ocsp.r2m02.amazontrust.com/
143.204.48.16 471 B URL ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash 3b843804244a5ee1c30951ed5247db80
44f70d4383d65c08a79d48ec8e09939dc2f52abc
e9c191e7562fb574a17283cb4f8a8dac0f1b8cd91195d2e776e7e923215c7f74
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113777
Date: Sat, 13 May 2023 23:51:15 GMT
Etag: "645f2be5-1d7"
Expires: Mon, 15 May 2023 07:27:32 GMT
Last-Modified: Sat, 13 May 2023 06:19:17 GMT
Server: ECAcc (dcb/7F2F)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RRLGkbEmBWZq9o4DS5r_GHXrApPOW99GFeoc_lY7rpO0eedcx_V5tA==
Age: 4095
monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
52.2.18.249200 OK 9.8 kB URL User Request GET HTTP/2 monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
IP 52.2.18.249:443
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (939)
Hash e9afb82245e99b1cf9cf58b0a206fa5a
93c5815c2a07fbfb07554a2247b2880783336a8b
64226252c885c3908e8591cec79efef30e65c9a37dcd290c6e7b54917529490f
GET /go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0& HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-type: text/html; charset=UTF-8
content-length: 9839
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=hhr3ga01rvka97am13qt4003v0ur7po9; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
104.17.25.14200 OK 6.5 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP 104.17.25.14:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (20322)
Hash 6b08ddc901000d51fa1f06a35518f302
bafe987c18cbe0587de3e6360e7da40a2885614b
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1056772
expires: Thu, 02 May 2024 23:51:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZR%2BN1U1dAgOY6sQNqsSkFUX2%2Fk8pMisRhvlTqrHe2bF4RlonRoMJSgxf3NEdFd2bCoI6LaAJJCmMRSmxJcNr8r5KpVTaKR5feSioxW1ovwlvRP1NhMqBmshyi1zobbRPxcGmhC1v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c6ecef81e540b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
104.17.25.14200 OK 59 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
IP 104.17.25.14:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65274)
Hash 537fb5541479dbe0e06b56c5d21e5c73
cb2ba1c0cc5d244bf6484d74ec197efb074e9a6a
1fb32ef65d7b57f33a43580329dbf6ee37beb5b4b64272a6a0d705ca9abf3484
GET /ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 58913
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-46f6d"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 803266
expires: Thu, 02 May 2024 23:51:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uKaD8WveG%2Bw58XesGqYVVfG1KCMk2nki5aX6Plwyfvt4R5iqCXyaDI2GLQ%2BZUts6lU2RMCRS8hvAP0aSXUVu9YiFfCQjLyDqHZkqlLv33noi1HVQNDn966kkoBFVkCbr9z%2BfedY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7c6ecef81e570b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.min.js
69.16.175.42200 OK 30 kB URL GET HTTP/2 code.jquery.com/jquery-3.3.1.min.js
IP 69.16.175.42:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1684021876.dop226.sk1.t,1684021876.cds226.sk1.hn,1684021876.cds240.sk1.c
X-Firefox-Spdy: h2
monthlysweeps.us/assets/css/loading_icon_1.css
52.2.18.249200 OK 580 B URL GET HTTP/2 monthlysweeps.us/assets/css/loading_icon_1.css
IP 52.2.18.249:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
Hash 053b0d384c5e6cac600ccf5a8653e78d
58a6473f06c39c9338e2baaa1474c112e9d3f2e9
091a6575c7efe80624d5054b93b61cd16e00398e10c495511c1af7dc063e882a
GET /assets/css/loading_icon_1.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Cookie: ci_session=hhr3ga01rvka97am13qt4003v0ur7po9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-type: text/css
content-length: 580
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:07 GMT
etag: "db0-5c80ac2ce37a0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
monthlysweeps.us/assets/css/datepicker.css
52.2.18.249200 OK 818 B URL GET HTTP/2 monthlysweeps.us/assets/css/datepicker.css
IP 52.2.18.249:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (3335), with no line terminators
Hash 19a23f04a6130438cfd25f91cd416da4
5fd77d346b6e26e21730b365e48dcde290637f3a
2f21641b37bedebc84cc798eca1b80d9649cb4c23a1831659cd77c3660f873ae
GET /assets/css/datepicker.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Cookie: ci_session=hhr3ga01rvka97am13qt4003v0ur7po9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-type: text/css
content-length: 818
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:06 GMT
etag: "d07-5c80ac2c970f8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
monthlysweeps.us/assets/css/sweeps.css
52.2.18.249200 OK 1.6 kB URL GET HTTP/2 monthlysweeps.us/assets/css/sweeps.css
IP 52.2.18.249:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
Hash c3f23e37e95f27b1a740ccfd96775321
d9b137629ddc681da8ef74e6c94347d8a30eab2a
2fca7b57761fb71fb0de70b202c782874d518f535815da6f71c257e39ce95109
GET /assets/css/sweeps.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Cookie: ci_session=hhr3ga01rvka97am13qt4003v0ur7po9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-type: text/css
content-length: 1625
server: Apache/2.4.41 (Ubuntu)
last-modified: Wed, 01 Mar 2023 16:02:09 GMT
etag: "170a-5f5d8d5a5e368-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
monthlysweeps.us/assets/img/sweepstakes250/one.png
52.2.18.249200 OK 801 B URL GET HTTP/2 monthlysweeps.us/assets/img/sweepstakes250/one.png
IP 52.2.18.249:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Hash 03744c9d39310c5d2af2cf2a23616580
603f0d70ddc7d77f6341dc0caf9e0740b33ae061
afbc2f9fe529022b98f966b254c8d3173a40998fdd01ee3739df99a8a3169a0b
GET /assets/img/sweepstakes250/one.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Cookie: ci_session=hhr3ga01rvka97am13qt4003v0ur7po9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-type: image/png
content-length: 801
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:31 GMT
etag: "321-5429f55d7e9c0"
accept-ranges: bytes
X-Firefox-Spdy: h2
monthlysweeps.us/assets/img/sweepstakes250/two.png
52.2.18.249200 OK 915 B URL GET HTTP/2 monthlysweeps.us/assets/img/sweepstakes250/two.png
IP 52.2.18.249:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Hash a1914f8236d7704856f5c5762e86c109
ea40712fad474fab16b7e2f1505bcb42302cd6ec
6c21621aeb7ad165ee758074b65bbf2fa35498a74320a940c52a3208375ef26d
GET /assets/img/sweepstakes250/two.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Cookie: ci_session=hhr3ga01rvka97am13qt4003v0ur7po9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-type: image/png
content-length: 915
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:30 GMT
etag: "393-5429f55c8a780"
accept-ranges: bytes
X-Firefox-Spdy: h2
monthlysweeps.us/assets/js/datepicker.js
52.2.18.249200 OK 5.3 kB URL GET HTTP/2 monthlysweeps.us/assets/js/datepicker.js
IP 52.2.18.249:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (16878)
Hash 50e8118195525667c97c698ae2063198
b81b9cdd700240e03f5a700577cf2f162b5d2cda
6d41c10e9bae08259ba5b58757e8dbf6713dfa033fee3330ae37e85660c85726
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/datepicker.js HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Cookie: ci_session=hhr3ga01rvka97am13qt4003v0ur7po9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-type: application/javascript
content-length: 5285
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:09 GMT
etag: "42ac-5c80ac2fab258-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
104.18.11.207200 OK 15 kB URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP 104.18.11.207:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (50395)
Hash ce6e785579ae4cb555c9de311d1b9271
5ef2c15b47d7290698c737676ba9c3056b45f2e8
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 2021-06-08 18:02:12
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: a9c552a6ef500abddb12a9852509d4ed
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 29468029
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7c6ecef7ceccb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 66a94eca2c19b8942c7712ad56c9b8b8
f8f2815ccea56b3a2393413d8817292fe2b70e69
119b6540cef07d97578ad8af84b74c4f06eaba24fa56ae5404c49129186e04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 13 May 2023 23:51:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188 472 B IP 172.64.155.188:0
Hash c24484d5ec8013b2cc87220cc0712b8f
f4a4fbbf96c7fa598fc77f578b536b57e64b11c7
5cd347fca2069a7564240c1ce06bae560eb85a20f2ea168f398cad6364b5f564
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 13 May 2023 23:51:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 12 May 2023 11:50:02 GMT
Expires: Fri, 19 May 2023 11:50:01 GMT
Etag: "f4a4fbbf96c7fa598fc77f578b536b57e64b11c7"
Cache-Control: max-age=475640,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7c6ecef9c9160b06-OSL
ocsp.sectigo.com/
104.18.32.68 472 B IP 104.18.32.68:0
Hash c24484d5ec8013b2cc87220cc0712b8f
f4a4fbbf96c7fa598fc77f578b536b57e64b11c7
5cd347fca2069a7564240c1ce06bae560eb85a20f2ea168f398cad6364b5f564
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 13 May 2023 23:51:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 12 May 2023 11:50:02 GMT
Expires: Fri, 19 May 2023 11:50:01 GMT
Etag: "f4a4fbbf96c7fa598fc77f578b536b57e64b11c7"
Cache-Control: max-age=475619,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7c6ecef9cd6c0afa-OSL
www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
142.250.74.132200 OK 582 B URL GET HTTP/2 www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
IP 142.250.74.132:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint85:AD:43:66:C0:73:07:1B:B5:5D:4A:83:4B:76:3F:DA:4B:2B:E1:F8
ValidityMon, 24 Apr 2023 12:01:16 GMT - Mon, 17 Jul 2023 12:01:15 GMT
File type ASCII text, with very long lines (884), with no line terminators
Hash c0e4de3979a62d1e726aa242278538e0
88a683e9076dde7cf5b3dbea39ca1ee05062b626
e1a602760b43cba157116671e148b0621ae24ddbfe1ab48a202994a6b62a2372
GET /recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Sat, 13 May 2023 23:51:16 GMT
date: Sat, 13 May 2023 23:51:16 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 9be3fe14f68f6532597d14598507135b
60808c84e6454278fad41302a21f77b95c97e193
93e68f9214835f244c00eb7ba51a06c44a1c257b7d4c1a4c208c67d6a579d39b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 13 May 2023 23:51:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 1ad30e2be460adeed311b95ef0f3e463
c3ec4a5f9ae9cdbd5f4ca9a257eceac5dab470b4
40998a19e44d420fdbb726b2ce1c5a10b01d8af002d35ce5244d35a855766d8a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 13 May 2023 23:51:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188 472 B IP 172.64.155.188:0
Hash 4415f4acf46b0a7ecc1019bade14a79a
6009577ccd4f7d87b13f7e76b417abfed6adc967
497671a567ae19450ae812459ae465912550267daaaa9fb3cd5d56413c86738d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 13 May 2023 23:51:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 12 May 2023 02:10:13 GMT
Expires: Fri, 19 May 2023 02:10:12 GMT
Etag: "6009577ccd4f7d87b13f7e76b417abfed6adc967"
Cache-Control: max-age=439734,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7c6ecefb19c60b06-OSL
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ae974c8f61823ca8658979a1109cbd2d
623d134c2263c62a20d2e7bfcb3cb0f89e842a10
cde1c25877913540c22c959d5d8dccdc8e162ed9b9c891f3309d73ac1f9cea5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 13 May 2023 23:51:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
216.58.207.227200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP 216.58.207.227:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Hash e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 09 May 2023 12:59:17 GMT
expires: Wed, 08 May 2024 12:59:17 GMT
cache-control: public, max-age=31536000
age: 384720
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/solid.css
172.64.133.15200 OK 79 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.15.4/css/solid.css
IP 172.64.133.15:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type ASCII text, with very long lines (483)
Hash 685a6b10be9f3db25acf78c5e7ba7379
c0c0e8602a81f62ccb2af3329bb4e14bfc1d96e1
882e58c671a484d0daa97a2807060e1a1ad16e73a87753f494a0a8f24412164b
GET /releases/v5.15.4/css/solid.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-type: text/css
x-amz-id-2: MU+zzJkGxrbub8O9nTcAKFBMynoLLCFp/0tyysF3jlpfUwzwmxxr+tMEw8gfphZNorgwSTfkIk5byho16jVrcQ==
x-amz-request-id: E5ST7W98XEGH337K
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"685a6b10be9f3db25acf78c5e7ba7379"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 118230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBgUC7HXv1ZP5tMIoA8Y%2Fgw6fYvIVH1LDDBkO594c8nJV2SHMHgiYtNtlLtf%2BP2coWsKfQtPGwcz%2FbpY2H17urZOErGi3rVyobUmwdq9xr9dx9Ec61XAy%2FAEtAM1JYTvBMUbxJ3w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c6ecef8a8c97324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ae974c8f61823ca8658979a1109cbd2d
623d134c2263c62a20d2e7bfcb3cb0f89e842a10
cde1c25877913540c22c959d5d8dccdc8e162ed9b9c891f3309d73ac1f9cea5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 13 May 2023 23:51:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ae974c8f61823ca8658979a1109cbd2d
623d134c2263c62a20d2e7bfcb3cb0f89e842a10
cde1c25877913540c22c959d5d8dccdc8e162ed9b9c891f3309d73ac1f9cea5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 13 May 2023 23:51:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ae974c8f61823ca8658979a1109cbd2d
623d134c2263c62a20d2e7bfcb3cb0f89e842a10
cde1c25877913540c22c959d5d8dccdc8e162ed9b9c891f3309d73ac1f9cea5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 13 May 2023 23:51:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 May 2023 04:04:41 GMT
expires: Fri, 10 May 2024 04:04:41 GMT
cache-control: public, max-age=31536000
age: 243996
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 May 2023 09:09:22 GMT
expires: Fri, 10 May 2024 09:09:22 GMT
cache-control: public, max-age=31536000
age: 225715
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
216.58.207.227200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP 216.58.207.227:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Hash e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 09 May 2023 12:59:17 GMT
expires: Wed, 08 May 2024 12:59:17 GMT
cache-control: public, max-age=31536000
age: 384720
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 2d0ce7be8ebb8dec95f0e8badd56e463
bf29996b22abb22c181d7749959c23a6774725dc
768a8875c5a2a3f5685231639d7ef76e684130e728068fcb2823dc63a5e1d597
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 13 May 2023 23:51:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=125310899673416&subid=125310899673416
209.151.244.116 699 B URL GET ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=125310899673416&subid=125310899673416
IP 209.151.244.116:0
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (850), with CRLF line terminators
Hash d56f46bdafeec257619c8e5e2416393d
a2db03edc397d1a334aace01894eea836ac41ed8
d9913e1a60598a181465bd75b8e8fed18bc7ace2629076ef39ecb272d9488a67
GET /generateplacementscript.aspx?placement=13488000&publisher=139136&affid=125310899673416&subid=125310899673416 HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Sat, 13 May 2023 23:51:16 GMT
Content-Length: 699
cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js
185.244.209.62200 OK 482 kB URL GET HTTP/2 cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js
IP 185.244.209.62:443
ASN #58286 Electric-IT Business S.R.L.
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerSectigo Limited
Subjectcdn.jsdelivr.net
Fingerprint95:B3:FD:0C:F5:9E:0C:6C:F5:81:AB:DD:5D:6D:67:BF:FF:4A:FD:CC
ValiditySat, 01 Oct 2022 00:00:00 GMT - Fri, 20 Oct 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (22550)
Size 482 kB (481871 bytes)
Hash c4499184878d17d8af6f4181c0d03102
c5a2ff013fa357c1d2a6571b5d8e658e670080ea
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
GET /jquery.validation/1.15.0/jquery.validate.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 13 May 2023 23:51:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: W/"58a0-xaL/AT+jV8HSplcbXY5ljmcAgOo"
content-encoding: br
cache: HIT, HIT
x-cached-since: 2023-04-28T12:25:53+00:00, 2023-04-28T13:21:17+00:00
x-id: am3-up-gc88, osix-up-gc4
x-nginx: nginx-be, nginx-be
X-Firefox-Spdy: h2
monthlysweeps.us/assets/img/campaign/1253_welcome.png
52.2.18.249200 OK 258 kB URL GET HTTP/2 monthlysweeps.us/assets/img/campaign/1253_welcome.png
IP 52.2.18.249:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 550 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size 258 kB (258018 bytes)
Hash 4ab082dfa4d24ddc5faa6ae9be0b7e7a
0a66d5fa8c56b01c42656bad7fd0358e35f0b5a7
c916d279aa3477141699255e5f01031b8d891bbea0cadf185ddad136866da02b
GET /assets/img/campaign/1253_welcome.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Cookie: ci_session=hhr3ga01rvka97am13qt4003v0ur7po9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:17 GMT
content-type: image/png
content-length: 258018
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 18:45:24 GMT
etag: "3efe2-5d7ae5a63e210"
accept-ranges: bytes
X-Firefox-Spdy: h2
ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=125310899673416&subid=125310899673416
209.151.244.116 4.9 kB URL GET ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=125310899673416&subid=125310899673416
IP 209.151.244.116:0
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (15181), with CRLF line terminators
Hash fcf26009ed009918b2445dfea90b6ac0
8ccecd3c531444ec78efb1d789235bf5467b76bf
766481ea34f12daeeb84d841da6394c6ed8855d56eeae8e6b8e0de53fcb50a6b
GET /GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=125310899673416&subid=125310899673416 HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Sat, 13 May 2023 23:51:16 GMT
Content-Length: 4884
tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif
13.107.238.53200 OK 43 B URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif
IP 13.107.238.53:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /amsus/ldsapi/assets/images/spacer.gif HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
content-md5: MlRyYBVx8x4b8AZ0w2jTNQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
x-cache: TCP_HIT
x-ms-request-id: 53ed052e-d01e-0001-23c0-85550e000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0d+ZfZAAAAAAtenzzZR4gRIl8Y0JPRJ/ZQU1TMDRFREdFMTgyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0dSJgZAAAAAAL6rE0wEi5TZ+VrkyEQLsOU1ZHMjBFREdFMDYyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Sat, 13 May 2023 23:51:17 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419
13.107.238.53200 OK 520 B URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419
IP 13.107.238.53:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (520), with no line terminators
Hash 004c48ee12ed64e223dae51fffda80ca
a3a70b71586d8573a400bd4a2a0eb9bf8ec39c17
735903b0b0ffc434c5dd315d19c20594526dd23bcc44480e69edfbe20f4fb117
GET /amsus/ns/assets/awesome-font/font-awesome.css?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 520
content-type: text/css
content-md5: AExI7hLtZOIj2uUf/9qAyg==
last-modified: Fri, 21 May 2021 11:01:09 GMT
etag: 0x8D91C47BDA9A147
x-cache: TCP_HIT
x-ms-request-id: 3e437e09-701e-0043-51d2-857e1a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0d+ZfZAAAAADxCUxUOMxYRZ1yweZsdWVDQU1TMDRFREdFMTkwOQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0diJgZAAAAABWVWOvh/iXR4Qnnn9pSupmU1ZHMjBFREdFMDYyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Sat, 13 May 2023 23:51:17 GMT
X-Firefox-Spdy: h2
ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsPlacement.aspx?hKey=1371410730&affid=125310899673416&subid=125310899673416&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
209.151.244.116200 OK 661 B URL POST HTTP/1.1 ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsPlacement.aspx?hKey=1371410730&affid=125310899673416&subid=125310899673416&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
IP 209.151.244.116:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 8eedf5202afa8d2886c6ecb287549e91
9e9643e45bad71cb7f510bb01f62fab1e83044f8
e47394f32044070439dfd4f6e0aa693feff4e69d341542cb964bc2ed1a1daf78
POST /ManageImpressions/ReportViaJsPlacement.aspx?hKey=1371410730&affid=125310899673416&subid=125310899673416&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 110
Date: Sat, 13 May 2023 23:51:17 GMT
Content-Length: 661
ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1371410730&affid=125310899673416&subid=125310899673416&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
209.151.244.116200 OK 709 B URL POST HTTP/1.1 ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1371410730&affid=125310899673416&subid=125310899673416&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
IP 209.151.244.116:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (349), with CRLF line terminators
Hash 5499e2c0b34fe62b516825a9816508c8
dc4d49c5ff09acb69e9b8d0bb66930a6cfe64dde
85135a99e8acbe5965c051b51464336f058e115fecc8a05146a18fa6dc29cad1
POST /ManageImpressions/ReportViaJsCampaign.aspx?hKey=1371410730&affid=125310899673416&subid=125310899673416&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 110
Date: Sat, 13 May 2023 23:51:18 GMT
Content-Length: 709
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0
13.107.238.53200 OK 84 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0
IP 13.107.238.53:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type Web Open Font Format, TrueType, length 83760, version 1.0\012- data
Hash fdf491ce5ff5b2da02708cd0e9864719
7f2f3c55c2de192387c351b995115f6b79e09173
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
GET /amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://tmgassets.azureedge.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 83760
content-type: font/woff
content-md5: /fSRzl/1stoCcIzQ6YZHGQ==
last-modified: Fri, 21 May 2021 11:01:16 GMT
etag: 0x8D91C47C18878E8
x-cache: TCP_HIT
x-ms-request-id: 351d04fe-a01e-0068-2bd2-850aa2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0eeZfZAAAAABDKcExTuZkTLL+0qtnXvAwQU1TMDRFREdFMTgxNQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
access-control-allow-headers: *
access-control-allow-methods: GET
x-azure-ref: 0dyJgZAAAAAA/Ncgt7x4tQIJxO+jRp+gEU1ZHMjBFREdFMDYyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Sat, 13 May 2023 23:51:18 GMT
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
143.204.48.16 471 B URL ocsp.r2m01.amazontrust.com/
IP 143.204.48.16:0
Hash d4f07bdc2e0592116255e4d2eae0e683
a6ed873949e8c2c99102d7f6fed84c1eb570d89d
6b2b37afffc60a36296fdf3d0ec654c32537564639a7c169a52f588a1ee15766
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114969
Date: Sat, 13 May 2023 23:51:19 GMT
Etag: "645f2905-1d7"
Expires: Mon, 15 May 2023 07:47:28 GMT
Last-Modified: Sat, 13 May 2023 06:07:01 GMT
Server: ECAcc (dcb/7EBC)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YoMRLdUkxJo3yElBAmKLPNzfpOKTqu5reG0SDoihA15I3TyGyIewvQ==
Age: 6027
ocsp.r2m02.amazontrust.com/
143.204.48.16 471 B URL ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash 394388f683ee20f9b6eb32949b1650ce
cff1b3b884716bb28065f75196a92e3a8082762f
a19a93e4320608f1db98b09febfdc8bbe24431bf8eeae6767c586a2dd181c4d3
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113342
Date: Sat, 13 May 2023 23:51:19 GMT
Etag: "645f386d-1d7"
Expires: Mon, 15 May 2023 07:20:21 GMT
Last-Modified: Sat, 13 May 2023 07:12:45 GMT
Server: ECAcc (nya/79EB)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MB7YL0C_kzbHFu_0MdscZIEpM1gbmNuCtapgApoei7dXZLT0DVFnpQ==
Age: 456
api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16840218791010.6913927520630951&invert_field_sensitivity=false
34.231.61.255301 Moved Permanently 134 B URL GET HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16840218791010.6913927520630951&invert_field_sensitivity=false
IP 34.231.61.255:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trustedform.js?provide_referrer=false&field=trusted_form&l=16840218791010.6913927520630951&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Sat, 13 May 2023 23:51:19 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16840218791010.6913927520630951&invert_field_sensitivity=false
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js
142.250.74.35200 OK 167 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (687)
Size 167 kB (166792 bytes)
Hash 9ffb885c65f054c894eb7798c7febb9e
23db992670ceb314ea5e405cc7b30376231d1cc0
353893c6dfd213c596c69a8955f505ab7a0d3324a7df583b489472c7e86cc512
GET /recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166792
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 08 May 2023 16:28:19 GMT
expires: Tue, 07 May 2024 16:28:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 May 2023 04:06:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 458580
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=monthlysweeps.us
108.157.214.104200 OK 2.2 kB URL GET HTTP/2 pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=monthlysweeps.us
IP 108.157.214.104:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectpushpros.tech
FingerprintF1:27:D4:0A:37:DD:69:2C:97:CF:48:D1:1A:24:56:E0:17:C8:BB:F9
ValidityThu, 04 May 2023 00:00:00 GMT - Sat, 01 Jun 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2182), with no line terminators
Hash 38e49556c06033ac12ed857815f23d64
6fe91f0b1a4385f2fc9aee8e1ad41385cc23bfe8
90732a8c2078a3a4937aca66d545df8f07b1b388791f02cd2e3893417f0fe862
GET /GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=monthlysweeps.us HTTP/1.1
Host: pushpros.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monthlysweeps.us/
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
content-length: 2182
date: Sat, 13 May 2023 23:51:19 GMT
x-amzn-requestid: 94afcb8d-428b-4fb2-aa2d-3b249be822e2
access-control-allow-origin: *
x-amz-apigw-id: E4pSvEGRoAMFXLQ=
x-amzn-trace-id: Root=1-64602277-6bf5b613612655015d346454;Sampled=0;lineage=ce85cba6:0
x-cache: Miss from cloudfront
via: 1.1 05844663035089f465172d861220e698.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: FMvifqOCc7fjR6sh8gGsGcVm2NiXoOnIDAVDOolhBEulPdux-rZFtQ==
X-Firefox-Spdy: h2
monthlysweeps.us/favicon.ico
52.2.18.249200 OK 5.4 kB URL GET HTTP/2 monthlysweeps.us/favicon.ico
IP 52.2.18.249:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b0a102991e7332643ae57365023c00c8
4ea4c55c982e08bda104d2e8e981594c067cef24
1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc
GET /favicon.ico HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Cookie: ci_session=hhr3ga01rvka97am13qt4003v0ur7po9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:19 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:08 GMT
etag: "1536-5c80ac2e78fe8"
accept-ranges: bytes
X-Firefox-Spdy: h2
ldsapi.tmginteractive.com/api/hitsnap.ashx
209.151.244.116200 OK 21 B URL POST HTTP/1.1 ldsapi.tmginteractive.com/api/hitsnap.ashx
IP 209.151.244.116:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 8736cdfe08480bca66cffeee06268705
81af0417f969f93848b1cf30fce1db93884facc1
838a7c62adda8d131d694ae13ba2c5b73579aeb0f327d9f23e23880943a8a289
POST /api/hitsnap.ashx HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 10827
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 110
Date: Sat, 13 May 2023 23:51:19 GMT
Content-Length: 21
ocsp.r2m02.amazontrust.com/
143.204.48.16 471 B URL ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash 00785e90058223f71b7d606093cdf200
e28d4f101ea878152f5db4102c733ec7dd80116c
1819a4aef7366d72e8191b016cdb08a5be967aecf998cbbdd3676eeba3f62245
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143166
Date: Sat, 13 May 2023 23:51:20 GMT
Etag: "645faeb6-1d7"
Expires: Mon, 15 May 2023 15:37:26 GMT
Last-Modified: Sat, 13 May 2023 15:37:26 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: c1XexRL1L59qJnPyJb8zdeGU_acQtr7y5p1gYKkdGSy3_Fj9ZBwadw==
www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=a9cha23nbn2h
142.250.74.132200 OK 28 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=a9cha23nbn2h
IP 142.250.74.132:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (42536)
Hash b55a7637358215bde07bba3c965103fe
5418c1df9e3e0d4c8c517b9f27c5d8d9d16bacbb
676fc75c07a4b673ac04be8908f69017a56eea495c11fe17e05ef8b75814ea06
GET /recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=a9cha23nbn2h HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 13 May 2023 23:51:20 GMT
content-security-policy: script-src 'nonce-4d5PVMp5RYNTvTL1Adb5fA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 27564
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
142.250.74.35200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=a9cha23nbn2h
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash 83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
GET /recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 08 May 2023 16:17:36 GMT
expires: Tue, 07 May 2024 16:17:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 May 2023 04:06:00 GMT
content-type: text/css
vary: Accept-Encoding
age: 459224
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js
142.250.74.35200 OK 167 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (687)
Size 167 kB (166792 bytes)
Hash 9ffb885c65f054c894eb7798c7febb9e
23db992670ceb314ea5e405cc7b30376231d1cc0
353893c6dfd213c596c69a8955f505ab7a0d3324a7df583b489472c7e86cc512
GET /recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166792
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 08 May 2023 16:28:19 GMT
expires: Tue, 07 May 2024 16:28:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 May 2023 04:06:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 458581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.r2m01.amazontrust.com/
143.204.48.16 471 B URL ocsp.r2m01.amazontrust.com/
IP 143.204.48.16:0
Hash 2582d5e7df841ee9985a41c568d4c53d
0ef28aa1d5297a55f771b254dbcbb885ee2eff08
88deadad88d1706b7643c514d443e06f190e1501dcb98b352f08b0f23191fd46
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=118296
Date: Sat, 13 May 2023 23:51:20 GMT
Etag: "645f43ba-1d7"
Expires: Mon, 15 May 2023 08:42:56 GMT
Last-Modified: Sat, 13 May 2023 08:00:58 GMT
Server: ECAcc (nya/78C0)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Th4tisoCcFquJ5isxv4A0DR4Hc8jsi6vYqwCDWeKPK1v-DBn6qQUqA==
Age: 2518
ocsp.r2m02.amazontrust.com/
143.204.48.16 471 B URL ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash 96171a15db36b05b69afdc4e8d8ab1fc
f5323f0351c37f3973c49238b15d21011d18d27a
fdd1af912e1f6f476f9d661d1777db7202ccdc3bbabc9b826a3edefcdfbdab92
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158592
Date: Sat, 13 May 2023 23:51:20 GMT
Etag: "645fe9a6-1d7"
Expires: Mon, 15 May 2023 19:54:32 GMT
Last-Modified: Sat, 13 May 2023 19:48:54 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: u9xAQ8DkMTqZSUvUE9aqQjb8MfDgeUivv_AXwLO7QF0jfPQCZ7jIYw==
Age: 338
monthlysweeps.us/go/api/zip/undefined?get_param=value
52.2.18.249200 OK 111 B URL GET HTTP/2 monthlysweeps.us/go/api/zip/undefined?get_param=value
IP 52.2.18.249:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 4072747d6757278fe77c6970474ad27d
7404af04b7ef1db62f26e0a08fe82ab5a184e901
7d911cc2e66702b54cfca359fb39a67a65259e9ed6706c4a78516d20a4670e6f
Analyzer Verdict Alert fortinet Phishing
GET /go/api/zip/undefined?get_param=value HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Cookie: ci_session=hhr3ga01rvka97am13qt4003v0ur7po9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:20 GMT
content-type: application/json; charset=UTF-8
content-length: 111
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: ci_session=hhr3ga01rvka97am13qt4003v0ur7po9; path=/; HttpOnly; SameSite=Lax
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js
13.107.238.53200 OK 19 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js
IP 13.107.238.53:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (349), with CRLF line terminators
Hash 26c749b13ae86712f7a25dcec26f3856
18065acf65c1d3ae276069cafc3b1ee60773ac7d
c2bde97781b1ee79ac29c16508b257a62f14e5cc423c9d21007701bb30c51b71
GET /amsus/ns/js/offers_extended_functions.min.js HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=60
content-type: application/javascript
content-encoding: br
content-md5: JsdJsTroZxL3ol3Owm84Vg==
last-modified: Mon, 07 Mar 2022 22:37:07 GMT
etag: 0x8DA008B03257DBD
x-cache: TCP_MISS
x-ms-request-id: 319bb8be-901e-0024-30f5-85cdbd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0dyJgZAAAAADFf9237PTuT4ZkaO5gCZjaQU1TMDRFREdFMTkxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0dyJgZAAAAABlqPC0RvEBQKYWnPa9176pU1ZHMjBFREdFMDYyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Sat, 13 May 2023 23:51:19 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=a9cha23nbn2h
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 10 May 2023 00:16:35 GMT
expires: Thu, 09 May 2024 00:16:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 344085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=a9cha23nbn2h
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 13 May 2023 07:26:31 GMT
expires: Sun, 12 May 2024 07:26:31 GMT
cache-control: public, max-age=31536000
age: 59089
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=wqcyhEwminqmAoT8QO_BkXCr
142.250.74.132200 OK 111 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=wqcyhEwminqmAoT8QO_BkXCr
IP 142.250.74.132:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=a9cha23nbn2h
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type ASCII text, with no line terminators
Hash 9e4d69e6af30f6b9f9d3928474d1a6fb
e75d7cdfc4a1839b3ff51e7e955c2b1d4964e882
3a829b0f3b44df96f46b9162da8116c6f4fe878febdaab9f92916251951b00d6
GET /recaptcha/api2/webworker.js?hl=en&v=wqcyhEwminqmAoT8QO_BkXCr HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=a9cha23nbn2h
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Sat, 13 May 2023 23:51:20 GMT
date: Sat, 13 May 2023 23:51:20 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 111
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=wqcyhEwminqmAoT8QO_BkXCr&size=invisible&cb=a9cha23nbn2h
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 08 May 2023 21:48:58 GMT
expires: Mon, 15 May 2023 21:48:58 GMT
cache-control: public, max-age=604800
age: 439342
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js
142.250.74.35200 OK 167 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (687)
Size 167 kB (166792 bytes)
Hash 9ffb885c65f054c894eb7798c7febb9e
23db992670ceb314ea5e405cc7b30376231d1cc0
353893c6dfd213c596c69a8955f505ab7a0d3324a7df583b489472c7e86cc512
GET /recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166792
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 08 May 2023 16:28:19 GMT
expires: Tue, 07 May 2024 16:28:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 08 May 2023 04:06:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 458581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
signals.aimtell.com/pageview?id_site=12408&v=3.974&support=0&state=default&wl=1
104.18.31.151200 OK 43 B URL POST HTTP/2 signals.aimtell.com/pageview?id_site=12408&v=3.974&support=0&state=default&wl=1
IP 104.18.31.151:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerCloudflare, Inc.
Subjectaimtell.com
Fingerprint1C:CD:DA:C4:62:7E:59:6E:A3:E5:F3:89:A3:BD:88:CA:D9:F0:F7:3D
ValiditySat, 08 Apr 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /pageview?id_site=12408&v=3.974&support=0&state=default&wl=1 HTTP/1.1
Host: signals.aimtell.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:20 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: https://monthlysweeps.us
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse, Aimtell-Signal
aimtell-hash-exists: 0
aimtell-signal: 0
aimtell-traverse: 0
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c6ecf12bce20b3d-OSL
X-Firefox-Spdy: h2
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
143.204.42.229200 OK 1.4 kB URL GET HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP 143.204.42.229:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f383924b4df21ad2fe7e8882c61bd5ce
465f78b89eaf1a5aaea70d27ddef8bd19b72fee5
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
GET /iframe.html?token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Sat, 13 May 2023 01:38:24 GMT
ETag: W/"643ec1f4-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G7h3ntf9zDojG4o9aH4uZFANqFKJ79uBZELbLHANqgllGwWQ2VJgEg==
Age: 79976
ocsp.r2m02.amazontrust.com/
143.204.48.16 471 B URL ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash 42727edeb2590b6b78464fcfb0de3687
32619d853cc7a5c5e33c258d7d5ccb9ffc96efa1
bf3d18d99a45a5a30a2de63dab75eb2973f058c10167adb1e806eff7aad33205
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=148268
Date: Sat, 13 May 2023 23:51:21 GMT
Etag: "645fb9e5-1d7"
Expires: Mon, 15 May 2023 17:02:29 GMT
Last-Modified: Sat, 13 May 2023 16:25:09 GMT
Server: ECAcc (nya/78E9)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f6Ivi3R1wMGevyMQkCLd7SRYnYZdh2EnLMAbUopGZnymAHHCKvGOfw==
Age: 2240
api.trustedform.com/certs
34.231.61.255201 Created 475 B URL POST HTTP/2 api.trustedform.com/certs
IP 34.231.61.255:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Hash 7f4143fbb0725c7789a83c254d63500b
f7b61f6d0bd18e61299b2e37c6985b96f24a62d3
54365d5c3046f5841b6c6491a8876bd4acd483d4a703fdc3d2bd632473c3a90b
POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 643
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 201 Created
date: Sat, 13 May 2023 23:51:21 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/fe99d897a8f07950b9d80a99cc517fd5217d646f/snapshot
34.231.61.255204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/fe99d897a8f07950b9d80a99cc517fd5217d646f/snapshot
IP 34.231.61.255:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/fe99d897a8f07950b9d80a99cc517fd5217d646f/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 20503
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 13 May 2023 23:51:22 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/fe99d897a8f07950b9d80a99cc517fd5217d646f/fingerprints
34.231.61.255204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/fe99d897a8f07950b9d80a99cc517fd5217d646f/fingerprints
IP 34.231.61.255:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/fe99d897a8f07950b9d80a99cc517fd5217d646f/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 219
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 13 May 2023 23:51:22 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/fe99d897a8f07950b9d80a99cc517fd5217d646f/events
34.231.61.255204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/fe99d897a8f07950b9d80a99cc517fd5217d646f/events
IP 34.231.61.255:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/fe99d897a8f07950b9d80a99cc517fd5217d646f/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 214
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 13 May 2023 23:51:22 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/fe99d897a8f07950b9d80a99cc517fd5217d646f/events
34.231.61.255204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/fe99d897a8f07950b9d80a99cc517fd5217d646f/events
IP 34.231.61.255:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/fe99d897a8f07950b9d80a99cc517fd5217d646f/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 226
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 13 May 2023 23:51:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 78 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
IP 172.64.133.15:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Hash d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
GET /releases/v5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:17 GMT
content-type: font/woff2
content-length: 78268
x-amz-id-2: 5kSmXYFVo25riDdOfbhLugSjgq8l9U41TV3G0LdhScACJtTrHNYOMD2xtcQjvOzil/DmFEEbLaU=
x-amz-request-id: 0V3KYSE0SXFG5SAG
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 179925
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8RsHkz09yCxAaAWJvRagBquI0JfAMDcK5h2SXcGmME3%2BgVBoNYWWIzPaBvgL2X23EX33IKyn86M9RDAZO539NiNWrJvkvsBoXZAcd%2BPRVt1E2vNryWSYDkY6b2sJm526aIZTuzS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c6ecefb5a777324-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.39.js
143.204.55.7200 OK 105 kB URL GET HTTP/2 cdn.trustedform.com/trustedform-1.8.39.js
IP 143.204.55.7:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 105 kB (104691 bytes)
Hash 9c2830f2c2e5b9cb27e0e7f151317cbe
7e0b45f1cf0f826b0aaaf792e20bdd77d27c6b3a
fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14
GET /trustedform-1.8.39.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: OadgesbszW_FbzYEqgjtb7SPpT8rHyZy
server: AmazonS3
content-encoding: gzip
date: Sat, 13 May 2023 23:51:21 GMT
etag: W/"9c2830f2c2e5b9cb27e0e7f151317cbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AtTqocpsi5QDC9hW3i2kckjC8E4bBajCOIQs3-ow9hzO_Pz3-XR9GA==
age: 1
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=5&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075076
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=5&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075076
IP 3.213.164.48:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=5&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075076 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1064
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:22 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 12-Jun-2023 23:51:22 GMT; Max-Age=2592000; path=/
rguserid=c8d5c4eb-47e6-4c9a-984d-e60c900dab87; expires=Mon, 12-Jun-2023 23:51:22 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 12-Jun-2023 23:51:22 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 12-Jun-2023 23:51:22 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
monthlysweeps.us/assets/img/campaign/1253_bg.jpg
52.2.18.249200 OK 475 kB URL GET HTTP/2 monthlysweeps.us/assets/img/campaign/1253_bg.jpg
IP 52.2.18.249:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1920x1080, components 3\012- data
Size 475 kB (474838 bytes)
Hash 9f9ec0bd4b699f784446c17a1273a4ac
e79666717b7b004f554e6bfec1d073b4627ed3a7
9b092cd2a17b5e84e2e12622d1cad8c40f2df0aa44a8b0d7a320a1e1209aca41
GET /assets/img/campaign/1253_bg.jpg HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Cookie: ci_session=hhr3ga01rvka97am13qt4003v0ur7po9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:17 GMT
content-type: image/jpeg
content-length: 474838
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 18:54:27 GMT
etag: "73ed6-5d7ae7abcb0c8"
accept-ranges: bytes
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230511
13.107.238.53200 OK 142 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230511
IP 13.107.238.53:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 142 kB (141939 bytes)
Hash a8946770b188db8b73fdb355e5aa528e
0fd595c22ca439470ddabe26de880d3322f343d0
b52f41e88c0efd90d7b3c6c6271c589f482c8c0e4df7fa72e451142046b2aafb
GET /amsus/ldsapi/assets/script/common.min.js?version=20230511 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: qJRncLGI24tz/bNV5apSjg==
last-modified: Thu, 11 May 2023 10:44:04 GMT
etag: 0x8DB520CA3B38234
x-cache: TCP_REMOTE_HIT
x-ms-request-id: 91dc1881-401e-000f-77d2-85b905000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0diJgZAAAAAAXV+OAfCTrQqmmQYFchw4LQU1TMDRFREdFMTgxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0dSJgZAAAAABY8tzxWDmkRpdYRQDB32jFU1ZHMjBFREdFMDYyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Sat, 13 May 2023 23:51:17 GMT
X-Firefox-Spdy: h2
create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
104.22.39.182200 OK 126 kB URL GET HTTP/2 create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
IP 104.22.39.182:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerCloudflare, Inc.
Subjectlidstatic.com
FingerprintF7:D5:3C:A9:3E:B6:D5:BF:11:CB:69:9F:0B:34:88:4F:18:79:BC:88
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT
Size 126 kB (126350 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:19 GMT
content-type: text/javascript
x-amz-id-2: beFbwYlk+A3KI/5xaLQFAbaHyJimyIJm5uJdk+Y+7RWhd17VIQt/J4LQfVGqruDFb6HBLeTnUu0=
x-amz-request-id: Y2K7PMQ2VVVT9R4R
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 00:55:16 GMT
etag: W/"97495a102c98049f30e62264b1eb50f5"
cache-control: max-age=1800
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG
cf-cache-status: HIT
age: 1450
vary: Accept-Encoding
server: cloudflare
cf-ray: 7c6ecf09781209ad-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&_=732075072
3.213.164.48200 OK 36 B URL POST HTTP/2 create.leadid.com/2.11.9/GenerateToken?msn=1&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&_=732075072
IP 3.213.164.48:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 427cf9ffc66fa91e50ef298255419f49
7d8ce801531b0b5d009cd3c3bd6e73ccdde90884
107f034997d1e4c67cedd7a09b711f6e2cf5293d97a298019d36cab894a37763
POST /2.11.9/GenerateToken?msn=1&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&_=732075072 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 261
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:20 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 12-Jun-2023 23:51:20 GMT; Max-Age=2592000; path=/
rguserid=b50a0ad8-793b-4a14-bc11-828d5171ac0a; expires=Mon, 12-Jun-2023 23:51:20 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 12-Jun-2023 23:51:20 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 12-Jun-2023 23:51:20 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075075
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=4&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075075
IP 3.213.164.48:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=4&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075075 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 945
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:21 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 12-Jun-2023 23:51:21 GMT; Max-Age=2592000; path=/
rguserid=d767354d-8d27-42a5-8719-f4f4cc1d2853; expires=Mon, 12-Jun-2023 23:51:21 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 12-Jun-2023 23:51:21 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 12-Jun-2023 23:51:21 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=6&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075077
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=6&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075077
IP 3.213.164.48:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=6&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075077 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 537259
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:29 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 12-Jun-2023 23:51:29 GMT; Max-Age=2592000; path=/
rguserid=2ee8adc0-5b42-4e58-8341-84896df449b3; expires=Mon, 12-Jun-2023 23:51:29 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 12-Jun-2023 23:51:29 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 12-Jun-2023 23:51:29 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&uuid=6da6083871a54e4785e5fcdad9399861
3.213.164.48200 OK 0 B URL GET HTTP/2 create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&uuid=6da6083871a54e4785e5fcdad9399861
IP 3.213.164.48:443
Requested by https://deviceid.trueleadid.com/iframe.html?token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&uuid=6da6083871a54e4785e5fcdad9399861 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:21 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 12-Jun-2023 23:51:21 GMT; Max-Age=2592000; path=/
rguserid=175c6631-ef7b-4ca5-b527-2729241c2b04; expires=Mon, 12-Jun-2023 23:51:21 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 12-Jun-2023 23:51:21 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 12-Jun-2023 23:51:21 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419
13.107.238.53200 OK 2.0 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419
IP 13.107.238.53:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (2124), with no line terminators
Hash a9d00438ec759f27468801313fe9a7af
085b65a60b73669577962221fcee98b49daf3082
158752f85a758ad52e9c3060df35b936874654bfb68ace7b85619021bfa10394
GET /amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: Shzc0tuaykHxXX+tfi+uUQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
x-cache: TCP_HIT
x-ms-request-id: 2f6f2ad8-e01e-0002-549a-855609000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0d+ZfZAAAAABq2mSnpIXnQYTPJKuDvkXrQU1TMDRFREdFMTgyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0diJgZAAAAADs44KXvMk4R7It+2TKOGguU1ZHMjBFREdFMDYyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Sat, 13 May 2023 23:51:17 GMT
X-Firefox-Spdy: h2
deviceid.trueleadid.com/iframe.html?token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
3.211.179.20200 OK 4.2 kB URL GET HTTP/2 deviceid.trueleadid.com/iframe.html?token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP 3.211.179.20:443
Requested by https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
Certificate IssuerAmazon
Subjectdeviceid.trueleadid.com
FingerprintD8:8B:86:53:4A:F3:E9:53:1D:C4:CD:CB:91:CD:50:50:B0:84:BA:DB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4323), with no line terminators
Hash 27a57862137bf0b580930f288703c507
20114057bbb1f8a2ca6f1b6a2d81fe7f2b75c64a
b0019d4447d91be93f68b8fb233b8fcccc542e3dffc16d4dc9c9f71bc9704550
GET /iframe.html?token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:21 GMT
content-type: text/html
server: nginx
last-modified: Thu, 30 Mar 2023 19:50:33 GMT
etag: W/"6425e809-1049"
expires: Sun, 14 May 2023 23:51:21 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700
142.250.74.106200 OK 6.9 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700
IP 142.250.74.106:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (7081), with no line terminators
Hash b0cf9bb6da3b1f8c9c4fa449c8185fd8
d147f8f1f21cfcbe4c8622cc65f6b04639eaec19
0f6216ee48d730659bcfe0fd55dc27364ecedd681ad99c9547a908996d066cef
GET /css?family=Lato:400,700|Oswald:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 13 May 2023 23:51:16 GMT
date: Sat, 13 May 2023 23:51:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?1713k13j20231713j05ckl13llk164jkk511700
13.107.238.53200 OK 8.8 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?1713k13j20231713j05ckl13llk164jkk511700
IP 13.107.238.53:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (8794), with no line terminators
Hash d729dbb13f364f3dc92f32a2ead36a51
9308918d0894986284d85a173e421af3ac3fdc70
50485ced72a15b489dd2af34d559b2bf297e9eb00808f56007cbdfca6eb090e0
GET /amsus/ns/css/13488000.min.css?1713k13j20231713j05ckl13llk164jkk511700 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=60
content-type: text/css
content-encoding: br
content-md5: WEcI6Omll5/fQKo/f35d8g==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4EA477
x-cache: TCP_MISS
x-ms-request-id: f35618b8-001e-0008-53f5-854f80000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0diJgZAAAAAD8/mT+3ZaaS62myvAxNPE1QU1TMDRFREdFMTkxMQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0diJgZAAAAACCfd/loegETb0RZ9zUBLWRU1ZHMjBFREdFMDYyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Sat, 13 May 2023 23:51:18 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230511
13.107.238.53200 OK 3.0 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230511
IP 13.107.238.53:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (3051), with no line terminators
Hash f9d9e56e092720d794d067c2ecc79204
e94ebea310544b675e8262ef74ebeee59794d239
98762112e9e6dc47babbee855afe27a2622ab50f67bada49f66d3a20f2c494c0
GET /amsus/ldsapi/assets/script/common-extentions.min.js?20230511 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: G3v7pHqbSC0Gvp9zsfwXIA==
last-modified: Wed, 09 Jun 2021 12:26:50 GMT
etag: 0x8D92B41DB6898DE
x-cache: TCP_REMOTE_HIT
x-ms-request-id: 1be3b2b2-401e-0040-23d2-857d1d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0diJgZAAAAACkgYpBXe5OTqjkPPqXri3TQU1TMDRFREdFMTkyMQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0dSJgZAAAAAAPWdqm8o+wTZSJf/zZ/AEzU1ZHMjBFREdFMDYyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Sat, 13 May 2023 23:51:17 GMT
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/fontawesome.css
172.64.133.15200 OK 58 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.15.4/css/fontawesome.css
IP 172.64.133.15:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type ASCII text, with very long lines (57687)
Hash a227f005fa7ae066c1068ac4b963514c
0a5885758759f084fdc5fd16a550deb8be722ea8
0588d1661498d804543dc1537f9784877a962b9f0ef3c4ccee765eb7f2543611
GET /releases/v5.15.4/css/fontawesome.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-type: text/css
x-amz-id-2: gvdgUYutH+DuThXfhwPlt3as3ODt2Tk6fmgjBbG4dqDm6XhFv+M75R0Ip2LqwmnCg7T/d/SsqD9yKpX/RkdzkYEWAXQi09uF
x-amz-request-id: E5STT70SVEEEXWAR
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a227f005fa7ae066c1068ac4b963514c"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 118230
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4PPCQCe3ps2H6B5xsdOtlBi6fJtkLlBGJCYJueD4UWJQpYzI7fMM%2FGFiRIuXfDKBTRGatIzhILKqT%2FVYFZOr%2BJm7hEQosXjoBXEr7idD%2FdugmqJpslCeHHAYq61KNorQyfE05tT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c6ecef8c8d17324-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075073
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/SaveDom?msn=2&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075073
IP 3.213.164.48:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/SaveDom?msn=2&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075073 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 496
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:20 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 12-Jun-2023 23:51:20 GMT; Max-Age=2592000; path=/
rguserid=fab8b5ff-317c-49d3-be86-5558b1d81f17; expires=Mon, 12-Jun-2023 23:51:20 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 12-Jun-2023 23:51:20 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 12-Jun-2023 23:51:20 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=7&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075078
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=7&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075078
IP 3.213.164.48:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=7&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075078 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 359062
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:29 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 12-Jun-2023 23:51:29 GMT; Max-Age=2592000; path=/
rguserid=0ee24e7e-9d8d-40db-b3b0-00218b2fe8a3; expires=Mon, 12-Jun-2023 23:51:29 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 12-Jun-2023 23:51:29 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 12-Jun-2023 23:51:29 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075074
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075074
IP 3.213.164.48:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=3&pid=d3dccbf8-df9c-438b-932e-4b1dd09e2fe3&token=1BA6A2A0-F4DC-A2C8-607C-4F60D0DFF366&_=732075074 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 13136
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:20 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 12-Jun-2023 23:51:20 GMT; Max-Age=2592000; path=/
rguserid=fe8b62d1-0e17-4de3-be08-dd5227d6e4a1; expires=Mon, 12-Jun-2023 23:51:20 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 12-Jun-2023 23:51:20 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 12-Jun-2023 23:51:20 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?1713k13j20231713j05ckl13llk164jkk511700
13.107.238.53200 OK 2.4 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?1713k13j20231713j05ckl13llk164jkk511700
IP 13.107.238.53:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (2581), with no line terminators
Hash a5813b8f3c2a6b19ae7d242481bfcafd
f107a77be34aecdb05282362d917c2bb4d08f7b9
d56881f993ab04fd74ccebc82b1ac4c54781380cc3a90de559bf7ac73b9d70a0
GET /amsus/ns/js/13488000.min.js?1713k13j20231713j05ckl13llk164jkk511700 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=60
content-type: application/javascript
content-encoding: br
content-md5: 9wgtvP0cVsloq3UaPunwsA==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4E2F58
x-cache: TCP_MISS
x-ms-request-id: 22bb81ad-001e-002a-0af5-8521b6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0diJgZAAAAABEZUVjwAMCQpBPGsAl1b4xQU1TMDRFREdFMTgxNQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0dSJgZAAAAADVmupLBO/tQoTt3G8wj56ZU1ZHMjBFREdFMDYyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Sat, 13 May 2023 23:51:18 GMT
X-Firefox-Spdy: h2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16840218791010.6913927520630951&invert_field_sensitivity=false
143.204.55.7200 OK 7.5 kB URL GET HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16840218791010.6913927520630951&invert_field_sensitivity=false
IP 143.204.55.7:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (7726), with no line terminators
Hash 9922363fd118cee80f733b7f8cf45e5c
c58005d21a1da4c611549651099127ff0f2ab9f6
1c01e146dfe11b2f712393fa866f782d0ea7d52ba076fb66739de8bbcd712565
GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16840218791010.6913927520630951&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monthlysweeps.us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 13 May 2023 23:51:21 GMT
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: 3_b23spJZawDo2DonqGySoPkWa3Umuag
etag: W/"88ddf717f635b54023edd7480431e1d1"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: frPWULoGhpAxoo0tikSqaHmlP9s9iqhV7yfnJWBMKhG-x3Qbm5SW5A==
X-Firefox-Spdy: h2
s3.amazonaws.com/trackpush/trackpush.min.js
52.216.85.149200 OK 48 kB URL GET HTTP/1.1 s3.amazonaws.com/trackpush/trackpush.min.js
IP 52.216.85.149:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerAmazon
Subjects3.amazonaws.com
Fingerprint94:B9:7C:21:8C:A0:94:8C:1A:34:F7:CB:48:59:A4:A2:B4:E5:81:03
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 20 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (47625), with no line terminators
Hash d470356148c00da67db3c9bdaecc90f9
d12a4df31633cf9a982bd6e8c3ffbc2449b1753f
5ea9947b55246bd7e281b10027a5ed301039077b0589afff470b73c561a93054
GET /trackpush/trackpush.min.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: nkc+xcApxFI4nwr+HpT5U1FCBzK8K+0rbqWGSQ7MenCljEgNV0sXlBSIhDD/X3WMhH0sx5pO9kA=
x-amz-request-id: 5YYXTEYBF7QCRWVA
Date: Sat, 13 May 2023 23:51:21 GMT
Last-Modified: Thu, 03 Nov 2022 18:51:50 GMT
ETag: "cbd14612441d2cca730df2e3c9f185c1"
Cache-Control: max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 13264
tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n
13.107.238.53200 OK 5.8 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n
IP 13.107.238.53:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (5890), with no line terminators
Hash 054c03ee5f93d8bb3a90805207848ca5
ef5bd470af73880b802ec80e33b0a68aed1d2df5
926b873683cc2a93a405e8882e8be9cc247bfd058337ea628d97c5f0e13422ff
GET /amsus/ldsapi/assets/script/standard.min.js?version=20220221n HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: YTnb0ehLGLRubF63e3IyDA==
last-modified: Mon, 21 Feb 2022 16:55:53 GMT
etag: 0x8D9F55B05E46BD0
x-cache: TCP_HIT
x-ms-request-id: 15dbba43-601e-0075-7f9a-85d348000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0d+ZfZAAAAAB2T7q/rKCQSKsRr71znefpQU1TMDRFREdFMTgwOQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0diJgZAAAAAAtUGRheRnQR73BjTa6umzSU1ZHMjBFREdFMDYyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Sat, 13 May 2023 23:51:17 GMT
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
104.18.11.207200 OK 140 kB URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
IP 104.18.11.207:443
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65324)
Size 140 kB (140421 bytes)
Hash fee68c0f2f583161134a1fcb5950501d
8e52dd818562db0ba0764bba172cb91ce248d8b0
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
GET /bootstrap/4.1.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 13 May 2023 23:51:16 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 718, 718
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 2021-04-13 02:48:26
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: b584a7f7756eea1e54b5f28d657ba679
cdn-cache: HIT
cf-cache-status: HIT
age: 9916682
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7c6ecef7cecbb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js
185.244.209.62200 OK 18 kB URL GET HTTP/2 cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js
IP 185.244.209.62:443
ASN #58286 Electric-IT Business S.R.L.
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerSectigo Limited
Subjectcdn.jsdelivr.net
Fingerprint95:B3:FD:0C:F5:9E:0C:6C:F5:81:AB:DD:5D:6D:67:BF:FF:4A:FD:CC
ValiditySat, 01 Oct 2022 00:00:00 GMT - Fri, 20 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jquery.validation/1.15.0/additional-methods.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 13 May 2023 23:51:16 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: W/"4547-g4rGbD7KxrYTawSb3Q4U8vAilSw"
content-encoding: br
cache: HIT, HIT
x-cached-since: 2023-04-28T14:22:42+00:00, 2023-04-28T15:35:50+00:00
x-id: am3-up-gc89, osix-up-gc4
x-nginx: nginx-be, nginx-be
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103
13.107.238.53200 OK 47 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103
IP 13.107.238.53:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/853e2d7aa091e6e9e3ee0f7178746b03/aid/10899/s1/673416?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: E4ptMzZLxbawD4B7RV5YCQ==
last-modified: Wed, 03 Nov 2021 09:07:36 GMT
etag: 0x8D99EA961032FA1
x-cache: TCP_HIT
x-ms-request-id: 8b23884d-901e-0006-68af-85a38b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0d+ZfZAAAAAAjx0M67L+mQJEIyLhwG8WeQU1TMDRFREdFMTgwNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0diJgZAAAAADrE6U0ee3lTYJ59Xtvp6iQU1ZHMjBFREdFMDYyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Sat, 13 May 2023 23:51:17 GMT
X-Firefox-Spdy: h2