monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D/?em=0&
107.21.226.142301 Moved Permanently 356 B URL User Request GET HTTP/2 monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D/?em=0&
IP 107.21.226.142:443
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1c26c4a57d4544642d7bfaaac39fe9f7
9493285aa3f73434218315c85e4de9593f57b16a
e4f31b7b1ee368894c2e8e636d16beaa04e9e5ffae3e09c2d85da942df0982ad
GET /go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D/?em=0& HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: text/html; charset=iso-8859-1
content-length: 356
location: http://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
server: Apache/2.4.41 (Ubuntu)
X-Firefox-Spdy: h2
monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
107.21.226.142301 Moved Permanently 134 B URL User Request GET HTTP/1.1 monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
IP 107.21.226.142:80
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0& HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 01 Jun 2023 18:04:56 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://monthlysweeps.us:443/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
107.21.226.142301 Moved Permanently 9.8 kB URL User Request GET HTTP/1.1 monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
IP 107.21.226.142:80
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (939)
Hash 7ffadb872955374e3469d3513c7a431a
7c9dee1cb24b5f43723c9379ce9b4af1dea65aab
28909f99632fbf940ea573b687d6246e3e5a523a6feeaf660579b57d83a00480
GET /go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0& HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: text/html; charset=UTF-8
content-length: 9801
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=l5gheah98rmg7e3ji8vvdffgrmg3ogb8; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
104.17.25.14200 OK 6.5 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP 104.17.25.14:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (20322)
Hash 6b08ddc901000d51fa1f06a35518f302
bafe987c18cbe0587de3e6360e7da40a2885614b
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 859748
expires: Tue, 21 May 2024 18:04:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNt1X0xCJQM3AnuXTr3HBOlcLh94eTTEs6tlxEajKKFH1Gwg9EHrixIRnH8wY86SfBgTXK3Zcwrgs8PUYAKO%2FgBVcSVfwTTbpsIRjkjXEu%2BwkEp7%2BjZ1KY2B5H3WldDeYfsz44V2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0961c76eaeb517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
104.17.25.14200 OK 59 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
IP 104.17.25.14:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65274)
Hash 537fb5541479dbe0e06b56c5d21e5c73
cb2ba1c0cc5d244bf6484d74ec197efb074e9a6a
1fb32ef65d7b57f33a43580329dbf6ee37beb5b4b64272a6a0d705ca9abf3484
GET /ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: application/javascript; charset=utf-8
content-length: 58913
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-46f6d"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2424086
expires: Tue, 21 May 2024 18:04:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvJh1fYwIqVY2at9JC3QISNGA0oZFbaHyv1gYPL1NL4hDcHlG878wFUTIJsA%2Ba7v5%2BRrWw5Md1mKkdKsvlTDbq4JdI8sRcnKgqGT6IgBNafaQTISD9F3hxv51xHM7mLdAwqBDK98"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0961c76eb3b517-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
monthlysweeps.us/assets/css/datepicker.css
107.21.226.142200 OK 818 B URL GET HTTP/2 monthlysweeps.us/assets/css/datepicker.css
IP 107.21.226.142:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (3335), with no line terminators
Hash 19a23f04a6130438cfd25f91cd416da4
5fd77d346b6e26e21730b365e48dcde290637f3a
2f21641b37bedebc84cc798eca1b80d9649cb4c23a1831659cd77c3660f873ae
GET /assets/css/datepicker.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=l5gheah98rmg7e3ji8vvdffgrmg3ogb8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: text/css
content-length: 818
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:06 GMT
etag: "d07-5c80ac2c970f8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
monthlysweeps.us/assets/css/loading_icon_1.css
107.21.226.142200 OK 580 B URL GET HTTP/2 monthlysweeps.us/assets/css/loading_icon_1.css
IP 107.21.226.142:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
Hash 053b0d384c5e6cac600ccf5a8653e78d
58a6473f06c39c9338e2baaa1474c112e9d3f2e9
091a6575c7efe80624d5054b93b61cd16e00398e10c495511c1af7dc063e882a
GET /assets/css/loading_icon_1.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=l5gheah98rmg7e3ji8vvdffgrmg3ogb8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: text/css
content-length: 580
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:07 GMT
etag: "db0-5c80ac2ce37a0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
monthlysweeps.us/assets/css/sweeps.css
107.21.226.142200 OK 1.6 kB URL GET HTTP/2 monthlysweeps.us/assets/css/sweeps.css
IP 107.21.226.142:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
Hash c3f23e37e95f27b1a740ccfd96775321
d9b137629ddc681da8ef74e6c94347d8a30eab2a
2fca7b57761fb71fb0de70b202c782874d518f535815da6f71c257e39ce95109
GET /assets/css/sweeps.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=l5gheah98rmg7e3ji8vvdffgrmg3ogb8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: text/css
content-length: 1625
server: Apache/2.4.41 (Ubuntu)
last-modified: Wed, 01 Mar 2023 16:02:09 GMT
etag: "170a-5f5d8d5a5e368-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.min.js
69.16.175.42200 OK 30 kB URL GET HTTP/2 code.jquery.com/jquery-3.3.1.min.js
IP 69.16.175.42:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1685642696.dop213.sk1.t,1685642696.cds253.sk1.hn,1685642696.cds240.sk1.c
X-Firefox-Spdy: h2
cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js
151.101.1.229200 OK 5.5 kB URL GET HTTP/2 cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js
IP 151.101.1.229:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type Unicode text, UTF-8 text, with very long lines (17590)
Hash 35fd33d8c4423cfffc1d4d3ccc7540e8
838ac66c3ecac6b6136b049bdd0e14f2f022952c
219324a6611109fcb8c440e9e38af1802240ee8f1453d557353cc20cdaaead6e
GET /jquery.validation/1.15.0/additional-methods.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"4547-g4rGbD7KxrYTawSb3Q4U8vAilSw"
content-encoding: br
accept-ranges: bytes
date: Thu, 01 Jun 2023 18:04:56 GMT
age: 2042667
x-served-by: cache-fra-eddf8230101-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5542
X-Firefox-Spdy: h2
monthlysweeps.us/assets/img/sweepstakes250/two.png
107.21.226.142200 OK 915 B URL GET HTTP/2 monthlysweeps.us/assets/img/sweepstakes250/two.png
IP 107.21.226.142:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Hash a1914f8236d7704856f5c5762e86c109
ea40712fad474fab16b7e2f1505bcb42302cd6ec
6c21621aeb7ad165ee758074b65bbf2fa35498a74320a940c52a3208375ef26d
GET /assets/img/sweepstakes250/two.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=l5gheah98rmg7e3ji8vvdffgrmg3ogb8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: image/png
content-length: 915
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:30 GMT
etag: "393-5429f55c8a780"
accept-ranges: bytes
X-Firefox-Spdy: h2
monthlysweeps.us/assets/img/sweepstakes250/one.png
107.21.226.142200 OK 801 B URL GET HTTP/2 monthlysweeps.us/assets/img/sweepstakes250/one.png
IP 107.21.226.142:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Hash 03744c9d39310c5d2af2cf2a23616580
603f0d70ddc7d77f6341dc0caf9e0740b33ae061
afbc2f9fe529022b98f966b254c8d3173a40998fdd01ee3739df99a8a3169a0b
GET /assets/img/sweepstakes250/one.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=l5gheah98rmg7e3ji8vvdffgrmg3ogb8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: image/png
content-length: 801
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:31 GMT
etag: "321-5429f55d7e9c0"
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js
151.101.1.229200 OK 7.9 kB URL GET HTTP/2 cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js
IP 151.101.1.229:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type Unicode text, UTF-8 text, with very long lines (22550)
Hash c4499184878d17d8af6f4181c0d03102
c5a2ff013fa357c1d2a6571b5d8e658e670080ea
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
GET /jquery.validation/1.15.0/jquery.validate.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"58a0-xaL/AT+jV8HSplcbXY5ljmcAgOo"
content-encoding: br
accept-ranges: bytes
date: Thu, 01 Jun 2023 18:04:56 GMT
age: 1438290
x-served-by: cache-fra-eddf8230115-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7875
X-Firefox-Spdy: h2
monthlysweeps.us/assets/js/datepicker.js
107.21.226.142200 OK 5.3 kB URL GET HTTP/2 monthlysweeps.us/assets/js/datepicker.js
IP 107.21.226.142:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (16878)
Hash 50e8118195525667c97c698ae2063198
b81b9cdd700240e03f5a700577cf2f162b5d2cda
6d41c10e9bae08259ba5b58757e8dbf6713dfa033fee3330ae37e85660c85726
GET /assets/js/datepicker.js HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=l5gheah98rmg7e3ji8vvdffgrmg3ogb8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: application/javascript
content-length: 5285
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:09 GMT
etag: "42ac-5c80ac2fab258-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
216.58.207.228200 OK 587 B URL GET HTTP/2 www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
IP 216.58.207.228:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint48:E3:15:66:FC:EA:15:BF:D2:34:C1:DD:60:D4:23:A3:63:57:89:8D
ValidityMon, 08 May 2023 08:25:18 GMT - Mon, 31 Jul 2023 08:25:17 GMT
File type ASCII text, with very long lines (884), with no line terminators
Hash 000764671bf6f50144cdb70d390128e8
e536701aa351df5574425301f6da479f1dc6e9d0
793798b0dca187817057ed06175a44bb03233cc06ac6149577e45f47c5575c5f
GET /recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Thu, 01 Jun 2023 18:04:56 GMT
date: Thu, 01 Jun 2023 18:04:56 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 587
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 78 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
IP 172.64.133.15:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Hash d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
GET /releases/v5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:57 GMT
content-type: font/woff2
content-length: 78268
x-amz-id-2: ufTOUt/NF6+37zIoQIrZ+tKuBCxpR8uiz0GYHaqrZbtDgzenGQhSyLAAgwfkLTPCoW6m8aL6BP0=
x-amz-request-id: ZEFYH2GFK3FSY5AV
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 15660
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BWoth0do%2BtRswx9dtZ7S9AR91hr6sevhbhVod2pS1mr3ZWu%2By7O6LUL98rAFSU4DgBavbk%2F%2FIaySOJYBUdAtVilwlOw6YLfdl35xb%2FxztHa3IhFRrArV7yOqyEuVqRIutmc%2BcdX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0961ca7e982502-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/fontawesome.css
172.64.133.15200 OK 30 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.15.4/css/fontawesome.css
IP 172.64.133.15:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type ASCII text, with very long lines (57687)
Hash a227f005fa7ae066c1068ac4b963514c
0a5885758759f084fdc5fd16a550deb8be722ea8
0588d1661498d804543dc1537f9784877a962b9f0ef3c4ccee765eb7f2543611
GET /releases/v5.15.4/css/fontawesome.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: text/css
x-amz-id-2: jyKNvPeQFKQ1Y/P9Am7fxq0QX+iHDCcSMPELV8oJxCCtNVyEFrZ3FIwjCAysW9tSUNPOI76js3c=
x-amz-request-id: ZEFWQSRW1RFTWSR4
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a227f005fa7ae066c1068ac4b963514c"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 15659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Y4cE%2FRyDRisqu6b21idbTyDfd%2FAvsYAcKQX4VTrsjhRc%2FbmNRnWwzhQvFInBVwR32ZR6g%2BvI0q7MY4JL9iW%2Fdom5Uu2UyLPKFX0VU9No4e4UnGdy2Zb%2BZ2gLyaJJBPgiUo7m1t7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0961c7c9392502-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=10111682917841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D&subid=10111682917841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D
209.151.244.116 734 B URL GET ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=10111682917841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D&subid=10111682917841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D
IP 209.151.244.116:0
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (940), with CRLF line terminators
Hash dd0340bb8c653c7c73b89ffa19d1f908
2421e5106d43fcea2ebd563ddd7c77f3512439e3
11be17b8a02b9937b21ebd3159a5faa0058c301a2f80ab68ca091e1e41afd5c8
GET /generateplacementscript.aspx?placement=13488000&publisher=139136&affid=10111682917841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D&subid=10111682917841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Thu, 01 Jun 2023 18:04:56 GMT
Content-Length: 734
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
216.58.207.227200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP 216.58.207.227:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Hash e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 12:59:19 GMT
expires: Wed, 29 May 2024 12:59:19 GMT
cache-control: public, max-age=31536000
age: 191138
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 04:04:41 GMT
expires: Fri, 31 May 2024 04:04:41 GMT
cache-control: public, max-age=31536000
age: 50416
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 20:15:31 GMT
expires: Wed, 29 May 2024 20:15:31 GMT
cache-control: public, max-age=31536000
age: 164966
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
monthlysweeps.us/assets/img/campaign/1011_bg.jpg
107.21.226.142200 OK 80 kB URL GET HTTP/2 monthlysweeps.us/assets/img/campaign/1011_bg.jpg
IP 107.21.226.142:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Hash ef80e07e3194be5d6626453d86376ccd
9dd9b18661826237b18e6d7ea6a49dd12d319689
0b311b7ee51638db88eefefb68fcd89cd9a8539149387f8fbf7ced0626c2c7ae
GET /assets/img/campaign/1011_bg.jpg HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=l5gheah98rmg7e3ji8vvdffgrmg3ogb8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:57 GMT
content-type: image/jpeg
content-length: 79678
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:30:48 GMT
etag: "1373e-5d7afd35dc9c8"
accept-ranges: bytes
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/solid.css
172.64.133.15200 OK 50 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.15.4/css/solid.css
IP 172.64.133.15:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type ASCII text, with very long lines (483)
Hash 685a6b10be9f3db25acf78c5e7ba7379
c0c0e8602a81f62ccb2af3329bb4e14bfc1d96e1
882e58c671a484d0daa97a2807060e1a1ad16e73a87753f494a0a8f24412164b
GET /releases/v5.15.4/css/solid.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: text/css
x-amz-id-2: IN7qVnoER6h5AI89sS7oScHeUIw89SslnM3ZPADzOb2LzMJxZcBbXSsHQ0Fm8FOnv4ct5wlqEAE=
x-amz-request-id: ZEFWTYHY6P2XM7DJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"685a6b10be9f3db25acf78c5e7ba7379"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 15659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoLf2rrX3VpXkO5OT0hw0TDQ0SXZShBRWY2mo%2Bu1JYng7rj2Ihp1vKRaep%2BFFrB%2BQZj5CPxqJwl0jia3%2FvMRVSSxF2bH74BuEHblVhw4FXqWNZlfiUmHxxs4HP%2BCA%2FYpVAHvr9Nu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0961c7c9342502-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=10111682917841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d&subid=10111682917841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d
209.151.244.116 4.9 kB URL GET ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=10111682917841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d&subid=10111682917841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d
IP 209.151.244.116:0
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (15307), with CRLF line terminators
Hash 41573b042b5430eac7f1ab3b078c6a81
f9f7070412f5b8773542bd3852b8a91b65871588
aaf6f188bbb84f800a2274b874f96a0d76621bb971c1e36f06de770ebe8768df
GET /GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=10111682917841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d&subid=10111682917841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Thu, 01 Jun 2023 18:04:57 GMT
Content-Length: 4942
tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif
13.107.246.53200 OK 43 B URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /amsus/ldsapi/assets/images/spacer.gif HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
content-md5: MlRyYBVx8x4b8AZ0w2jTNQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
x-cache: TCP_HIT
x-ms-request-id: d40aeb9d-801e-0056-2ba0-93bc83000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ZaB4ZAAAAAAqa/Nh80BESY6Xzp17iur8QU1TMDRFREdFMTkxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0yt14ZAAAAAC2gtXAoRx4SbJRpFGcR6vhU1ZHMjBFREdFMDYxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:04:58 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419
13.107.246.53200 OK 520 B URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (520), with no line terminators
Hash 004c48ee12ed64e223dae51fffda80ca
a3a70b71586d8573a400bd4a2a0eb9bf8ec39c17
735903b0b0ffc434c5dd315d19c20594526dd23bcc44480e69edfbe20f4fb117
GET /amsus/ns/assets/awesome-font/font-awesome.css?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 520
content-type: text/css
content-md5: AExI7hLtZOIj2uUf/9qAyg==
last-modified: Fri, 21 May 2021 11:01:09 GMT
etag: 0x8D91C47BDA9A147
x-cache: TCP_HIT
x-ms-request-id: a47f129b-301e-0066-01eb-93e6a9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ZaB4ZAAAAAC2/ScAvuMrT5hkvyt1TqtjQU1TMDRFREdFMTgxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0yt14ZAAAAABvxF4Y2jZ6TockJPBsC+fkU1ZHMjBFREdFMDYxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:04:58 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n
13.107.246.53200 OK 2.3 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (5818), with no line terminators
Hash 6139dbd1e84b18b46e6c5eb77b72320c
aa14a984ea335482d37a4c6911d08bc6d78dacff
163694f0b4ba5706bade284df06a3e3a37c79679a9d9d90f4fde204523ca8ac5
GET /amsus/ldsapi/assets/script/standard.min.js?version=20220221n HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: YTnb0ehLGLRubF63e3IyDA==
last-modified: Mon, 21 Feb 2022 16:55:53 GMT
etag: 0x8D9F55B05E46BD0
x-cache: TCP_HIT
x-ms-request-id: 0780a5f2-901e-0024-448e-94cdbd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ZaB4ZAAAAAClG6XiI9wESLGp/YDdrLH3QU1TMDRFREdFMTgxMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0yt14ZAAAAAB96SHT79bAR74NXZHNxKUwU1ZHMjBFREdFMDYxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:04:57 GMT
X-Firefox-Spdy: h2
ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1375869779&affid=10111682917841_RAD_{campaign}_{adzone}_{country}&subid=10111682917841_RAD_{campaign}_{adzone}_{country}&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
209.151.244.116200 OK 743 B URL POST HTTP/1.1 ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1375869779&affid=10111682917841_RAD_{campaign}_{adzone}_{country}&subid=10111682917841_RAD_{campaign}_{adzone}_{country}&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
IP 209.151.244.116:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (439), with CRLF line terminators
Hash c9f91b298d734ab1ce96ca76dc8bdda6
1bcb0ecb6108d9fe4d5706506d96075ccde0ed5b
1d74dffe47981d146e7abf9e419a2b40c00c1a4e69bdfbebfc315d3c7cf47060
POST /ManageImpressions/ReportViaJsCampaign.aspx?hKey=1375869779&affid=10111682917841_RAD_{campaign}_{adzone}_{country}&subid=10111682917841_RAD_{campaign}_{adzone}_{country}&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 109
Date: Thu, 01 Jun 2023 18:04:58 GMT
Content-Length: 743
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0
13.107.246.53200 OK 84 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type Web Open Font Format, TrueType, length 83760, version 1.0\012- data
Hash fdf491ce5ff5b2da02708cd0e9864719
7f2f3c55c2de192387c351b995115f6b79e09173
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
GET /amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://tmgassets.azureedge.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 83760
content-type: font/woff
content-md5: /fSRzl/1stoCcIzQ6YZHGQ==
last-modified: Fri, 21 May 2021 11:01:16 GMT
etag: 0x8D91C47C18878E8
x-cache: TCP_HIT
x-ms-request-id: 43791cb9-901e-0049-5764-946793000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0Z6B4ZAAAAABuTqVpoC7DR4rRe2TPx5CHQU1TMDRFREdFMTgxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
access-control-allow-headers: *
access-control-allow-methods: GET
x-azure-ref: 0y914ZAAAAAD6ZbtmXUoVQK94IJ77IoLBU1ZHMjBFREdFMDYxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:04:59 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?571k1j2023571j06ckl01llk117jkk045700
13.107.246.53200 OK 1.7 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?571k1j2023571j06ckl01llk117jkk045700
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (8788), with no line terminators
Hash 584708e8e9a5979fdf40aa3f7f7e5df2
60c7f0e6a93182cb83d3d09b54c13835ea2eacaa
c1c437356e3210af6721541b394d33993549a2a36c4ccb6c36c9f89e8c10f1c6
GET /amsus/ns/css/13488000.min.css?571k1j2023571j06ckl01llk117jkk045700 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=60
content-type: text/css
content-encoding: br
content-md5: WEcI6Omll5/fQKo/f35d8g==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4EA477
x-cache: TCP_HIT
x-ms-request-id: c53cd104-801e-0074-3ab3-94d2b5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0wt14ZAAAAACnLQQY1zhJS5AB6XE2gHaDQU1TMDRFREdFMTkwNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0yt14ZAAAAAB/8LAdPhyFSKGTnHdBJxkJU1ZHMjBFREdFMDYxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:04:58 GMT
X-Firefox-Spdy: h2
pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=monthlysweeps.us
54.230.111.40200 OK 2.2 kB URL GET HTTP/2 pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=monthlysweeps.us
IP 54.230.111.40:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectpushpros.tech
FingerprintF1:27:D4:0A:37:DD:69:2C:97:CF:48:D1:1A:24:56:E0:17:C8:BB:F9
ValidityThu, 04 May 2023 00:00:00 GMT - Sat, 01 Jun 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2182), with no line terminators
Hash 38e49556c06033ac12ed857815f23d64
6fe91f0b1a4385f2fc9aee8e1ad41385cc23bfe8
90732a8c2078a3a4937aca66d545df8f07b1b388791f02cd2e3893417f0fe862
GET /GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=monthlysweeps.us HTTP/1.1
Host: pushpros.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monthlysweeps.us/
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
content-length: 2182
date: Thu, 01 Jun 2023 18:04:59 GMT
x-amzn-requestid: 9161dce1-d63b-4134-932f-89ccee4f1483
access-control-allow-origin: *
x-amz-apigw-id: F2eX2HjaoAMFkhA=
x-amzn-trace-id: Root=1-6478ddcb-4c1e446d0bf533b031a02eac;Sampled=0;lineage=ce85cba6:0
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7oSb_YJB298sU20eJx7_lomj8sPUtCGOU8d22tp_8JtcOWaGKiU3jA==
X-Firefox-Spdy: h2
create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
104.22.39.182200 OK 206 kB URL GET HTTP/2 create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
IP 104.22.39.182:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerCloudflare, Inc.
Subjectlidstatic.com
FingerprintF7:D5:3C:A9:3E:B6:D5:BF:11:CB:69:9F:0B:34:88:4F:18:79:BC:88
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (32003)
Size 206 kB (206193 bytes)
Hash 5aadf05c836ea6d2b7ef1b1c46cd31d8
bc0f449748c2cd1a761e68345b1a3a59334765f5
f67925e30252f3551b09f37593a06d1ec4ad759e09222a222f610ff7c7037aa6
GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:59 GMT
content-type: text/javascript
x-amz-id-2: a+DI6QkjKhT8p6T7N9rE4upCqCFKfPj6+XK5JJhvI+Au4AGyo62T/MMxIKRzm5cjbQfIyOxsnH8=
x-amz-request-id: NE1S86QEAN9PDCS1
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 00:55:16 GMT
etag: W/"97495a102c98049f30e62264b1eb50f5"
cache-control: max-age=1800
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG
cf-cache-status: HIT
age: 77
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0961d6cf4e2e15-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
monthlysweeps.us/favicon.ico
107.21.226.142200 OK 5.4 kB URL GET HTTP/2 monthlysweeps.us/favicon.ico
IP 107.21.226.142:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b0a102991e7332643ae57365023c00c8
4ea4c55c982e08bda104d2e8e981594c067cef24
1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc
GET /favicon.ico HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=l5gheah98rmg7e3ji8vvdffgrmg3ogb8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:59 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:08 GMT
etag: "1536-5c80ac2e78fe8"
accept-ranges: bytes
X-Firefox-Spdy: h2
ldsapi.tmginteractive.com/api/hitsnap.ashx
209.151.244.116200 OK 21 B URL POST HTTP/1.1 ldsapi.tmginteractive.com/api/hitsnap.ashx
IP 209.151.244.116:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 8736cdfe08480bca66cffeee06268705
81af0417f969f93848b1cf30fce1db93884facc1
838a7c62adda8d131d694ae13ba2c5b73579aeb0f327d9f23e23880943a8a289
POST /api/hitsnap.ashx HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 10827
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 109
Date: Thu, 01 Jun 2023 18:05:00 GMT
Content-Length: 21
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16856426988590.19448627996563805&invert_field_sensitivity=false
54.230.111.91200 OK 31 kB URL GET HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16856426988590.19448627996563805&invert_field_sensitivity=false
IP 54.230.111.91:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (42782)
Hash effa42d87dcae00fdb6c2741478c142f
0b9a053d63cae1ed3878808020a9ac29f0651c29
cf80ccf9d49c3c62d2b150c38eb53f8c1e7e183c6c7e92271b1dc6b5690eab34
GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16856426988590.19448627996563805&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monthlysweeps.us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 01 Jun 2023 18:05:01 GMT
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: 3_b23spJZawDo2DonqGySoPkWa3Umuag
etag: W/"88ddf717f635b54023edd7480431e1d1"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XKrEJe2T9bJq9HXYvv4zU5ODuL46KJ9Ozdz4wI3_ZQ0UZy76FEt88w==
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
142.250.74.35200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=j7tqxb3muc8z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash 83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:55:34 GMT
expires: Tue, 28 May 2024 23:55:34 GMT
cache-control: public, max-age=31536000
age: 238166
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=j7tqxb3muc8z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 238531
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
monthlysweeps.us/go/api/zip/undefined?get_param=value
107.21.226.142200 OK 111 B URL GET HTTP/2 monthlysweeps.us/go/api/zip/undefined?get_param=value
IP 107.21.226.142:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 4072747d6757278fe77c6970474ad27d
7404af04b7ef1db62f26e0a08fe82ab5a184e901
7d911cc2e66702b54cfca359fb39a67a65259e9ed6706c4a78516d20a4670e6f
GET /go/api/zip/undefined?get_param=value HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=l5gheah98rmg7e3ji8vvdffgrmg3ogb8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:05:00 GMT
content-type: application/json; charset=UTF-8
content-length: 111
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: ci_session=l5gheah98rmg7e3ji8vvdffgrmg3ogb8; path=/; HttpOnly; SameSite=Lax
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
X-Firefox-Spdy: h2
s3.amazonaws.com/trackpush/trackpush.min.js
52.217.143.72200 OK 13 kB URL GET HTTP/1.1 s3.amazonaws.com/trackpush/trackpush.min.js
IP 52.217.143.72:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjects3.amazonaws.com
Fingerprint94:B9:7C:21:8C:A0:94:8C:1A:34:F7:CB:48:59:A4:A2:B4:E5:81:03
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 20 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (47625), with no line terminators
Hash d470356148c00da67db3c9bdaecc90f9
d12a4df31633cf9a982bd6e8c3ffbc2449b1753f
5ea9947b55246bd7e281b10027a5ed301039077b0589afff470b73c561a93054
GET /trackpush/trackpush.min.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: k817OUPGhKg8BXvK6Yv3TzVSRzJlwiwCZsqBDl7ixrgC2moc1EVLstIJ8oIoHZywVJ65Ktm1JPk=
x-amz-request-id: RH659QK14T8SFNHV
Date: Thu, 01 Jun 2023 18:05:01 GMT
Last-Modified: Thu, 03 Nov 2022 18:51:50 GMT
ETag: "cbd14612441d2cca730df2e3c9f185c1"
Cache-Control: max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 13264
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=j7tqxb3muc8z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 17:31:32 GMT
expires: Wed, 29 May 2024 17:31:32 GMT
cache-control: public, max-age=31536000
age: 174808
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=j7tqxb3muc8z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 21:40:21 GMT
expires: Wed, 29 May 2024 21:40:21 GMT
cache-control: public, max-age=31536000
age: 159879
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
216.58.207.228200 OK 112 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
IP 216.58.207.228:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=j7tqxb3muc8z
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with no line terminators
Hash ffdfcf8fae84f7684f006bf5af012c06
b31182bbb1c60a114919bf05e698805b61f76aba
1bf768716a75b7620d341f775d10d79ee73a3a47f6609a24ca25dd88e4aeda95
GET /recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=j7tqxb3muc8z
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Thu, 01 Jun 2023 18:05:00 GMT
date: Thu, 01 Jun 2023 18:05:00 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=j7tqxb3muc8z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 21:48:58 GMT
expires: Mon, 05 Jun 2023 21:48:58 GMT
cache-control: public, max-age=604800
age: 245762
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
142.250.74.35200 OK 166 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=j7tqxb3muc8z
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 238531
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
signals.aimtell.com/pageview?id_site=12408&v=3.974&support=0&state=default&wl=1
104.18.30.151200 OK 43 B URL POST HTTP/2 signals.aimtell.com/pageview?id_site=12408&v=3.974&support=0&state=default&wl=1
IP 104.18.30.151:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerCloudflare, Inc.
Subjectaimtell.com
Fingerprint1C:CD:DA:C4:62:7E:59:6E:A3:E5:F3:89:A3:BD:88:CA:D9:F0:F7:3D
ValiditySat, 08 Apr 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /pageview?id_site=12408&v=3.974&support=0&state=default&wl=1 HTTP/1.1
Host: signals.aimtell.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:05:00 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: https://monthlysweeps.us
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse, Aimtell-Signal, Aimtell-Iso
aimtell-hash-exists: 0
aimtell-iso: NO
aimtell-signal: 0
aimtell-traverse: 0
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0961e06865b50c-OSL
X-Firefox-Spdy: h2
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
54.230.245.201200 OK 1.4 kB URL GET HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP 54.230.245.201:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f383924b4df21ad2fe7e8882c61bd5ce
465f78b89eaf1a5aaea70d27ddef8bd19b72fee5
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
GET /iframe.html?token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Thu, 01 Jun 2023 11:40:03 GMT
ETag: W/"643ec1f4-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: orDgPFVRA86kAr_mLzZz66TQqO4xr6WcafLq-4t6cIRHdCQhe6NIGA==
Age: 23160
create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&uuid=c27e046f045a49e9aba06100f14dc803
3.216.107.174200 OK 495 B URL GET HTTP/2 create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&uuid=c27e046f045a49e9aba06100f14dc803
IP 3.216.107.174:443
Requested by https://deviceid.trueleadid.com/iframe.html?token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 90644040704074f8cfbb56b5e0f5628a
1bf8b2a89ee074c50230636092cbbf86e9688597
fe15e9ddd3f06829cd679ebcf24b412a628b3ad1c1b5ee866d3a789241c03168
GET /2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&uuid=c27e046f045a49e9aba06100f14dc803 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:05:01 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:05:01 GMT; Max-Age=2592000; path=/
rguserid=c117bd96-35a0-4c35-a20c-350cc67d9cea; expires=Sat, 01-Jul-2023 18:05:01 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:05:01 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:05:01 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
api.trustedform.com/certs/450e8540ad9f05bbd24951470078b08eb7b71acb/fingerprints
52.206.144.182204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/450e8540ad9f05bbd24951470078b08eb7b71acb/fingerprints
IP 52.206.144.182:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/450e8540ad9f05bbd24951470078b08eb7b71acb/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 262
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 01 Jun 2023 18:05:02 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/450e8540ad9f05bbd24951470078b08eb7b71acb/snapshot
52.206.144.182204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/450e8540ad9f05bbd24951470078b08eb7b71acb/snapshot
IP 52.206.144.182:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/450e8540ad9f05bbd24951470078b08eb7b71acb/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 20451
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 01 Jun 2023 18:05:02 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.39.js
54.230.111.91200 OK 38 kB URL GET HTTP/2 cdn.trustedform.com/trustedform-1.8.39.js
IP 54.230.111.91:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9c2830f2c2e5b9cb27e0e7f151317cbe
7e0b45f1cf0f826b0aaaf792e20bdd77d27c6b3a
fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14
GET /trustedform-1.8.39.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: OadgesbszW_FbzYEqgjtb7SPpT8rHyZy
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Jun 2023 18:04:55 GMT
etag: W/"9c2830f2c2e5b9cb27e0e7f151317cbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XA53hzuuRHrV-dgtz4aQpCEklySDs2LU3q8QHAAUBo9pyoQWUJasdg==
age: 17
X-Firefox-Spdy: h2
api.trustedform.com/certs/450e8540ad9f05bbd24951470078b08eb7b71acb/events
52.206.144.182204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/450e8540ad9f05bbd24951470078b08eb7b71acb/events
IP 52.206.144.182:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/450e8540ad9f05bbd24951470078b08eb7b71acb/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 226
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 01 Jun 2023 18:05:06 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&_=827927715
3.216.107.174200 OK 36 B URL POST HTTP/2 create.leadid.com/2.11.9/GenerateToken?msn=1&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&_=827927715
IP 3.216.107.174:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash a38d05bb4ca3bd6578f16f35f099ba8e
6ae398012c261a418dab2542fd25b7b8a8d7dda8
da542ec41c72d38bbd0abc965d2c2f1f3f45eef9d1e70721fc7c99e28e23be1d
POST /2.11.9/GenerateToken?msn=1&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&_=827927715 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 318
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:05:00 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:05:00 GMT; Max-Age=2592000; path=/
rguserid=0e46a81c-dca8-43cb-b811-a45cb5064fdf; expires=Sat, 01-Jul-2023 18:05:00 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:05:00 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:05:00 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=6&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927720
3.216.107.174200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=6&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927720
IP 3.216.107.174:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=6&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927720 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 519157
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:05:10 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:05:10 GMT; Max-Age=2592000; path=/
rguserid=ae4fa430-187d-457d-9b23-6b102fe2fea9; expires=Sat, 01-Jul-2023 18:05:10 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:05:10 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:05:10 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
104.18.10.207200 OK 140 kB URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
IP 104.18.10.207:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65324)
Size 140 kB (140421 bytes)
Hash fee68c0f2f583161134a1fcb5950501d
8e52dd818562db0ba0764bba172cb91ce248d8b0
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
GET /bootstrap/4.1.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 718, 718
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 2021-04-13 02:48:26
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: b584a7f7756eea1e54b5f28d657ba679
cdn-cache: HIT
cf-cache-status: HIT
age: 11537502
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d0961c70e0eb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700
142.250.74.138200 OK 6.9 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700
IP 142.250.74.138:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (7081), with no line terminators
Hash b0cf9bb6da3b1f8c9c4fa449c8185fd8
d147f8f1f21cfcbe4c8622cc65f6b04639eaec19
0f6216ee48d730659bcfe0fd55dc27364ecedd681ad99c9547a908996d066cef
GET /css?family=Lato:400,700|Oswald:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Jun 2023 18:04:56 GMT
date: Thu, 01 Jun 2023 18:04:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsPlacement.aspx?hKey=1375869779&affid=10111682917841_RAD_{campaign}_{adzone}_{country}&subid=10111682917841_RAD_{campaign}_{adzone}_{country}&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
209.151.244.116200 OK 916 B URL POST HTTP/1.1 ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsPlacement.aspx?hKey=1375869779&affid=10111682917841_RAD_{campaign}_{adzone}_{country}&subid=10111682917841_RAD_{campaign}_{adzone}_{country}&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
IP 209.151.244.116:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (996), with no line terminators
Hash f5134b63bcc1e0bd4967d766d43d5663
f04af759c139436c04d7b2329a68e48dc8cd7618
5ed9a0b631787092f3cfe2272366c265277ff20c273c0f026ad1b0f2afd2aa53
POST /ManageImpressions/ReportViaJsPlacement.aspx?hKey=1375869779&affid=10111682917841_RAD_{campaign}_{adzone}_{country}&subid=10111682917841_RAD_{campaign}_{adzone}_{country}&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 109
Date: Thu, 01 Jun 2023 18:04:58 GMT
Content-Length: 698
tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?571k1j2023571j06ckl01llk117jkk045700
13.107.246.53200 OK 2.4 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?571k1j2023571j06ckl01llk117jkk045700
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (2581), with no line terminators
Hash a5813b8f3c2a6b19ae7d242481bfcafd
f107a77be34aecdb05282362d917c2bb4d08f7b9
d56881f993ab04fd74ccebc82b1ac4c54781380cc3a90de559bf7ac73b9d70a0
GET /amsus/ns/js/13488000.min.js?571k1j2023571j06ckl01llk117jkk045700 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=60
content-type: application/javascript
content-encoding: br
content-md5: 9wgtvP0cVsloq3UaPunwsA==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4E2F58
x-cache: TCP_HIT
x-ms-request-id: e0cde5a6-801e-0030-27b3-940ed9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0wt14ZAAAAADU0PqkFS+cTZnlpRNV9zkEQU1TMDRFREdFMTkxMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0yt14ZAAAAAAf0jPk5qsLRbXt/B7rYbeaU1ZHMjBFREdFMDYxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:04:57 GMT
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=7&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927721
0.0.0.0 0 B URL POST create.leadid.com/2.11.9/Snap?msn=7&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927721
IP 0.0.0.0:0
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=7&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927721 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 358929
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:05:10 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:05:10 GMT; Max-Age=2592000; path=/
rguserid=60684f0a-c9e9-409a-ace7-415dc6b628b1; expires=Sat, 01-Jul-2023 18:05:10 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:05:10 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:05:10 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230511
13.107.246.53200 OK 142 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230511
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 142 kB (141939 bytes)
Hash a8946770b188db8b73fdb355e5aa528e
0fd595c22ca439470ddabe26de880d3322f343d0
b52f41e88c0efd90d7b3c6c6271c589f482c8c0e4df7fa72e451142046b2aafb
GET /amsus/ldsapi/assets/script/common.min.js?version=20230511 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: qJRncLGI24tz/bNV5apSjg==
last-modified: Thu, 11 May 2023 10:44:04 GMT
etag: 0x8DB520CA3B38234
x-cache: TCP_HIT
x-ms-request-id: 95b48d79-401e-000f-1764-94b905000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ZaB4ZAAAAACvh+IQACqCQ71/jfNuVzRRQU1TMDRFREdFMTkxOQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0yt14ZAAAAABRrqYJhfSUQ5rtH2JqcKN5U1ZHMjBFREdFMDYxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:04:58 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419
13.107.246.53200 OK 2.0 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (2124), with no line terminators
Hash a9d00438ec759f27468801313fe9a7af
085b65a60b73669577962221fcee98b49daf3082
158752f85a758ad52e9c3060df35b936874654bfb68ace7b85619021bfa10394
GET /amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: Shzc0tuaykHxXX+tfi+uUQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
x-cache: TCP_HIT
x-ms-request-id: 7fdac97f-301e-0000-288e-9454f3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ZaB4ZAAAAAA39716mzObTLdllqNzLkwyQU1TMDRFREdFMTkxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0yt14ZAAAAACsWvNzuRhoQ60867+7wKV+U1ZHMjBFREdFMDYxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:04:58 GMT
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=j7tqxb3muc8z
216.58.207.228200 OK 51 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=j7tqxb3muc8z
IP 216.58.207.228:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (42782)
Hash e1320f377148ef8aea525fca26077ef8
aa7d770dc4a8c013ff5266d5915ea2ccb0f00838
a6de005e563f1ffd946150030956074c5aac899e7f2788c2d647399007475371
GET /recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=j7tqxb3muc8z HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Jun 2023 18:05:00 GMT
content-security-policy: script-src 'nonce-tC_fH7IHOXz2KEbyAiSVwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 27813
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
create.leadid.com/2.11.9/InitFormData?msn=3&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927717
3.216.107.174200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927717
IP 3.216.107.174:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=3&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927717 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 13136
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:05:01 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:05:01 GMT; Max-Age=2592000; path=/
rguserid=e48b8cee-4305-43c1-99d6-03eff93133d4; expires=Sat, 01-Jul-2023 18:05:01 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:05:01 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:05:01 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
api.trustedform.com/certs
52.206.144.182201 Created 475 B URL POST HTTP/2 api.trustedform.com/certs
IP 52.206.144.182:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (501), with no line terminators
Hash 6ae79ce93ced6b6279f014611ffcb4f9
8ddc81b731fac32f11580a857250d8fb5ae6e8bd
84fa2cf2466f7bc1e7db442e4fe4fa78ba1f70e44efefa8d04db89f9b15eb52e
POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 688
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 201 Created
date: Thu, 01 Jun 2023 18:05:02 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
monthlysweeps.us/assets/img/campaign/1011_welcome.png
107.21.226.142200 OK 50 kB URL GET HTTP/2 monthlysweeps.us/assets/img/campaign/1011_welcome.png
IP 107.21.226.142:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 764 x 568, 8-bit colormap, non-interlaced\012- data
Hash 047799de526a38d846a4053b3f67d1b4
be63c32753f91ab921ad0e1f1520013cf87b201c
3005cf3df607e80137420670f03440ed7edb06d299876e9b2b6a735f4364593a
GET /assets/img/campaign/1011_welcome.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=l5gheah98rmg7e3ji8vvdffgrmg3ogb8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:57 GMT
content-type: image/png
content-length: 50185
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:30:49 GMT
etag: "c409-5d7afd35ffc48"
accept-ranges: bytes
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103
13.107.246.53200 OK 47 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: E4ptMzZLxbawD4B7RV5YCQ==
last-modified: Wed, 03 Nov 2021 09:07:36 GMT
etag: 0x8D99EA961032FA1
x-cache: TCP_HIT
x-ms-request-id: 43791a13-901e-0049-6564-946793000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ZaB4ZAAAAABJmo1Inu70SoTZf+4loaEOQU1TMDRFREdFMTgxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0yt14ZAAAAAABSFY9G4YZRpJB6DLYmxr5U1ZHMjBFREdFMDYxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:04:58 GMT
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=5&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927719
3.216.107.174200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=5&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927719
IP 3.216.107.174:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=5&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927719 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1064
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:05:02 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:05:02 GMT; Max-Age=2592000; path=/
rguserid=a9446d23-4b42-4b24-af71-6dfd0dabbf48; expires=Sat, 01-Jul-2023 18:05:02 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:05:02 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:05:02 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
104.18.10.207200 OK 51 kB URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP 104.18.10.207:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (50395)
Hash ce6e785579ae4cb555c9de311d1b9271
5ef2c15b47d7290698c737676ba9c3056b45f2e8
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:04:56 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 2021-06-08 18:02:12
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: a9c552a6ef500abddb12a9852509d4ed
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 31088849
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d0961c71e33b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16856426988590.19448627996563805&invert_field_sensitivity=false
52.206.144.182301 Moved Permanently 7.5 kB URL GET HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16856426988590.19448627996563805&invert_field_sensitivity=false
IP 52.206.144.182:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trustedform.js?provide_referrer=false&field=trusted_form&l=16856426988590.19448627996563805&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Thu, 01 Jun 2023 18:04:59 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16856426988590.19448627996563805&invert_field_sensitivity=false
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927716
3.216.107.174200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/SaveDom?msn=2&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927716
IP 3.216.107.174:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/SaveDom?msn=2&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927716 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 496
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:05:00 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:05:00 GMT; Max-Age=2592000; path=/
rguserid=5f9a8e47-1a55-4d3c-9889-d686a6b60184; expires=Sat, 01-Jul-2023 18:05:00 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:05:00 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:05:00 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230511
13.107.246.53200 OK 3.0 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230511
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (3051), with no line terminators
Hash f9d9e56e092720d794d067c2ecc79204
e94ebea310544b675e8262ef74ebeee59794d239
98762112e9e6dc47babbee855afe27a2622ab50f67bada49f66d3a20f2c494c0
GET /amsus/ldsapi/assets/script/common-extentions.min.js?20230511 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: G3v7pHqbSC0Gvp9zsfwXIA==
last-modified: Wed, 09 Jun 2021 12:26:50 GMT
etag: 0x8D92B41DB6898DE
x-cache: TCP_HIT
x-ms-request-id: ea2fa924-301e-0044-48b3-94889f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0fN14ZAAAAADLei4ZCRcLT5q824JUB6rqQU1TMDRFREdFMTkxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0yt14ZAAAAAAfZuzaiTllQ63fDGvDnQszU1ZHMjBFREdFMDYxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:04:57 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js
13.107.246.53200 OK 41 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (349), with CRLF line terminators
Hash 26c749b13ae86712f7a25dcec26f3856
18065acf65c1d3ae276069cafc3b1ee60773ac7d
c2bde97781b1ee79ac29c16508b257a62f14e5cc423c9d21007701bb30c51b71
GET /amsus/ns/js/offers_extended_functions.min.js HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=60
content-type: application/javascript
content-encoding: br
content-md5: JsdJsTroZxL3ol3Owm84Vg==
last-modified: Mon, 07 Mar 2022 22:37:07 GMT
etag: 0x8DA008B03257DBD
x-cache: TCP_HIT
x-ms-request-id: 24686ebf-001e-0003-53b3-9457f4000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0xN14ZAAAAAB104irg6qrT52i4SMAPVHuQU1TMDRFREdFMTkxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0y914ZAAAAACOA4lBUHKxQZr4AmohUypjU1ZHMjBFREdFMDYxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:04:59 GMT
X-Firefox-Spdy: h2
deviceid.trueleadid.com/iframe.html?token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
52.3.16.193200 OK 4.2 kB URL GET HTTP/2 deviceid.trueleadid.com/iframe.html?token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP 52.3.16.193:443
Requested by https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
Certificate IssuerAmazon
Subjectdeviceid.trueleadid.com
FingerprintD8:8B:86:53:4A:F3:E9:53:1D:C4:CD:CB:91:CD:50:50:B0:84:BA:DB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4323), with no line terminators
Hash 27a57862137bf0b580930f288703c507
20114057bbb1f8a2ca6f1b6a2d81fe7f2b75c64a
b0019d4447d91be93f68b8fb233b8fcccc542e3dffc16d4dc9c9f71bc9704550
GET /iframe.html?token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:05:01 GMT
content-type: text/html
server: nginx
last-modified: Tue, 23 May 2023 16:17:22 GMT
etag: W/"646ce712-1049"
expires: Fri, 02 Jun 2023 18:05:01 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927718
3.216.107.174200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=4&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927718
IP 3.216.107.174:443
Requested by https://monthlysweeps.us/go/to/1b0eab/key/b0b0663a402d885429ce6f09238471c0/aid/16829/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=4&pid=976ade1d-2a5b-4459-84d0-468f37fc28a1&token=A5ABCBE7-B0F6-C8D2-19A7-B8FF24D3751A&_=827927718 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 944
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:05:01 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:05:01 GMT; Max-Age=2592000; path=/
rguserid=645ebef3-df88-4b30-b6d9-2b0691f506dc; expires=Sat, 01-Jul-2023 18:05:01 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:05:01 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:05:01 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2