Report - monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966

Report Overview

Submitted URL
monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966
IP
54.161.16.68
ASN
#14618 AMAZON-AES
Submitted
2023-01-06 09:11:22
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
ldsapi.tmginteractive.com	85617	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	7.5 kB	209.151.244.116
create.lidstatic.com	24133	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423 B	566 B	104.22.38.182
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	4.9 kB	143.204.42.165
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	1.2 kB	216.58.207.228
ocsp.usertrust.com	899	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	342 B	1.0 kB	172.64.155.188
monthlysweeps.us	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.8 kB	761 kB	54.161.16.68
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
tmgassets.azureedge.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	133 kB	13.107.238.53
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	607 B	708 B	74.125.131.155
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	812 B	1.8 kB	104.18.10.207
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	8.4 kB	142.250.74.131
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	67 kB	216.58.207.227
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.213.75
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
deviceid.trueleadid.com	2097	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	670 B	332 B	52.0.161.213
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	81 kB	172.64.132.15
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	172.64.155.188
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	827 B	68 kB	104.17.24.14
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	803 B	14 kB	151.101.129.229
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.5 kB	93.184.220.29
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	443 B	166 kB	142.250.74.35
api.trustedform.com	23021	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	1.5 kB	54.167.87.86
create.leadid.com	14598	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	20 kB	52.72.8.210
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	4.8 kB	143.204.55.84
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.21.226
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	70 kB	143.204.55.68
in.hotjar.com	1746	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	1.8 kB	54.171.56.153
ads.pro-market.net	47212	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	1.4 kB	23.36.76.115
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	21 kB	142.250.74.14
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	1.7 kB	143.204.55.101
cdn.trustedform.com	24659	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	867 B	39 kB	54.230.111.111
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	746 B	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-06	medium	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	Phishing
2023-01-06	medium	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	Phishing
2023-01-06	medium	monthlysweeps.us/assets/js/datepicker.js	Phishing
2023-01-06	medium	monthlysweeps.us/go/api/zip/undefined?get_param=value	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (59)

	URL	Size	First Seen	Last Seen
	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	251 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen133 Hash 5e5e656f3e03c73caf1e8041dc391cb9 2bdd8662597ed7b2cff53dcbe25c09c330405072 8b87151430dbd8fd8e394bd633281ec51254fe0cd5326d441a7ad56895e0e5c8 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	93 B	2023-03-07	2023-04-06
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:58 Last Seen2023-04-06 08:01:19 Times Seen43 Hash 7ac1e39b1d744602bc870cf03bcfddd0 73bceab8f4329bd7bdada8df7956249e86a13ffc 3709af90fba20c69446f2ea7e1e5c21101f7109c5b0b885f21d430247af00385 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	397 B	2023-03-07	2024-01-19
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen579 Hash d54e487a455caded5dec88dad6038538 7aac4b5089e75a37a0281aee2080ae3081b4b387 5c263fa7f8418b34917b5ae5689fbd313530820aeaac85e768084e745c2ea239 Loading...

	ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966	858 B	2023-03-12	2023-03-12
Pretty URL ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966 IP 209.151.244.116 ASN #11051 CYBERVERSE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:56:29 Last Seen2023-03-12 15:56:29 Times Seen1 Hash a76c7c17622807daefd77a1f24cc5459 66f868eee9181972f0a2427e91942eac76e20bc1 c8fdde1587981174d5b7babe060f520a2b4d58903d65d10de25bb145fb20a04c Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	60 B	2023-03-12	2023-03-12
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:56:29 Last Seen2023-03-12 15:56:29 Times Seen1 Hash 561e7402370ebe242bf07a41bf99e3fa fda3123d13ca5a6133b49db77524d668b3a92dbd 7e5b851015a4c16bb2355ba025ed5c0a1631959f287e328fea85050dacea6457 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n	5.8 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen159 Hash 10616855bf3a8c21b9b134fee239b3c6 dba045ba0742cfc54ef7a864e50d4372a8217919 0b248c5b1e6aa82997e9e8ac79a837e5ebe0b5e3478ea8e24500487cad65085c Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	3.9 kB	2023-03-07	2023-04-06
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:58 Last Seen2023-04-06 08:01:19 Times Seen43 Hash d64841ff0fc699c7df7c7e11818b4e22 e5fe39b60c7c852a806e000beb0bfe80e4da8c0a f2f3211b728d697a5f6cd605bfd5074fefd6b6ca439affa07cae7ffa9735a028 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	1.7 kB	2023-03-07	2023-03-14
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:58 Last Seen2023-03-14 14:48:26 Times Seen1 Hash 20c7983bb7d39ef1fb9e9cb1c8346e70 a87728f497f968bd03e4f8afc7ec697248e60975 bed2be306f932c7494a53eb2f5586b4cc0f606e81468a823ff561cba93983438 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=lw0zls85uh9r	69 B	2023-03-07	2024-04-19
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=lw0zls85uh9r IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-19 02:12:27 Times Seen99029 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html	2.3 kB	2023-03-08	2023-03-26
Pretty URL vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html IP 143.204.55.101 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:11 Last Seen2023-03-26 01:38:12 Times Seen2 Hash 2ab04d2242413cc15369fa816e1a02f8 8ff148dd539f0fff0892dcc2075839c315cb8642 fe51660a3d21efbefab64694f51d02f2bcee4e82c324895e93c78ba6179508a3 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	399 B	2023-03-07	2023-05-08
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-05-08 11:53:33 Times Seen4 Hash 5c82890d7436d8ec5f068fb6c7a26c25 2e25a5ad23209c32bc02e4fa3aa982b429c3468e b335bc100f2c8821c1de9742b26482417d79a44e3fcb865125e7e0a5f8f46727 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	59 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen131 Hash 3343475b76e305c87e4909ec17461632 d804d3249185ffc4b3194d122eba05ae7fa9068a bfc2a2ab607a55ce5886b480478989829ea8758da7facad490635683e6629e43 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419	2.0 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen159 Hash aa9ff88f2d52cd1f5e46f8a07aec5e78 13a3853b6f53a862d8cb02346df5b1c555ccc6f6 e62184b995250b6cd0e3f0bccfa159ba6bd3751def6abc8c0f2c96df6ef27427 Loading...

	tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?126k6j2023126j01ckl06llk010jkk111200	2.4 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?126k6j2023126j01ckl06llk010jkk111200 IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen166 Hash f7082dbcfd1c56c968ab751a3ee9f0b0 930f3fa7714bb7fa94ea7f98e49cbc8c80e41878 505729c526d3287d1e914583830cb41750101d011da93b0e9670c5c397abd08d Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	819 B	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen197 Hash b543295aeb728bc0b47cd37af1155cc3 4de5193a69a306a61a681f1b8bbcec3074dfa0a0 6827f7cf902367971025104b0c9e266cc9a8b2c133980f54eed0b3accc65baf6 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	592 B	2023-03-07	2024-01-19
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen746 Hash b7819f20ec3d377b9fb124f8f0e8ceb4 bc1c20068326ed8b2630a25df9f6f4b2dc281638 a4124d51bb27da6fe4eb67bb019de6d0999d38cfe588b59f38ceaebe7c409488 Loading...

	tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js	41 kB	2023-03-07	2023-06-01
Pretty URL tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-06-01 20:05:18 Times Seen262 Hash 26c749b13ae86712f7a25dcec26f3856 18065acf65c1d3ae276069cafc3b1ee60773ac7d c2bde97781b1ee79ac29c16508b257a62f14e5cc423c9d21007701bb30c51b71 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-18
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js IP 104.18.10.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-18 08:16:15 Times Seen6200 Hash ce6e785579ae4cb555c9de311d1b9271 5ef2c15b47d7290698c737676ba9c3056b45f2e8 0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20221213a	141 kB	2023-03-09	2023-03-12
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20221213a IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 07:55:35 Last Seen2023-03-12 19:43:27 Times Seen1 Hash 63e4c87027401d71ce567c13374c4867 5136654c8bb6613aaf916b54a45262e6830c4851 7808637b5da41c0c998906151b90f24beaecc61cd5209035a79e6365a3d2fc39 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	235 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen132 Hash e41f80529cf4002c391833271af2f37b 4d7eb0ef27b477b04b992ca50da1c3bb19498c12 3a462ec73996538ce080b96a3e55af30dbedfda9e00e6e9cdd089aac8956a301 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	236 B	2023-03-12	2023-03-12
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:56:29 Last Seen2023-03-12 15:56:29 Times Seen1 Hash 798eee977ff434894a3d3991037c0456 9dc97e1621886badf65e2f03fc285da04f84ef8b 2467ceb89b98b6244c079b7d59d92371829738b432d23565b615e9a0171964ef Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	1.5 kB	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:58 Last Seen2023-12-29 04:03:38 Times Seen53 Hash a46a0a1e4f99984e7805bac546ffdb34 9d7b75ab871a82d36f3989a552e6bd970a9b3878 ea7f500cacb3370c9c268ff1e8829772349270527b95c9c5172e750f65293dc9 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-18
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-18 21:02:43 Times Seen1513 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4	3.4 kB	2023-03-07	2023-04-05
Pretty URL d2m2wsoho8qq12.cloudfront.net/iframe.html?token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen430 Hash dd90e68a27b15b3378f44fa576f7cde5 64a9f1d55a2ff24678318bd48fde93fcec154397 5127171a2622e36e3899b78eaea4e123fffbc640879520918c6a3b79b0548037 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 03:00:12 Times Seen36951907 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	monthlysweeps.us/assets/js/datepicker.js	17 kB	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/assets/js/datepicker.js IP 54.161.23.57 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:39 Times Seen275 Hash 50e8118195525667c97c698ae2063198 b81b9cdd700240e03f5a700577cf2f162b5d2cda 6d41c10e9bae08259ba5b58757e8dbf6713dfa033fee3330ae37e85660c85726 Loading...

	ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966	15 kB	2023-03-12	2023-03-12
Pretty URL ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966 IP 209.151.244.116 ASN #11051 CYBERVERSE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:56:30 Last Seen2023-03-12 15:56:30 Times Seen1 Hash a55cd2b9fab9d1d3a51c2a85ea65169d 75e691867762a7a1483ac409733b8a5c57bf44fe 6132b5f78124d839c2e0679538f34cfc4ae0f04f8d4c4b45e637477ca7a88920 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	1.9 kB	2023-03-12	2023-03-12
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:56:30 Last Seen2023-03-12 15:56:30 Times Seen1 Hash dd3b26a3eb5e4495c1436893badc5c5f 843f9871a3a2660bf49b1e78c5375a084f1a8cef 7537b669d7394c6b6526399aad64fa324ff3139bb59d1420d2af129f7f25a4d7 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20221213a	3.0 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20221213a IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen159 Hash b07baa2517c1f03c950406a88a1f6c99 0c3c68e0c2a3784374962534bffa9f2b269e891a 14350d698fd8a3e89854a22bb7602a63e1ef45bfd82b1a1f4f9abf2e5d140bf5 Loading...

	cdn.trustedform.com/trustedform-1.8.34.js	104 kB	2023-03-12	2023-03-12
Pretty URL cdn.trustedform.com/trustedform-1.8.34.js IP 54.230.111.111 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:17:14 Last Seen2023-03-12 16:07:28 Times Seen1 Hash 25857b744e24e1165d58b27253270dd7 bb15f45799ca66aad7f40da6f09f77414858770f 154d6c81b942beaab80f394a447f6cadac50a049bca93c712478f5233bfc9bec Loading...

	deviceid.trueleadid.com/iframe.html?token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4	4.1 kB	2023-03-07	2023-04-05
Pretty URL deviceid.trueleadid.com/iframe.html?token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 IP 52.0.161.213 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen431 Hash 1d08eacf8810260f7f983057db5300af a6fa3b482a165ab84c34b418bee093c439f74034 61ea1ea5a132046ca584940a34a1eae6c007dc56062d2a76cf0dea486a52048b Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	278 B	2023-03-07	2023-04-06
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:58 Last Seen2023-04-06 08:01:19 Times Seen43 Hash d7a5e70d4ec0dc538219b8c13a4abc66 5cd945fbd5fc94308093a4c6d73c3cdcf4fd84af a4eb87e2c2e0f9d03998c3cbf03a16607948ee3d477b6e60d145e611f191d4ee Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	636 B	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen203 Hash 15b9512f5be4a2575dcc59ac37856c2e 061aea4612abe4faf05c4a3f0f0fac7e888c0546 be6eb2c523a276099bad06bc2e02f8917e998f73ac0cda2426521cb4632a2be1 Loading...

	api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16729962624360.36168859214294213&invert_field_sensitivity=false	8.1 kB	2023-03-12	2023-03-12
Pretty URL api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16729962624360.36168859214294213&invert_field_sensitivity=false IP 54.167.87.86 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:17:14 Last Seen2023-03-12 16:07:28 Times Seen1 Hash 1990193718ad6b75308b44eb5980db2c 0ebd03b4c7ba89f822060503add7e6aa55ca94cd 114ed5bf1ea644273918f7350d823db12d2d64307c8d89d7ca5989c78dd9da8c Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	355 B	2023-03-07	2024-01-19
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen582 Hash 75e4cb955a63d07fced3932d9d8f6fe0 d73015dc9bf416fd308c9f40d350945f0cfc1720 8d1c6afe9fcc4a69fd903b60adf921b932fa4baead70e2c5984550770588841a Loading...

	create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2	126 kB	2023-03-07	2024-01-16
Pretty URL create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 IP 104.22.38.182 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-16 16:52:02 Times Seen739 Hash 97495a102c98049f30e62264b1eb50f5 2826aca635888817ca3869a59dda0f1c53e32788 e3d44f6e098f5d3c6b47bb00453dbb1d58b7848332ffc70fc756009b189ba322 Loading...

	static.hotjar.com/c/hotjar-2865935.js?sv=6	9.5 kB	2023-03-12	2023-03-12
Pretty URL static.hotjar.com/c/hotjar-2865935.js?sv=6 IP 143.204.55.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:56:28 Last Seen2023-03-12 15:56:31 Times Seen1 Hash c9a45ead6f8ac097e163371eee24b622 8ecc592f1b571154cdf2f3e8547da73d7389da19 ba89624ba6c14a2bb2c33e1b8d3b428248ed9a5dad58df167bb81725a8a108dd Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js	20 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-18 08:16:15 Times Seen7521 Hash 6b08ddc901000d51fa1f06a35518f302 bafe987c18cbe0587de3e6360e7da40a2885614b 02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5 Loading...

	cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js	18 kB	2023-03-07	2024-04-15
Pretty URL cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-04-15 10:27:43 Times Seen259 Hash 35fd33d8c4423cfffc1d4d3ccc7540e8 838ac66c3ecac6b6136b049bdd0e14f2f022952c 219324a6611109fcb8c440e9e38af1802240ee8f1453d557353cc20cdaaead6e Loading...

	cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js	23 kB	2023-03-07	2024-04-03
Pretty URL cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-04-03 15:26:41 Times Seen747 Hash c4499184878d17d8af6f4181c0d03102 c5a2ff013fa357c1d2a6571b5d8e658e670080ea aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103	47 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 IP 13.107.238.53 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen201 Hash 9425c8e694426b8078e0ebbaf1299fc2 d07edb40c26273a374d6f6f4863081df3c22de67 013a484e9d90cbc93f749fe4004a1408007f2da1a8a2b5493a502ff98c2ac211 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	1.2 kB	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen131 Hash 290521b524b82ebb5e14abaa01b9c1d8 e19492d85482147f62fb918a12559d134613d1c6 6393e147bc9a141d678f284121df133e3602f8119776b958aeb9424420de193e Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	31 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen132 Hash f0dd4e668cb669f70d1d71baf4e997d4 d50cf8f2eb31b6051f03ba1415a38c510cf1572e e96f51430063dc23626602bfa108e18b004b9a4f5f87fb2aee1144fed6cfca6c Loading...

	www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi	884 B	2023-03-09	2023-03-12
Pretty URL www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:02:22 Last Seen2023-03-12 21:53:30 Times Seen1 Hash 3aa929bd409d39da57a35cba2e476e05 3d1b003e2c243053df7686a137a5bde50a294383 b5e78a1795efcad4c26b0039431f291e29f6d60057817853645c6040df00fbf6 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966	64 B	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen203 Hash 43c10d2b2f042467d4d17140c6e4d179 df16bc29f5ac9468b35c32bb0d834221cf5171a4 6e67dc180a86d584ee19d9a3635ce615cc1fe3612f7adfac03df055d25066dc3 Loading...

	ads.pro-market.net/ads/scripts/site-141028.js	2.2 kB	2023-03-07	2023-05-05
Pretty URL ads.pro-market.net/ads/scripts/site-141028.js IP 23.36.76.115 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-05-05 20:04:46 Times Seen629 Hash 365b5ee3c0302c78c16f7de2f16f2e9c 8c2e46af5cfe004d044f84067ce8e41a20bfa806 07f9667f25cfdb29c4bd56f3fc9d9f2fdc095ef87f0563b4f0bfc0dc66530b9a Loading...

	www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js	413 kB	2023-03-09	2023-05-14
Pretty URL www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:01:54 Last Seen2023-05-14 04:54:45 Times Seen14 Hash 9766c890a2a7ca24558a3029fc4f9433 fbaeb9bb4481486ba863e612da0b883647fad54b a066a4744676ecfbac78b5a339f818c314c8d75c884ad2723c366af5bfe21a11 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=lw0zls85uh9r	35 kB	2023-03-12	2023-03-12
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=lw0zls85uh9r IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 15:56:30 Last Seen2023-03-12 15:56:30 Times Seen1 Hash bf7984837410db708f0120fa24479bb4 cdc2a00ec9c9dea33b84dc1c542264faf7f4387a 9edc32f279c61c2361067697ab48d8c2e406b129a9d046125580035a94cf60e5 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5923e6a91fd004cc0815f0a5494f6368	14 B	2023-03-07	2024-04-18
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-18 12:28:01 Times Seen2526 Hash 5923e6a91fd004cc0815f0a5494f6368 6f0cc8f774ac9d8240ffe81a9c659c9612d7bb70 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33 Loading...

	#2 Eval - e063d1953a17069ad02dbf986818b8dc	16 kB	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:53:05 Last Seen2023-03-13 16:32:37 Times Seen1 Hash e063d1953a17069ad02dbf986818b8dc 8abad2ce510b756a3ef25bd9298fe29c268e9eee d90538b891b0faa88bb08314660918942260c2ace5720f0bb44498bd13171c76 Loading...

	#3 Eval - 833ff23c7d9409e189d72bf62bdfad95	19 kB	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 15:56:30 Last Seen2023-03-12 15:56:30 Times Seen1 Hash 833ff23c7d9409e189d72bf62bdfad95 59f09931b25da51caac318bf0952310e46f857f1 e7c3aeb74a5bb6dba79ecbd933413d17cb7585d978f53797275348320b0326c6 Loading...

	#4 Eval - 53c0880f8f32160b9d3b7cfd1ed057ed	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:53:05 Last Seen2023-03-13 16:32:37 Times Seen1 Hash 53c0880f8f32160b9d3b7cfd1ed057ed cf64a8578aac0cdbef32ee14885a2b2b68984ecc e62188d211f8522a0d02bbc2b5e8fea05d32dd1b03c4602c86673da2007d97dd Loading...

	#5 Eval - 809a6c1033959ae343e7d0063be7241d	39 B	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 15:56:30 Last Seen2023-03-12 15:56:30 Times Seen1 Hash 809a6c1033959ae343e7d0063be7241d 35a4199d7e17ac26b2f24bdc86b96e10d333bb40 c1082de1c4345e9b06018dc2d960773afe93a4d8f9d6b338b114a8676aa9d020 Loading...

	#6 Eval - bd5d4a79b8b6cde301f570673ad19e18	27 B	2023-03-07	2023-12-29
Pretty Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen200 Hash bd5d4a79b8b6cde301f570673ad19e18 7de704c433042a1827654062d3e0ec8dc3c9349e 52b43864b9f1786d8c0d2d679562e90dc2a00c9d68ea80188a37d9b01d23dd47 Loading...

	#7 Eval - dc0c1d1ae1789271f3d76661e40eba86	64 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:53:05 Last Seen2023-03-13 16:32:37 Times Seen1 Hash dc0c1d1ae1789271f3d76661e40eba86 93d5679b5163dfbc63bbe3e2296d250a4221a62c 2c6fcc10d170735ea0103cebd297129fae592327ed69dbf1773991fe63c4d8d0 Loading...

	#8 Eval - 0f48fd78a406eb6667e584168b0784c1	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:53:05 Last Seen2023-03-13 16:32:37 Times Seen1 Hash 0f48fd78a406eb6667e584168b0784c1 37743d32242a67dadfb76d656dd47018fa6e7391 0af0cb21968fe023d8ea63ee97d9b7172bb86ffeab2023aa51326d793e379a00 Loading...

	#9 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 03:00:12 Times Seen36951907 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - b21b95c4c9bf6cb3246fcd2c401757b7	830 B	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 15:56:30 Last Seen2023-03-12 15:56:30 Times Seen1 Hash b21b95c4c9bf6cb3246fcd2c401757b7 bd8c48e6df72cf2392f9eadeeafa06df4be477dc 31cafafb20381c8fc994068db79a1fe30439f862017b27097598007200a1d485 Loading...

	#2 Write - 9fcec69e46f1b594d304dcb875a5a4ff	15 kB	2023-03-12	2023-03-12
Pretty Observations First Seen2023-03-12 15:56:30 Last Seen2023-03-12 15:56:30 Times Seen1 Hash 9fcec69e46f1b594d304dcb875a5a4ff 7bac5235a26661591c182227c54e7e586fda51a2 c5dcec6658881a3836f15d00e69adbf90e9ef1b64b580242ce32510cf8472470 Loading...

HTTP Transactions (103)

URL IP Response Size

monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966

54.161.16.68

301 Moved Permanently

134 B

URL HTTP/1.1
monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966
IP
54.161.16.68:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 06 Jan 2023 09:11:10 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://monthlysweeps.us:443/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20929
Expires: Fri, 06 Jan 2023 14:59:59 GMT
Date: Fri, 06 Jan 2023 09:11:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b5997a492d3d161c9009d95add566733
9db765ae549ebe4aa859ca27abe365cf7f62dc4d
1ec0de25b0afd3b402c728b9c6b47c4fcf25fb989052427886841a3f52510a0e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1EC0DE25B0AFD3B402C728B9C6B47C4FCF25FB989052427886841A3F52510A0E"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15027
Expires: Fri, 06 Jan 2023 13:21:37 GMT
Date: Fri, 06 Jan 2023 09:11:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 06 Jan 2023 08:41:19 GMT
content-type: application/json
age: 1791
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
600f7ba6e1a6fbbd176cd2df19b1e4d9
cdd72b25fd91ee980aba193b12e890096e4fe852
860214860947dfbe26099f018747154823b175fceb2821a390cc655da191a6d0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "860214860947DFBE26099F018747154823B175FCEB2821A390CC655DA191A6D0"
Last-Modified: Thu, 05 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2800
Expires: Fri, 06 Jan 2023 09:57:50 GMT
Date: Fri, 06 Jan 2023 09:11:10 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: WnUoHb6349FB7bclz4wP320ohTiu0Kv6Q2bNAXiqM4DYwNarwE5hs4CB3VsGUsA+QlgDuNjWgAKnmvWSbsqRBg==
x-amz-request-id: 4XAENRKPQW48Y7FH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 06 Jan 2023 09:02:06 GMT
age: 544
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 09:11:10 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
37f618573a182fefb809e3691fcadcfa
f93043f5eccf0384018b09bca21f379c4d1f8da8
00afa16e4110ac12092dd52e5dfc42c7b78a7fdcfd9cd35d705759464157c92b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154722
Date: Fri, 06 Jan 2023 09:11:10 GMT
Etag: "63b79769-1d7"
Expires: Sun, 08 Jan 2023 04:09:52 GMT
Last-Modified: Fri, 06 Jan 2023 03:37:13 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kh3JiYJMxQEUhiMLrpJnolImfeB9dydnuLHrn1sR1Yzea676qwq1IA==
Age: 1959

monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966

54.161.23.57

200 OK

9.9 kB

URL HTTP/2
monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (939)
Size
9.9 kB (9944 bytes)
Hash
1f51084eada26d81d90f26a586696315
0190a617bdbff41187ff416f1d09d37828d7eeef
8661d22125a57551eaeeef536c74092b370e7b406f5ca7f411f7e5885fe50dd0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966 HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: text/html; charset=UTF-8
content-length: 9944
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=e7etjnvm608eskpt6h2u37ro7kkmckhq; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 06 Jan 2023 09:08:12 GMT
age: 179
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js

104.17.24.14

200 OK

59 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65274)
Size
59 kB (58913 bytes)
Hash
a63b2977b01b6e2d2e2086c3f63a3c9a
560409f64e40f5078e1ba8d496657badd7a3a6ee
4a477bb786727bd8c49a1dbc25dd37dcce7f2ceece74576dffd8a3da739b034f

HTTP Headers

GET /ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 58913
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-46f6d"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 16039445
expires: Wed, 27 Dec 2023 09:11:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6SCuM2vvETPh6T%2FrKMTt%2BGCwRICjOf1n%2FX%2BS56KMDyUqb7jBjqNfrIb0OoUFBuYZ2gHrJq6h8smb8c3mo1w%2F5Wk3gvjLwg6tXMpxVHogwO95cqbU4EVInmbMcSeL58zqb5UXxkB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78535327a8a8b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

104.17.24.14

200 OK

6.5 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (20322)
Size
6.5 kB (6458 bytes)
Hash
df9fe6d48e380554eb0ec9687bed3246
207263d754220200c1916edfbda262f62223ecf5
91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9

HTTP Headers

GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1221472
expires: Wed, 27 Dec 2023 09:11:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJsy1Bddm%2FkSkRIh6sMgYK5RBiXfcMYR%2Bxa18Z%2BIy4MdeNpR%2FunWyevmZqV7xjM0cHGc4aEfotyd35W1BofDLdUcqwtvYdMytnIQPdzaHXW%2BllFdX4kUamghoi6FWbYdNrA4%2F5qU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78535327c8dab4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

monthlysweeps.us/assets/css/datepicker.css

54.161.23.57

200 OK

818 B

URL HTTP/2
monthlysweeps.us/assets/css/datepicker.css
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (3335), with no line terminators
Size
818 B (818 bytes)
Hash
3240fc33175e0e388f26fbac8bf8cff3
cf1a645948c9ce996e1560b9569f56822c4f9ba8
9077f43ae19f62f65d930304d4f77d3ce23ec0d4ba41e1284dac8702fbc05f96

HTTP Headers

GET /assets/css/datepicker.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966
Cookie: ci_session=e7etjnvm608eskpt6h2u37ro7kkmckhq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: text/css
content-length: 818
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:06 GMT
etag: "d07-5c80ac2c970f8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

monthlysweeps.us/assets/css/sweeps.css

54.161.23.57

200 OK

1.6 kB

URL HTTP/2
monthlysweeps.us/assets/css/sweeps.css
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
1.6 kB (1639 bytes)
Hash
a5c77602d9ceb6c6450244ffb0baf0d1
0a8756bf9ec23f2957f9165941196551cc046cf7
d1bdae39d462d3c7ccb9f86a413c69df0026d2c06558af9b691a0e98bf0cdd4e

HTTP Headers

GET /assets/css/sweeps.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966
Cookie: ci_session=e7etjnvm608eskpt6h2u37ro7kkmckhq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: text/css
content-length: 1639
server: Apache/2.4.41 (Ubuntu)
last-modified: Fri, 02 Sep 2022 17:56:19 GMT
etag: "172c-5e7b572772120-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

monthlysweeps.us/assets/img/sweepstakes250/two.png

54.161.23.57

200 OK

915 B

URL HTTP/2
monthlysweeps.us/assets/img/sweepstakes250/two.png
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Size
915 B (915 bytes)
Hash
a1914f8236d7704856f5c5762e86c109
ea40712fad474fab16b7e2f1505bcb42302cd6ec
6c21621aeb7ad165ee758074b65bbf2fa35498a74320a940c52a3208375ef26d

HTTP Headers

GET /assets/img/sweepstakes250/two.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966
Cookie: ci_session=e7etjnvm608eskpt6h2u37ro7kkmckhq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: image/png
content-length: 915
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:30 GMT
etag: "393-5429f55c8a780"
accept-ranges: bytes
X-Firefox-Spdy: h2

monthlysweeps.us/assets/img/sweepstakes250/one.png

54.161.23.57

200 OK

801 B

URL HTTP/2
monthlysweeps.us/assets/img/sweepstakes250/one.png
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Size
801 B (801 bytes)
Hash
03744c9d39310c5d2af2cf2a23616580
603f0d70ddc7d77f6341dc0caf9e0740b33ae061
afbc2f9fe529022b98f966b254c8d3173a40998fdd01ee3739df99a8a3169a0b

HTTP Headers

GET /assets/img/sweepstakes250/one.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966
Cookie: ci_session=e7etjnvm608eskpt6h2u37ro7kkmckhq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: image/png
content-length: 801
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:31 GMT
etag: "321-5429f55d7e9c0"
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js

151.101.129.229

200 OK

5.2 kB

URL HTTP/2
cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (17590)
Size
5.2 kB (5199 bytes)
Hash
4c0e8d136f8e41d83cb99f52be04f280
eecf9c91f361ac05dfaa6b7167aea6f0d4ddf7cd
81659fd2d8cc8d38327f4450954654b19dbb8a95a2b1e402e47869f0ca9dddc6

HTTP Headers

GET /jquery.validation/1.15.0/additional-methods.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"4547-g4rGbD7KxrYTawSb3Q4U8vAilSw"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 06 Jan 2023 09:11:11 GMT
age: 5708352
x-served-by: cache-fra-eddf8230100-FRA, cache-bma1645-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5199
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
07a5ec80d8c96a4a1487205117e3f231
84f52008b8164535e990651a2322ec9fc0a6d148
79501493a8c7ac33afbb8aa1e99d32145a403eebb636fd5b9fb8a26b429970cb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 629
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:11 GMT
Etag: "63b78c20-118"
Last-Modified: Fri, 06 Jan 2023 09:00:43 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280

cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js

151.101.129.229

200 OK

7.3 kB

URL HTTP/2
cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (22550)
Size
7.3 kB (7320 bytes)
Hash
17f3f2c0dd873827d21aec4b7c7da443
e10d2e3deff107d85726cb4f14eee82f96f2594e
5f0adea83e4171c32048eafe7032ef01093d96794c62b988fb9935041e35a998

HTTP Headers

GET /jquery.validation/1.15.0/jquery.validate.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"58a0-xaL/AT+jV8HSplcbXY5ljmcAgOo"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 06 Jan 2023 09:11:11 GMT
age: 4496862
x-served-by: cache-fra-eddf8230115-FRA, cache-bma1645-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7320
X-Firefox-Spdy: h2

ads.pro-market.net/ads/scripts/site-141028.js

23.36.76.115

200 OK

1.1 kB

URL HTTP/1.1
ads.pro-market.net/ads/scripts/site-141028.js
IP
23.36.76.115:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (514), with CRLF line terminators
Size
1.1 kB (1101 bytes)
Hash
540b7c85a21cf48ee81735b2ffcc335f
e5eaedc157c73717aab322629e3f1ad8569bc0a1
aa2916440a5dc9e91cc213dc3503845a97fe91cfd12fe8e6cd92032b675a4da9

HTTP Headers

GET /ads/scripts/site-141028.js HTTP/1.1
Host: ads.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Last-Modified: Tue, 23 Jul 2019 13:39:45 GMT
Server: nginx/1.0.15
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 1101
Cache-Control: max-age=86400
Date: Fri, 06 Jan 2023 09:11:11 GMT
Connection: keep-alive
Vary: Accept-Encoding

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5782ef491c4bb5e1dc5245aed1640b7
2a34a0380e837befa2d6f2ba794c58fca083302a
88fa0e25126e72bd99d8333a8093ad8fa9d2ada9f2012bc64af23c5a7dd143a3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
07a5ec80d8c96a4a1487205117e3f231
84f52008b8164535e990651a2322ec9fc0a6d148
79501493a8c7ac33afbb8aa1e99d32145a403eebb636fd5b9fb8a26b429970cb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 629
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:11 GMT
Etag: "63b78c20-118"
Last-Modified: Fri, 06 Jan 2023 09:00:43 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24748ddfc8a0057e443c7787306ef80
136a387bda286fecf9fc66c17e5417253002b6b8
2afbd44506fd53817ae85f7cd4ba8adbb58bc52565b360e2a45250146836674a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
73a99621729e1bc9e236a1085b98a0cf
5e1f71493085f6be7788f59987c1f0850b77d4d7
219d1a8d7d1a027553f72c8c024488863d8996457b31c78014002f81174f3ad1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6435
Cache-Control: max-age=92573
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:11 GMT
Etag: "63b69329-1d7"
Expires: Sat, 07 Jan 2023 10:54:04 GMT
Last-Modified: Thu, 05 Jan 2023 09:06:49 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
c47975eaa8f4fe8f7b3924ae42c61e5f
0ec428ab689841f33bd81d06d69a396eec3b1527
b77300487ab5a630dd4a54b8f8206c91a001ad4ba0d42ece61cdc4a62cd7b8fa

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 09:11:11 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "72D144FC440C1F8CE495C55FFC2D98F1B73A520E"
Expires: Fri, 06 Jan 2023 20:00:00 GMT
Last-Modified: Fri, 06 Jan 2023 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2593
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785353286fceb517-OSL

www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi

216.58.207.228

200 OK

582 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
582 B (582 bytes)
Hash
0c698d35b1370b9ed427fdc5358623f8
f5dd5b71f88e202ba4be2ca1872b0c3d2545edcb
8b4b5758e13f2e5322af6eb978170f66df68a76eff53e08e19ba64e3678657bf

HTTP Headers

GET /recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Fri, 06 Jan 2023 09:11:11 GMT
date: Fri, 06 Jan 2023 09:11:11 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
07a5ec80d8c96a4a1487205117e3f231
84f52008b8164535e990651a2322ec9fc0a6d148
79501493a8c7ac33afbb8aa1e99d32145a403eebb636fd5b9fb8a26b429970cb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 629
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:11 GMT
Etag: "63b78c20-118"
Last-Modified: Fri, 06 Jan 2023 09:00:43 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e5782ef491c4bb5e1dc5245aed1640b7
2a34a0380e837befa2d6f2ba794c58fca083302a
88fa0e25126e72bd99d8333a8093ad8fa9d2ada9f2012bc64af23c5a7dd143a3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

monthlysweeps.us/assets/js/datepicker.js

54.161.23.57

200 OK

5.3 kB

URL HTTP/2
monthlysweeps.us/assets/js/datepicker.js
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (16878)
Size
5.3 kB (5285 bytes)
Hash
6c28af1b6fa9301701dfefc5dbfe5159
134cfa1c0a5a837f002034b8ea1a8c6243b96bac
4a47c7c7ccb099528d7387eadcc4989bbbc17d75981507635d015da4711bb932

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/datepicker.js HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966
Cookie: ci_session=e7etjnvm608eskpt6h2u37ro7kkmckhq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: application/javascript
content-length: 5285
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:09 GMT
etag: "42ac-5c80ac2fab258-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ff3b4cd0aa28a61ef1a039c7ff73ce71
1081a41936a63ccdf3e9ebc021835a19c4125a87
367f96729ad2d9dbe57a5881a37c0bc7893ad0858af6fff7f8b565204eae3a1f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2

172.64.132.15

200 OK

78 kB

URL HTTP/2
use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Size
78 kB (78268 bytes)
Hash
d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

HTTP Headers

GET /releases/v5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: font/woff2
content-length: 78268
x-amz-id-2: korIw1M+rUdXkn7MOVoXVgYLuAhGTWGgPBw3aa8yPahfIObZUI3HuYAjjVLChOICaErW67xkrzY=
x-amz-request-id: 3D6R1P7SK6397C89
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 265063
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BEnhlzBgbYKp8IxZ1%2ByE3HgjfzqjaW2De%2BfOH29poMjgirvWP1PA7dVN6wKoafH92SbOnj3KrCMlFom1FdETIRNPKQDmC3%2BvMXGKUDZzkPJqNo70CBEFbWeS9ekVneBxwXDWQbQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78535328c9037200-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

216.58.207.227

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Size
18 kB (17908 bytes)
Hash
e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

HTTP Headers

GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jan 2023 21:32:03 GMT
expires: Tue, 02 Jan 2024 21:32:03 GMT
cache-control: public, max-age=31536000
age: 301148
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 13:33:12 GMT
expires: Sat, 30 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 589079
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 13:33:12 GMT
expires: Sat, 30 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 589079
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

monthlysweeps.us/assets/img/campaign/1253_welcome.png

54.161.23.57

200 OK

258 kB

URL HTTP/2
monthlysweeps.us/assets/img/campaign/1253_welcome.png
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 550 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size
258 kB (258018 bytes)
Hash
4ab082dfa4d24ddc5faa6ae9be0b7e7a
0a66d5fa8c56b01c42656bad7fd0358e35f0b5a7
c916d279aa3477141699255e5f01031b8d891bbea0cadf185ddad136866da02b

HTTP Headers

GET /assets/img/campaign/1253_welcome.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966
Cookie: ci_session=e7etjnvm608eskpt6h2u37ro7kkmckhq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: image/png
content-length: 258018
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 18:45:24 GMT
etag: "3efe2-5d7ae5a63e210"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

monthlysweeps.us/assets/img/campaign/1253_bg.jpg

54.161.23.57

200 OK

475 kB

URL HTTP/2
monthlysweeps.us/assets/img/campaign/1253_bg.jpg
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1920x1080, components 3\012- data
Size
475 kB (474838 bytes)
Hash
9f9ec0bd4b699f784446c17a1273a4ac
e79666717b7b004f554e6bfec1d073b4627ed3a7
9b092cd2a17b5e84e2e12622d1cad8c40f2df0aa44a8b0d7a320a1e1209aca41

HTTP Headers

GET /assets/img/campaign/1253_bg.jpg HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966
Cookie: ci_session=e7etjnvm608eskpt6h2u37ro7kkmckhq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: image/jpeg
content-length: 474838
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 18:54:27 GMT
etag: "73ed6-5d7ae7abcb0c8"
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.148.213.75

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.213.75:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QkVoKMFWUP7/jQ7gt4O8qA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5fmLV5REXy2ymTU8GJPrVcvx6LU=

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
1de1afea838e0cb0ddc9c68b00cb8e26
0c1f6d5e2dd08a9d89f476a58a0d44effe299739
0b267cc72096e86ae793df666c881f4ebd2d0273644ba47ecf55bf5ce9207dcd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 09:11:11 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 06 Jan 2023 02:10:12 GMT
Expires: Fri, 13 Jan 2023 02:10:11 GMT
Etag: "0c1f6d5e2dd08a9d89f476a58a0d44effe299739"
Cache-Control: max-age=578939,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 785353295e090b51-OSL

ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966

209.151.244.116

200 OK

699 B

URL HTTP/1.1
ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (852), with CRLF line terminators
Size
699 B (699 bytes)
Hash
07ca7379939797a4abb75614cfe902e2
55102f85d782628d4e0278b2cc18dbaccd80ed3c
0efc75b74297e955cbf0c2a1bde2b8072e283220f9fd66ea9cc9d8d1b90222a0

HTTP Headers

GET /generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966 HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Fri, 06 Jan 2023 09:11:11 GMT
Content-Length: 699

ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966

209.151.244.116

200 OK

4.8 kB

URL HTTP/1.1
ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document, ASCII text, with very long lines (15041), with CRLF line terminators
Size
4.8 kB (4804 bytes)
Hash
d8f21609ccbbb88e09b71cacc6162837
6677c50fc4e178e83b5caa4cd93d4825569a85a2
85933df2e643b9e5dda2d996040e7d0ec651889d1181e76154fa312a9eaf5e17

HTTP Headers

GET /GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966 HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Fri, 06 Jan 2023 09:11:11 GMT
Content-Length: 4804

tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif

13.107.238.53

200 OK

43 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /amsus/ldsapi/assets/images/spacer.gif HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
content-type: image/gif
content-md5: MlRyYBVx8x4b8AZ0w2jTNQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 580ab999-d01e-0067-7773-20e754000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0r+W3YwAAAAC9jW8FK8O6S7cRA06uGYxVQU1TMDRFREdFMTkxMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0sOW3YwAAAAAnCW8diC5pS4RM/JERYlMqU1ZHMjBFREdFMDUxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:12 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419

13.107.238.53

200 OK

520 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (520), with no line terminators
Size
520 B (520 bytes)
Hash
004c48ee12ed64e223dae51fffda80ca
a3a70b71586d8573a400bd4a2a0eb9bf8ec39c17
735903b0b0ffc434c5dd315d19c20594526dd23bcc44480e69edfbe20f4fb117

HTTP Headers

GET /amsus/ns/assets/awesome-font/font-awesome.css?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 520
content-type: text/css
content-md5: AExI7hLtZOIj2uUf/9qAyg==
last-modified: Fri, 21 May 2021 11:01:09 GMT
etag: 0x8D91C47BDA9A147
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 9fd6cc47-901e-000d-4479-1ebbff000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0fbG0YwAAAABDr/yLJorPT4//BIQl99+rQU1TMDRFREdFMTgxMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0sOW3YwAAAAAUoAPsTcDARrouI4r94Mc0U1ZHMjBFREdFMDUxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:12 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103

13.107.238.53

200 OK

17 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (3119)
Size
17 kB (16837 bytes)
Hash
a7e6b72357a73a2d61937cc05e87d8ae
c7d5d28e192cd7a46660fb7beb1dc2d8ab9b1a94
fa6c19baacde462a66d2b0f9bfef53e8e977e983047a5eda000438b65bbb166a

HTTP Headers

GET /amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: E4ptMzZLxbawD4B7RV5YCQ==
last-modified: Wed, 03 Nov 2021 09:07:36 GMT
etag: 0x8D99EA961032FA1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 04250339-d01e-0023-14c5-1f3b38000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0vCy1YwAAAAD8Cx2P7HTlT6f6k6GZRS3EQU1TMDRFREdFMTgxMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0sOW3YwAAAADnCd7qt+dpRLyo21cFg90XU1ZHMjBFREdFMDUxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:12 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17006
Expires: Fri, 06 Jan 2023 13:54:39 GMT
Date: Fri, 06 Jan 2023 09:11:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17006
Expires: Fri, 06 Jan 2023 13:54:39 GMT
Date: Fri, 06 Jan 2023 09:11:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17006
Expires: Fri, 06 Jan 2023 13:54:39 GMT
Date: Fri, 06 Jan 2023 09:11:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17006
Expires: Fri, 06 Jan 2023 13:54:39 GMT
Date: Fri, 06 Jan 2023 09:11:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5809 bytes)
Hash
d256d063b2698bb9d915589a2c79fbce
d7c083857e9512ad3ecb3bbaf285409926473ceb
d4e5f901f62fa98b525fc1ecbe187032fd2d0e112c6f1b9534b742b2d6c05b08

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5809
x-amzn-requestid: 16b4843e-ac69-402f-87e7-66c24984cecb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSeJoHgwIAMFhdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b743d7-507b52112e0f1176182e5d99;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:40:39 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JGGMyfzW2uwEbY-V22ZCWjFegXRLY-wAlWxSjLCM6C1A5kjXa2DTGw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:41 GMT
age: 41071
etag: "d7c083857e9512ad3ecb3bbaf285409926473ceb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5578 bytes)
Hash
e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: skIlgzeKmjJ2Wsx2QeubgMvO7chgpPNZYqW4E_xhRgkCtDEhAfBp4w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 07:33:22 GMT
age: 5870
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11746 bytes)
Hash
7e96507584bce9f14a50123fb78a8102
c45249ddffb15b9e957af8f5203d7d06ddf32cf8
118f62631c92e42b135046647e828eb80a54405603f5b461320b483bce0c55ba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11746
x-amzn-requestid: 1df278ae-becc-4016-a2c4-b41d07badc43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eRlHbGlWoAMF-Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b6e895-5ec70fd53a30bd8c340440b6;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 15:11:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L3MUqNupzj6DCPouwDuqyys95kzHkBEM3RDCVs06mh9ezzL9FMIcoA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 15:17:01 GMT
age: 64451
etag: "c45249ddffb15b9e957af8f5203d7d06ddf32cf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafe4b7f1-288c-42bf-b205-89884e4876aa.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14366 bytes)
Hash
d11a58dc74191f322f3b6c3fe24a532e
20f69a48e4f06393c17d48ce59d04ea3e325bdde
ed207b34e8453566b7e4b9f4fea9bd2584605915ee0c05a0d9c4f63ea8ba3cf3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafe4b7f1-288c-42bf-b205-89884e4876aa.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14366
x-amzn-requestid: 4bb6a458-3fa9-4bdb-b736-bd683f9de0f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eScw6Fr6oAMFoNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7419f-3f1d9219450f36a118919103;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:31:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4mK0jXOQzgoBweGr6HpdLyEskqiPfjViVs9DFV8VIFa54bDbZzyzyQ==
via: 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:59:56 GMT
age: 40276
etag: "20f69a48e4f06393c17d48ce59d04ea3e325bdde"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5808502d-e3d7-4ff0-885f-be3e4728a380.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.6 kB (4577 bytes)
Hash
c43cd789c8a417cccb0fd1d0976b13f2
f7be1e65af4baa06da326d643a624fe46abe1ea2
863d781dc296cd5edb0f2630f4bb29533323917f455f512e7679e4afa0346323

