-2023 00:21:16 GMT; Max-Age=2592000; path=/
rguserid=259c7ab1-57cf-473d-be33-9ff06f8debf6; expires=Thu, 30-Mar-2023 00:21:16 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 30-Mar-2023 00:21:16 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 30-Mar-2023 00:21:16 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato:400,700|Oswald:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 28 Feb 2023 00:21:12 GMT
date: Tue, 28 Feb 2023 00:21:12 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n

13.107.238.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ldsapi/assets/script/standard.min.js?version=20220221n HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: YTnb0ehLGLRubF63e3IyDA==
last-modified: Mon, 21 Feb 2022 16:55:53 GMT
etag: 0x8D9F55B05E46BD0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 454f8709-f01e-0070-50af-4a2737000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 046/8YwAAAAD55Wlk22g6Ta3ABKXJ2pZmQU1TMDRFREdFMTgwNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0+Uj9YwAAAABlppwLCsqtTI58CvQIOkZVU1ZHMjBFREdFMDUxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 28 Feb 2023 00:21:12 GMT
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-2865935.js?sv=6

54.230.111.113

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-2865935.js?sv=6
IP
54.230.111.113:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-2865935.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 28 Feb 2023 00:20:39 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/1e0168156f2af65a6c178eec6dbd713b
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ehVvRx1PYDk7JPr7_WbtfW65FHUG3l8CL2UhD7YR1A68oG9bIJS58Q==
age: 35
X-Firefox-Spdy: h2

deviceid.trueleadid.com/iframe.html?token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4

34.203.186.234

200 OK

0 B

URL HTTP/2
deviceid.trueleadid.com/iframe.html?token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP
34.203.186.234:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /iframe.html?token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:16 GMT
content-type: text/html
server: nginx
last-modified: Thu, 02 Feb 2023 16:44:23 GMT
etag: W/"63dbe867-1049"
expires: Wed, 01 Mar 2023 00:21:16 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

104.18.11.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 2021-06-08 18:02:12
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: a9c552a6ef500abddb12a9852509d4ed
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 22989825
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a04ffaf1b571c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.15.4/css/solid.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.15.4/css/solid.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.15.4/css/solid.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: text/css
x-amz-id-2: KFXYScqQQZbhiYPnwFrQr26RTY2zKfDQq2X0tSHXF7qUkK818w2q6Ipe3E9829HiPiHu+BXHwU4=
x-amz-request-id: C2QG8400AP57Y81P
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"685a6b10be9f3db25acf78c5e7ba7379"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 37
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usZUJXJf5YYcgAJSaYWcxZ8JU6HG8mWt8KJXMhFuI47XuiKOVpNCSNpoRdtSi6t5zSvNSB%2BAS%2BiK%2Br64uQ3kJUfC3l7qn23iCZJyrQiwxQD8bCC%2FcoytitYm1MwqcC%2B%2BlimYjg2Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a04ffb0bc12496e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.15.4/css/fontawesome.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.15.4/css/fontawesome.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.15.4/css/fontawesome.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: text/css
x-amz-id-2: J0HCogLIs1V9l/xskItHqJ5ioeF+dWydBCVMS0gpvzPsBjiOgy4i++5+rE2wCPvlsnGu2CJqFrU=
x-amz-request-id: C2QNQWFAAQ8PJ2V3
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a227f005fa7ae066c1068ac4b963514c"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 37
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3RtkKpOpQWQXEIBe2o2Q7nDXYJzPsOnz%2BGbkzysCtF16RJqiDPraLgSai2n%2BZYGW0BcNFG8vrL3vco1Musu5bT7%2FXNSS1aRBwLg2%2Fcgr1Psf56%2BHNX0ftPdGQTn1m9YAdZ%2B7NM1o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a04ffb0ec43496e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js

13.107.238.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ns/js/offers_extended_functions.min.js HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=60
content-type: application/javascript
content-encoding: br
content-md5: JsdJsTroZxL3ol3Owm84Vg==
last-modified: Mon, 07 Mar 2022 22:37:07 GMT
etag: 0x8DA008B03257DBD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 595e64e0-401e-0062-680a-4b132b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 01kj9YwAAAABtlbV/fyEyQ53d6FoEw4Q1QU1TMDRFREdFMTkyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0+kj9YwAAAAAfZbVu5OPsT53wxXRbsmROU1ZHMjBFREdFMDUxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 28 Feb 2023 00:21:13 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230209

13.107.238.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230209
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ldsapi/assets/script/common-extentions.min.js?20230209 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: G3v7pHqbSC0Gvp9zsfwXIA==
last-modified: Wed, 09 Jun 2021 12:26:50 GMT
etag: 0x8D92B41DB6898DE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 3394f6dc-101e-003e-120a-4be2d2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 01Ej9YwAAAAAQIDce/fqyRYyYCan/Q1mBQU1TMDRFREdFMTkxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0+Uj9YwAAAAC525DCRvBbS5rqXxlnM50yU1ZHMjBFREdFMDUxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 28 Feb 2023 00:21:12 GMT
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.1.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:12 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 718, 718
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 2021-04-13 02:48:26
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: b584a7f7756eea1e54b5f28d657ba679
cdn-cache: HIT
cf-cache-status: HIT
age: 3438478
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a04ffaf1b551c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?1327k27j20231327j02ckl27llk160jkk211300

13.107.238.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?1327k27j20231327j02ckl27llk160jkk211300
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ns/js/13488000.min.js?1327k27j20231327j02ckl27llk160jkk211300 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=60
content-type: application/javascript
content-encoding: br
content-md5: 9wgtvP0cVsloq3UaPunwsA==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4E2F58
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: da844bbe-301e-006d-380a-4bfedd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 01Ej9YwAAAAB7c4jnrfvhQKzsdhGUTFvEQU1TMDRFREdFMTgxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0+Uj9YwAAAACgjXYdPwShQ4XtU5l5YrqjU1ZHMjBFREdFMDUxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 28 Feb 2023 00:21:12 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103

13.107.238.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: E4ptMzZLxbawD4B7RV5YCQ==
last-modified: Wed, 03 Nov 2021 09:07:36 GMT
etag: 0x8D99EA961032FA1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 0fe2f8fc-501e-0039-700a-4b1457000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 01Ej9YwAAAACf6sC+usd7RYaOtZCXNju9QU1TMDRFREdFMTkxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0+Uj9YwAAAABXFqBmr4ojQ5aM26/7gyOEU1ZHMjBFREdFMDUxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 28 Feb 2023 00:21:12 GMT
X-Firefox-Spdy: h2

create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2

104.22.38.182

200 OK

0 B

URL HTTP/2
create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
IP
104.22.38.182:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:14 GMT
content-type: text/javascript
x-amz-id-2: EjpSn1mxjsnrfUDTgItapV/+yih1q++DVFqlZYRb6HdHkmpgqQLQwMUG/hZsCK084QYjyo9gzLo=
x-amz-request-id: 5Y5H8Q8EHXXC9T79
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 00:55:16 GMT
etag: W/"97495a102c98049f30e62264b1eb50f5"
cache-control: max-age=1800
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG
cf-cache-status: HIT
age: 569
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a04ffbd1cdb95f6-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/SaveDom?msn=2&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&_=626710362

54.198.13.191

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&_=626710362
IP
54.198.13.191:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/SaveDom?msn=2&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&_=626710362 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 512
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:16 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 30-Mar-2023 00:21:16 GMT; Max-Age=2592000; path=/
rguserid=76763806-603f-482f-b981-9577c575d7e5; expires=Thu, 30-Mar-2023 00:21:16 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 30-Mar-2023 00:21:16 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 30-Mar-2023 00:21:16 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=3&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&_=626710363

54.198.13.191

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&_=626710363
IP
54.198.13.191:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/InitFormData?msn=3&pid=7e0defe7-0fe9-40b8-9e62-9090749f5f6f&token=1952ABF9-044B-BDA4-351D-1F3F6D16EFD6&_=626710363 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 12855
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 28 Feb 2023 00:21:16 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 30-Mar-2023 00:21:16 GMT; Max-Age=2592000; path=/
rguserid=bacd496a-0aab-4b4c-8c23-345c182c6a96; expires=Thu, 30-Mar-2023 00:21:16 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 30-Mar-2023 00:21:16 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 30-Mar-2023 00:21:16 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (59)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML