Overview

URLmonthlysweeps.us/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968
IP 3.212.250.95 (United States)
ASN#14618 AMAZON-AES
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2023-01-31 18:11:46 UTC
StatusLoading report..
IDS alerts0
Blocklist alert4
urlquery alerts No alerts detected
Tags None

Domain Summary (31)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2023-01-30 17:40:18 UTC 34.160.144.191
cdn.jsdelivr.net (2) 439 2012-09-30 00:15:09 UTC 2023-01-30 17:47:48 UTC 151.101.129.229
d2m2wsoho8qq12.cloudfront.net (1) 0 2013-05-25 03:15:49 UTC 2023-01-31 07:46:00 UTC 54.230.245.35 Unknown ranking
api.trustedform.com (1) 23021 2012-10-29 05:30:13 UTC 2023-01-31 07:45:59 UTC 3.92.140.101
create.lidstatic.com (1) 24133 2015-09-23 19:42:02 UTC 2023-01-31 07:45:59 UTC 172.67.41.229
deviceid.trueleadid.com (1) 2097 2018-07-10 05:19:41 UTC 2023-01-31 07:46:00 UTC 100.25.237.106
pbid.pro-market.net (1) 6233 2012-10-30 05:59:16 UTC 2023-01-31 15:13:33 UTC 107.178.240.89
ocsp.sca1b.amazontrust.com (5) 1015 2016-02-14 02:37:56 UTC 2019-03-27 04:05:54 UTC 54.230.245.110
code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2023-01-30 17:12:05 UTC 69.16.175.10
ldsapi.tmginteractive.com (5) 85617 2017-02-02 01:31:46 UTC 2023-01-30 18:07:02 UTC 209.151.244.116
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2023-01-30 17:13:18 UTC 34.117.237.239
fonts.googleapis.com (1) 8877 2012-05-23 12:41:44 UTC 2023-01-30 20:34:06 UTC 142.250.74.106
ocsp.pki.goog (6) 175 2017-06-14 07:23:31 UTC 2023-01-30 17:12:02 UTC 142.250.74.131
ads.pro-market.net (1) 47212 2012-05-22 07:59:48 UTC 2023-01-31 07:45:58 UTC 95.101.10.74
in.hotjar.com (1) 1746 2018-07-03 09:33:18 UTC 2023-01-30 17:13:17 UTC 34.253.22.133
cdnjs.cloudflare.com (2) 235 2012-05-23 12:49:49 UTC 2023-01-31 02:26:46 UTC 104.17.25.14
ocsp.globalsign.com (1) 2075 2012-05-25 06:20:55 UTC 2023-01-30 17:21:08 UTC 104.18.20.226
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2023-01-30 17:15:40 UTC 52.89.255.30
tmgassets.azureedge.net (11) 0 2022-06-26 22:01:19 UTC 2023-01-30 18:07:01 UTC 13.107.238.53 Domain (azureedge.net) ranked at: 2986
ocsp.usertrust.com (1) 899 2012-05-21 15:43:18 UTC 2023-01-30 17:12:24 UTC 172.64.155.188
create.leadid.com (6) 14598 2014-01-22 13:55:11 UTC 2023-01-31 07:45:59 UTC 23.20.76.189
r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2023-01-30 17:12:04 UTC 23.36.77.32
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2023-01-30 17:12:02 UTC 35.241.9.150
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2023-01-31 01:22:54 UTC 93.184.220.29
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2023-01-30 22:05:30 UTC 34.120.237.76
vars.hotjar.com (1) 1014 2020-11-05 10:13:14 UTC 2023-01-30 17:44:06 UTC 54.230.111.94
monthlysweeps.us (12) 0 2017-12-18 20:14:21 UTC 2023-01-30 18:06:59 UTC 3.212.250.95 Unknown ranking
monthlysweeps.us (12) 0 2017-12-18 20:14:21 UTC 2023-01-30 18:06:59 UTC 107.23.100.94 Unknown ranking
ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2023-01-30 21:19:56 UTC 172.64.155.188
cdn.trustedform.com (2) 24659 2020-08-26 23:38:48 UTC 2023-01-31 07:45:59 UTC 54.230.111.111
static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2023-01-30 17:12:04 UTC 54.230.111.66

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2023-01-31 2 monthlysweeps.us/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/1694 (...) Phishing
2023-01-31 2 monthlysweeps.us/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/1694 (...) Phishing
2023-01-31 2 monthlysweeps.us/assets/js/datepicker.js Phishing
2023-01-31 2 monthlysweeps.us/go/api/zip/undefined?get_param=value Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected

ThreatFox
 No alerts detected

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 3.212.250.95
Date UQ / IDS / BL URL IP
2023-02-06 21:11:00 +0000 0 - 0 - 3 monthlysweeps.us/go/to/cabunn/key/4c0aa3ee841 (...) 3.212.250.95
2023-02-06 18:55:48 +0000 0 - 0 - 4 monthlysweeps.us/go/to/4mmjuy/key/43d3d9625c0 (...) 3.212.250.95
2023-02-06 18:55:46 +0000 0 - 0 - 4 monthlysweeps.us/go/to/4mmjuy/key/43d3d9625c0 (...) 3.212.250.95
2023-02-06 18:55:29 +0000 0 - 0 - 6 monthlysweeps.us/go/to/4mmjuy/key/43d3d9625c0 (...) 3.212.250.95
2023-02-06 18:51:43 +0000 0 - 0 - 4 monthlysweeps.us/go/to/ss28jn/key/1b23ce61749 (...) 3.212.250.95


Last 5 reports on ASN: AMAZON-AES
Date UQ / IDS / BL URL IP
2023-03-29 18:43:56 +0000 0 - 0 - 4 proitcteam.com/22420-160799/unsubscribe/gomPy (...) 3.225.42.166
2023-03-29 18:43:51 +0000 0 - 0 - 5 proitcteam.com/22420-160799/89057?uid=gomPypY (...) 3.225.42.166
2023-03-29 18:43:04 +0000 0 - 4 - 0 pifhelp.com/Bin/ConnectWiseControl.Client.exe (...) 52.3.89.182
2023-03-29 18:32:01 +0000 0 - 0 - 2 proitcweb.com/follow-trail 3.216.46.129
2023-03-29 18:21:53 +0000 0 - 0 - 1 3gowre.zziqam.wap.zqlkjx.com/37749/ 34.237.200.184


Last 5 reports on domain: monthlysweeps.us
Date UQ / IDS / BL URL IP
2023-03-29 12:52:38 +0000 0 - 0 - 2 monthlysweeps.us/go/to/59bdf0/key/9a3924d41d7 (...) 3.228.163.244
2023-03-29 11:27:52 +0000 0 - 0 - 4 monthlysweeps.us/go/to/59bdf0/key/a669e990c59 (...) 3.228.163.244
2023-03-29 11:23:09 +0000 0 - 0 - 3 monthlysweeps.us/go/to/23msee/key/c7979ff3bb2 (...) 52.5.54.148
2023-03-29 09:15:50 +0000 0 - 0 - 4 monthlysweeps.us/go/to/4mmjuy/key/dbe5dea3b6c (...) 52.5.54.148
2023-03-29 07:32:34 +0000 0 - 0 - 4 monthlysweeps.us/go/to/1b0eab/key/7a056f54c6e (...) 52.5.54.148


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-03-01 00:09:52 +0000 0 - 0 - 4 monthlysweeps.us/go/to/59bdf0/key/8ace6c6d41a (...) 3.222.87.17
2023-03-01 00:09:50 +0000 0 - 0 - 6 monthlysweeps.us/go/to/59bdf0/key/8ace6c6d41a (...) 3.218.15.210
2023-03-01 00:09:45 +0000 0 - 0 - 4 monthlysweeps.us/go/to/59bdf0/key/8ace6c6d41a (...) 3.222.87.17
2023-02-28 00:21:22 +0000 0 - 0 - 4 monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d (...) 3.218.15.210
2023-02-28 00:21:22 +0000 0 - 0 - 6 monthlysweeps.us/go/to/59bdf0/key/dec1bb9178d (...) 3.222.87.17

JavaScript

Executed Scripts (49)

Executed Evals (10)
#1 JavaScript::Eval (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
#2 JavaScript::Eval (size: 39) - SHA256: be0df20ce826cffe4e637a88ad83e9e92eb30a5b28bad49a56dee0b8c74817c1
tmgShowingLiveViewOnly_1338743846 = true;
#3 JavaScript::Eval (size: 14) - SHA256: 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33
/*@cc_on!@*/ !1
#4 JavaScript::Eval (size: 20405) - SHA256: 688b4d482b3375d83fd95de8645adde777aa6ff974992558843ba82119e9a7dc
(function() {
    var b, l = function(p, m, r, h) {
            for (h = (p | (r = [], 0)) - 1; 0 <= h; h--) r[(p | 0) - 1 - (h | 0)] = m >> 8 * h & 255;
            return r
        },
        Q = function(p, m, r) {
            if (428 == m || 176 == m) p.B[m] ? p.B[m].concat(r) : p.B[m] = p8(r, p);
            else {
                if (p.Y && 191 != m) return;
                120 == m || 346 == m || 443 == m || 294 == m || 336 == m ? p.B[m] || (p.B[m] = mS(p, m, 30, r)) : p.B[m] = mS(p, m, 137, r)
            }
            191 == m && (p.l = d(false, 32, p), p.Z = void 0)
        },
        g0 = function(p, m, r, h) {
            function H() {}
            return r = sz(p, function(g) {
                H && (m && I(m), h = g, H(), H = void 0)
            }, (h = void 0, !!m))[0], {
                invoke: function(g, O, t, F) {
                    function k() {
                        h(function(K) {
                            I(function() {
                                g(K)
                            })
                        }, t)
                    }
                    if (!O) return O = r(t), g && g(O), O;
                    h ? k() : (F = H, H = function() {
                        I((F(), k))
                    })
                }
            }
        },
        r0 = function(p, m) {
            (m.push(p[0] << 24 | p[1] << 16 | p[2] << 8 | p[3]), m.push(p[4] << 24 | p[5] << 16 | p[6] << 8 | p[7]), m).push(p[8] << 24 | p[9] << 16 | p[10] << 8 | p[11])
        },
        Oz = function(p, m) {
            return (m = J(p), m & 128) && (m = m & 127 | J(p) << 7), m
        },
        mS = function(p, m, r, h, H, g, O, t) {
            return ((O = (h = [(H = hk, -97), -76, 1, -9, -92, -60, h, -40, 38, (t = r & 7, -88)], a[p.K](p.Dc)), O)[p.K] = function(F) {
                t += 6 + (g = F, 7 * r), t &= 7
            }, O).concat = function(F) {
                return ((g = (F = +t + h[t + 19 & 7] * (F = m % 16 + 1, m) * F - 57 * m * m * g - F * g + 57 * g * g - 4503 * g - -4332 * m * g + (H() | 0) * F + 1 * m * m * F, void 0), F = h[F], h)[(t + 45 & 7) + (r & 2)] = F, h)[t + (r & 2)] = -76, F
            }, O
        },
        p8 = function(p, m, r) {
            return (r = a[m.K](m.eq), r[m.K] = function() {
                return p
            }, r).concat = function(h) {
                p = h
            }, r
        },
        tk = function(p, m, r, h, H) {
            for (H = (h = 0, p)[2] | 0, p = p[3] | 0; 14 > h; h++) m = m >>> 8 | m << 24, m += r | 0, r = r << 3 | r >>> 29, m ^= H + 1656, p = p >>> 8 | p << 24, r ^= m, p += H | 0, p ^= h + 1656, H = H << 3 | H >>> 29, H ^= p;
            return [r >>> 24 & 255, r >>> 16 & 255, r >>> 8 & 255, r >>> 0 & 255, m >>> 24 & 255, m >>> 16 & 255, m >>> 8 & 255, m >>> 0 & 255]
        },
        HO = function(p, m, r, h, H) {
            (H = P(p, (h = (H = (m &= (r = m & 3, 4), R(p)), R)(p), H)), m && (H = Fe("" + H)), r) && z(p, h, l(2, H.length)), z(p, h, H)
        },
        bY = function(p) {
            return p
        },
        eR = function(p, m, r, h, H) {
            if (H = p[0], H == C) m.A = 25, m.N(p);
            else if (H == G) {
                r = p[1];
                try {
                    h = m.W || m.N(p)
                } catch (g) {
                    w(g, m), h = m.W
                }
                r(h)
            } else if (H == lY) m.N(p);
            else if (H == X) m.N(p);
            else if (H == d0) {
                try {
                    for (h = 0; h < m.L.length; h++) try {
                        r = m.L[h], r[0][r[1]](r[2])
                    } catch (g) {}
                } catch (g) {}(0, p[1])(function(g, O) {
                    m.j(g, true, O)
                }, (m.L = [], function(g) {
                    (E(m, (g = !m.I.length, [K8])), g) && A(true, m, false)
                }))
            } else {
                if (H == y) return h = p[2], Q(m, 499, p[6]), Q(m, 33, h), m.N(p);
                H == K8 ? (m.P = [], m.s = [], m.B = null) : H == Qb && "loading" === U.document.readyState && (m.h = function(g, O) {
                    function t() {
                        O || (O = true, g())
                    }
                    U.document.addEventListener("DOMContentLoaded", (O = false, t), u), U.addEventListener("load", t, u)
                })
            }
        },
        J = function(p) {
            return p.X ? oD(p, p.R) : d(true, 8, p)
        },
        DG = function(p, m, r) {
            if (3 == p.length) {
                for (r = 0; 3 > r; r++) m[r] += p[r];
                for (p = 0, r = [13, 8, 13, 12, 16, 5, 3, 10, 15]; 9 > p; p++) m[3](m, p % 3, r[p])
            }
        },
        oD = function(p, m) {
            return (m = m.create().shift(), p.X.create()).length || p.R.create().length || (p.R = void 0, p.X = void 0), m
        },
        xE = function(p, m, r, h) {
            try {
                h = p[((m | 0) + 2) % 3], p[m] = (p[m] | 0) - (p[((m | 0) + 1) % 3] | 0) - (h | 0) ^ (1 == m ? h << r : h >>> r)
            } catch (H) {
                throw H;
            }
        },
        ID = function(p, m, r) {
            if ("object" == (m = typeof p, m))
                if (p) {
                    if (p instanceof Array) return "array";
                    if (p instanceof Object) return m;
                    if ((r = Object.prototype.toString.call(p), "[object Window]") == r) return "object";
                    if ("[object Array]" == r || "number" == typeof p.length && "undefined" != typeof p.splice && "undefined" != typeof p.propertyIsEnumerable && !p.propertyIsEnumerable("splice")) return "array";
                    if ("[object Function]" == r || "undefined" != typeof p.call && "undefined" != typeof p.propertyIsEnumerable && !p.propertyIsEnumerable("call")) return "function"
                } else return "null";
            else if ("function" == m && "undefined" == typeof p.call) return "object";
            return m
        },
        Y = function(p, m, r) {
            (Q(p, r, m), m)[Qb] = 2796
        },
        f8 = function(p, m, r, h, H, g) {
            if (!p.W) {
                p.G++;
                try {
                    for (h = (H = (g = p.H, 0), void 0); --m;) try {
                        if (r = void 0, p.X) h = oD(p, p.X);
                        else {
                            if ((H = P(p, 428), H) >= g) break;
                            h = P((r = (Q(p, 176, H), R(p)), p), r)
                        }
                        W(false, p, (h && h[K8] & 2048 ? h(p, m) : M(0, p, [v, 21, r]), m), false)
                    } catch (O) {
                        P(p, 216) ? M(22, p, O) : Q(p, 216, O)
                    }
                    if (!m) {
                        if (p.H$) {
                            f8((p.G--, p), 473199118497);
                            return
                        }
                        M(0, p, [v, 33])
                    }
                } catch (O) {
                    try {
                        M(22, p, O)
                    } catch (t) {
                        w(t, p)
                    }
                }
                p.G--
            }
        },
        Jk = function(p, m) {
            return p[m] << 24 | p[(m | 0) + 1] << 16 | p[(m | 0) + 2] << 8 | p[(m | 0) + 3]
        },
        aD = function(p, m, r, h, H, g) {
            function O() {
                if (p.D == p) {
                    if (p.B) {
                        var t = [y, r, h, void 0, H, g, arguments];
                        if (2 == m) var F = A(false, p, (E(p, t), false));
                        else if (1 == m) {
                            var k = !p.I.length;
                            E(p, t), k && A(false, p, false)
                        } else F = eR(t, p);
                        return F
                    }
                    H && g && H.removeEventListener(g, O, u)
                }
            }
            return O
        },
        RD = function(p, m, r) {
            return p.j(function(h) {
                r = h
            }, false, m), r
        },
        U = this || self,
        sz = function(p, m, r, h) {
            return (h = Z[p.substring(0, 3) + "_"]) ? h(p.substring(3), m, r) : SR(m, p)
        },
        u = {
            passive: true,
            capture: true
        },
        SR = function(p, m) {
            return p(function(r) {
                r(m)
            }), [function() {
                return m
            }]
        },
        d = function(p, m, r, h, H, g, O, t, F, k, K, D, e, x) {
            if ((x = P(r, 428), x) >= r.H) throw [v, 31];
            for (g = (h = (k = (H = x, 0), m), r.lX).length; 0 < h;) F = H >> 3, t = r.P[F], K = H % 8, e = 8 - (K | 0), e = e < h ? e : h, p && (D = r, D.Z != H >> 6 && (D.Z = H >> 6, O = P(D, 191), D.C = tk([0, 0, O[1], O[2]], D.Z, D.l)), t ^= r.C[F & g]), k |= (t >> 8 - (K | 0) - (e | 0) & (1 << e) - 1) << (h | 0) - (e | 0), h -= e, H += e;
            return Q(r, 428, (p = k, (x | 0) + (m | 0))), p
        },
        I = U.requestIdleCallback ? function(p) {
            requestIdleCallback(function() {
                p()
            }, {
                timeout: 4
            })
        } : U.setImmediate ? function(p) {
            setImmediate(p)
        } : function(p) {
            setTimeout(p, 0)
        },
        cO = function(p, m, r, h, H, g) {
            for (H = (r = R((m = (h = (g = p[q0] || {}, R(p)), g.W$ = R(p), g.V = [], p.D == p) ? (J(p) | 0) - 1 : 1, p)), 0); H < m; H++) g.V.push(R(p));
            for (g.B$ = P(p, r); m--;) g.V[m] = P(p, g.V[m]);
            return g.o = P(p, h), g
        },
        n8 = function(p, m, r, h, H) {
            for (H = (p.eq = (p.Dc = (p.P$ = (p.k6 = (p.lX = p[G], zz), PO), C8(p.K, {get: function() {
                        return this.concat()
                    }
                })), a[p.K](p.Dc, {
                    value: {
                        value: {}
                    }
                })), h = 0, []); 393 > h; h++) H[h] = String.fromCharCode(h);
            (E(p, (E(p, (E(p, (Y(p, function(g) {
                w0(g, 1)
            }, (Y(p, (Q(p, 51, (Y(p, (Q((Y((Y(p, (Q(p, 294, ((Y(p, (Y(p, function(g, O, t) {
                W(false, g, O, true) || (O = R(g), t = R(g), Q(g, t, function(F) {
                    return eval(F)
                }(Tz(P(g.D, O)))))
            }, (Y((Q(p, 460, (Y(p, (Y(p, function(g, O) {
                (g = (O = R(g), P(g.D, O)), g)[0].removeEventListener(g[1], g[2], u)
            }, ((p.Qw = (Y(p, (Y(p, (Q(p, 82, (Y(p, (Y(p, (Y(p, (Y(p, (((Q(p, 346, (Q(p, (Y(p, (Q(p, 120, [(Y(p, function(g, O, t) {
                Q(g, (t = R(g), O = R(g), O), "" + P(g, t))
            }, (Q((Q(p, 33, (Y(p, (Q(p, 49, (Y((Y(p, function(g, O, t, F) {
                Q(g, (F = P(g, (O = (t = (F = R((O = R(g), g)), R)(g), P)(g, O), F)), t), O in F | 0)
            }, (Y(p, function() {}, (Q(p, 443, (Q((Q(p, (p.Y = !((p.O = 1, p.g = 0, p.X = (p.G = 0, h = (p.J = 0, p.S = 0, p.P = [], p.mQ = [], (p.KS = function(g) {
                this.D = g
            }, p).C = void 0, p.F = 0, (p.u = false, p).D = p, p.l = void 0, ((p.pS = (p.v = ((p.s = [], p).R = (p.L = [], void 0), p.h = null, 8001), 0), p.Im = false, p).W = void 0, p.I = [], p).B = (p.H = 0, p.T = void 0, p.A = (p.Z = void 0, 25), []), window.performance || {}), void 0), p).Zc = h.timeOrigin || (h.timing || {}).navigationStart || 0, 1), 428), 0), p), 176, 0), [])), 306)), 44)), p), function(g, O, t, F, k, K, D) {
                for (F = (D = P(g, (t = (K = R(g), k = Oz(g), ""), 281)), D.length), O = 0; k--;) O = ((O | 0) + (Oz(g) | 0)) % F, t += H[D[O]];
                Q(g, K, t)
            }, 9), 2048)), function(g, O, t, F) {
                (t = (F = R(g), R(g)), O = R(g), g).D == g && (O = P(g, O), t = P(g, t), P(g, F)[t] = O, 191 == F && (g.Z = void 0, 2 == t && (g.l = d(false, 32, g), g.Z = void 0)))
            }), 328), {})), p), 0, p), 329)), 160), 0, 0]), function(g, O, t, F) {
                Q(g, (t = P(g, (F = P(g, (O = (t = R(g), R)(g), O)), t)), O), F + t)
            }), 104), Y(p, function(g, O, t, F, k, K) {
                W(false, g, O, true) || (F = cO(g.D), K = F.B$, O = F.W$, t = F.V, F = F.o, k = t.length, K = 0 == k ? new K[F] : 1 == k ? new K[F](t[0]) : 2 == k ? new K[F](t[0], t[1]) : 3 == k ? new K[F](t[0], t[1], t[2]) : 4 == k ? new K[F](t[0], t[1], t[2], t[3]) : 2(), Q(g, O, K))
            }, 299), Y(p, function(g) {
                HO(g, 3)
            }, 455), Y(p, function(g, O, t, F, k) {
                for (k = (t = Oz((F = R(g), g)), O = 0, []); O < t; O++) k.push(J(g));
                Q(g, F, k)
            }, 219), 216), 644), B(4))), p).w_ = 0, Y)(p, function(g, O, t, F) {
                Q(g, (F = (O = (t = R(g), R)(g), R(g)), F), P(g, t) || P(g, O))
            }, 393), function(g, O) {
                Gz((O = P(g, R(g)), g).D, O)
            }), 343), function(g) {
                w0(g, 4)
            }), 217), function(g, O, t, F) {
                Q(g, (O = P(g, (t = (t = R((O = R(g), g)), F = R(g), P(g, t)), O)) == t, F), +O)
            }), 462), function(g, O, t, F) {
                !W(false, g, O, true) && (O = cO(g), F = O.o, t = O.B$, g.D == g || F == g.KS && t == g) && (Q(g, O.W$, F.apply(t, O.V)), g.g = g.i())
            }), 363), 0)), function(g) {
                HO(g, 4)
            }), 486), function(g, O, t, F) {
                Q(g, (F = (t = P((t = (F = R(g), R(g)), O = R(g), g), t), P(g, F)), O), F[t])
            }), 340), 0), p).Sq = 0, 171)), function(g, O, t) {
                0 != P((t = P(g, (t = (O = R(g), R(g)), t)), g), O) && Q(g, 428, t)
            }), 88), U)), Y(p, function(g, O, t, F) {
                if (t = g.mQ.pop()) {
                    for (O = J(g); 0 < O; O--) F = R(g), t[F] = g.B[F];
                    g.B = (t[294] = g.B[294], t[49] = g.B[49], t)
                } else Q(g, 428, g.H)
            }, 424), p), function(g) {
                Xe(g, 4)
            }, 373), 94)), function(g, O, t, F) {
                Q(g, (O = (F = R(g), t = J(g), R)(g), O), P(g, F) >>> t)
            }), 206), Y)(p, function(g, O, t, F, k, K) {
                if (!W(true, g, O, true)) {
                    if (g = P((k = (K = (O = R((F = R(g), g)), R)(g), k = R(g), O = P(g, O), K = P(g, K), P(g, k)), g), F), "object" == ID(g)) {
                        for (t in F = [], g) F.push(t);
                        g = F
                    }
                    for (F = (K = (t = g.length, 0 < K ? K : 1), 0); F < t; F += K) O(g.slice(F, (F | 0) + (K | 0)), k)
                }
            }, 202), [])), function(g, O, t) {
                Q(g, (t = ID((t = P(g, (O = (t = R(g), R)(g), t)), t)), O), t)
            }), 249), p), function(g, O, t, F, k, K, D, e, x, f, q, S) {
                function n(c, T) {
                    for (; S < c;) D |= J(g) << S, S += 8;
                    return T = D & ((S -= c, 1) << c) - 1, D >>= c, T
                }
                for (x = (f = O = (q = (t = ((D = S = (K = R(g), 0), n)(3) | 0) + 1, n(5)), 0), []); O < q; O++) k = n(1), x.push(k), f += k ? 0 : 1;
                for (F = (O = ((f | 0) - 1).toString(2).length, []), f = 0; f < q; f++) x[f] || (F[f] = n(O));
                for (O = 0; O < q; O++) x[O] && (F[O] = R(g));
                for (e = []; t--;) e.push(P(g, R(g)));
                Y(g, function(c, T, L, V, kE) {
                    for (V = [], L = 0, kE = []; L < q; L++) {
                        if (!(T = F[L], x)[L]) {
                            for (; T >= V.length;) V.push(R(c));
                            T = V[T]
                        }
                        kE.push(T)
                    }(c.X = p8(e.slice(), c), c).R = p8(kE, c)
                }, K)
            }, 181), p), 336, [0, 0, 0]), function(g, O, t, F, k) {
                t = (O = P(g, (F = P(g, (k = (k = R((F = R((t = R(g), O = R(g), g)), g)), P(g, k)), F)), O)), P(g.D, t)), 0 !== t && (k = aD(g, 1, F, k, t, O), t.addEventListener(O, k, u), Q(g, 82, [t, O, k]))
            }), 354), 0)), function(g, O, t, F, k) {
                Q(g, (k = (O = (t = P(g, (k = (O = R((F = R(g), t = R(g), g)), R(g)), t)), P(g, O)), P(g, k)), F), aD(g, k, t, O))
            }), 501), 210)), [Qb])), [X, r])), [d0, m])), A)(true, p, true)
        },
        Ez = function(p, m, r, h) {
            return P(p, (Q(p, (f8((h = P(p, 428), p.P && h < p.H ? (Q(p, 428, p.H), Gz(p, r)) : Q(p, 428, r), p), m), 428), h), 33))
        },
        w0 = function(p, m, r, h) {
            z(p, (h = R(p), r = R(p), r), l(m, P(p, h)))
        },
        W = function(p, m, r, h, H, g, O, t, F) {
            if ((m.D = (m.O += (t = (g = (H = 4 == (F = (h || m.T++, 0 < m.F && m.u && m.Im && 1 >= m.G && !m.X && !m.h && (!h || 1 < m.v - r) && 0 == document.hidden), m.T)) || F ? m.i() : m.g, g - m.g), O = t >> 14, m.l && (m.l ^= O * (t << 2)), O), O || m.D), H) || F) m.g = g, m.T = 0;
            if (!F || g - m.S < m.F - (p ? 255 : h ? 5 : 2)) return false;
            return !(Q(m, 428, (m.v = r, p = P(m, h ? 176 : 428), m.H)), m.I.push([lY, p, h ? r + 1 : r]), m.h = I, 0)
        },
        Xe = function(p, m, r, h) {
            for (r = R(p), h = 0; 0 < m; m--) h = h << 8 | J(p);
            Q(p, r, h)
        },
        B = function(p, m) {
            for (m = []; p--;) m.push(255 * Math.random() | 0);
            return m
        },
        Fe = function(p, m, r, h, H) {
            for (H = (h = (p = p.replace(/\r\n/g, "\n"), r = 0), []); r < p.length; r++) m = p.charCodeAt(r), 128 > m ? H[h++] = m : (2048 > m ? H[h++] = m >> 6 | 192 : (55296 == (m & 64512) && r + 1 < p.length && 56320 == (p.charCodeAt(r + 1) & 64512) ? (m = 65536 + ((m & 1023) << 10) + (p.charCodeAt(++r) & 1023), H[h++] = m >> 18 | 240, H[h++] = m >> 12 & 63 | 128) : H[h++] = m >> 12 | 224, H[h++] = m >> 6 & 63 | 128), H[h++] = m & 63 | 128);
            return H
        },
        P = function(p, m) {
            if (void 0 === (p = p.B[m], p)) throw [v, 30, m];
            if (p.value) return p.create();
            return p.create(1 * m * m + -76 * m + 79), p.prototype
        },
        z = function(p, m, r, h, H, g) {
            if (p.D == p)
                for (H = P(p, m), 346 == m ? (m = function(O, t, F, k) {
                        if ((k = (F = H.length, F | 0) - 4 >> 3, H.iX) != k) {
                            k = (t = [0, 0, g[1], (H.iX = k, g)[2]], k << 3) - 4;
                            try {
                                H.am = tk(t, Jk(H, (k | 0) + 4), Jk(H, k))
                            } catch (K) {
                                throw K;
                            }
                        }
                        H.push(H.am[F & 7] ^ O)
                    }, g = P(p, 336)) : m = function(O) {
                        H.push(O)
                    }, h && m(h & 255), p = r.length, h = 0; h < p; h++) m(r[h])
        },
        Gz = function(p, m) {
            (p.mQ.push(p.B.slice()), p).B[428] = void 0, Q(p, 428, m)
        },
        Ak = function(p, m, r, h) {
            for (; p.I.length;) {
                h = (p.h = null, p.I.pop());
                try {
                    r = eR(h, p)
                } catch (H) {
                    w(H, p)
                }
                if (m && p.h) {
                    m = p.h, m(function() {
                        A(true, p, true)
                    });
                    break
                }
            }
            return r
        },
        Z, E = function(p, m) {
            p.I.splice(0, 0, m)
        },
        w = function(p, m) {
            m.W = ((m.W ? m.W + "~" : "E:") + p.message + ":" + p.stack).slice(0, 2048)
        },
        A = function(p, m, r, h, H, g) {
            if (m.I.length) {
                m.Im = (m.u = (m.u && 0(), true), p);
                try {
                    g = m.i(), m.T = 0, m.S = g, m.g = g, h = Ak(m, p), H = m.i() - m.S, m.J += H, H < (r ? 0 : 10) || 0 >= m.A-- || (H = Math.floor(H), m.s.push(254 >= H ? H : 254))
                } finally {
                    m.u = false
                }
                return h
            }
        },
        R = function(p, m) {
            if (p.X) return oD(p, p.R);
            return m = d(true, 8, p), m & 128 && (m ^= 128, p = d(true, 2, p), m = (m << 2) + (p | 0)), m
        },
        yb = function(p, m) {
            if ((m = (p = null, U).trustedTypes, !m) || !m.createPolicy) return p;
            try {
                p = m.createPolicy("bg", {
                    createHTML: bY,
                    createScript: bY,
                    createScriptURL: bY
                })
            } catch (r) {
                U.console && U.console.error(r.message)
            }
            return p
        },
        N = function(p, m, r) {
            r = this;
            try {
                n8(this, m, p)
            } catch (h) {
                w(h, this), m(function(H) {
                    H(r.W)
                })
            }
        },
        M = function(p, m, r, h, H, g) {
            if (!m.Y) {
                if (3 < (r = P(m, ((p = (0 == (h = P(m, ((g = void 0, r) && r[0] === v && (p = r[1], g = r[2], r = void 0), 294)), h.length) && (H = P(m, 176) >> 3, h.push(p, H >> 8 & 255, H & 255), void 0 != g && h.push(g & 255)), ""), r) && (r.message && (p += r.message), r.stack && (p += ":" + r.stack)), 49)), r)) {
                    m.D = (g = (p = (r -= (p = p.slice(0, (r | 0) - 3), (p.length | 0) + 3), Fe(p)), m.D), m);
                    try {
                        z(m, 346, l(2, p.length).concat(p), 9)
                    } finally {
                        m.D = g
                    }
                }
                Q(m, 49, r)
            }
        },
        C8 = function(p, m) {
            return a[p](a.prototype, {
                call: m,
                floor: m,
                document: m,
                pop: m,
                length: m,
                parent: m,
                prototype: m,
                stack: m,
                splice: m,
                replace: m,
                console: m,
                propertyIsEnumerable: m
            })
        },
        q0 = String.fromCharCode(105, 110, 116, 101, 103, 67, 104, 101, 99, 107, 66, 121, 112, 97, 115, 115),
        Qb = [],
        y = (N.prototype.H$ = (N.prototype.U = "toString", (N.prototype.Gi = void 0, N.prototype).fS = void 0, false), []),
        K8 = [],
        C = [],
        G = [],
        X = [],
        v = {},
        lY = [],
        d0 = [],
        hk = ((((b = ((r0, B, xE, function() {})(DG), N.prototype), b).Rm = function() {
            return Math.floor(this.J + (this.i() - this.S))
        }, b.hU = function(p, m, r) {
            return (m ^= m << 13, m ^= m >> 17, (m = (m ^ m << 5) & r) || (m = 1), p) ^ m
        }, N).prototype.K = "create", b.yw = function(p, m, r, h, H) {
            for (H = h = 0; H < p.length; H++) h += p.charCodeAt(H), h += h << 10, h ^= h >> 6;
            return (h = (h += h << 3, h ^= h >> 11, p = h + (h << 15) >>> 0, new Number(p & (1 << m) - 1)), h)[0] = (p >>> m) % r, h
        }, b).j = function(p, m, r, h, H) {
            if (r = "array" === ID(r) ? r : [r], this.W) p(this.W);
            else try {
                H = [], h = !this.I.length, E(this, [C, H, r]), E(this, [G, p, H]), m && !h || A(m, this, true)
            } catch (g) {
                w(g, this), p(this.W)
            }
        }, void 0),
        a = (b.i = (window.performance || {}).now ? function() {
            return this.Zc + window.performance.now()
        } : function() {
            return +new Date
        }, b.N5 = (b.g_ = function(p, m, r, h, H, g) {
            for (g = H = 0, h = []; H < p.length; H++)
                for (r = r << m | p[H], g += m; 7 < g;) g -= 8, h.push(r >> g & 255);
            return h
        }, function() {
            return Math.floor(this.i())
        }), v).constructor,
        PO = ((N.prototype.N = function(p, m) {
            return m = (p = {}, hk = function() {
                    return m == p ? 79 : 140
                }, {}),
                function(r, h, H, g, O, t, F, k, K, D, e, x, f, q, S) {
                    m = (k = m, p);
                    try {
                        if (t = r[0], t == X) {
                            H = r[1];
                            try {
                                for (O = (h = (e = atob(H), g = 0, []), 0); O < e.length; O++) x = e.charCodeAt(O), 255 < x && (h[g++] = x & 255, x >>= 8), h[g++] = x;
                                Q(((this.P = h, this).H = this.P.length << 3, this), 191, [0, 0, 0])
                            } catch (n) {
                                M(17, this, n);
                                return
                            }
                            f8(this, 8001)
                        } else if (t == C) r[1].push(P(this, 49), P(this, 443).length, P(this, 346).length, P(this, 120).length), Q(this, 33, r[2]), this.B[225] && Ez(this, 8001, P(this, 225));
                        else {
                            if (t == G) {
                                D = l((g = r[2], 2), (P(this, 120).length | 0) + 2), K = this.D, this.D = this;
                                try {
                                    q = P(this, 294), 0 < q.length && z(this, 120, l(2, q.length).concat(q), 10), z(this, 120, l(1, this.O), 109), z(this, 120, l(1, this[G].length)), e = 0, e -= (P(this, 120).length | 0) + 5, e += P(this, 51) & 2047, f = P(this, 346), 4 < f.length && (e -= (f.length | 0) + 3), 0 < e && z(this, 120, l(2, e).concat(B(e)), 15), 4 < f.length && z(this, 120, l(2, f.length).concat(f), 156)
                                } finally {
                                    this.D = K
                                }
                                if (F = (O = B(2).concat(P(this, 120)), O[1] = O[0] ^ 6, O[3] = O[1] ^ D[0], O[4] = O[1] ^ D[1], this).X5(O)) F = "!" + F;
                                else
                                    for (F = "", e = 0; e < O.length; e++) S = O[e][this.U](16), 1 == S.length && (S = "0" + S), F += S;
                                return P(this, (P((P(this, (Q(this, 49, (h = F, g.shift())), 443)).length = g.shift(), this), 346).length = g.shift(), 120)).length = g.shift(), h
                            }
                            if (t == lY) Ez(this, r[2], r[1]);
                            else if (t == y) return Ez(this, 8001, r[1])
                        }
                    } finally {
                        m = k
                    }
                }
        }(), N.prototype.uX = 0, N.prototype).X5 = function(p, m, r, h) {
            if (h = window.btoa) {
                for (m = (r = 0, ""); r < p.length; r += 8192) m += String.fromCharCode.apply(null, p.slice(r, r + 8192));
                p = h(m).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "")
            } else p = void 0;
            return p
        }, /./);
    N.prototype.Vw = 0;
    var zz, jR = X.pop.bind((N.prototype[d0] = [0, 0, 1, 1, 0, 1, 1], N.prototype[C])),
        Tz = ((zz = C8((PO[N.prototype.U] = jR, N.prototype.K), {get: jR
        }), N).prototype.x6 = void 0, function(p, m) {
            return (m = yb()) && 1 === p.eval(m.createScript("1")) ? function(r) {
                return m.createScript(r)
            } : function(r) {
                return "" + r
            }
        })(U);
    (Z = U.botguard || (U.botguard = {}), 40 < Z.m || (Z.m = 41, Z.bg = g0, Z.a = sz), Z).MDm_ = function(p, m, r) {
        return r = new N(p, m), [function(h) {
            return RD(r, h)
        }]
    };
}).call(this);
#5 JavaScript::Eval (size: 22) - SHA256: e62188d211f8522a0d02bbc2b5e8fea05d32dd1b03c4602c86673da2007d97dd
0,
function(g) {
    Xe(g, 1)
}
#6 JavaScript::Eval (size: 22) - SHA256: 0af0cb21968fe023d8ea63ee97d9b7172bb86ffeab2023aa51326d793e379a00
0,
function(g) {
    Xe(g, 2)
}
#7 JavaScript::Eval (size: 15561) - SHA256: d90538b891b0faa88bb08314660918942260c2ace5720f0bb44498bd13171c76
/* Anti-spam. Want to say hello? Contact (base64) Ym90Z3VhcmQtY29udGFjdEBnb29nbGUuY29t */
(function() {
    var r = this || self,
        h = function(p, m) {
            if (!(p = (m = r.trustedTypes, null), m) || !m.createPolicy) return p;
            try {
                p = m.createPolicy("bg", {
                    createHTML: O,
                    createScript: O,
                    createScriptURL: O
                })
            } catch (g) {
                r.console && r.console.error(g.message)
            }
            return p
        },
        O = function(p) {
            return p
        };
    (0, eval)(function(p, m) {
        return (m = h()) && 1 === p.eval(m.createScript("1")) ? function(g) {
            return m.createScript(g)
        } : function(g) {
            return "" + g
        }
    }(r)(Array(7824 * Math.random() | 0).join("\n") + '(function(){var b,l=function(p,m,r,h){for(h=(p|(r=[],0))-1;0<=h;h--)r[(p|0)-1-(h|0)]=m>>8*h&255;return r},Q=function(p,m,r){if(428==m||176==m)p.B[m]?p.B[m].concat(r):p.B[m]=p8(r,p);else{if(p.Y&&191!=m)return;120==m||346==m||443==m||294==m||336==m?p.B[m]||(p.B[m]=mS(p,m,30,r)):p.B[m]=mS(p,m,137,r)}191==m&&(p.l=d(false,32,p),p.Z=void 0)},g0=function(p,m,r,h){function H(){}return r=sz(p,function(g){H&&(m&&I(m),h=g,H(),H=void 0)},(h=void 0,!!m))[0],{invoke:function(g,O,t,F){function k(){h(function(K){I(function(){g(K)})},t)}if(!O)return O=r(t),g&&g(O),O;h?k():(F=H,H=function(){I((F(),k))})}}},r0=function(p,m){(m.push(p[0]<<24|p[1]<<16|p[2]<<8|p[3]),m.push(p[4]<<24|p[5]<<16|p[6]<<8|p[7]),m).push(p[8]<<24|p[9]<<16|p[10]<<8|p[11])},Oz=function(p,m){return(m=J(p),m&128)&&(m=m&127|J(p)<<7),m},mS=function(p,m,r,h,H,g,O,t){return((O=(h=[(H=hk,-97),-76,1,-9,-92,-60,h,-40,38,(t=r&7,-88)],a[p.K](p.Dc)),O)[p.K]=function(F){t+=6+(g=F,7*r),t&=7},O).concat=function(F){return((g=(F=+t+h[t+19&7]*(F=m%16+1,m)*F-57*m*m*g-F*g+57*g*g-4503*g- -4332*m*g+(H()|0)*F+1*m*m*F,void 0),F=h[F],h)[(t+45&7)+(r&2)]=F,h)[t+(r&2)]=-76,F},O},p8=function(p,m,r){return(r=a[m.K](m.eq),r[m.K]=function(){return p},r).concat=function(h){p=h},r},tk=function(p,m,r,h,H){for(H=(h=0,p)[2]|0,p=p[3]|0;14>h;h++)m=m>>>8|m<<24,m+=r|0,r=r<<3|r>>>29,m^=H+1656,p=p>>>8|p<<24,r^=m,p+=H|0,p^=h+1656,H=H<<3|H>>>29,H^=p;return[r>>>24&255,r>>>16&255,r>>>8&255,r>>>0&255,m>>>24&255,m>>>16&255,m>>>8&255,m>>>0&255]},HO=function(p,m,r,h,H){(H=P(p,(h=(H=(m&=(r=m&3,4),R(p)),R)(p),H)),m&&(H=Fe(""+H)),r)&&z(p,h,l(2,H.length)),z(p,h,H)},bY=function(p){return p},eR=function(p,m,r,h,H){if(H=p[0],H==C)m.A=25,m.N(p);else if(H==G){r=p[1];try{h=m.W||m.N(p)}catch(g){w(g,m),h=m.W}r(h)}else if(H==lY)m.N(p);else if(H==X)m.N(p);else if(H==d0){try{for(h=0;h<m.L.length;h++)try{r=m.L[h],r[0][r[1]](r[2])}catch(g){}}catch(g){}(0,p[1])(function(g,O){m.j(g,true,O)},(m.L=[],function(g){(E(m,(g=!m.I.length,[K8])),g)&&A(true,m,false)}))}else{if(H==y)return h=p[2],Q(m,499,p[6]),Q(m,33,h),m.N(p);H==K8?(m.P=[],m.s=[],m.B=null):H==Qb&&"loading"===U.document.readyState&&(m.h=function(g,O){function t(){O||(O=true,g())}U.document.addEventListener("DOMContentLoaded",(O=false,t),u),U.addEventListener("load",t,u)})}},J=function(p){return p.X?oD(p,p.R):d(true,8,p)},DG=function(p,m,r){if(3==p.length){for(r=0;3>r;r++)m[r]+=p[r];for(p=0,r=[13,8,13,12,16,5,3,10,15];9>p;p++)m[3](m,p%3,r[p])}},oD=function(p,m){return(m=m.create().shift(),p.X.create()).length||p.R.create().length||(p.R=void 0,p.X=void 0),m},xE=function(p,m,r,h){try{h=p[((m|0)+2)%3],p[m]=(p[m]|0)-(p[((m|0)+1)%3]|0)-(h|0)^(1==m?h<<r:h>>>r)}catch(H){throw H;}},ID=function(p,m,r){if("object"==(m=typeof p,m))if(p){if(p instanceof Array)return"array";if(p instanceof Object)return m;if((r=Object.prototype.toString.call(p),"[object Window]")==r)return"object";if("[object Array]"==r||"number"==typeof p.length&&"undefined"!=typeof p.splice&&"undefined"!=typeof p.propertyIsEnumerable&&!p.propertyIsEnumerable("splice"))return"array";if("[object Function]"==r||"undefined"!=typeof p.call&&"undefined"!=typeof p.propertyIsEnumerable&&!p.propertyIsEnumerable("call"))return"function"}else return"null";else if("function"==m&&"undefined"==typeof p.call)return"object";return m},Y=function(p,m,r){(Q(p,r,m),m)[Qb]=2796},f8=function(p,m,r,h,H,g){if(!p.W){p.G++;try{for(h=(H=(g=p.H,0),void 0);--m;)try{if(r=void 0,p.X)h=oD(p,p.X);else{if((H=P(p,428),H)>=g)break;h=P((r=(Q(p,176,H),R(p)),p),r)}W(false,p,(h&&h[K8]&2048?h(p,m):M(0,p,[v,21,r]),m),false)}catch(O){P(p,216)?M(22,p,O):Q(p,216,O)}if(!m){if(p.H$){f8((p.G--,p),473199118497);return}M(0,p,[v,33])}}catch(O){try{M(22,p,O)}catch(t){w(t,p)}}p.G--}},Jk=function(p,m){return p[m]<<24|p[(m|0)+1]<<16|p[(m|0)+2]<<8|p[(m|0)+3]},aD=function(p,m,r,h,H,g){function O(){if(p.D==p){if(p.B){var t=[y,r,h,void 0,H,g,arguments];if(2==m)var F=A(false,p,(E(p,t),false));else if(1==m){var k=!p.I.length;E(p,t),k&&A(false,p,false)}else F=eR(t,p);return F}H&&g&&H.removeEventListener(g,O,u)}}return O},RD=function(p,m,r){return p.j(function(h){r=h},false,m),r},U=this||self,sz=function(p,m,r,h){return(h=Z[p.substring(0,3)+"_"])?h(p.substring(3),m,r):SR(m,p)},u={passive:true,capture:true},SR=function(p,m){return p(function(r){r(m)}),[function(){return m}]},d=function(p,m,r,h,H,g,O,t,F,k,K,D,e,x){if((x=P(r,428),x)>=r.H)throw[v,31];for(g=(h=(k=(H=x,0),m),r.lX).length;0<h;)F=H>>3,t=r.P[F],K=H%8,e=8-(K|0),e=e<h?e:h,p&&(D=r,D.Z!=H>>6&&(D.Z=H>>6,O=P(D,191),D.C=tk([0,0,O[1],O[2]],D.Z,D.l)),t^=r.C[F&g]),k|=(t>>8-(K|0)-(e|0)&(1<<e)-1)<<(h|0)-(e|0),h-=e,H+=e;return Q(r,428,(p=k,(x|0)+(m|0))),p},I=U.requestIdleCallback?function(p){requestIdleCallback(function(){p()},{timeout:4})}:U.setImmediate?function(p){setImmediate(p)}:function(p){setTimeout(p,0)},cO=function(p,m,r,h,H,g){for(H=(r=R((m=(h=(g=p[q0]||{},R(p)),g.W$=R(p),g.V=[],p.D==p)?(J(p)|0)-1:1,p)),0);H<m;H++)g.V.push(R(p));for(g.B$=P(p,r);m--;)g.V[m]=P(p,g.V[m]);return g.o=P(p,h),g},n8=function(p,m,r,h,H){for(H=(p.eq=(p.Dc=(p.P$=(p.k6=(p.lX=p[G],zz),PO),C8(p.K,{get:function(){return this.concat()}})),a[p.K](p.Dc,{value:{value:{}}})),h=0,[]);393>h;h++)H[h]=String.fromCharCode(h);(E(p,(E(p,(E(p,(Y(p,function(g){w0(g,1)},(Y(p,(Q(p,51,(Y(p,(Q((Y((Y(p,(Q(p,294,((Y(p,(Y(p,function(g,O,t){W(false,g,O,true)||(O=R(g),t=R(g),Q(g,t,function(F){return eval(F)}(Tz(P(g.D,O)))))},(Y((Q(p,460,(Y(p,(Y(p,function(g,O){(g=(O=R(g),P(g.D,O)),g)[0].removeEventListener(g[1],g[2],u)},((p.Qw=(Y(p,(Y(p,(Q(p,82,(Y(p,(Y(p,(Y(p,(Y(p,(((Q(p,346,(Q(p,(Y(p,(Q(p,120,[(Y(p,function(g,O,t){Q(g,(t=R(g),O=R(g),O),""+P(g,t))},(Q((Q(p,33,(Y(p,(Q(p,49,(Y((Y(p,function(g,O,t,F){Q(g,(F=P(g,(O=(t=(F=R((O=R(g),g)),R)(g),P)(g,O),F)),t),O in F|0)},(Y(p,function(){},(Q(p,443,(Q((Q(p,(p.Y=!((p.O=1,p.g=0,p.X=(p.G=0,h=(p.J=0,p.S=0,p.P=[],p.mQ=[],(p.KS=function(g){this.D=g},p).C=void 0,p.F=0,(p.u=false,p).D=p,p.l=void 0,((p.pS=(p.v=((p.s=[],p).R=(p.L=[],void 0),p.h=null,8001),0),p.Im=false,p).W=void 0,p.I=[],p).B=(p.H=0,p.T=void 0,p.A=(p.Z=void 0,25),[]),window.performance||{}),void 0),p).Zc=h.timeOrigin||(h.timing||{}).navigationStart||0,1),428),0),p),176,0),[])),306)),44)),p),function(g,O,t,F,k,K,D){for(F=(D=P(g,(t=(K=R(g),k=Oz(g),""),281)),D.length),O=0;k--;)O=((O|0)+(Oz(g)|0))%F,t+=H[D[O]];Q(g,K,t)},9),2048)),function(g,O,t,F){(t=(F=R(g),R(g)),O=R(g),g).D==g&&(O=P(g,O),t=P(g,t),P(g,F)[t]=O,191==F&&(g.Z=void 0,2==t&&(g.l=d(false,32,g),g.Z=void 0)))}),328),{})),p),0,p),329)),160),0,0]),function(g,O,t,F){Q(g,(t=P(g,(F=P(g,(O=(t=R(g),R)(g),O)),t)),O),F+t)}),104),Y(p,function(g,O,t,F,k,K){W(false,g,O,true)||(F=cO(g.D),K=F.B$,O=F.W$,t=F.V,F=F.o,k=t.length,K=0==k?new K[F]:1==k?new K[F](t[0]):2==k?new K[F](t[0],t[1]):3==k?new K[F](t[0],t[1],t[2]):4==k?new K[F](t[0],t[1],t[2],t[3]):2(),Q(g,O,K))},299),Y(p,function(g){HO(g,3)},455),Y(p,function(g,O,t,F,k){for(k=(t=Oz((F=R(g),g)),O=0,[]);O<t;O++)k.push(J(g));Q(g,F,k)},219),216),644),B(4))),p).w_=0,Y)(p,function(g,O,t,F){Q(g,(F=(O=(t=R(g),R)(g),R(g)),F),P(g,t)||P(g,O))},393),function(g,O){Gz((O=P(g,R(g)),g).D,O)}),343),function(g){w0(g,4)}),217),function(g,O,t,F){Q(g,(O=P(g,(t=(t=R((O=R(g),g)),F=R(g),P(g,t)),O))==t,F),+O)}),462),function(g,O,t,F){!W(false,g,O,true)&&(O=cO(g),F=O.o,t=O.B$,g.D==g||F==g.KS&&t==g)&&(Q(g,O.W$,F.apply(t,O.V)),g.g=g.i())}),363),0)),function(g){HO(g,4)}),486),function(g,O,t,F){Q(g,(F=(t=P((t=(F=R(g),R(g)),O=R(g),g),t),P(g,F)),O),F[t])}),340),0),p).Sq=0,171)),function(g,O,t){0!=P((t=P(g,(t=(O=R(g),R(g)),t)),g),O)&&Q(g,428,t)}),88),U)),Y(p,function(g,O,t,F){if(t=g.mQ.pop()){for(O=J(g);0<O;O--)F=R(g),t[F]=g.B[F];g.B=(t[294]=g.B[294],t[49]=g.B[49],t)}else Q(g,428,g.H)},424),p),function(g){Xe(g,4)},373),94)),function(g,O,t,F){Q(g,(O=(F=R(g),t=J(g),R)(g),O),P(g,F)>>>t)}),206),Y)(p,function(g,O,t,F,k,K){if(!W(true,g,O,true)){if(g=P((k=(K=(O=R((F=R(g),g)),R)(g),k=R(g),O=P(g,O),K=P(g,K),P(g,k)),g),F),"object"==ID(g)){for(t in F=[],g)F.push(t);g=F}for(F=(K=(t=g.length,0<K?K:1),0);F<t;F+=K)O(g.slice(F,(F|0)+(K|0)),k)}},202),[])),function(g,O,t){Q(g,(t=ID((t=P(g,(O=(t=R(g),R)(g),t)),t)),O),t)}),249),p),function(g,O,t,F,k,K,D,e,x,f,q,S){function n(c,T){for(;S<c;)D|=J(g)<<S,S+=8;return T=D&((S-=c,1)<<c)-1,D>>=c,T}for(x=(f=O=(q=(t=((D=S=(K=R(g),0),n)(3)|0)+1,n(5)),0),[]);O<q;O++)k=n(1),x.push(k),f+=k?0:1;for(F=(O=((f|0)-1).toString(2).length,[]),f=0;f<q;f++)x[f]||(F[f]=n(O));for(O=0;O<q;O++)x[O]&&(F[O]=R(g));for(e=[];t--;)e.push(P(g,R(g)));Y(g,function(c,T,L,V,kE){for(V=[],L=0,kE=[];L<q;L++){if(!(T=F[L],x)[L]){for(;T>=V.length;)V.push(R(c));T=V[T]}kE.push(T)}(c.X=p8(e.slice(),c),c).R=p8(kE,c)},K)},181),p),336,[0,0,0]),function(g,O,t,F,k){t=(O=P(g,(F=P(g,(k=(k=R((F=R((t=R(g),O=R(g),g)),g)),P(g,k)),F)),O)),P(g.D,t)),0!==t&&(k=aD(g,1,F,k,t,O),t.addEventListener(O,k,u),Q(g,82,[t,O,k]))}),354),0)),function(g,O,t,F,k){Q(g,(k=(O=(t=P(g,(k=(O=R((F=R(g),t=R(g),g)),R(g)),t)),P(g,O)),P(g,k)),F),aD(g,k,t,O))}),501),210)),[Qb])),[X,r])),[d0,m])),A)(true,p,true)},Ez=function(p,m,r,h){return P(p,(Q(p,(f8((h=P(p,428),p.P&&h<p.H?(Q(p,428,p.H),Gz(p,r)):Q(p,428,r),p),m),428),h),33))},w0=function(p,m,r,h){z(p,(h=R(p),r=R(p),r),l(m,P(p,h)))},W=function(p,m,r,h,H,g,O,t,F){if((m.D=(m.O+=(t=(g=(H=4==(F=(h||m.T++,0<m.F&&m.u&&m.Im&&1>=m.G&&!m.X&&!m.h&&(!h||1<m.v-r)&&0==document.hidden),m.T))||F?m.i():m.g,g-m.g),O=t>>14,m.l&&(m.l^=O*(t<<2)),O),O||m.D),H)||F)m.g=g,m.T=0;if(!F||g-m.S<m.F-(p?255:h?5:2))return false;return!(Q(m,428,(m.v=r,p=P(m,h?176:428),m.H)),m.I.push([lY,p,h?r+1:r]),m.h=I,0)},Xe=function(p,m,r,h){for(r=R(p),h=0;0<m;m--)h=h<<8|J(p);Q(p,r,h)},B=function(p,m){for(m=[];p--;)m.push(255*Math.random()|0);return m},Fe=function(p,m,r,h,H){for(H=(h=(p=p.replace(/\\r\\n/g,"\\n"),r=0),[]);r<p.length;r++)m=p.charCodeAt(r),128>m?H[h++]=m:(2048>m?H[h++]=m>>6|192:(55296==(m&64512)&&r+1<p.length&&56320==(p.charCodeAt(r+1)&64512)?(m=65536+((m&1023)<<10)+(p.charCodeAt(++r)&1023),H[h++]=m>>18|240,H[h++]=m>>12&63|128):H[h++]=m>>12|224,H[h++]=m>>6&63|128),H[h++]=m&63|128);return H},P=function(p,m){if(void 0===(p=p.B[m],p))throw[v,30,m];if(p.value)return p.create();return p.create(1*m*m+-76*m+79),p.prototype},z=function(p,m,r,h,H,g){if(p.D==p)for(H=P(p,m),346==m?(m=function(O,t,F,k){if((k=(F=H.length,F|0)-4>>3,H.iX)!=k){k=(t=[0,0,g[1],(H.iX=k,g)[2]],k<<3)-4;try{H.am=tk(t,Jk(H,(k|0)+4),Jk(H,k))}catch(K){throw K;}}H.push(H.am[F&7]^O)},g=P(p,336)):m=function(O){H.push(O)},h&&m(h&255),p=r.length,h=0;h<p;h++)m(r[h])},Gz=function(p,m){(p.mQ.push(p.B.slice()),p).B[428]=void 0,Q(p,428,m)},Ak=function(p,m,r,h){for(;p.I.length;){h=(p.h=null,p.I.pop());try{r=eR(h,p)}catch(H){w(H,p)}if(m&&p.h){m=p.h,m(function(){A(true,p,true)});break}}return r},Z,E=function(p,m){p.I.splice(0,0,m)},w=function(p,m){m.W=((m.W?m.W+"~":"E:")+p.message+":"+p.stack).slice(0,2048)},A=function(p,m,r,h,H,g){if(m.I.length){m.Im=(m.u=(m.u&&0(),true),p);try{g=m.i(),m.T=0,m.S=g,m.g=g,h=Ak(m,p),H=m.i()-m.S,m.J+=H,H<(r?0:10)||0>=m.A--||(H=Math.floor(H),m.s.push(254>=H?H:254))}finally{m.u=false}return h}},R=function(p,m){if(p.X)return oD(p,p.R);return m=d(true,8,p),m&128&&(m^=128,p=d(true,2,p),m=(m<<2)+(p|0)),m},yb=function(p,m){if((m=(p=null,U).trustedTypes,!m)||!m.createPolicy)return p;try{p=m.createPolicy("bg",{createHTML:bY,createScript:bY,createScriptURL:bY})}catch(r){U.console&&U.console.error(r.message)}return p},N=function(p,m,r){r=this;try{n8(this,m,p)}catch(h){w(h,this),m(function(H){H(r.W)})}},M=function(p,m,r,h,H,g){if(!m.Y){if(3<(r=P(m,((p=(0==(h=P(m,((g=void 0,r)&&r[0]===v&&(p=r[1],g=r[2],r=void 0),294)),h.length)&&(H=P(m,176)>>3,h.push(p,H>>8&255,H&255),void 0!=g&&h.push(g&255)),""),r)&&(r.message&&(p+=r.message),r.stack&&(p+=":"+r.stack)),49)),r)){m.D=(g=(p=(r-=(p=p.slice(0,(r|0)-3),(p.length|0)+3),Fe(p)),m.D),m);try{z(m,346,l(2,p.length).concat(p),9)}finally{m.D=g}}Q(m,49,r)}},C8=function(p,m){return a[p](a.prototype,{call:m,floor:m,document:m,pop:m,length:m,parent:m,prototype:m,stack:m,splice:m,replace:m,console:m,propertyIsEnumerable:m})},q0=String.fromCharCode(105,110,116,101,103,67,104,101,99,107,66,121,112,97,115,115),Qb=[],y=(N.prototype.H$=(N.prototype.U="toString",(N.prototype.Gi=void 0,N.prototype).fS=void 0,false),[]),K8=[],C=[],G=[],X=[],v={},lY=[],d0=[],hk=((((b=((r0,B,xE,function(){})(DG),N.prototype),b).Rm=function(){return Math.floor(this.J+(this.i()-this.S))},b.hU=function(p,m,r){return(m^=m<<13,m^=m>>17,(m=(m^m<<5)&r)||(m=1),p)^m},N).prototype.K="create",b.yw=function(p,m,r,h,H){for(H=h=0;H<p.length;H++)h+=p.charCodeAt(H),h+=h<<10,h^=h>>6;return(h=(h+=h<<3,h^=h>>11,p=h+(h<<15)>>>0,new Number(p&(1<<m)-1)),h)[0]=(p>>>m)%r,h},b).j=function(p,m,r,h,H){if(r="array"===ID(r)?r:[r],this.W)p(this.W);else try{H=[],h=!this.I.length,E(this,[C,H,r]),E(this,[G,p,H]),m&&!h||A(m,this,true)}catch(g){w(g,this),p(this.W)}},void 0),a=(b.i=(window.performance||{}).now?function(){return this.Zc+window.performance.now()}:function(){return+new Date},b.N5=(b.g_=function(p,m,r,h,H,g){for(g=H=0,h=[];H<p.length;H++)for(r=r<<m|p[H],g+=m;7<g;)g-=8,h.push(r>>g&255);return h},function(){return Math.floor(this.i())}),v).constructor,PO=((N.prototype.N=function(p,m){return m=(p={},hk=function(){return m==p?79:140},{}),function(r,h,H,g,O,t,F,k,K,D,e,x,f,q,S){m=(k=m,p);try{if(t=r[0],t==X){H=r[1];try{for(O=(h=(e=atob(H),g=0,[]),0);O<e.length;O++)x=e.charCodeAt(O),255<x&&(h[g++]=x&255,x>>=8),h[g++]=x;Q(((this.P=h,this).H=this.P.length<<3,this),191,[0,0,0])}catch(n){M(17,this,n);return}f8(this,8001)}else if(t==C)r[1].push(P(this,49),P(this,443).length,P(this,346).length,P(this,120).length),Q(this,33,r[2]),this.B[225]&&Ez(this,8001,P(this,225));else{if(t==G){D=l((g=r[2],2),(P(this,120).length|0)+2),K=this.D,this.D=this;try{q=P(this,294),0<q.length&&z(this,120,l(2,q.length).concat(q),10),z(this,120,l(1,this.O),109),z(this,120,l(1,this[G].length)),e=0,e-=(P(this,120).length|0)+5,e+=P(this,51)&2047,f=P(this,346),4<f.length&&(e-=(f.length|0)+3),0<e&&z(this,120,l(2,e).concat(B(e)),15),4<f.length&&z(this,120,l(2,f.length).concat(f),156)}finally{this.D=K}if(F=(O=B(2).concat(P(this,120)),O[1]=O[0]^6,O[3]=O[1]^D[0],O[4]=O[1]^D[1],this).X5(O))F="!"+F;else for(F="",e=0;e<O.length;e++)S=O[e][this.U](16),1==S.length&&(S="0"+S),F+=S;return P(this,(P((P(this,(Q(this,49,(h=F,g.shift())),443)).length=g.shift(),this),346).length=g.shift(),120)).length=g.shift(),h}if(t==lY)Ez(this,r[2],r[1]);else if(t==y)return Ez(this,8001,r[1])}}finally{m=k}}}(),N.prototype.uX=0,N.prototype).X5=function(p,m,r,h){if(h=window.btoa){for(m=(r=0,"");r<p.length;r+=8192)m+=String.fromCharCode.apply(null,p.slice(r,r+8192));p=h(m).replace(/\\+/g,"-").replace(/\\//g,"_").replace(/=/g,"")}else p=void 0;return p},/./);N.prototype.Vw=0;var zz,jR=X.pop.bind((N.prototype[d0]=[0,0,1,1,0,1,1],N.prototype[C])),Tz=((zz=C8((PO[N.prototype.U]=jR,N.prototype.K),{get:jR}),N).prototype.x6=void 0,function(p,m){return(m=yb())&&1===p.eval(m.createScript("1"))?function(r){return m.createScript(r)}:function(r){return""+r}})(U);(Z=U.botguard||(U.botguard={}),40<Z.m||(Z.m=41,Z.bg=g0,Z.a=sz),Z).MDm_=function(p,m,r){return r=new N(p,m),[function(h){return RD(r,h)}]};}).call(this);'));
}).call(this);
#8 JavaScript::Eval (size: 64) - SHA256: 2c6fcc10d170735ea0103cebd297129fae592327ed69dbf1773991fe63c4d8d0
0,
function(g, O, t) {
    (O = (t = (O = R(g), R(g)), g.B[O]) && P(g, O), Q)(g, t, O)
}
#9 JavaScript::Eval (size: 3) - SHA256: fa2b7af0a811b9acde602aacb78e3638e8506dfead5fe6c3425b10b526f94bdd
212
#10 JavaScript::Eval (size: 27) - SHA256: 52b43864b9f1786d8c0d2d679562e90dc2a00c9d68ea80188a37d9b01d23dd47
lOptionDocumentNumber_10023

Executed Writes (2)
#1 JavaScript::Write (size: 830) - SHA256: afe4a83edadc2ed0804b9fdd350bf87b1fab334e4076e81b78a923fbef07ac41
< script >
    var TrackTime = ['18:11:35.623', '18:11:35.623', '18:11:35.623'] < /script><style>.tmg-loading span{margin:0 auto;display:block;width:130px;font-size:large;font-variant:petite-caps;font-family:initial;text-align:center;}</style > < div id = 'tmgloading'
class = 'tmg-loading' > < span > Loading... < /span></div > < script > function TMG_CheckForClick() {
    try {
        var redirectTo = '#',
            tmpPlacement = '13488000';
        if ('#' != redirectTo) {
            var lurl = decodeURIComponent(redirectTo); - 1 != lurl.indexOf('http://') || -1 != lurl.indexOf('https://') ? window.location.href = lurl : eval(lurl)
        }
    } catch (r) {}
    return !0
} < /script><script src='https:/ / ldsapi.tmginteractive.com / GenericPlacementScriptDiv.aspx ? tmgrt = ancs & mainPlacement = 13488000 & hasLoadOptimation = 0 & hasMinAssets = 1 & placement = 13488000 & publisher = 139136 & affid = 1252169444874968 & subid = 1252169444874968 ' type='
text / javascript '></script>
#2 JavaScript::Write (size: 15083) - SHA256: 8b12a5d49cc8bc92d74b6168b1b589b0752919f46367cd44dd6b35aad07440f0
< style type = 'text/css' > .TMG - Creative - MoreInfo - Container {
        background - color: # fdecd7!important;
        border: 1 px solid # f3dfc8!important;
    }.TMG - Creative - MoreInfo - Container - HeaderBar {
        background - color: # f3dfc8!important;
    }.TMG - Creative - MoreInfo - Container - HeaderBar - Icon {
        color: # c4a176!important;
    }.TMG - Creative - MoreInfo - Container a {
        color: # dca926!important;
    }.TmgOffersArea {
        width: 370 px!important;font - family: Sans - Serif!important;font - size: 14 px!important;font - variant: normal!important;color: #212529!important;padding:0px 0px 0px 0px;margin:0px 0px 0px 0px;}.TmgOfferTopSpace{width:370px!important;float:left!important;height:0px!important;}.TmgOfferHeaderImage{width:370px!important;float:left!important;display:none;border:0px solid # FFF!important;
    }.TmgOfferHeaderImage img {
        height: 0 px!important;width: 0 px!important;
    }.TmgOfferBlankTop {
        width: 370 px!important;float: left!important;margin: 5 px 0 px
    }.TmgOffers {
        width: 370 px!important;float: left!important;
    }.TmgOffer {
        width: 370 px!important;float: left!important;
    }.TmgFloat {
        float: left!important;
    }.TmgOfferVerbiage {
        width: 370 px!important;float: left!important;display: none;padding: 0 px 0 px 0 px 0 px!important;margin: 0 px 0 px 0 px 0 px!important;font - family: Arial,
        Helvetica,
        sans - serif!important;font - weight: normal!important;font - size: 12 px!important;color: #000!important;border-style:0px solid # FFF!important;text - align: left!important;
    }.TmgOfferFooterImage {
        width: 370 px!important;float: left!important;display: none;border: 0 px solid # FFF!important;height: 0 px!important;width: 0 px!important;
    }.TmgOfferFooterImage img {
        height: 0 px!important;width: 0 px!important;
    }.TmgOfferBottomSpace {
        width: 370 px!important;float: left!important;height: 0 px!important;
    }.tmgCampaignlogoArea {
        display: none;width: 130 px!important;vertical - align: top;float: left!important;background - repeat: no - repeat;
    }.tmgCampaignlogoArea img {
        border: 1 px solid #000000 !important;}.TmgCampaignControlArea{display:block;width:25px!important;vertical-align:top;}.TmgCheckBoxButton{margin:1px 3px!important;}.TmgRadioButton{margin:1px 3px!important;}.tmgControlText{font-family:Sans-Serif!important;font-size:14px!important;font-weight:normal!important;color:# 212529!important;font - variant: normal!important;vertical - align: top!important;vertical - align: middle;display: inline - block;padding: 0 px!important;padding: 0 px 0 px 5 px 1 px;margin - left: 0 px!important;margin - left: -1 px;
    }.TmgCampaignCreativeArea {
        float: left!important;width: 325 px!important;vertical - align: top;display: block;
    }.TmgCampaignCreativeText {
        width: 325 px!important;font - family: Sans - Serif!important;font - size: 14 px!important;font - variant: normal!important;color: #212529!important;text-align:left!important;vertical-align:top!important;display:inline-block!important;overflow: hidden!important;}.TmgAdditionalFieldsArea{float:left!important;display:none;width:325px!important;font-family:Sans-Serif!important;font-variant:normal!important;color:# 212529!important;
    }.TmgBlankArea {
        float: left!important;width: 1 px!important;height: 1 px!important;padding: 0 px!important;margin: 0 px!important;
    }.TMG - Creative - MoreInfo - a - Collapse, .TMG - Creative - MoreInfo - a - Expand {
        cursor: pointer;color: #0000FF;text-decoration:underline;padding:0 5px;}.tmgFieldControlTheme{background-color:none;}.tmgFieldControlThemeRequired{background-color:# FF9999;
    }.TmgCampaignDisclaimer {
        font - size: 9 px!important;
        font - style: italic;
    }.tmgFieldOptionDirectionVertical {
        display: inline - table;
    }.TmgPoweredBy {
        float: left!important;font - family: Sans - Serif!important;font - size: 14 px!important;font - variant: normal!important;color: #9b9b9b!important;text-align:right!important;width:100%!important;}.TmgPoweredBy .initials-span{font-size:13px!important;}</style><script language= 'javascript'
        type = 'text/javascript' >
        var tmg_GlobalAssetsBaseURL = 'tmgassets.azureedge.net/amsus';
        var tmgPlacement = '13488000',
            tmgPublisher = '139136',
            tmgAffId = '1252169444874968',
            tmgSubId = '1252169444874968',
            tmgSSLKey = 's',
            tmgRedirectTo = '#',
            tmgMyURI = 'ldsapi.tmginteractive.com',
            tmgOfferPreCheck = false,
            tmgNumberOfOfferForPreCheck = 0,
            tmg_arrPreCheckCamps = [],
            tmgIsEmbeddedPlacement = true,
            tmgIsFieldDropOnButtonClick = false,
            tmgIsClientQueryStringPass = false,
            lUSER_PLATFORM = 0,
            lUSER_PLATFORM_SUB = 0,
            lUSER_IP_ADDRESS = '91.90.42.154',
            tmg_UserAgent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0',
            tmgHitUniqueKey = '1338743846',
            tmgTrustedFormFlag = false,
            tmgUniversalLeadidFlag = false,
            tmg_ptype = 'Embedded',
            tmg_psectype = 'EMBEDDED',
            tmg_hideCampOnClick = false,
            tmg_NumOfCampShowIntially = 0,
            tmg_ShowCampInBunchFunctionality = false,
            tmg_CampaignInABunch = 0,
            tmg_MainPlacement = '13488000',
            tmgAttachedInfo = 'Firefox;105.0;WinNT',
            tmgMoreInfoContext = '<i class=:SQ:fa fa-plus-circle:SQ: style=:SQ:color:#9E9E9E !important; font-size:16px !important;font-variant:normal !important; font-stretch:inherit !important; font-style:normal !important;font-weight:normal !important; background:none !important;border:none !important;text-decoration:none !important;text-transform:none !important;:SQ:></i>',
            tmgLessInfoContext = '<i class=:SQ:fa fa-minus-circle:SQ: style=:SQ:color:#A12227!important; font-size:16px!important;font-variant:normal !important;font-stretch:inherit !important; font-style:normal !important;font-weight:normal !important; background:none !important;border:none !important;text-decoration:none !important;text-transform:none !important;:SQ:></i>',
            tmgSiteName = 'monthlysweeps.us',
            tmgShowingLiveViewOnly_1338743846 = false,
            UserActivityTrackingSequence = 0,
            tmg_PostLeadOnOpt = false,
            tmgTrustedFormEnabledCampaigns = [],
            gMonths = [],
            gDays = [],
            gYears = [],
            gCountry = [],
            usStates = [],
            caStates = [],
            auStates = []; < /script><script src='https:/ / tmgassets.azureedge.net / amsus / ldsapi / assets / script / standard.min.js ? version = 20220221 n ' type='
        text / javascript '></script><script src='
        https : //tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103' type='text/javascript'></script><script src='https://tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230119a' type='text/javascript'></script><script async src='https://tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419' type='text/javascript'></script><link href='https://tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?3531k31j20233531j01ckl31llk107jkk113500' rel='stylesheet' type='text/css' /><iframe security='restricted' id='tmgPost' height='1' width='1' style='display:none;'></iframe><img id='tmgCallPixelSrc' src='https://tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif' height='1' width='1' /><div id='TmgOffers' align='left' class='TmgOffersArea' style='display:none;'><div class='TmgOfferTopSpace'></div><div class='TmgOfferHeaderImage' title='&nbsp;'></div><div id='TmgOfferVerbiage13488000' class='TmgOfferVerbiage'></div><div class='TmgOfferBlankTop'></div><div id='tmgDisplayOfferContainer' class='TmgOffers'><div id='TMGOfferTD1' class='TmgOffer TmgOfferTheme' ></div><br class='tmg_ignore_br' style='clear:both;'/></div><div class='TmgOfferFooterImage' title=''></div><div class='TmgOfferBottomSpace'></div><div style='clear:both;'></div></div><div style='display:none;'><div id='TMGOfferTR$10023'><div class='TMGOfferDiv13488000'><div class='tmgOfferArea_CenterLeftLine'><div class='tmgOfferArea_CenterRightLine'><div class='tmgOfferArea_CenterTopLine'><div class='tmgOfferArea_TopLeftCorner'><div class='tmgOfferArea_TopRightCorner'><div class='tmgOfferArea_CenterBottomLine'><div class='tmgOfferArea_BottomLeftCorner'><div class='tmgOfferArea_BottomRightCorner'><div class='TmgBlankArea'></div><div id='TmgCampaignControl$10023' class='TmgFloat TmgCampaignControlTheme'><div align='left' valign='top' style='vertical-align:top!important;' class='TmgCampaignControlArea TmgCampaignControlAreaTheme'><input type='checkbox' id='tmgControl$10023$0' name='tmgControl$10023' class='TmgCheckBoxButton' onClick='javascript:TMG_CheckClick(this);' />&nbsp;</div></div><div id='TmgCampaignCreative$10023' class='TmgCampaignCreativeArea TmgCampaignCreativeAreaTheme'><span class='TmgCampaignCreativeText'><span id='TmgCampaignCreativeSection0' class='TmgCampaignCreativeSection0Theme'><label for='tmgControl$10023$0' style='cursor:pointer;display:inline;'>Get exclusive access to global deals and free apps for your smartphone! </label></span><span id='TmgCampaignCreativeSection1' class='TmgCampaignCreativeSection1Theme'>Sign up for Global and special offers! </span><br class='tmg_ignore_br' style='clear:left;'/><span class='TMG-Creative-MoreInfo-Span' id='CreativeMoreInfo$10023' style='display:none;'>Subscribe us to explore more.&nbsp;<a href='https://ldsapi.tmginteractive.com/pp/' target='_blank'>Privacy Policy</a></span><a class='TMG-Creative-MoreInfo-a-Expand' id='TMGMoreInfoAnchor$10023' onclick='javascript:TMG_ClickForCreativeMoreInfo(this)'><i class='fa fa-plus-circle' style='color:#9E9E9E !important; font-size:16px !important;font-variant:normal !important; font-stretch:inherit !important; font-style:normal !important;font-weight:normal !important; background:none !important;border:none !important;text-decoration:none !important;text-transform:none !important;'></i></a></span></div><br class='tmg_ignore_br' style='clear:both;'/><div id='TmgAdditionalFields$10023' class='TmgAdditionalFieldsArea TmgAdditionalFieldsAreaTheme' style='padding-left:25px'><div><span style='font-size:11px!important;font-weight:normal!important;' name='TmgFieldValidationMsg' id='TmgFieldValidationMsg$10023'>Please complete the following fields:</span></div><div style='height:2px!important;'></div><div id='F_10023_FIRST_NAME_TABLE'><div><span id='F_10023_FIRST_NAME$heading' style='font-size:11px!important;' class='tmgFieldCaptionTheme'>First Name</span></div><div><input Id='F_10023_FIRST_NAME' name='F_10023_FIRST_NAME' style='width:200px;height:20px;' onChange=javascript:TMG_FillValueWithSameBaseField(this);TMG_ValidateCampaignsFieldsOnChange('F_10023_FIRST_NAME'); type='text' value='' class='tmgFieldTextBox tmgFieldControlTheme'></div></div><div style='height:2px!important;'></div><div id='F_10023_LAST_NAME_TABLE'><div><span id='F_10023_LAST_NAME$heading' style='font-size:11px!important;' class='tmgFieldCaptionTheme'>Last Name</span></div><div><input Id='F_10023_LAST_NAME' name='F_10023_LAST_NAME' style='width:200px;height:20px;' onChange=javascript:TMG_FillValueWithSameBaseField(this);TMG_ValidateCampaignsFieldsOnChange('F_10023_LAST_NAME'); type='text' value='' class='tmgFieldTextBox tmgFieldControlTheme'></div></div><div style='height:2px!important;'></div><div id='F_10023_EMAIL_TABLE'><div><span id='F_10023_EMAIL$heading' style='font-size:11px!important;' class='tmgFieldCaptionTheme'>Email</span></div><div><input Id='F_10023_EMAIL' name='F_10023_EMAIL' style='width:200px;height:20px;' onChange=javascript:TMG_FillValueWithSameBaseField(this);TMG_ValidateCampaignsFieldsOnChange('F_10023_EMAIL'); type='text' value='' class='tmgFieldTextBox tmgFieldControlTheme'></div></div><div style='height:2px!important;'></div><input name='F_10023_IP_ADDRESS' Id='F_10023_IP_ADDRESS' type='hidden' value='91.90.42.154'/><div style='height:2px!important;'></div><input name='F_10023_COUNTRY' Id='F_10023_COUNTRY' type='hidden' value=''/><div style='height:2px!important;'></div><input name='F_10023_USER_PLATFORM' Id='F_10023_USER_PLATFORM' type='hidden' value='0'/><div style='height:2px!important;'></div><div><span id='TmgSuccessMsg$10023' name='TmgSuccessMsg' style='font-size:11px!important;'>Once you have completed the required field(s) you will see a success message here.</span></div></div><div id='TmgSpacerTop$10023' class='TmgOffer SpacerImage' style='width:370px!important;height:5px!important;'><img src='https://tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif' height='1px' width='0px'></div><div class='TmgOffer TmgCampaignSepratorTheme' id='TmgCampaignSepratorId$10023' style='display:none;width:370px;border-bottom: 1px solid #000000!important;'></div><div id='TmgSpacerBottom$10023' class='TmgOffer SpacerImage' style='width:370px!important;height:5px!important;'><img src='https://tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif' height='1px' width='0px'></div><div class='tmg_ignore_br' style='clear:left;'></div></div></div></div></div></div></div></div></div></div></div></div><input name='hFieldAffId' Id='hFieldAffId' name='hFieldAffId' type='hidden' value='1252169444874968'/><input Id='hTMG_FetchingDataFromQuery' type='hidden' value='0'/><input Id='hTMG_MappedDateFormat' type='hidden' value='0'/><input name='hFieldSubId' Id='hFieldSubId' name='hFieldSubId' type='hidden' value='1252169444874968'/><script language='javascript' type='text/javascript'>var IsPrePingExecuteFromClientScript=false,lCampaigns_out_from_preping=[0],lMappedClientFields='ADDRESS,1,address,NAME--AffId,0,hFieldAffId,ID--CITY,0,city,ID--DATE_OF_BIRTH,2,month^day^year,ID--EMAIL,1,email-address,ID--FIRST_NAME,1,first_name,ID--GENDER,3,title,NAME--LAST_NAME,1,last_name,ID--PHONE,1,phone_number,ID--STATE,0,state,ID--SubId,0,hFieldSubId,ID--ZIP,1,postal_code,ID',lCPL_10023='0.00',lCPLEntryFor_10023='ADMIN',lOptionDocumentNumber_10023='10023/226/0/225',lCampaignFields_10023='F_10023_FIRST_NAME,F_10023_LAST_NAME,F_10023_EMAIL,F_10023_IP_ADDRESS,F_10023_COUNTRY,F_10023_USER_PLATFORM',lFinalOrderOfCampaignInDisplay='',lTrueTargetedCampaigns='',lFalseTargetedCampaigns='',lNumberOfCampaignsToDisplay='1',lAllCampaigns='10023',lAvoidValidateForIds='F_10023_IP_ADDRESS,F_10023_COUNTRY,F_10023_USER_PLATFORM',lFieldsContainChildField='',lHiddenFieldIds='F_10023_IP_ADDRESS,F_10023_COUNTRY,F_10023_USER_PLATFORM',lAnswerMandatoryFlag=false,lRadioButtonFieldIds='',lCheckBoxFieldIds='',lClientQueryString='',lPrePingCampaigns='',lNumberOfPrepingCampaign='0',lExecuteLines='',lMappedFor_GENDER='Mr~M,Ms~F',lPlacementImpressionOn='LOAD',lCampaignsImpressionOn='LOAD';</script><script language='javascript' type='text/javascript'>try{TMG_DisplayOffers();fn_MoreInfo_Absolute();}catch(ex){}</script><script language='javascript' type='text/javascript'>var oldonload=window.onload;if (typeof window.onload != 'function'){window.onload=function(){TMG_ExecuteOnPageLoad();fn_MoreInfo_Absolute();}} else {window.onload=function(){TMG_ExecuteOnPageLoad();fn_MoreInfo_Absolute();oldonload();}}</script><script>UserActivityTrackingSequence=1;</script><link href='https://tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419' rel='stylesheet' type='text/css' /><script src='https://tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?3531k31j20233531j01ckl31llk107jkk113500' type='text/javascript'></script><style>.tmg-loading{display:none;text-align:center;}</style><script async src='https://tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230119a' type='text/javascript'></script><input Id='hConditionalStructureData' type='hidden' value=''/><script>try{ TrackTime.push('18:11:35.795','18:11:35.795','18:11:35.795','18:11:35.873','18:11:35.873','18:11:35.873','18:11:35.873','18:11:35.873','18:11:35.873');TrackTime.push(GetDateStringInFormat(new Date(),'hh:mm:ss.fff')) } catch(ex) { }</script>

HTTP Transactions (85)


Request Response
 
                                        
                                            GET /go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968 HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1
search 
                                         3.212.250.95

                                        
                                            HTTP/1.1 301 Moved Permanently 

                                        
                                            
Content-Type: text/html 

                                        
                                    
                                        

                                        
                                            
Server: awselb/2.0 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:34 GMT 

                                        
                                            
Content-Length: 134 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Location: https://monthlysweeps.us:443/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators

                                                Size:   134

                                                Md5:    4aa7a432bb447f094408f1bd6229c605

                                                Sha1:   1965c4952cc8c082a6307ed67061a57aab6632fa

                                                Sha256: 34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Phishing

                                                    
                                                
                                                
                                                

                                                
                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E" 

                                        
                                            
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8380 

                                        
                                            
Expires: Tue, 31 Jan 2023 20:31:14 GMT 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:34 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E" 

                                        
                                            
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=10864 

                                        
                                            
Expires: Tue, 31 Jan 2023 21:12:38 GMT 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:34 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json 

                                        
                                    
                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Tue, 31 Jan 2023 17:35:54 GMT 

                                        
                                            
age: 2140 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    30db107dcf4380cef05efea409c2e6a3

                                                Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9

                                                Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7" 

                                        
                                            
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=4982 

                                        
                                            
Expires: Tue, 31 Jan 2023 19:34:36 GMT 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:34 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream 

                                        
                                    
                                        

                                        
                                            
x-amz-id-2: yTJeOdJBfMpeM1lROxFQmkiwxe1CRIH175Ht7i5VVu3huceXSYEmFMMrnWRuURsZXJP8+BxYJE4= 

                                        
                                            
x-amz-request-id: RTKY5M5AFS34XYGX 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Tue, 31 Jan 2023 17:51:15 GMT 

                                        
                                            
age: 1219 

                                        
                                            
last-modified: Mon, 09 Jan 2023 18:04:21 GMT 

                                        
                                            
etag: "7b922915ebf1fa3639b333f994c74f24" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    7b922915ebf1fa3639b333f994c74f24

                                                Sha1:   144a3f80b98fd0652d4614f24cf6cbbee40f8938

                                                Sha256: adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /v1/tiles HTTP/1.1 

                                        
                                            
Host: contile.services.mozilla.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.117.237.239

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:34 GMT 

                                        
                                            
content-length: 12 

                                        
                                            
access-control-expose-headers: content-type 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   12

                                                Md5:    23e88fb7b99543fb33315b29b1fad9d6

                                                Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

                                                Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         54.230.245.110

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=124580 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:34 GMT 

                                        
                                            
Etag: "63d88ced-1d7" 

                                        
                                            
Expires: Thu, 02 Feb 2023 04:47:54 GMT 

                                        
                                            
Last-Modified: Tue, 31 Jan 2023 03:37:17 GMT 

                                        
                                            
Server: ECS (bsa/EB1A) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: E7fmgWAcbZYkw5WKQxkadG8luCgDWqfi2PoQnznK_FC4EsRF072b_g== 

                                        
                                            
Age: 4237 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json 

                                        
                                    
                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 329 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Tue, 31 Jan 2023 17:41:42 GMT 

                                        
                                            
age: 1792 

                                        
                                            
last-modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
etag: "1648230346554" 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968 HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Cookie: _ga=GA1.2.904798751.1675188704; _gid=GA1.2.76769928.1675188704; _gat=1; _hjSessionUser_2865935=eyJpZCI6IjZhY2VlZDU5LTZlNDQtNTgzNS1iOGE0LTI1YmI0OGM0M2RiMSIsImNyZWF0ZWQiOjE2NzUxODg3MDQwNDIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6Ijg2ZTM1MWRkLTZjN2YtNDcyMi05ODU3LTVmYTY3MWJjZDEwNyIsImNyZWF0ZWQiOjE2NzUxODg3MDQzNzYsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: document 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: none 

                                        
                                            
Sec-Fetch-User: ?1
search 
                                         107.23.100.94

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:34 GMT 

                                        
                                            
content-length: 9936 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
set-cookie: ci_session=hga2r8hav09963p86oid1qbhuqtcmmu0; path=/; HttpOnly; SameSite=Lax 

                                        
                                            
expires: Thu, 19 Nov 1981 08:52:00 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (939)

                                                Size:   9936

                                                Md5:    c8c3851c7e79ea82712b44b98fc1ef81

                                                Sha1:   acb5bb934dc7b74b672514d113e6f269c12c5052

                                                Sha256: 69e074448d6145034ed5adb4b7e2e321eefb1bfe2955427bc0a7966878f8f3c1

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Phishing

                                                    
                                                
                                                
                                                

                                                
                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E" 

                                        
                                            
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3909 

                                        
                                            
Expires: Tue, 31 Jan 2023 19:16:44 GMT 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /assets/css/datepicker.css HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968 

                                        
                                            
Cookie: _ga=GA1.2.904798751.1675188704; _gid=GA1.2.76769928.1675188704; _gat=1; _hjSessionUser_2865935=eyJpZCI6IjZhY2VlZDU5LTZlNDQtNTgzNS1iOGE0LTI1YmI0OGM0M2RiMSIsImNyZWF0ZWQiOjE2NzUxODg3MDQwNDIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6Ijg2ZTM1MWRkLTZjN2YtNDcyMi05ODU3LTVmYTY3MWJjZDEwNyIsImNyZWF0ZWQiOjE2NzUxODg3MDQzNzYsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1; ci_session=hga2r8hav09963p86oid1qbhuqtcmmu0 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         107.23.100.94

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
content-length: 818 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Mon, 26 Jul 2021 18:17:06 GMT 

                                        
                                            
etag: "d07-5c80ac2c970f8-gzip" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (3335), with no line terminators

                                                Size:   818

                                                Md5:    3240fc33175e0e388f26fbac8bf8cff3

                                                Sha1:   cf1a645948c9ce996e1560b9569f56822c4f9ba8

                                                Sha256: 9077f43ae19f62f65d930304d4f77d3ce23ec0d4ba41e1284dac8702fbc05f96

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /assets/css/loading_icon_1.css HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968 

                                        
                                            
Cookie: _ga=GA1.2.904798751.1675188704; _gid=GA1.2.76769928.1675188704; _gat=1; _hjSessionUser_2865935=eyJpZCI6IjZhY2VlZDU5LTZlNDQtNTgzNS1iOGE0LTI1YmI0OGM0M2RiMSIsImNyZWF0ZWQiOjE2NzUxODg3MDQwNDIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6Ijg2ZTM1MWRkLTZjN2YtNDcyMi05ODU3LTVmYTY3MWJjZDEwNyIsImNyZWF0ZWQiOjE2NzUxODg3MDQzNzYsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1; ci_session=hga2r8hav09963p86oid1qbhuqtcmmu0 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         107.23.100.94

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
content-length: 580 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Mon, 26 Jul 2021 18:17:07 GMT 

                                        
                                            
etag: "db0-5c80ac2ce37a0-gzip" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   580

                                                Md5:    b6b8913a6a3ad6881037667493551ec5

                                                Sha1:   3daae516738f878875bb15766ca06a2ed9ee442b

                                                Sha256: cc46b8ab8bf6a609d0c9336a46ef8b217c15fb2ecdef548c5c4d6ce6ebdb52cf

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /assets/css/sweeps.css HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968 

                                        
                                            
Cookie: _ga=GA1.2.904798751.1675188704; _gid=GA1.2.76769928.1675188704; _gat=1; _hjSessionUser_2865935=eyJpZCI6IjZhY2VlZDU5LTZlNDQtNTgzNS1iOGE0LTI1YmI0OGM0M2RiMSIsImNyZWF0ZWQiOjE2NzUxODg3MDQwNDIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6Ijg2ZTM1MWRkLTZjN2YtNDcyMi05ODU3LTVmYTY3MWJjZDEwNyIsImNyZWF0ZWQiOjE2NzUxODg3MDQzNzYsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1; ci_session=hga2r8hav09963p86oid1qbhuqtcmmu0 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         107.23.100.94

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
content-length: 1639 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Fri, 02 Sep 2022 17:56:19 GMT 

                                        
                                            
etag: "172c-5e7b572772120-gzip" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text

                                                Size:   1639

                                                Md5:    a5c77602d9ceb6c6450244ffb0baf0d1

                                                Sha1:   0a8756bf9ec23f2957f9165941196551cc046cf7

                                                Sha256: d1bdae39d462d3c7ccb9f86a413c69df0026d2c06558af9b691a0e98bf0cdd4e

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js HTTP/1.1 

                                        
                                            
Host: cdnjs.cloudflare.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         104.17.25.14

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
content-length: 58913 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=30672000 

                                        
                                            
content-encoding: br 

                                        
                                            
etag: "5eb03d8e-46f6d" 

                                        
                                            
last-modified: Mon, 04 May 2020 16:06:38 GMT 

                                        
                                            
cf-cdnjs-via: cfworker/kv 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 18231869 

                                        
                                            
expires: Sun, 21 Jan 2024 18:11:35 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfOVMPMXoTNWHVR%2FGtsQOSmULENQ%2Be32QvkE1JbjAnKtGcIkKnhrdpucctDZBjySfNipGK8FI%2FNabOCI26Wi1zunU6irEUHemAK7VmjKMXqAHTu9GV78QmSyuRX1VprpGl6QnIyU"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
strict-transport-security: max-age=15780000 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 79246920788db4fa-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (65274)

                                                Size:   58913

                                                Md5:    a63b2977b01b6e2d2e2086c3f63a3c9a

                                                Sha1:   560409f64e40f5078e1ba8d496657badd7a3a6ee

                                                Sha256: 4a477bb786727bd8c49a1dbc25dd37dcce7f2ceece74576dffd8a3da739b034f

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /jquery-3.3.1.min.js HTTP/1.1 

                                        
                                            
Host: code.jquery.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         69.16.175.10

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
content-encoding: gzip 

                                        
                                            
content-length: 30288 

                                        
                                            
last-modified: Wed, 16 Feb 2022 10:50:39 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: nginx 

                                        
                                            
etag: W/"620cd6ff-1538f" 

                                        
                                            
cache-control: max-age=315360000, public 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-hw: 1675188695.dop021.sk1.t,1675188695.cds246.sk1.hn,1675188695.cds240.sk1.c 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65451)

                                                Size:   30288

                                                Md5:    d549b312f7a7d228b4ec229a6547dfdc

                                                Sha1:   0766794582ad530ec0f8c2595f741086afffa312

                                                Sha256: f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1 

                                        
                                            
Host: cdnjs.cloudflare.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         104.17.25.14

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
content-length: 6458 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: public, max-age=30672000 

                                        
                                            
content-encoding: br 

                                        
                                            
etag: "5eb03fa9-500f" 

                                        
                                            
last-modified: Mon, 04 May 2020 16:15:37 GMT 

                                        
                                            
cf-cdnjs-via: cfworker/kv 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 3413896 

                                        
                                            
expires: Sun, 21 Jan 2024 18:11:35 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4y0r8raIRiYQB%2B%2BJ2up7mmO0dbuEp7AiY7g0FXPrXbfW3uUQtkZkmHBoFxj1Etx2V9FmJ1sNkK6elLKrU7wCHtz7Lvq24%2FQl8yJHWUT2QImUcdK%2B4DiG9SEolFPqjukc3Diq7cCx"}],"group":"cf-nel","max_age":604800} 

                                        
                                            
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} 

                                        
                                            
strict-transport-security: max-age=15780000 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 792469205875b4fa-OSL 

                                        
                                            
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (20322)

                                                Size:   6458

                                                Md5:    df9fe6d48e380554eb0ec9687bed3246

                                                Sha1:   207263d754220200c1916edfbda262f62223ecf5

                                                Sha256: 91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /jquery.validation/1.15.0/jquery.validate.min.js HTTP/1.1 

                                        
                                            
Host: cdn.jsdelivr.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         151.101.129.229

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cache-control: public, max-age=31536000, s-maxage=31536000, immutable 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
etag: W/"58a0-xaL/AT+jV8HSplcbXY5ljmcAgOo" 

                                        
                                            
content-encoding: gzip 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
age: 6689286 

                                        
                                            
x-served-by: cache-fra-eddf8230115-FRA, cache-bma1680-BMA 

                                        
                                            
x-cache: HIT, HIT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 

                                        
                                            
content-length: 7320 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (22550)

                                                Size:   7320

                                                Md5:    17f3f2c0dd873827d21aec4b7c7da443

                                                Sha1:   e10d2e3deff107d85726cb4f14eee82f96f2594e

                                                Sha256: 5f0adea83e4171c32048eafe7032ef01093d96794c62b988fb9935041e35a998

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /jquery.validation/1.15.0/additional-methods.min.js HTTP/1.1 

                                        
                                            
Host: cdn.jsdelivr.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         151.101.129.229

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
cache-control: public, max-age=31536000, s-maxage=31536000, immutable 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
etag: W/"4547-g4rGbD7KxrYTawSb3Q4U8vAilSw" 

                                        
                                            
content-encoding: gzip 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
age: 7900776 

                                        
                                            
x-served-by: cache-fra-eddf8230100-FRA, cache-bma1680-BMA 

                                        
                                            
x-cache: HIT, HIT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 

                                        
                                            
content-length: 5199 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 text, with very long lines (17590)

                                                Size:   5199

                                                Md5:    4c0e8d136f8e41d83cb99f52be04f280

                                                Sha1:   eecf9c91f361ac05dfaa6b7167aea6f0d4ddf7cd

                                                Sha256: 81659fd2d8cc8d38327f4450954654b19dbb8a95a2b1e402e47869f0ca9dddc6

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4815 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Last-Modified: Tue, 31 Jan 2023 16:51:20 GMT 

                                        
                                            
Server: ECS (ska/F6FD) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /ads/scripts/site-141028.js HTTP/1.1 

                                        
                                            
Host: ads.pro-market.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         95.101.10.74

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/x-javascript 

                                        
                                    
                                        

                                        
                                            
Last-Modified: Tue, 23 Jul 2019 13:39:45 GMT 

                                        
                                            
Server: nginx/1.0.15 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Content-Length: 1101 

                                        
                                            
Cache-Control: max-age=86400 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (514), with CRLF line terminators

                                                Size:   1101

                                                Md5:    540b7c85a21cf48ee81735b2ffcc335f

                                                Sha1:   e5eaedc157c73717aab322629e3f1ad8569bc0a1

                                                Sha256: aa2916440a5dc9e91cc213dc3503845a97fe91cfd12fe8e6cd92032b675a4da9

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5212 

                                        
                                            
Cache-Control: max-age=122659 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Etag: "63d8819e-118" 

                                        
                                            
Expires: Thu, 02 Feb 2023 04:15:54 GMT 

                                        
                                            
Last-Modified: Tue, 31 Jan 2023 02:49:02 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 4815 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Last-Modified: Tue, 31 Jan 2023 16:51:20 GMT 

                                        
                                            
Server: ECS (ska/F6FD) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 280 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1 

                                        
                                            
Host: ocsp.globalsign.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         104.18.20.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Etag: "8EC97B4207DA0941A4F6BE2837762A9A54DA7ABC" 

                                        
                                            
Expires: Wed, 01 Feb 2023 05:00:00 GMT 

                                        
                                            
Last-Modified: Tue, 31 Jan 2023 17:00:00 UTC 

                                        
                                            
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 1109 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 79246921b9fab51d-OSL 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1462

                                                Md5:    604ee8cf36e43eddd2388692d8fb2271

                                                Sha1:   1a6230bd1cec3c073e587d2a3742195406119ed2

                                                Sha256: db283d4eaa3be01efff707feb6c9dfdc609daa1afaf9d726ddffb50cb6856504

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /assets/js/datepicker.js HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968 

                                        
                                            
Cookie: _ga=GA1.2.904798751.1675188704; _gid=GA1.2.76769928.1675188704; _gat=1; _hjSessionUser_2865935=eyJpZCI6IjZhY2VlZDU5LTZlNDQtNTgzNS1iOGE0LTI1YmI0OGM0M2RiMSIsImNyZWF0ZWQiOjE2NzUxODg3MDQwNDIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6Ijg2ZTM1MWRkLTZjN2YtNDcyMi05ODU3LTVmYTY3MWJjZDEwNyIsImNyZWF0ZWQiOjE2NzUxODg3MDQzNzYsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1; ci_session=hga2r8hav09963p86oid1qbhuqtcmmu0 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         107.23.100.94

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
content-length: 5285 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Mon, 26 Jul 2021 18:17:09 GMT 

                                        
                                            
etag: "42ac-5c80ac2fab258-gzip" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (16878)

                                                Size:   5285

                                                Md5:    6c28af1b6fa9301701dfefc5dbfe5159

                                                Sha1:   134cfa1c0a5a837f002034b8ea1a8c6243b96bac

                                                Sha256: 4a47c7c7ccb099528d7387eadcc4989bbbc17d75981507635d015da4711bb932

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Phishing

                                                    
                                                
                                                
                                                

                                                
                                            
                                            
                                        

                                    
                                        
                                            GET /assets/img/sweepstakes250/one.png HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968 

                                        
                                            
Cookie: _ga=GA1.2.904798751.1675188704; _gid=GA1.2.76769928.1675188704; _gat=1; _hjSessionUser_2865935=eyJpZCI6IjZhY2VlZDU5LTZlNDQtNTgzNS1iOGE0LTI1YmI0OGM0M2RiMSIsImNyZWF0ZWQiOjE2NzUxODg3MDQwNDIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6Ijg2ZTM1MWRkLTZjN2YtNDcyMi05ODU3LTVmYTY3MWJjZDEwNyIsImNyZWF0ZWQiOjE2NzUxODg3MDQzNzYsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1; ci_session=hga2r8hav09963p86oid1qbhuqtcmmu0 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         107.23.100.94

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
content-length: 801 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Thu, 01 Dec 2016 21:16:31 GMT 

                                        
                                            
etag: "321-5429f55d7e9c0" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data

                                                Size:   801

                                                Md5:    03744c9d39310c5d2af2cf2a23616580

                                                Sha1:   603f0d70ddc7d77f6341dc0caf9e0740b33ae061

                                                Sha256: afbc2f9fe529022b98f966b254c8d3173a40998fdd01ee3739df99a8a3169a0b

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /assets/img/sweepstakes250/two.png HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968 

                                        
                                            
Cookie: _ga=GA1.2.904798751.1675188704; _gid=GA1.2.76769928.1675188704; _gat=1; _hjSessionUser_2865935=eyJpZCI6IjZhY2VlZDU5LTZlNDQtNTgzNS1iOGE0LTI1YmI0OGM0M2RiMSIsImNyZWF0ZWQiOjE2NzUxODg3MDQwNDIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6Ijg2ZTM1MWRkLTZjN2YtNDcyMi05ODU3LTVmYTY3MWJjZDEwNyIsImNyZWF0ZWQiOjE2NzUxODg3MDQzNzYsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1; ci_session=hga2r8hav09963p86oid1qbhuqtcmmu0 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         107.23.100.94

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
content-length: 915 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Thu, 01 Dec 2016 21:16:30 GMT 

                                        
                                            
etag: "393-5429f55c8a780" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data

                                                Size:   915

                                                Md5:    a1914f8236d7704856f5c5762e86c109

                                                Sha1:   ea40712fad474fab16b7e2f1505bcb42302cd6ec

                                                Sha256: 6c21621aeb7ad165ee758074b65bbf2fa35498a74320a940c52a3208375ef26d

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: VkXB5+GO4f18QtsAZfOrRg== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket
search 
                                         52.89.255.30

                                        
                                            HTTP/1.1 101 Switching Protocols 

                                        
                                    
                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: yAqwI8wht+pgKe+XjfASTAx9O94= 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 471 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sectigo.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         172.64.155.188

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Content-Length: 472 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Mon, 30 Jan 2023 14:10:11 GMT 

                                        
                                            
Expires: Mon, 06 Feb 2023 14:10:10 GMT 

                                        
                                            
Etag: "58e424ee6a1ad2cb267d8b1f7179894cdb350e1b" 

                                        
                                            
Cache-Control: max-age=503314,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb1 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: DYNAMIC 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 792469224deb0b06-OSL 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /assets/img/campaign/1252_welcome.png HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968 

                                        
                                            
Cookie: _ga=GA1.2.904798751.1675188704; _gid=GA1.2.76769928.1675188704; _gat=1; _hjSessionUser_2865935=eyJpZCI6IjZhY2VlZDU5LTZlNDQtNTgzNS1iOGE0LTI1YmI0OGM0M2RiMSIsImNyZWF0ZWQiOjE2NzUxODg3MDQwNDIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6Ijg2ZTM1MWRkLTZjN2YtNDcyMi05ODU3LTVmYTY3MWJjZDEwNyIsImNyZWF0ZWQiOjE2NzUxODg3MDQzNzYsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1; ci_session=hga2r8hav09963p86oid1qbhuqtcmmu0 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         107.23.100.94

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/png 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
content-length: 231382 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Thu, 10 Feb 2022 20:33:23 GMT 

                                        
                                            
etag: "387d6-5d7afdc945ac0" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 550 x 350, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   231382

                                                Md5:    d4814b64f60ea2e3740d84049f449cbc

                                                Sha1:   fab70cfba9864232b41e52589b0211244bd8e289

                                                Sha256: e3830d486194e488c72bde6ce382fd739f767963b072c1044fe222f5969f8e96

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /assets/img/campaign/1252_bg.jpg HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968 

                                        
                                            
Cookie: _ga=GA1.2.904798751.1675188704; _gid=GA1.2.76769928.1675188704; _gat=1; _hjSessionUser_2865935=eyJpZCI6IjZhY2VlZDU5LTZlNDQtNTgzNS1iOGE0LTI1YmI0OGM0M2RiMSIsImNyZWF0ZWQiOjE2NzUxODg3MDQwNDIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6Ijg2ZTM1MWRkLTZjN2YtNDcyMi05ODU3LTVmYTY3MWJjZDEwNyIsImNyZWF0ZWQiOjE2NzUxODg3MDQzNzYsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1; ci_session=hga2r8hav09963p86oid1qbhuqtcmmu0 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         107.23.100.94

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
content-length: 234777 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Thu, 10 Feb 2022 20:33:23 GMT 

                                        
                                            
etag: "39519-5d7afdc927660" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data

                                                Size:   234777

                                                Md5:    664b071df631b9d8d0ad94ed7983585d

                                                Sha1:   d85f8f5260f2dc118011010f83ba62be1a1f2193

                                                Sha256: a3e2a9b0292a99decaf42fcf3cd4883b9c491083c3acb407eced850dc0c66e0e

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1252169444874968&subid=1252169444874968 HTTP/1.1 

                                        
                                            
Host: ldsapi.tmginteractive.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         209.151.244.116

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
Cache-Control: private 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: Microsoft-IIS/10.0 

                                        
                                            
X-AspNet-Version: 4.0.30319 

                                        
                                            
X-Powered-By: ASP.NET 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-Service-Ip: 105 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Content-Length: 700 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (852), with CRLF line terminators

                                                Size:   700

                                                Md5:    a63a216ac1a099b6ae3000cecc93b73a

                                                Sha1:   b33abbad770e3f2b37a1bf56c9307f98f58f2615

                                                Sha256: ef324cee86a035e9fa2213a30f4147622bfeded3a9826ab921ffe32a5b571883

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1252169444874968&subid=1252169444874968 HTTP/1.1 

                                        
                                            
Host: ldsapi.tmginteractive.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         209.151.244.116

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
Cache-Control: private 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: Microsoft-IIS/10.0 

                                        
                                            
X-AspNet-Version: 4.0.30319 

                                        
                                            
X-Powered-By: ASP.NET 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-Service-Ip: 105 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
Content-Length: 4845 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (15114), with CRLF line terminators

                                                Size:   4845

                                                Md5:    e2eed1c0d4929082d4a5be07bae88622

                                                Sha1:   935d4cd69d8500863bf12df0af2d0cf1f3afc5e2

                                                Sha256: 87504d2f1c7c4cf72f8466e97b00f47fbc4f4dec8bc1f8890dc4a1f0d1b55a05

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ldsapi/assets/images/spacer.gif HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         13.107.238.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/gif 

                                        
                                    
                                        

                                        
                                            
content-length: 43 

                                        
                                            
content-md5: MlRyYBVx8x4b8AZ0w2jTNQ== 

                                        
                                            
last-modified: Fri, 21 May 2021 12:34:19 GMT 

                                        
                                            
etag: 0x8D91C54C1586655 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 7571bcc7-e01e-0020-46a8-34383f000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0VkDZYwAAAAAOgDgGafILS6k+UxHut+GrRlJBMjMxMDUwNDE4MDI3ADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 02FnZYwAAAAASxHWj1TXKS5vf5JyRt8HTQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    325472601571f31e1bf00674c368d335

                                                Sha1:   2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a

                                                Sha256: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ns/assets/awesome-font/font-awesome.css?version=120419 HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.107.238.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css 

                                        
                                    
                                        

                                        
                                            
content-length: 520 

                                        
                                            
content-md5: AExI7hLtZOIj2uUf/9qAyg== 

                                        
                                            
last-modified: Fri, 21 May 2021 11:01:09 GMT 

                                        
                                            
etag: 0x8D91C47BDA9A147 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 2921287b-301e-004f-2f90-3590eb000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0VUDZYwAAAAAKo0fRk4bKRo1hkOmsCfdzRlJBMjMxMDUwNDE3MDExADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 02FnZYwAAAABIgEojQmW1TKaPAAgSeZ8FQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (520), with no line terminators

                                                Size:   520

                                                Md5:    004c48ee12ed64e223dae51fffda80ca

                                                Sha1:   a3a70b71586d8573a400bd4a2a0eb9bf8ec39c17

                                                Sha256: 735903b0b0ffc434c5dd315d19c20594526dd23bcc44480e69edfbe20f4fb117

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.107.238.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: E4ptMzZLxbawD4B7RV5YCQ== 

                                        
                                            
last-modified: Wed, 03 Nov 2021 09:07:36 GMT 

                                        
                                            
etag: 0x8D99EA961032FA1 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 40b3a374-f01e-003f-4c90-35e32f000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0zFnZYwAAAADrYH3d2qvqQ4OpItCAdeMZRlJBMjMxMDUwNDE3MDM5ADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 02FnZYwAAAABUDI82XCANSbiOhoQ5LLvuQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (3119)

                                                Size:   16678

                                                Md5:    8ec34edb4d29fd47816d99e8cb60b107

                                                Sha1:   f8cb0149788bffe7b12881251c0e292327d49311

                                                Sha256: 6bd923f44a9f18106c0695db5e3c84310fba7eac1c9f1535a3c29271f52857a4

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1" 

                                        
                                            
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=2504 

                                        
                                            
Expires: Tue, 31 Jan 2023 18:53:20 GMT 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:36 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /amsus/ns/css/13488000.min.css?3531k31j20233531j01ckl31llk107jkk113500 HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.107.238.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: WEcI6Omll5/fQKo/f35d8g== 

                                        
                                            
last-modified: Mon, 14 Mar 2022 19:57:50 GMT 

                                        
                                            
etag: 0x8DA05F4EB4EA477 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 6959a0fd-801e-0074-50d5-34d2b5000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0zFnZYwAAAADVIE/YevAISpMkn2+AysZnRlJBMjMxMDUwNDE4MDIxADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 02FnZYwAAAAD9NXK3gheoQb82wOJ0W1mNQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (8788), with no line terminators

                                                Size:   2041

                                                Md5:    d13ab2c0caf6d5813802538aa964f171

                                                Sha1:   9a10a69a2f2a32340028c9bb7621edfb687b98be

                                                Sha256: b471788a978196b8e8fa48079d7f24449a2240cbe1cc5e4b0970ab053e873b63

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 12507 

                                        
                                            
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fhklyFaJoAMFqKA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: UDJKl99GiUxTW_EgWFDjLaJZbKFhfaJR-XRLsbQphwHuCXczDlxrDA== 

                                        
                                            
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 30 Jan 2023 21:55:07 GMT 

                                        
                                            
age: 72989 

                                        
                                            
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   12507

                                                Md5:    5190c0bdc6abe0ee258e9f8c20ddaf51

                                                Sha1:   d60f280f8a742480527dbc32d08f321f972d4fcf

                                                Sha256: 874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9987 

                                        
                                            
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: flYlPF9uIAMFXMg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: hDjKAMYoVwHdCqS8t08PrWyfQQLiWaosXbi3FOJY8BeV0yAFCGziGw== 

                                        
                                            
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 31 Jan 2023 01:58:16 GMT 

                                        
                                            
age: 58400 

                                        
                                            
etag: "6cf734e2d29938688913daacfb75506d8e004a94" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9987

                                                Md5:    2c4934be94898028e2ab696561b51462

                                                Sha1:   6cf734e2d29938688913daacfb75506d8e004a94

                                                Sha256: 239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 13853 

                                        
                                            
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fk3zzF4hIAMFwWg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: T5CaUojMEG8x8vki59UdIhI8IbbBRY_7w3xgiW3RCZlHTyeHPLIy2Q== 

                                        
                                            
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Mon, 30 Jan 2023 21:47:13 GMT 

                                        
                                            
age: 73463 

                                        
                                            
etag: "1959fdd94846fa3791c4890578dd15336b909dcc" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   13853

                                                Md5:    d957012d3e2b8c3bc0eefe11d66e8554

                                                Sha1:   1959fdd94846fa3791c4890578dd15336b909dcc

                                                Sha256: a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ldsapi/assets/script/standard.min.js?version=20220221n HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.107.238.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: YTnb0ehLGLRubF63e3IyDA== 

                                        
                                            
last-modified: Mon, 21 Feb 2022 16:55:53 GMT 

                                        
                                            
etag: 0x8D9F55B05E46BD0 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 813d1e6d-701e-0007-2df5-33a276000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0CwfYYwAAAADr6B/6LcbqQrRvQ6HJOowLRlJBMjMxMDUwNDE4MDM5ADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 02FnZYwAAAACwPsusffYERI9Jwo9Byq7sQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (5818), with no line terminators

                                                Size:   10147

                                                Md5:    c7aa0670ce4e03398bffd78d29cd049c

                                                Sha1:   7b2bab234170ddb11b474d5598b6fccc817b9b74

                                                Sha256: 0c9806de87a32bbea736c203c9b1b7e08d69e3b07d89c18202b42f98605ae321

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6844 

                                        
                                            
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: flZsxH0YIAMF9ew= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: 6bbFjAsd03GN8zzBnAFBm7xA8igZ_xHJsOHzw7nwNgRxiWUDLPGjpQ== 

                                        
                                            
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 31 Jan 2023 01:53:29 GMT 

                                        
                                            
age: 58687 

                                        
                                            
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6844

                                                Md5:    976dda397f9292a498ca9db5599c0378

                                                Sha1:   dad9e9c3462907a2475046aee36d57f8309cd44e

                                                Sha256: 7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 11129 

                                        
                                            
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ffDBZGRPoAMFedg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw== 

                                        
                                            
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 31 Jan 2023 03:40:17 GMT 

                                        
                                            
age: 52279 

                                        
                                            
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   11129

                                                Md5:    2797bfd35b7ec24888de84be14f7f2ec

                                                Sha1:   8e315ac5856967286eaa8769e081d827fb4ca39e

                                                Sha256: b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /ManageImpressions/ReportViaJsPlacement.aspx?hKey=1338743846&affid=1252169444874968&subid=1252169444874968&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1 

                                        
                                            
Host: ldsapi.tmginteractive.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain;charset=UTF-8 

                                        
                                            
Content-Length: 0 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         209.151.244.116

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
Cache-Control: private 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: Microsoft-IIS/10.0 

                                        
                                            
X-AspNet-Version: 4.0.30319 

                                        
                                            
X-Powered-By: ASP.NET 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-Service-Ip: 105 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:36 GMT 

                                        
                                            
Content-Length: 661 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators

                                                Size:   661

                                                Md5:    88757611abeff743ab3207a93c1747fe

                                                Sha1:   393b80e8358a51a69c60ae867a5991811edbb09c

                                                Sha256: 1d9d3eb9a8a9b198c6495462504f0cf001aae8c995a36446cb5306ecf7d761f0

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /ManageImpressions/ReportViaJsCampaign.aspx?hKey=1338743846&affid=1252169444874968&subid=1252169444874968&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1 

                                        
                                            
Host: ldsapi.tmginteractive.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain;charset=UTF-8 

                                        
                                            
Content-Length: 0 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         209.151.244.116

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
Cache-Control: private 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: Microsoft-IIS/10.0 

                                        
                                            
X-AspNet-Version: 4.0.30319 

                                        
                                            
X-Powered-By: ASP.NET 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-Service-Ip: 105 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:36 GMT 

                                        
                                            
Content-Length: 709 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (351), with CRLF line terminators

                                                Size:   709

                                                Md5:    5b706792f566414e4ee6e789ac7bf11e

                                                Sha1:   beeb0f8e1afd466a0c3355aabd26cda24698768e

                                                Sha256: daaba6034bb8ec96ecf8d757cb2fe954b29e21621135be4522de8cc80965a213

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://tmgassets.azureedge.net/ 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         13.107.238.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: font/woff 

                                        
                                    
                                        

                                        
                                            
content-length: 83760 

                                        
                                            
content-md5: /fSRzl/1stoCcIzQ6YZHGQ== 

                                        
                                            
last-modified: Fri, 21 May 2021 11:01:16 GMT 

                                        
                                            
etag: 0x8D91C47C18878E8 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: d2a0b055-401e-002d-2eff-33d733000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0zVnZYwAAAAAO/yB3duxHSK6fB27pqTsbRlJBMjMxMDUwNDE3MDQ3ADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
access-control-allow-headers: * 

                                        
                                            
access-control-allow-methods: GET 

                                        
                                            
x-azure-ref: 02VnZYwAAAAA1xfZ3etQyTpryJjvK7XrHQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:36 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format, TrueType, length 83760, version 1.0\012- data

                                                Size:   83760

                                                Md5:    fdf491ce5ff5b2da02708cd0e9864719

                                                Sha1:   7f2f3c55c2de192387c351b995115f6b79e09173

                                                Sha256: 66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.usertrust.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         172.64.155.188

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:37 GMT 

                                        
                                            
Content-Length: 472 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Last-Modified: Sat, 28 Jan 2023 22:10:16 GMT 

                                        
                                            
Expires: Sat, 04 Feb 2023 22:10:15 GMT 

                                        
                                            
Etag: "83ef8a9a1d0d6076e4909a427995c0a1b7d76289" 

                                        
                                            
Cache-Control: max-age=603794,s-maxage=1800,public,no-transform,must-revalidate 

                                        
                                            
X-CCACDN-Proxy-ID: mcdpinlb1 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 732 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 7924692d3ad71c0a-OSL 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3413 

                                        
                                            
Cache-Control: max-age=96739 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:37 GMT 

                                        
                                            
Etag: "63d82367-116" 

                                        
                                            
Expires: Wed, 01 Feb 2023 21:03:56 GMT 

                                        
                                            
Last-Modified: Mon, 30 Jan 2023 20:07:03 GMT 

                                        
                                            
Server: ECS (amb/6B93) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 278 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /go/api/zip/undefined?get_param=value HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/json, text/javascript, */*; q=0.01 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
X-Requested-With: XMLHttpRequest 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968 

                                        
                                            
Cookie: _ga=GA1.2.904798751.1675188704; _gid=GA1.2.76769928.1675188704; _gat=1; _hjSessionUser_2865935=eyJpZCI6IjZhY2VlZDU5LTZlNDQtNTgzNS1iOGE0LTI1YmI0OGM0M2RiMSIsImNyZWF0ZWQiOjE2NzUxODg3MDQwNDIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6Ijg2ZTM1MWRkLTZjN2YtNDcyMi05ODU3LTVmYTY3MWJjZDEwNyIsImNyZWF0ZWQiOjE2NzUxODg3MDQzNzYsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1; ci_session=hga2r8hav09963p86oid1qbhuqtcmmu0 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         107.23.100.94

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:37 GMT 

                                        
                                            
content-length: 111 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
expires: Thu, 19 Nov 1981 08:52:00 GMT 

                                        
                                            
pragma: no-cache 

                                        
                                            
set-cookie: ci_session=hga2r8hav09963p86oid1qbhuqtcmmu0; path=/; HttpOnly; SameSite=Lax 

                                        
                                            
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   111

                                                Md5:    4072747d6757278fe77c6970474ad27d

                                                Sha1:   7404af04b7ef1db62f26e0a08fe82ab5a184e901

                                                Sha256: 7d911cc2e66702b54cfca359fb39a67a65259e9ed6706c4a78516d20a4670e6f

                                            

                                            
                                                
Alerts:

                                                

                                                
                                                      Blocklists:

                                                    
                                                            - fortinet: Phishing

                                                    
                                                
                                                
                                                

                                                
                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         54.230.245.110

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=103956 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:37 GMT 

                                        
                                            
Etag: "63d83cc6-1d7" 

                                        
                                            
Expires: Wed, 01 Feb 2023 23:04:13 GMT 

                                        
                                            
Last-Modified: Mon, 30 Jan 2023 21:55:18 GMT 

                                        
                                            
Server: ECS (bsa/EB1F) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: SCL724TBZzPm8aTF43TIAi-jzM6a8GuIAFFQLqUsuG0vTXq0DZ4CKA== 

                                        
                                            
Age: 4135 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /gts1c3 HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         142.250.74.131

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:37 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: ocsp_responder 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: monthlysweeps.us 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/go/to/59bdf0/key/43c47717b156b450d4287913e9d34c82/aid/16944/s1/4874968 

                                        
                                            
Cookie: _ga=GA1.2.904798751.1675188704; _gid=GA1.2.76769928.1675188704; _gat=1; _hjSessionUser_2865935=eyJpZCI6IjZhY2VlZDU5LTZlNDQtNTgzNS1iOGE0LTI1YmI0OGM0M2RiMSIsImNyZWF0ZWQiOjE2NzUxODg3MDQwNDIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6Ijg2ZTM1MWRkLTZjN2YtNDcyMi05ODU3LTVmYTY3MWJjZDEwNyIsImNyZWF0ZWQiOjE2NzUxODg3MDQzNzYsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=1; ci_session=hga2r8hav09963p86oid1qbhuqtcmmu0 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin 

                                        
                                            
TE: trailers
search 
                                         107.23.100.94

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/vnd.microsoft.icon 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:37 GMT 

                                        
                                            
content-length: 5430 

                                        
                                            
server: Apache/2.4.41 (Ubuntu) 

                                        
                                            
last-modified: Mon, 26 Jul 2021 18:17:08 GMT 

                                        
                                            
etag: "1536-5c80ac2e78fe8" 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data

                                                Size:   5430

                                                Md5:    b0a102991e7332643ae57365023c00c8

                                                Sha1:   4ea4c55c982e08bda104d2e8e981594c067cef24

                                                Sha256: 1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ns/js/offers_extended_functions.min.js HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         13.107.238.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: JsdJsTroZxL3ol3Owm84Vg== 

                                        
                                            
last-modified: Mon, 07 Mar 2022 22:37:07 GMT 

                                        
                                            
etag: 0x8DA008B03257DBD 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 0c441b5d-401e-002d-2942-33d733000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0V0DZYwAAAADvG3BrwOytS6h/tQEsDlOURlJBMjMxMDUwNDE4MDUxADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 02VnZYwAAAACVXTq+y3NcQaEIjFJ7rGS5Q1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:36 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (349), with CRLF line terminators

                                                Size:   6038

                                                Md5:    4f392fcde2f50f00ad18e8a631ae2a9d

                                                Sha1:   509f491813dd8a617f1e7da0c480f6b5f169aa3d

                                                Sha256: b2ea60f5f731e5967c32c6fa1e27c128b0e0428c77d30d6437ba112bfb0f3bfd

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /api/hitsnap.ashx HTTP/1.1 

                                        
                                            
Host: ldsapi.tmginteractive.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Content-Length: 10688 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         209.151.244.116

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
Cache-Control: private 

                                        
                                            
Server: Microsoft-IIS/10.0 

                                        
                                            
X-AspNet-Version: 4.0.30319 

                                        
                                            
X-Powered-By: ASP.NET 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
X-Service-Ip: 105 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:37 GMT 

                                        
                                            
Content-Length: 21 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with no line terminators

                                                Size:   21

                                                Md5:    8736cdfe08480bca66cffeee06268705

                                                Sha1:   81af0417f969f93848b1cf30fce1db93884facc1

                                                Sha256: 838a7c62adda8d131d694ae13ba2c5b73579aeb0f327d9f23e23880943a8a289

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         54.230.245.110

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=120671 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:38 GMT 

                                        
                                            
Etag: "63d88e39-1d7" 

                                        
                                            
Expires: Thu, 02 Feb 2023 03:42:49 GMT 

                                        
                                            
Last-Modified: Tue, 31 Jan 2023 03:42:49 GMT 

                                        
                                            
Server: nginx 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: aGINBDZ0OSWGbfY4g_wytbwiWsVxUs6VxUsNkWYawFyoYhl3Mkt0bg== 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         54.230.245.110

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=156781 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:38 GMT 

                                        
                                            
Etag: "63d905c4-1d7" 

                                        
                                            
Expires: Thu, 02 Feb 2023 13:44:39 GMT 

                                        
                                            
Last-Modified: Tue, 31 Jan 2023 12:12:52 GMT 

                                        
                                            
Server: ECS (dcb/7F83) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: TeAEe54kgolfBdKtbdhLZE8kA-MIyJ_yCEbsM4JlqCG-xRcpWfHYIw== 

                                        
                                            
Age: 5507 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16751887149280.5472668256776861&invert_field_sensitivity=false HTTP/1.1 

                                        
                                            
Host: cdn.trustedform.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         54.230.111.111

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:39 GMT 

                                        
                                            
last-modified: Fri, 06 Jan 2023 16:07:22 GMT 

                                        
                                            
x-amz-version-id: mGsiKszEOvLychB1h9uHpdFpT70J3aoc 

                                        
                                            
etag: W/"90474758772e8fd27bc16a6e21bb75e8" 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-encoding: gzip 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: DyOu677RsaGteWrFSLmE6hJGfOhwJEoaym3IT3bGPHtkUtFmU4rUYg== 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   71572

                                                Md5:    1fc8112009aa59c4322636ef56c907ac

                                                Sha1:   67ac4ed975a477d946bfc4aef630f566b39bc30a

                                                Sha256: f1ee62fa76c417d72368aa720ce0515ef3a6bff38b3d38569941a0d30622b8d4

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /c/hotjar-2865935.js?sv=6 HTTP/1.1 

                                        
                                            
Host: static.hotjar.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         54.230.111.66

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:23 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
cache-control: max-age=60 

                                        
                                            
content-encoding: br 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
etag: W/35bf57c3427ec86a170a24c25f51190f 

                                        
                                            
strict-transport-security: max-age=2592000; includeSubDomains 

                                        
                                            
x-cache-hit: 1 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: nu3wBD3f2RqXKYjACOlWAsonC-oD-_mCgWOYkdSpv3HLpxXehp26PQ== 

                                        
                                            
age: 14 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (7535)

                                                Size:   28269

                                                Md5:    d46d80e48f3bb98b87f9761d32148f93

                                                Sha1:   f2fa3b0c3a67b1313090f5d9fe5595311f6a908b

                                                Sha256: 8b35fdb6176b12d03afcc5128060bc813ac6f1e21d21e43775af2dcfe92c67e3

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /box-2722367854ce9702c28ea74c51e2a23f.html HTTP/1.1 

                                        
                                            
Host: vars.hotjar.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         54.230.111.94

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html 

                                        
                                    
                                        

                                        
                                            
content-length: 1035 

                                        
                                            
date: Mon, 30 Jan 2023 16:06:06 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
cache-control: max-age=31536000 

                                        
                                            
content-encoding: br 

                                        
                                            
cross-origin-embedder-policy: require-corp 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
etag: "8665e233ef6caaf010ca89793f27b6f8" 

                                        
                                            
last-modified: Mon, 30 Jan 2023 16:05:37 GMT 

                                        
                                            
strict-transport-security: max-age=2592000; includeSubDomains 

                                        
                                            
x-robots-tag: none 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: iQbrDJ_Rb8gTlezbfmj2NpUmJp6_7WuV-7e3y4nfZZWuU1vTkpI8oQ== 

                                        
                                            
age: 93932 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators

                                                Size:   1035

                                                Md5:    8665e233ef6caaf010ca89793f27b6f8

                                                Sha1:   5c593fa5f33e55b3081308b43e6e801b56c047f7

                                                Sha256: 435a3ca7c1c49cbfac193647d056e46217e5c3f9c65c354974ad7acdfb8925ac

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /iframe.html?token=37722EAC-C1AF-56CA-AC59-AC840B082A08&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1 

                                        
                                            
Host: d2m2wsoho8qq12.cloudfront.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         54.230.245.35

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/html 

                                        
                                    
                                        

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Date: Tue, 31 Jan 2023 08:05:48 GMT 

                                        
                                            
Server: nginx 

                                        
                                            
Last-Modified: Mon, 30 Jan 2023 20:27:25 GMT 

                                        
                                            
ETag: W/"63d8282d-dbb" 

                                        
                                            
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: kKB2XO-sm1hojAkDUEIKRDHVLnzaFjDb-BDgqJ9MRVASnWBmj7v-jQ== 

                                        
                                            
Age: 36350 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text

                                                Size:   1449

                                                Md5:    ef825b8a88a51cd76a51d08dfc1d4f99

                                                Sha1:   5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b

                                                Sha256: 2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ldsapi/assets/script/common-extentions.min.js?20230119a HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         13.107.238.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: G3v7pHqbSC0Gvp9zsfwXIA== 

                                        
                                            
last-modified: Wed, 09 Jun 2021 12:26:50 GMT 

                                        
                                            
etag: 0x8D92B41DB6898DE 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 2cad6eb8-401e-0040-7b15-337d1d000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0VUDZYwAAAADJx4JLL0oVTpeOHGENWbePRlJBMjMxMDUwNDE4MDMzADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 02FnZYwAAAADpF+v7Gu4nSojqeEdSl5jQQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (3045), with no line terminators

                                                Size:   1016

                                                Md5:    ad5368382289282037b7ff980d324bdc

                                                Sha1:   d46cd618c2f439e6b2edf1587c45a6436ae157b1

                                                Sha256: 27c03ccc1c9189f657a0cce7d089063b5876458158f33c6466842b2664532cdf

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.sca1b.amazontrust.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache
search 
                                         54.230.245.110

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response 

                                        
                                    
                                        

                                        
                                            
Content-Length: 471 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Cache-Control: max-age=167580 

                                        
                                            
Date: Tue, 31 Jan 2023 18:11:38 GMT 

                                        
                                            
Etag: "63d939da-1d7" 

                                        
                                            
Expires: Thu, 02 Feb 2023 16:44:38 GMT 

                                        
                                            
Last-Modified: Tue, 31 Jan 2023 15:55:06 GMT 

                                        
                                            
Server: ECS (nyb/1D0D) 

                                        
                                            
X-Cache: Miss from cloudfront 

                                        
                                            
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: OSL50-P1 

                                        
                                            
X-Amz-Cf-Id: MDCmhx4nPoLKz9Lw38W76L8lYL1jZC8m8J6_XAw_HT2FOFGMGg983Q== 

                                        
                                            
Age: 2972 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /certs HTTP/1.1 

                                        
                                            
Host: api.trustedform.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain 

                                        
                                            
Content-Length: 645 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         3.92.140.101

                                        
                                            HTTP/2 201 Created 

                                        
                                            
content-type: application/json; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:39 GMT 

                                        
                                            
content-length: 475 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers:  

                                        
                                            
cache-control: max-age=0, private, must-revalidate 

                                        
                                            
server: Cowboy 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (475), with no line terminators

                                                Size:   475

                                                Md5:    3625c336b5017f30e2eb1c94ef5f7b8b

                                                Sha1:   9f98cf50f3a4ae0e4bdcc1599283925938175a92

                                                Sha256: b529f48002ed98f1fce43395b46b522377a60b4d293117b86c01905b2ba4d263

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /trustedform-1.8.35.js HTTP/1.1 

                                        
                                            
Host: cdn.trustedform.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         54.230.111.111

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
last-modified: Fri, 06 Jan 2023 16:07:23 GMT 

                                        
                                            
x-amz-version-id: PsGscq0o6WWOGkSqGH9BYInejEgnNeUZ 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-encoding: gzip 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:27 GMT 

                                        
                                            
etag: W/"cef26bd569e1a24279f16aecc87c254b" 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: OSL50-P1 

                                        
                                            
x-amz-cf-id: gV3rSOUYm2W2prcbFKGljm9KA2X_wDOGI09iWJlTe6iUhuhc_zPG1w== 

                                        
                                            
age: 20 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65536), with no line terminators

                                                Size:   37512

                                                Md5:    238062ed280fdd9f356a17e5ba207c05

                                                Sha1:   69e1952776599a4d3fde9eb7876917fc894c6ddb

                                                Sha256: 05fd2f5b6e840f2abae0af59622821588b9dc109c8803fea255961a4eb0c5b6f

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /2.11.9/InitFormData?msn=4&pid=e4ff4b13-050a-4e08-9ee6-25e7f1e9aedf&token=37722EAC-C1AF-56CA-AC59-AC840B082A08&_=845704638 HTTP/1.1 

                                        
                                            
Host: create.leadid.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-type: application/x-www-form-urlencoded 

                                        
                                            
Content-Length: 944 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         23.20.76.189

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain;charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:39 GMT 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: rgisanonymous=false; expires=Thu, 02-Mar-2023 18:11:39 GMT; Max-Age=2592000; path=/
rguserid=8fe02835-62be-4f49-8edf-9e0d87a2f996; expires=Thu, 02-Mar-2023 18:11:39 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 02-Mar-2023 18:11:39 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 02-Mar-2023 18:11:39 GMT; Max-Age=2592000; path=/ 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
expires: Sat, 26 Jul 1997 05:00:00 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-headers: X-Requested-With, Content-Type 

                                        
                                            
access-control-max-age: 1728000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            POST /2.11.9/InitFormData?msn=5&pid=e4ff4b13-050a-4e08-9ee6-25e7f1e9aedf&token=37722EAC-C1AF-56CA-AC59-AC840B082A08&_=845704639 HTTP/1.1 

                                        
                                            
Host: create.leadid.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-type: application/x-www-form-urlencoded 

                                        
                                            
Content-Length: 1064 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         23.20.76.189

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain;charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:40 GMT 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: rgisanonymous=false; expires=Thu, 02-Mar-2023 18:11:40 GMT; Max-Age=2592000; path=/
rguserid=68c0700c-2c02-445f-a37e-70a4bb35b206; expires=Thu, 02-Mar-2023 18:11:40 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 02-Mar-2023 18:11:40 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 02-Mar-2023 18:11:40 GMT; Max-Age=2592000; path=/ 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
expires: Sat, 26 Jul 1997 05:00:00 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-headers: X-Requested-With, Content-Type 

                                        
                                            
access-control-max-age: 1728000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                    
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg 

                                        
                                    
                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 5903 

                                        
                                            
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: fboufGeSoAMF-1g= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: ZKuBcZgC6yolu1QcaXZKAIIDynG3Zywq1d7sWI8Jlq3ULwlr6XlhWQ== 

                                        
                                            
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Tue, 31 Jan 2023 13:05:29 GMT 

                                        
                                            
age: 18374 

                                        
                                            
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   5903

                                                Md5:    42a648f9d34d8fb703f0b80a52e0deec

                                                Sha1:   7ccefd66211d249ae5266c3b6ae3375a19e5cb6d

                                                Sha256: a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /2.11.9/GenerateToken?msn=1&pid=e4ff4b13-050a-4e08-9ee6-25e7f1e9aedf&_=845704635 HTTP/1.1 

                                        
                                            
Host: create.leadid.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-type: application/x-www-form-urlencoded 

                                        
                                            
Content-Length: 250 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         23.20.76.189

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain;charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:38 GMT 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: rgisanonymous=false; expires=Thu, 02-Mar-2023 18:11:38 GMT; Max-Age=2592000; path=/
rguserid=6a065191-32ae-4b14-97d7-f53687066f23; expires=Thu, 02-Mar-2023 18:11:38 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 02-Mar-2023 18:11:38 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 02-Mar-2023 18:11:38 GMT; Max-Age=2592000; path=/ 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
expires: Sat, 26 Jul 1997 05:00:00 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-headers: X-Requested-With, Content-Type 

                                        
                                            
access-control-max-age: 1728000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /2.11.9/InitFormData?msn=3&pid=e4ff4b13-050a-4e08-9ee6-25e7f1e9aedf&token=37722EAC-C1AF-56CA-AC59-AC840B082A08&_=845704637 HTTP/1.1 

                                        
                                            
Host: create.leadid.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-type: application/x-www-form-urlencoded 

                                        
                                            
Content-Length: 12855 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         23.20.76.189

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain;charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:38 GMT 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: rgisanonymous=false; expires=Thu, 02-Mar-2023 18:11:38 GMT; Max-Age=2592000; path=/
rguserid=700a3ed8-cb8d-4ec7-afd1-7f97f99e67b5; expires=Thu, 02-Mar-2023 18:11:38 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 02-Mar-2023 18:11:38 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 02-Mar-2023 18:11:38 GMT; Max-Age=2592000; path=/ 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
expires: Sat, 26 Jul 1997 05:00:00 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-headers: X-Requested-With, Content-Type 

                                        
                                            
access-control-max-age: 1728000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /api/v2/client/sites/2865935/visit-data?sv=6 HTTP/1.1 

                                        
                                            
Host: in.hotjar.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: text/plain; charset=UTF-8 

                                        
                                            
Content-Length: 115 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         34.253.22.133

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:38 GMT 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
cache-control: no-cache, no-store 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-credentials: true 

                                        
                                            
access-control-max-age: 86400 

                                        
                                            
content-encoding: br 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1 

                                        
                                            
Host: create.lidstatic.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         172.67.41.229

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:37 GMT 

                                        
                                            
x-amz-id-2: C7UZ1BMjaKw8Upedm6ncDMEXCFYYaEDc4dLFaz9NrnpjCI3mFM5vKam2RVLtk70csxQI9+Zo3IY= 

                                        
                                            
x-amz-request-id: 8PXXVEAXQSDXH30C 

                                        
                                            
x-amz-replication-status: COMPLETED 

                                        
                                            
last-modified: Fri, 12 Nov 2021 00:55:16 GMT 

                                        
                                            
etag: W/"97495a102c98049f30e62264b1eb50f5" 

                                        
                                            
cache-control: max-age=1800 

                                        
                                            
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG 

                                        
                                            
cf-cache-status: HIT 

                                        
                                            
age: 12 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
server: cloudflare 

                                        
                                            
cf-ray: 7924692d6d36b4ed-OSL 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            POST /2.11.9/SaveDom?msn=2&pid=e4ff4b13-050a-4e08-9ee6-25e7f1e9aedf&token=37722EAC-C1AF-56CA-AC59-AC840B082A08&_=845704636 HTTP/1.1 

                                        
                                            
Host: create.leadid.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-type: application/x-www-form-urlencoded 

                                        
                                            
Content-Length: 512 

                                        
                                            
Origin: https://monthlysweeps.us 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         23.20.76.189

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/plain;charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:38 GMT 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: rgisanonymous=false; expires=Thu, 02-Mar-2023 18:11:38 GMT; Max-Age=2592000; path=/
rguserid=310f6ab9-a24f-41bc-8d7c-9dae8556f4e7; expires=Thu, 02-Mar-2023 18:11:38 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 02-Mar-2023 18:11:38 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 02-Mar-2023 18:11:38 GMT; Max-Age=2592000; path=/ 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
expires: Sat, 26 Jul 1997 05:00:00 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-headers: X-Requested-With, Content-Type 

                                        
                                            
access-control-max-age: 1728000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /iframe.html?token=37722EAC-C1AF-56CA-AC59-AC840B082A08&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1 

                                        
                                            
Host: deviceid.trueleadid.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://d2m2wsoho8qq12.cloudfront.net/ 

                                        
                                            
Cookie: uuid=c227fcbd38724d909da9163ea99c4f39 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         100.25.237.106

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:39 GMT 

                                        
                                            
server: nginx 

                                        
                                            
last-modified: Wed, 07 Dec 2022 21:18:32 GMT 

                                        
                                            
etag: W/"63910328-1049" 

                                        
                                            
expires: Wed, 01 Feb 2023 18:11:39 GMT 

                                        
                                            
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS" 

                                        
                                            
cache-control: max-age=86400, public 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /engine?site=141028;size=1x1;e=0;dt=0;category=i1kh9%3A%20%20vgmtitpkdexx1%20ts%20of%20ao%20di3cf1%20b6f%20nblw672f2tm6ucesc43gy1i3xhmv3c9a%202zd%209f134%200s%20l8qciy7-%202ec4ofv%205nmbqe;kw=nwelylh056dpt%20lk%20%7C%204jdlas1%208zfc%20l2qd%20%7C%20m4oynr4ham%20jove8022jet;rnd=(1675188714903) HTTP/1.1 

                                        
                                            
Host: pbid.pro-market.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Upgrade-Insecure-Requests: 1 

                                        
                                            
Sec-Fetch-Dest: iframe 

                                        
                                            
Sec-Fetch-Mode: navigate 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         107.178.240.89

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/html 

                                        
                                    
                                        

                                        
                                            
server: Apache-Coyote/1.1 

                                        
                                            
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" 

                                        
                                            
anserver: gapp-eu-4.c.datonics-gcp-01.internal 

                                        
                                            
set-cookie: anProfile="0+1+4=21x+1f=1+1g=2+1j=57:1+rs=s+rt=5B5A2A9A+s0=(u)+s2=(rpd3vd)"; Domain=.pro-market.net; Max-Age=15552000; Path=/; Secure; SameSite=None; 

                                        
                                            
pragma: no-cache 

                                        
                                            
cache-control: no-cache, no-store, must-revalidate 

                                        
                                            
expires: Mon, 1 Jan 1990 0:0:0 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
content-encoding: gzip 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:36 GMT 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=60&token=37722EAC-C1AF-56CA-AC59-AC840B082A08&uuid=c227fcbd38724d909da9163ea99c4f39 HTTP/1.1 

                                        
                                            
Host: create.leadid.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://deviceid.trueleadid.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         23.20.76.189

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/javascript;charset=UTF-8 

                                        
                                    
                                        

                                        
                                            
date: Tue, 31 Jan 2023 18:11:39 GMT 

                                        
                                            
server: nginx 

                                        
                                            
set-cookie: rgisanonymous=false; expires=Thu, 02-Mar-2023 18:11:39 GMT; Max-Age=2592000; path=/
rguserid=7af893c7-cb3b-461b-a3ca-04fb4fb8e39a; expires=Thu, 02-Mar-2023 18:11:39 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 02-Mar-2023 18:11:39 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 02-Mar-2023 18:11:39 GMT; Max-Age=2592000; path=/ 

                                        
                                            
cache-control: no-cache, must-revalidate 

                                        
                                            
expires: Sat, 26 Jul 1997 05:00:00 GMT 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-allow-headers: X-Requested-With, Content-Type 

                                        
                                            
access-control-max-age: 1728000 

                                        
                                            
strict-transport-security: max-age=31536000; includeSubDomains; preload 

                                        
                                            
content-encoding: gzip 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ns/js/13488000.min.js?3531k31j20233531j01ckl31llk107jkk113500 HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
TE: trailers
search 
                                         13.107.238.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: 9wgtvP0cVsloq3UaPunwsA== 

                                        
                                            
last-modified: Mon, 14 Mar 2022 19:57:50 GMT 

                                        
                                            
etag: 0x8DA05F4EB4E2F58 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 20681a06-801e-0056-63c7-34bc83000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0zFnZYwAAAADXc9yabcUoT7I07S/2+EfFRlJBMjMxMDUwNDE3MDQ5ADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 02FnZYwAAAADb5LRnUfZ6RLNOiwB998cbQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ldsapi/assets/script/common.min.js?version=20230119a HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.107.238.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: C6fwdGWIexTnY7MOkhccRw== 

                                        
                                            
last-modified: Wed, 18 Jan 2023 19:27:21 GMT 

                                        
                                            
etag: 0x8DAF98A05414A99 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_REMOTE_HIT 

                                        
                                            
x-ms-request-id: c369e5a3-501e-0032-2b3c-350c23000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 02FnZYwAAAABJejDRVduHSrPn2HbWkUDCRlJBMjMxMDUwNDE3MDUxADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 02FnZYwAAAACKfExs/kS7QIcw86T2sgacQ1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 HTTP/1.1 

                                        
                                            
Host: tmgassets.azureedge.net 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         13.107.238.53

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript 

                                        
                                    
                                        

                                        
                                            
content-encoding: br 

                                        
                                            
content-md5: Shzc0tuaykHxXX+tfi+uUQ== 

                                        
                                            
last-modified: Fri, 21 May 2021 12:34:19 GMT 

                                        
                                            
etag: 0x8D91C54C1586655 

                                        
                                            
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 

                                        
                                            
x-cache: TCP_HIT 

                                        
                                            
x-ms-request-id: 82d58108-301e-004f-0d08-3490eb000000 

                                        
                                            
x-ms-version: 2009-09-19 

                                        
                                            
x-ms-lease-status: unlocked 

                                        
                                            
x-ms-blob-type: BlockBlob 

                                        
                                            
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-azure-ref-originshield: 0zFnZYwAAAABmIs+7gjuMQ5uBympaOdZ7RlJBMjMxMDUwNDE3MDExADI4NTljMDM1LTBmN2YtNDlmOS04ZjQ3LTVlMTU4YmUzMmM1NQ== 

                                        
                                            
x-azure-ref: 02FnZYwAAAACt+WzkhbJfQbEcoEizytE+Q1BIMzBFREdFMDQxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU= 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---

                                            

                                            
                                            
                                        

                                    
                                        
                                            GET /css?family=Lato:400,700|Oswald:400,600,700 HTTP/1.1 

                                        
                                            
Host: fonts.googleapis.com 

                                        
                                    
                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://monthlysweeps.us/ 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site
search 
                                         142.250.74.106

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: text/css; charset=utf-8 

                                        
                                    
                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
timing-allow-origin: * 

                                        
                                            
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
expires: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
date: Tue, 31 Jan 2023 18:11:35 GMT 

                                        
                                            
cache-control: private, max-age=86400 

                                        
                                            
cross-origin-resource-policy: cross-origin 

                                        
                                            
cross-origin-opener-policy: same-origin-allow-popups 

                                        
                                            
content-encoding: gzip 

                                        
                                            
server: ESF 

                                        
                                            
x-xss-protection: 0 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        

                                            

                                            --- Additional Info ---