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5808502d-e3d7-4ff0-885f-be3e4728a380.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4577
x-amzn-requestid: 5e67ddf8-53fd-4cad-b6b9-8202560bf598
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSd60GXjoAMF41Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b74378-042659c73cd71e1004a14faa;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:39:04 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1lbzfXbU7LtEjnlHa7ZypSnkSumraYEkaMdWkfa-OjnSgNVB0VMsXw==
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:48 GMT
age: 41064
etag: "f7be1e65af4baa06da326d643a624fe46abe1ea2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4473 bytes)
Hash
905c01ccaa57e0ea71e9a2f58bbb2ca4
6cf4b068623644dd0ca790dbc75e3533e7759f8b
4b579d86c6b957bf5c777b44b474c1c8fac699ffe695757d43f9752b079ef42a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4473
x-amzn-requestid: 4732a7f2-382c-41a0-a96a-dbd073af76dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eScwQG6hoAMFQaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7419b-4b3c3ebf3c06242b360e6421;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:31:07 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XRsEwpela3bYpgBLNQxwiFzDcHzfFiXWmAEAl1jvIb1ustFu2lJdaA==
via: 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 22:00:17 GMT
age: 40255
etag: "6cf4b068623644dd0ca790dbc75e3533e7759f8b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1331240112&affid=1253169444874966&subid=1253169444874966&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=

209.151.244.116

200 OK

710 B

URL HTTP/1.1
ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1331240112&affid=1253169444874966&subid=1253169444874966&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (351), with CRLF line terminators
Size
710 B (710 bytes)
Hash
fa317ef08f3ce662111f9822d3e783b6
d7ad89cb033c632aa370d2dd5ad88913882d0ac6
fb1ab8867de340e0538fd743606448918d56290b02209998623dca062e69f573

HTTP Headers

POST /ManageImpressions/ReportViaJsCampaign.aspx?hKey=1331240112&affid=1253169444874966&subid=1253169444874966&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Fri, 06 Jan 2023 09:11:12 GMT
Content-Length: 710

tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0

13.107.238.53

200 OK

84 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format, TrueType, length 83760, version 1.0\012- data
Size
84 kB (83760 bytes)
Hash
fdf491ce5ff5b2da02708cd0e9864719
7f2f3c55c2de192387c351b995115f6b79e09173
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

HTTP Headers

GET /amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://tmgassets.azureedge.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 83760
content-type: font/woff
content-md5: /fSRzl/1stoCcIzQ6YZHGQ==
last-modified: Fri, 21 May 2021 11:01:16 GMT
etag: 0x8D91C47C18878E8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 51336dee-201e-003d-2b45-1fe1d5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0vSy1YwAAAABNnugG61HDTKZVxccem0DGQU1TMDRFREdFMTgxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
access-control-allow-headers: *
access-control-allow-methods: GET
x-azure-ref: 0seW3YwAAAAChWLqxhbTnSJCll1plZExMU1ZHMjBFREdFMDUxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:13 GMT
X-Firefox-Spdy: h2

ocsp.usertrust.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.usertrust.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
4e23abe92dbc8f502a25507e4d141325
b34d0f103e2065fcc13501e4b71646d41ceeb28a
1bb059b847639d9ec7cba8c3f3a5e788163865160712635cb65bd00530320ee4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 09:11:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 10:10:15 GMT
Expires: Wed, 11 Jan 2023 10:10:14 GMT
Etag: "b34d0f103e2065fcc13501e4b71646d41ceeb28a"
Cache-Control: max-age=603758,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 31
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78535333eebbb52d-OSL

monthlysweeps.us/go/api/zip/undefined?get_param=value

54.161.23.57

200 OK

111 B

URL HTTP/2
monthlysweeps.us/go/api/zip/undefined?get_param=value
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
111 B (111 bytes)
Hash
4072747d6757278fe77c6970474ad27d
7404af04b7ef1db62f26e0a08fe82ab5a184e901
7d911cc2e66702b54cfca359fb39a67a65259e9ed6706c4a78516d20a4670e6f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/api/zip/undefined?get_param=value HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966
Cookie: ci_session=e7etjnvm608eskpt6h2u37ro7kkmckhq
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:13 GMT
content-type: application/json; charset=UTF-8
content-length: 111
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: ci_session=e7etjnvm608eskpt6h2u37ro7kkmckhq; path=/; HttpOnly; SameSite=Lax
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ff19eac1dc8de90ed85a846e8e1dc40a
f5a5d675cb6fd713c3075a46e77a89ae7d1f922f
06071ac15872608a976104e99b3ca01f28644687b92fbe37ef569d1587298ac3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=135306
Date: Fri, 06 Jan 2023 09:11:13 GMT
Etag: "63b7474e-1d7"
Expires: Sat, 07 Jan 2023 22:46:19 GMT
Last-Modified: Thu, 05 Jan 2023 21:55:26 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8l9AEguZ17lf6BnhkXtrmzeEAyESf4WV37vGsVbspLIE5FSFQg_ROQ==
Age: 3053

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js

142.250.74.35

200 OK

165 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (658)
Size
165 kB (164706 bytes)
Hash
0b7fccb24ee065a01fdde10928c03c3f
9b198014f81844820588c202cc24bf5e03bf3dd7
68756de8f0d6742525ddaca56ab350e34d822777e86939fea27eb704ae013280

HTTP Headers

GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164706
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 23:45:50 GMT
expires: Thu, 04 Jan 2024 23:45:50 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/javascript
age: 120323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.14

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.14:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 06 Jan 2023 07:43:41 GMT
expires: Fri, 06 Jan 2023 09:43:41 GMT
cache-control: public, max-age=7200
age: 5252
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

monthlysweeps.us/favicon.ico

54.161.23.57

200 OK

5.4 kB

URL HTTP/2
monthlysweeps.us/favicon.ico
IP
54.161.23.57:0
ASN
#14618 AMAZON-AES

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
5.4 kB (5430 bytes)
Hash
b0a102991e7332643ae57365023c00c8
4ea4c55c982e08bda104d2e8e981594c067cef24
1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/9cd0dfd52a655f252eb7e1886b45f80e/aid/16944/s1/4874966
Cookie: ci_session=e7etjnvm608eskpt6h2u37ro7kkmckhq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:13 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:08 GMT
etag: "1536-5c80ac2e78fe8"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16729962624360.36168859214294213&invert_field_sensitivity=false

54.167.87.86

301 Moved Permanently

134 B

URL HTTP/2
api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16729962624360.36168859214294213&invert_field_sensitivity=false
IP
54.167.87.86:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /trustedform.js?provide_referrer=false&field=trusted_form&l=16729962624360.36168859214294213&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Fri, 06 Jan 2023 09:11:13 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16729962624360.36168859214294213&invert_field_sensitivity=false
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9533d2cd1e4b32de0c057e8e7f189264
15235dfa56bf981684b2c202bca51cbe94ce608c
0096b9ba416e487ea40a03ec2ac9a15ed0cf08fecd49220bef0da1bcc29170a5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 06 Jan 2023 09:11:14 GMT
Etag: "63b6473a-1d7"
Last-Modified: Fri, 06 Jan 2023 07:25:05 GMT
Server: ECS (dcb/7F7F)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xbOHN-yZnyVespnaLAM1v2z9SIXW8Lw3vHq46bwwVCE4DUn1rO-x9Q==
Age: 6369

ldsapi.tmginteractive.com/api/hitsnap.ashx

209.151.244.116

200 OK

21 B

URL HTTP/1.1
ldsapi.tmginteractive.com/api/hitsnap.ashx
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
JSON data\012- , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
8736cdfe08480bca66cffeee06268705
81af0417f969f93848b1cf30fce1db93884facc1
838a7c62adda8d131d694ae13ba2c5b73579aeb0f327d9f23e23880943a8a289

HTTP Headers

POST /api/hitsnap.ashx HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 10688
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Fri, 06 Jan 2023 09:11:13 GMT
Content-Length: 21

script.hotjar.com/modules.352fddba5b21bbfc3a08.js

143.204.55.68

200 OK

69 kB

URL HTTP/2
script.hotjar.com/modules.352fddba5b21bbfc3a08.js
IP
143.204.55.68:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48638)
Size
69 kB (68894 bytes)
Hash
3256c76707175033b83ffe82f89b32ec
d33e93f001d08e0449fde66b60493900f8f5c62e
cdb9b4030412de584b24a407d6186cd5971df1b3fb3168d819c8d9b9e5927bdf

HTTP Headers

GET /modules.352fddba5b21bbfc3a08.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68894
date: Thu, 22 Dec 2022 08:07:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "3256c76707175033b83ffe82f89b32ec"
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SvZvBnX5JC3b9XsBHNez7jmLapsuypxmZrd7vSa1ohUGhlNpxqyJDg==
age: 1299849
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
62b016fa93b91c553dc2ebb769f0c78c
bd091f7c74aca633e30ca6289b0c4cdcaeddac06
f2f28d3aadb5388618947d61e080a752d4f5540118058c454ccfe6e36c964165

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 06 Jan 2023 09:11:14 GMT
Last-Modified: Fri, 06 Jan 2023 08:24:34 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RBZVdjv3kgcDrQylVwFjKbw-xexfGVGhEWZNuTO-3Y8WivlA4xdG6w==
Age: 2800

vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

143.204.55.101

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP
143.204.55.101:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d

HTTP Headers

GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4DvHmt1KAdvKSQrtKRERT-2E1zTZAaLrJqfIqimscIVmxXYPOEMLlg==
age: 3787269
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b9d5eb404693c69bc3cd4a08162568e5
7283a3be604758d65fdd222bda42ce54c1b28316
4bc0f440f12b15760b0c0bd5f989bd76100e48f94fca8a8a7ca5cd3025320ccb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-39232759-1&cid=1314211879.1672996264&jid=1203313584&gjid=354648716&_gid=1800452669.1672996264&_u=IEBAAEAAAAAAACAAI~&z=660760781

74.125.131.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-39232759-1&cid=1314211879.1672996264&jid=1203313584&gjid=354648716&_gid=1800452669.1672996264&_u=IEBAAEAAAAAAACAAI~&z=660760781
IP
74.125.131.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-39232759-1&cid=1314211879.1672996264&jid=1203313584&gjid=354648716&_gid=1800452669.1672996264&_u=IEBAAEAAAAAAACAAI~&z=660760781 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://monthlysweeps.us
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 06 Jan 2023 09:11:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b9d5eb404693c69bc3cd4a08162568e5
7283a3be604758d65fdd222bda42ce54c1b28316
4bc0f440f12b15760b0c0bd5f989bd76100e48f94fca8a8a7ca5cd3025320ccb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

create.leadid.com/2.11.9/GenerateToken?msn=1&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&_=125647558

52.72.8.210

200 OK

15 kB

URL HTTP/2
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&_=125647558
IP
52.72.8.210:0
ASN
#14618 AMAZON-AES

File type
data
Size
15 kB (15400 bytes)
Hash
40647314a77ab056cc07b9b4a864c106
d3bfc9457a77f048b3505b3ae4ede935b4a48417
c9b235a19bea0cb0484e8147cd4f64518c39f6998290ec1f15f91b2dee76c7b4

HTTP Headers

POST /2.11.9/GenerateToken?msn=1&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&_=125647558 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 250
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:15 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
rguserid=73ffc8bb-bb3b-42ed-8c1f-1a8de6c18d80; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js

13.107.238.53

200 OK

22 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (349), with CRLF line terminators
Size
22 kB (21616 bytes)
Hash
da947ea6483f77e7e45fe8289f960fe0
e09032afcca057b2e1cb26b8701196cac6866573
42c950ec29cb4c590d3a1877eb64aff002c2030b35bb006f5f77bc8bbc7354c0

HTTP Headers

GET /amsus/ns/js/offers_extended_functions.min.js HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: JsdJsTroZxL3ol3Owm84Vg==
last-modified: Mon, 07 Mar 2022 22:37:07 GMT
etag: 0x8DA008B03257DBD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: c891a9da-d01e-0023-3ee5-203b38000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0sOW3YwAAAACJypyOHtUfSp3as/6IeZ5aQU1TMDRFREdFMTgxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0seW3YwAAAAC+5s3YuZzyRIGUHxhdGXtwU1ZHMjBFREdFMDUxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:13 GMT
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-2865935.js?sv=6

143.204.55.84

200 OK

4.2 kB

URL HTTP/2
static.hotjar.com/c/hotjar-2865935.js?sv=6
IP
143.204.55.84:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (7679)
Size
4.2 kB (4163 bytes)
Hash
bb8656363b20de66eedf274346d08e54
b39c39255abd097e321d399815c3363c379d1b0c
5c39aee460da1feb1a3d74b9832133ed4019f18d65064377b4cdbbbf37b4158a

HTTP Headers

GET /c/hotjar-2865935.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 06 Jan 2023 09:11:02 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/c9a45ead6f8ac097e163371eee24b622
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SWTlJBA8ri_L5mNQHFhusvB6wnsduT9Hg0w3GLfohTtapZjXILEmag==
age: 11
X-Firefox-Spdy: h2

in.hotjar.com/api/v2/client/sites/2865935/visit-data?sv=6

54.171.56.153

200 OK

1.5 kB

URL HTTP/2
in.hotjar.com/api/v2/client/sites/2865935/visit-data?sv=6
IP
54.171.56.153:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
1.5 kB (1544 bytes)
Hash
2c170675e5fa5d00e4a6f8ea8af730c7
6b79bf1550e22eafc5dba4964c9c0c7c8de1afb4
897c252c06ee4b9a4efb5db3d86a54d1d282b112d8e44e58e1b2f0f4ad3e48b9

HTTP Headers

POST /api/v2/client/sites/2865935/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 148
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:15 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
1f7b17d91ad67f92caee209980446594
2c460050c6147479b5dc38ad310a64f8c11b927f
8e926689c3a129633267105e15c0df87e6c543e241d736592c47db9505bdc683

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 06 Jan 2023 09:11:15 GMT
Last-Modified: Fri, 06 Jan 2023 08:53:50 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CPAwfLrlABSqASiw59e-EPcZx-h-GPbKvS4hFkNpAJac_PbXvHOpkA==
Age: 1045

api.trustedform.com/certs

54.167.87.86

201 Created

475 B

URL HTTP/2
api.trustedform.com/certs
IP
54.167.87.86:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Size
475 B (475 bytes)
Hash
bd66b0d33c3e779722473ecd3c11202a
b7c38ab689c47978b6a0971f172fd1025d6437bf
e5c969f811cd20d18b360447e1744cdf2a867db8d85b881d81aaa08540b3a8b0

HTTP Headers

POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 647
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 201 Created
date: Fri, 06 Jan 2023 09:11:15 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

cdn.trustedform.com/trustedform-1.8.34.js

54.230.111.111

200 OK

38 kB

URL HTTP/2
cdn.trustedform.com/trustedform-1.8.34.js
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (37608 bytes)
Hash
65f8b88497206d3c7e99b3f02bde0273
f3db1820c42a4af12d779565ffac3e5939ae6059
d17e762db18d7157739db91fea83f2e7e1d8ae0790640fa75900e73dc2e19b4b

HTTP Headers

GET /trustedform-1.8.34.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 03 Jan 2023 19:03:16 GMT
x-amz-version-id: hES6nR96ubfYj.1_xD4qXUN3eVWpqkfz
server: AmazonS3
content-encoding: gzip
date: Fri, 06 Jan 2023 09:11:07 GMT
etag: W/"25857b744e24e1165d58b27253270dd7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WA07ALamt437RVNAbHv2Behw2RInhfzXDEUvG9x6E0wk-WL75mxiRQ==
age: 9
X-Firefox-Spdy: h2

api.trustedform.com/certs/0e8968d5e5f9e89b670e620537df771570fd0b59/fingerprints

54.167.87.86

204 No Content

0 B

URL HTTP/2
api.trustedform.com/certs/0e8968d5e5f9e89b670e620537df771570fd0b59/fingerprints
IP
54.167.87.86:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/0e8968d5e5f9e89b670e620537df771570fd0b59/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 305
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Fri, 06 Jan 2023 09:11:16 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=5&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&_=125647562

52.72.8.210

200 OK

20 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=5&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&_=125647562
IP
52.72.8.210:0
ASN
#14618 AMAZON-AES

File type
data
Size
20 B (20 bytes)
Hash
7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2

HTTP Headers

POST /2.11.9/InitFormData?msn=5&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&_=125647562 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1064
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:16 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 05-Feb-2023 09:11:16 GMT; Max-Age=2592000; path=/
rguserid=78fa9f81-d4e5-48a7-83a8-a073ae4ed271; expires=Sun, 05-Feb-2023 09:11:16 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 05-Feb-2023 09:11:16 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 05-Feb-2023 09:11:16 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20221213a

13.107.238.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20221213a
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ldsapi/assets/script/common.min.js?version=20221213a HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: Y+TIcCdAHXHOVnwTN0xIZw==
last-modified: Tue, 13 Dec 2022 17:19:36 GMT
etag: 0x8DADD2E35D9C241
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: aac75348-d01e-000a-0633-1f4d7a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0nMO2YwAAAACHjX+6qvtURrjlRlMGHX5eQU1TMDRFREdFMTkxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0sOW3YwAAAAD3pxdivTtwT7vy+4V7I2NAU1ZHMjBFREdFMDUxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:12 GMT
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=3&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&_=125647560

52.72.8.210

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&_=125647560
IP
52.72.8.210:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/InitFormData?msn=3&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&_=125647560 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 12855
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:15 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
rguserid=16d00ac7-a7da-489d-9a14-bcd0f560ae24; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.1.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 723, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 2021-04-23 06:51:23
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: fb769ef43d6803d303a68c7d7f774d4c
cdn-cache: HIT
cf-cache-status: HIT
age: 21103369
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 785353281f01b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.15.4/css/fontawesome.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.15.4/css/fontawesome.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.15.4/css/fontawesome.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: text/css
x-amz-id-2: QfJi+o6kFK2ENJXnvFKZof9oy4H3+0juSY68mh50pgNDhKSO+HI9CuVC2GBiopbVH2muSn75BZQ=
x-amz-request-id: S1G44T7WZHRJWDA9
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a227f005fa7ae066c1068ac4b963514c"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 86665
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pXccJv6cAyNKeBcD2f25UenpZNiD5b6Syt56PXRsLgArnuSJnLyHGqfRCjwrelledg9zQjLiijxg15wRtWMWO2IuHQ3nopNh4NB8Quv5agi1awVrv8rPuCqBzGreZGUyoygWLdV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78535328182a7200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n

13.107.238.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ldsapi/assets/script/standard.min.js?version=20220221n HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: YTnb0ehLGLRubF63e3IyDA==
last-modified: Mon, 21 Feb 2022 16:55:53 GMT
etag: 0x8D9F55B05E46BD0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: b223d7e8-801e-0030-793b-200ed9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0r+W3YwAAAAA/286yX5TcS7YVyARbvx4NQU1TMDRFREdFMTkxMQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0sOW3YwAAAACnHLP3qL4MRY+A+SDIfcqYU1ZHMjBFREdFMDUxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:12 GMT
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/SaveDom?msn=2&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&_=125647559

52.72.8.210

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&_=125647559
IP
52.72.8.210:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/SaveDom?msn=2&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&_=125647559 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 512
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:15 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
rguserid=04d8bc35-8c0a-4944-9e4a-06aa03f91d39; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato:400,700|Oswald:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 06 Jan 2023 09:11:11 GMT
date: Fri, 06 Jan 2023 09:11:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.15.4/css/solid.css

172.64.132.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.15.4/css/solid.css
IP
172.64.132.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.15.4/css/solid.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: text/css
x-amz-id-2: D5WBdkdHBSjTitUgKB6EawsJBoxT/wmItfT/BBfnC7Usjwh9ixnhoi1kwuqsJJRtUMF5LtuP4Z4=
x-amz-request-id: S1GE3NQ9K5GQTZ1J
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"685a6b10be9f3db25acf78c5e7ba7379"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 86665
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2BeJv0pBoHR5mo%2FAQMp%2Bm%2Fgc3wjzkdr%2Bm3fdYJMoSd3UKnspDxGpOcR%2F1Bn1qH4%2Bo58Jz2Hd%2Ff%2BeEHknBM0t97tksBagw%2F8%2BVE%2BAXaO7oCdSFZiMJzPLFkMoDozejSDPVIO07T9T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78535328183c7200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419

13.107.238.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: Shzc0tuaykHxXX+tfi+uUQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_MISS
x-ms-request-id: 7a4209f6-201e-005b-26ae-21538f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0r+W3YwAAAABXc5b9MzYqR7YieJuq72skQU1TMDRFREdFMTgxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0sOW3YwAAAABERISAVbLWRqi3LW78Vv7aU1ZHMjBFREdFMDUxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:12 GMT
X-Firefox-Spdy: h2

deviceid.trueleadid.com/iframe.html?token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4

52.0.161.213

200 OK

0 B

URL HTTP/2
deviceid.trueleadid.com/iframe.html?token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP
52.0.161.213:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /iframe.html?token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:15 GMT
content-type: text/html
server: nginx
last-modified: Wed, 07 Dec 2022 21:18:32 GMT
etag: W/"63910328-1049"
expires: Sat, 07 Jan 2023 09:11:15 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?126k6j2023126j01ckl06llk010jkk111200

13.107.238.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?126k6j2023126j01ckl06llk010jkk111200
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ns/js/13488000.min.js?126k6j2023126j01ckl06llk010jkk111200 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: 9wgtvP0cVsloq3UaPunwsA==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4E2F58
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: df72edf5-001e-0047-02ae-218b98000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0r+W3YwAAAACS9drlK2WHT6KxWVrYJUDjQU1TMDRFREdFMTgwNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0sOW3YwAAAABaqWbm3pAYSp24JwquTcplU1ZHMjBFREdFMDUxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:12 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20221213a

13.107.238.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20221213a
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ldsapi/assets/script/common-extentions.min.js?20221213a HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: G3v7pHqbSC0Gvp9zsfwXIA==
last-modified: Wed, 09 Jun 2021 12:26:50 GMT
etag: 0x8D92B41DB6898DE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: a34c5828-101e-0053-0fae-2148fc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0r+W3YwAAAAAOjw+muJNaT4tKRBjsC54FQU1TMDRFREdFMTkwOQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0sOW3YwAAAAC0rk917c1aR49xxYWP0luMU1ZHMjBFREdFMDUxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:12 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?126k6j2023126j01ckl06llk010jkk111200

13.107.238.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?126k6j2023126j01ckl06llk010jkk111200
IP
13.107.238.53:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ns/css/13488000.min.css?126k6j2023126j01ckl06llk010jkk111200 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
content-encoding: br
content-md5: WEcI6Omll5/fQKo/f35d8g==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4EA477
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 3b4afaa2-101e-003e-3aa3-1ee2d2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0r+W3YwAAAACIzqclLsO8SJt7a7WVj2m9QU1TMDRFREdFMTkyMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0sOW3YwAAAADFRQkJwoRyRbvMqSLa2krAU1ZHMjBFREdFMDUxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:12 GMT
X-Firefox-Spdy: h2

cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16729962624360.36168859214294213&invert_field_sensitivity=false

54.230.111.111

200 OK

0 B

URL HTTP/2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16729962624360.36168859214294213&invert_field_sensitivity=false
IP
54.230.111.111:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16729962624360.36168859214294213&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monthlysweeps.us/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Fri, 06 Jan 2023 09:11:15 GMT
last-modified: Tue, 03 Jan 2023 19:03:16 GMT
x-amz-version-id: zYt6a4gkTRwxF5skanZHrLBvMRRhPJI5
etag: W/"1990193718ad6b75308b44eb5980db2c"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qyanNDvb0rZxBHpIYdCHTrpWLNIDHCaZ07MRRImlJosdVVZBNrXQIg==
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=4&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&_=125647561

52.72.8.210

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&_=125647561
IP
52.72.8.210:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/InitFormData?msn=4&pid=16073ee3-5199-43e4-ba98-eb7c651df9ff&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&_=125647561 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 944
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:15 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
rguserid=c6959593-b6d6-420b-b380-e82c4e76c5da; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 05-Feb-2023 09:11:15 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&uuid=9bc52b4f5d72469a803c2e1273eb317b

52.72.8.210

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&uuid=9bc52b4f5d72469a803c2e1273eb317b
IP
52.72.8.210:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=E6A185A7-7CB8-FD82-7712-3409254A1AEF&uuid=9bc52b4f5d72469a803c2e1273eb317b HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:16 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 05-Feb-2023 09:11:16 GMT; Max-Age=2592000; path=/
rguserid=7a5de890-e414-42bd-b114-10e6f9d260fb; expires=Sun, 05-Feb-2023 09:11:16 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 05-Feb-2023 09:11:16 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 05-Feb-2023 09:11:16 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

104.18.10.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:11 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 2021-06-08 18:02:12
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: a9c552a6ef500abddb12a9852509d4ed
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 18442424
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 785353282f19b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2

104.22.38.182

200 OK

0 B

URL HTTP/2
create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
IP
104.22.38.182:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:13 GMT
content-type: text/javascript
x-amz-id-2: JxVKDIpfEXNN8mHvjD3KE2sZrSK8aILbw6OCqrpOgmpb4AtcJoNHDWOFUB/aO5N7GKxjfIthE8I=
x-amz-request-id: R45MKB81Y6E236VE
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 00:55:16 GMT
etag: W/"97495a102c98049f30e62264b1eb50f5"
cache-control: max-age=1800
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG
cf-cache-status: HIT
age: 915
vary: Accept-Encoding
server: cloudflare
cf-ray: 785353343e06993c-ARN
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (59)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations