monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D/?em=0&
301 Moved Permanently 353 B URL User Request GET HTTP/2 monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D/?em=0&
IP
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3a217a337abfc489fde0daf80de8f431
ebd42fbce46be402e55852c424219466d2110cf5
969dd87c47879b48ad58906e783e289f5af383afd82a3afdad03cd49c46372f4
GET /go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D/?em=0& HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 01 Jun 2023 18:03:45 GMT
content-type: text/html; charset=iso-8859-1
content-length: 353
location: http://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
server: Apache/2.4.41 (Ubuntu)
X-Firefox-Spdy: h2
monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
301 Moved Permanently 134 B URL User Request GET HTTP/1.1 monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0& HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 01 Jun 2023 18:03:45 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://monthlysweeps.us:443/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
301 Moved Permanently 9.9 kB URL User Request GET HTTP/1.1 monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (939)
Hash 48c79385b6fcc1fc61894f4ab954a592
83b0bebc9703544bc2c9dec2249bb078a7a440fe
1942a7fbff40ce8b73a525e07fb214c99ce4f81477aba52b651cde4af1b9c9d6
GET /go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0& HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:45 GMT
content-type: text/html; charset=UTF-8
content-length: 9868
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=ej7if86mtp0n0ndvbdqv61n4sjeh9h7d; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
monthlysweeps.us/assets/css/datepicker.css
200 OK 818 B URL GET HTTP/2 monthlysweeps.us/assets/css/datepicker.css
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (3335), with no line terminators
Hash 19a23f04a6130438cfd25f91cd416da4
5fd77d346b6e26e21730b365e48dcde290637f3a
2f21641b37bedebc84cc798eca1b80d9649cb4c23a1831659cd77c3660f873ae
GET /assets/css/datepicker.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=ej7if86mtp0n0ndvbdqv61n4sjeh9h7d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: text/css
content-length: 818
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:06 GMT
etag: "d07-5c80ac2c970f8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
200 OK 6.5 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (20322)
Hash 6b08ddc901000d51fa1f06a35518f302
bafe987c18cbe0587de3e6360e7da40a2885614b
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 859678
expires: Tue, 21 May 2024 18:03:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0e3J1KWb8rnyooGrF4zU935HuY1urdryeykCMay8nBbK09KOv7vGF3xqP7a7XFUKu%2Ba%2F3yDmOo%2BT%2BOC1PcQ%2B6ex0Dv86UHvKAn6eC%2FFS6GErZtc0NuATB5GSMSGgIxn0k9V%2BqlT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d09600dde80b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
monthlysweeps.us/assets/css/loading_icon_1.css
200 OK 580 B URL GET HTTP/2 monthlysweeps.us/assets/css/loading_icon_1.css
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
Hash 053b0d384c5e6cac600ccf5a8653e78d
58a6473f06c39c9338e2baaa1474c112e9d3f2e9
091a6575c7efe80624d5054b93b61cd16e00398e10c495511c1af7dc063e882a
GET /assets/css/loading_icon_1.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=ej7if86mtp0n0ndvbdqv61n4sjeh9h7d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: text/css
content-length: 580
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:07 GMT
etag: "db0-5c80ac2ce37a0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
monthlysweeps.us/assets/css/sweeps.css
200 OK 1.6 kB URL GET HTTP/2 monthlysweeps.us/assets/css/sweeps.css
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
Hash c3f23e37e95f27b1a740ccfd96775321
d9b137629ddc681da8ef74e6c94347d8a30eab2a
2fca7b57761fb71fb0de70b202c782874d518f535815da6f71c257e39ce95109
GET /assets/css/sweeps.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=ej7if86mtp0n0ndvbdqv61n4sjeh9h7d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: text/css
content-length: 1625
server: Apache/2.4.41 (Ubuntu)
last-modified: Wed, 01 Mar 2023 16:02:09 GMT
etag: "170a-5f5d8d5a5e368-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
monthlysweeps.us/assets/img/sweepstakes250/one.png
200 OK 801 B URL GET HTTP/2 monthlysweeps.us/assets/img/sweepstakes250/one.png
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Hash 03744c9d39310c5d2af2cf2a23616580
603f0d70ddc7d77f6341dc0caf9e0740b33ae061
afbc2f9fe529022b98f966b254c8d3173a40998fdd01ee3739df99a8a3169a0b
GET /assets/img/sweepstakes250/one.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=ej7if86mtp0n0ndvbdqv61n4sjeh9h7d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: image/png
content-length: 801
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:31 GMT
etag: "321-5429f55d7e9c0"
accept-ranges: bytes
X-Firefox-Spdy: h2
monthlysweeps.us/assets/img/sweepstakes250/two.png
200 OK 915 B URL GET HTTP/2 monthlysweeps.us/assets/img/sweepstakes250/two.png
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Hash a1914f8236d7704856f5c5762e86c109
ea40712fad474fab16b7e2f1505bcb42302cd6ec
6c21621aeb7ad165ee758074b65bbf2fa35498a74320a940c52a3208375ef26d
GET /assets/img/sweepstakes250/two.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=ej7if86mtp0n0ndvbdqv61n4sjeh9h7d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: image/png
content-length: 915
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:30 GMT
etag: "393-5429f55c8a780"
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
200 OK 59 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65274)
Hash 537fb5541479dbe0e06b56c5d21e5c73
cb2ba1c0cc5d244bf6484d74ec197efb074e9a6a
1fb32ef65d7b57f33a43580329dbf6ee37beb5b4b64272a6a0d705ca9abf3484
GET /ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 58913
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-46f6d"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2424016
expires: Tue, 21 May 2024 18:03:46 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJ1pdo2tc1Ptj0OBEHC8Ap%2BFVz9xoeTKwIxThLey9B8PhpKa7I4A4lmKQ6%2Fkp9nzVAHjhlW9o1W%2BzXfgBd25txqZ2bcbivmF8pEk%2BciCdbdomaQaF6wwlJ86BaI6UbuUCJpcjD2p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d09600e0ed6b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.min.js
200 OK 30 kB URL GET HTTP/2 code.jquery.com/jquery-3.3.1.min.js
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1685642626.dop210.sk1.t,1685642626.cds212.sk1.hn,1685642626.cds240.sk1.c
X-Firefox-Spdy: h2
monthlysweeps.us/assets/js/datepicker.js
200 OK 5.3 kB URL GET HTTP/2 monthlysweeps.us/assets/js/datepicker.js
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (16878)
Hash 50e8118195525667c97c698ae2063198
b81b9cdd700240e03f5a700577cf2f162b5d2cda
6d41c10e9bae08259ba5b58757e8dbf6713dfa033fee3330ae37e85660c85726
GET /assets/js/datepicker.js HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=ej7if86mtp0n0ndvbdqv61n4sjeh9h7d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: application/javascript
content-length: 5285
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:09 GMT
etag: "42ac-5c80ac2fab258-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js
200 OK 5.5 kB URL GET HTTP/2 cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type Unicode text, UTF-8 text, with very long lines (17590)
Hash 35fd33d8c4423cfffc1d4d3ccc7540e8
838ac66c3ecac6b6136b049bdd0e14f2f022952c
219324a6611109fcb8c440e9e38af1802240ee8f1453d557353cc20cdaaead6e
GET /jquery.validation/1.15.0/additional-methods.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"4547-g4rGbD7KxrYTawSb3Q4U8vAilSw"
content-encoding: br
accept-ranges: bytes
date: Thu, 01 Jun 2023 18:03:46 GMT
age: 2042596
x-served-by: cache-fra-eddf8230101-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5542
X-Firefox-Spdy: h2
cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js
200 OK 7.9 kB URL GET HTTP/2 cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File type Unicode text, UTF-8 text, with very long lines (22550)
Hash c4499184878d17d8af6f4181c0d03102
c5a2ff013fa357c1d2a6571b5d8e658e670080ea
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
GET /jquery.validation/1.15.0/jquery.validate.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"58a0-xaL/AT+jV8HSplcbXY5ljmcAgOo"
content-encoding: br
accept-ranges: bytes
date: Thu, 01 Jun 2023 18:03:46 GMT
age: 1438219
x-served-by: cache-fra-eddf8230115-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7875
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
200 OK 587 B URL GET HTTP/2 www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint48:E3:15:66:FC:EA:15:BF:D2:34:C1:DD:60:D4:23:A3:63:57:89:8D
ValidityMon, 08 May 2023 08:25:18 GMT - Mon, 31 Jul 2023 08:25:17 GMT
File type ASCII text, with very long lines (884), with no line terminators
Hash 000764671bf6f50144cdb70d390128e8
e536701aa351df5574425301f6da479f1dc6e9d0
793798b0dca187817057ed06175a44bb03233cc06ac6149577e45f47c5575c5f
GET /recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Thu, 01 Jun 2023 18:03:46 GMT
date: Thu, 01 Jun 2023 18:03:46 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 587
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Hash e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 12:59:19 GMT
expires: Wed, 29 May 2024 12:59:19 GMT
cache-control: public, max-age=31536000
age: 191067
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Hash e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 12:59:19 GMT
expires: Wed, 29 May 2024 12:59:19 GMT
cache-control: public, max-age=31536000
age: 191067
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
200 OK 23 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 20:15:31 GMT
expires: Wed, 29 May 2024 20:15:31 GMT
cache-control: public, max-age=31536000
age: 164895
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 04:04:41 GMT
expires: Fri, 31 May 2024 04:04:41 GMT
cache-control: public, max-age=31536000
age: 50345
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
200 OK 78 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Hash d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
GET /releases/v5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: font/woff2
content-length: 78268
x-amz-id-2: 6ZH3XMO5g4W6SY6mXkXoEOP0hBZjmPwISu56JeSULJ2ybw2vJ51Mk9n+kqWoWnJ4+gSAjwVCybc=
x-amz-request-id: FFG5PHTG1NXZ32RX
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 15646
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzoId%2FJIGDwZaPwKX4Wr4hQxVC8x3u7VN%2FWBk0kyMOsJzCCu07gr%2FtA6iQyFhCrQixymyc5ocnvGYHR%2FhA5Xv7C9Ta%2FAFAZEu%2F0%2FRPGipwIYhRVSA1504ADAZYGtCeRuyBijqBy5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d09600ffbec71fe-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=12531317841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D&subid=12531317841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D
731 B URL GET ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=12531317841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D&subid=12531317841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (934), with CRLF line terminators
Hash fc8c8865d23705bbb340787d3fab0752
89660eae45c1bda68e886a2a6627a1dd4b2f3f84
15bb72cf49b01b74f4a25482ffb4d47029d7cb196591e76bb9fe41830448a08f
GET /generateplacementscript.aspx?placement=13488000&publisher=139136&affid=12531317841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D&subid=12531317841_RAD_%7Bcampaign%7D_%7Badzone%7D_%7Bcountry%7D HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Thu, 01 Jun 2023 18:03:46 GMT
Content-Length: 731
monthlysweeps.us/assets/img/campaign/1253_bg.jpg
200 OK 475 kB URL GET HTTP/2 monthlysweeps.us/assets/img/campaign/1253_bg.jpg
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1920x1080, components 3\012- data
Size 475 kB (474838 bytes)
Hash 9f9ec0bd4b699f784446c17a1273a4ac
e79666717b7b004f554e6bfec1d073b4627ed3a7
9b092cd2a17b5e84e2e12622d1cad8c40f2df0aa44a8b0d7a320a1e1209aca41
GET /assets/img/campaign/1253_bg.jpg HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=ej7if86mtp0n0ndvbdqv61n4sjeh9h7d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: image/jpeg
content-length: 474838
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 18:54:27 GMT
etag: "73ed6-5d7ae7abcb0c8"
accept-ranges: bytes
X-Firefox-Spdy: h2
monthlysweeps.us/assets/img/campaign/1253_welcome.png
200 OK 258 kB URL GET HTTP/2 monthlysweeps.us/assets/img/campaign/1253_welcome.png
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 550 x 350, 8-bit/color RGBA, non-interlaced\012- data
Size 258 kB (258018 bytes)
Hash 4ab082dfa4d24ddc5faa6ae9be0b7e7a
0a66d5fa8c56b01c42656bad7fd0358e35f0b5a7
c916d279aa3477141699255e5f01031b8d891bbea0cadf185ddad136866da02b
GET /assets/img/campaign/1253_welcome.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=ej7if86mtp0n0ndvbdqv61n4sjeh9h7d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: image/png
content-length: 258018
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 18:45:24 GMT
etag: "3efe2-5d7ae5a63e210"
accept-ranges: bytes
X-Firefox-Spdy: h2
ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=12531317841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d&subid=12531317841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d
4.9 kB URL GET ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=12531317841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d&subid=12531317841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (15295), with CRLF line terminators
Hash d452345e9f79dbd5d950ef0ee29ab0f2
715baa96af736e6007b72c2c7964b040ea3ab0dd
7ab5a9d1794ec517c836cbfe5bf97aa3521f8b3955d712f4124a4cc37727116f
GET /GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=12531317841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d&subid=12531317841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Thu, 01 Jun 2023 18:03:46 GMT
Content-Length: 4932
tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif
200 OK 43 B URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /amsus/ldsapi/assets/images/spacer.gif HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
content-md5: MlRyYBVx8x4b8AZ0w2jTNQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
x-cache: TCP_HIT
x-ms-request-id: d40aeb9d-801e-0056-2ba0-93bc83000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ZaB4ZAAAAAAqa/Nh80BESY6Xzp17iur8QU1TMDRFREdFMTkxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0g914ZAAAAAD7KkFef06lT66GjHNQHoTsU1ZHMjBFREdFMDUxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:03:47 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419
200 OK 520 B URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (520), with no line terminators
Hash 004c48ee12ed64e223dae51fffda80ca
a3a70b71586d8573a400bd4a2a0eb9bf8ec39c17
735903b0b0ffc434c5dd315d19c20594526dd23bcc44480e69edfbe20f4fb117
GET /amsus/ns/assets/awesome-font/font-awesome.css?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 520
content-type: text/css
content-md5: AExI7hLtZOIj2uUf/9qAyg==
last-modified: Fri, 21 May 2021 11:01:09 GMT
etag: 0x8D91C47BDA9A147
x-cache: TCP_HIT
x-ms-request-id: a47f129b-301e-0066-01eb-93e6a9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ZaB4ZAAAAAC2/ScAvuMrT5hkvyt1TqtjQU1TMDRFREdFMTgxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0g914ZAAAAAD58iSROryqQbZ//9k7F4hzU1ZHMjBFREdFMDUxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:03:47 GMT
X-Firefox-Spdy: h2
ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsPlacement.aspx?hKey=1375869600&affid=12531317841_RAD_{campaign}_{adzone}_{country}&subid=12531317841_RAD_{campaign}_{adzone}_{country}&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
200 OK 694 B URL POST HTTP/1.1 ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsPlacement.aspx?hKey=1375869600&affid=12531317841_RAD_{campaign}_{adzone}_{country}&subid=12531317841_RAD_{campaign}_{adzone}_{country}&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (370), with CRLF line terminators
Hash ca14ea783a005706e045262facfecf8e
b523a6af8552b046802c4db853a038847b6a0fbc
833e81a0cfbd8efe5b73a876fe662a10d341a04a4e230d8ab2c9c148de22f9be
POST /ManageImpressions/ReportViaJsPlacement.aspx?hKey=1375869600&affid=12531317841_RAD_{campaign}_{adzone}_{country}&subid=12531317841_RAD_{campaign}_{adzone}_{country}&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 109
Date: Thu, 01 Jun 2023 18:03:47 GMT
Content-Length: 694
ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1375869600&affid=12531317841_RAD_{campaign}_{adzone}_{country}&subid=12531317841_RAD_{campaign}_{adzone}_{country}&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
200 OK 741 B URL POST HTTP/1.1 ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1375869600&affid=12531317841_RAD_{campaign}_{adzone}_{country}&subid=12531317841_RAD_{campaign}_{adzone}_{country}&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (433), with CRLF line terminators
Hash 5c7b283c52ee2f6f7a8952bca39c2636
a8d615c1016b7563baa50223292df71be0562500
b9cd272f28d8696e72f5c218acf62ed90d6ec8947398b34c06005411d8275dd8
POST /ManageImpressions/ReportViaJsCampaign.aspx?hKey=1375869600&affid=12531317841_RAD_{campaign}_{adzone}_{country}&subid=12531317841_RAD_{campaign}_{adzone}_{country}&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 109
Date: Thu, 01 Jun 2023 18:03:48 GMT
Content-Length: 741
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0
200 OK 84 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type Web Open Font Format, TrueType, length 83760, version 1.0\012- data
Hash fdf491ce5ff5b2da02708cd0e9864719
7f2f3c55c2de192387c351b995115f6b79e09173
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
GET /amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://tmgassets.azureedge.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 83760
content-type: font/woff
content-md5: /fSRzl/1stoCcIzQ6YZHGQ==
last-modified: Fri, 21 May 2021 11:01:16 GMT
etag: 0x8D91C47C18878E8
x-cache: TCP_HIT
x-ms-request-id: 43791cb9-901e-0049-5764-946793000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0Z6B4ZAAAAABuTqVpoC7DR4rRe2TPx5CHQU1TMDRFREdFMTgxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
access-control-allow-headers: *
access-control-allow-methods: GET
x-azure-ref: 0hN14ZAAAAAABcFYlKcPSQb2cwUIgj/lmU1ZHMjBFREdFMDUxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:03:48 GMT
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
200 OK 166 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 238459
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103
200 OK 16 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (3119)
Hash 138a6d33364bc5b6b00f807b455e5809
49e4b92c15a8a7b7f98b620031f5fc7244dd5dc3
f04f125b065bc7c202fa12f4186b429cf5455a6e9a1815e2a2259b3b71db251b
GET /amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: E4ptMzZLxbawD4B7RV5YCQ==
last-modified: Wed, 03 Nov 2021 09:07:36 GMT
etag: 0x8D99EA961032FA1
x-cache: TCP_HIT
x-ms-request-id: 43791a13-901e-0049-6564-946793000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ZaB4ZAAAAABJmo1Inu70SoTZf+4loaEOQU1TMDRFREdFMTgxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0g914ZAAAAACXYJDmRitJQpgvY4123E7KU1ZHMjBFREdFMDUxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:03:47 GMT
X-Firefox-Spdy: h2
pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=monthlysweeps.us
200 OK 2.2 kB URL GET HTTP/2 pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=monthlysweeps.us
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectpushpros.tech
FingerprintF1:27:D4:0A:37:DD:69:2C:97:CF:48:D1:1A:24:56:E0:17:C8:BB:F9
ValidityThu, 04 May 2023 00:00:00 GMT - Sat, 01 Jun 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2182), with no line terminators
Hash 38e49556c06033ac12ed857815f23d64
6fe91f0b1a4385f2fc9aee8e1ad41385cc23bfe8
90732a8c2078a3a4937aca66d545df8f07b1b388791f02cd2e3893417f0fe862
GET /GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=monthlysweeps.us HTTP/1.1
Host: pushpros.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monthlysweeps.us/
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
content-length: 2182
date: Thu, 01 Jun 2023 18:03:48 GMT
x-amzn-requestid: 142b9c03-70f1-41cc-9e13-13a71e30835e
access-control-allow-origin: *
x-amz-apigw-id: F2eMyElJIAMFvCg=
x-amzn-trace-id: Root=1-6478dd84-1c243acf022c546a4f62e9fe;Sampled=0;lineage=ce85cba6:0
x-cache: Miss from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3u6E0V9tMmFmhTyiyWVymJ8Q5CPBGXQ56-aNz7Lu2Xbr-xtayHfnsA==
X-Firefox-Spdy: h2
create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
200 OK 45 kB URL GET HTTP/2 create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerCloudflare, Inc.
Subjectlidstatic.com
FingerprintF7:D5:3C:A9:3E:B6:D5:BF:11:CB:69:9F:0B:34:88:4F:18:79:BC:88
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 7905febc4acd3ec3d6b3b2f16d974b49
4ee31ef133ebe99d0f95a66cc0dfc86b906cd18f
f328ffc233b8c3c9bf3a0e6dfab61dc98c0036a033014a2c73a473c28e06cdcf
GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:48 GMT
content-type: text/javascript
x-amz-id-2: a+DI6QkjKhT8p6T7N9rE4upCqCFKfPj6+XK5JJhvI+Au4AGyo62T/MMxIKRzm5cjbQfIyOxsnH8=
x-amz-request-id: NE1S86QEAN9PDCS1
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 00:55:16 GMT
etag: W/"97495a102c98049f30e62264b1eb50f5"
cache-control: max-age=1800
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG
cf-cache-status: HIT
age: 6
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d09601c6f222d9b-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
ldsapi.tmginteractive.com/api/hitsnap.ashx
200 OK 21 B URL POST HTTP/1.1 ldsapi.tmginteractive.com/api/hitsnap.ashx
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerSectigo Limited
Subject*.tmginteractive.com
Fingerprint74:A2:82:D6:85:05:21:E0:EE:EA:CA:17:26:FE:51:07:9B:DC:E6:EE
ValidityThu, 14 Jul 2022 00:00:00 GMT - Mon, 14 Aug 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 8736cdfe08480bca66cffeee06268705
81af0417f969f93848b1cf30fce1db93884facc1
838a7c62adda8d131d694ae13ba2c5b73579aeb0f327d9f23e23880943a8a289
POST /api/hitsnap.ashx HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 10827
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 109
Date: Thu, 01 Jun 2023 18:03:49 GMT
Content-Length: 21
monthlysweeps.us/go/api/zip/undefined?get_param=value
200 OK 111 B URL GET HTTP/2 monthlysweeps.us/go/api/zip/undefined?get_param=value
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 4072747d6757278fe77c6970474ad27d
7404af04b7ef1db62f26e0a08fe82ab5a184e901
7d911cc2e66702b54cfca359fb39a67a65259e9ed6706c4a78516d20a4670e6f
GET /go/api/zip/undefined?get_param=value HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=ej7if86mtp0n0ndvbdqv61n4sjeh9h7d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:49 GMT
content-type: application/json; charset=UTF-8
content-length: 111
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: ci_session=ej7if86mtp0n0ndvbdqv61n4sjeh9h7d; path=/; HttpOnly; SameSite=Lax
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700
200 OK 30 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type gzip compressed data, max compression\012- data
Hash 990072648c0dad242a7753024fbf03aa
4b552a2751c8093b46883ef05df7eff8ba2b608d
3a0a423e3c9e1991a1e3e457459aa3a3c4e2a1ef5f33efe9ef158f400347fb2e
GET /css?family=Lato:400,700|Oswald:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Jun 2023 18:03:46 GMT
date: Thu, 01 Jun 2023 18:03:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s3.amazonaws.com/trackpush/trackpush.min.js
200 OK 13 kB URL GET HTTP/1.1 s3.amazonaws.com/trackpush/trackpush.min.js
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjects3.amazonaws.com
Fingerprint94:B9:7C:21:8C:A0:94:8C:1A:34:F7:CB:48:59:A4:A2:B4:E5:81:03
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 20 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (47625), with no line terminators
Hash d470356148c00da67db3c9bdaecc90f9
d12a4df31633cf9a982bd6e8c3ffbc2449b1753f
5ea9947b55246bd7e281b10027a5ed301039077b0589afff470b73c561a93054
GET /trackpush/trackpush.min.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: k9PwJqmkRDuq08ziLEvLAGndZxZUci0EcV2iB/7gJ9bTIVaivCyYVakJt+TEEtvfywYsllZN8IE=
x-amz-request-id: HMTBENJQWJWXPC2G
Date: Thu, 01 Jun 2023 18:03:50 GMT
Last-Modified: Thu, 03 Nov 2022 18:51:50 GMT
ETag: "cbd14612441d2cca730df2e3c9f185c1"
Cache-Control: max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 13264
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=baf10209-80a5-41ac-802d-5f81b7295010&_=359562157
200 OK 1.5 kB URL POST HTTP/2 create.leadid.com/2.11.9/GenerateToken?msn=1&pid=baf10209-80a5-41ac-802d-5f81b7295010&_=359562157
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 33fbe3f63e9c84f3e2014fe293fd03c3
9ca17345be421fb8a2bb57230d4102c71c454972
a53ff646847e19a222c0067511de2e4a2b7bb9d51a743a95a08bec64dd3c5d58
POST /2.11.9/GenerateToken?msn=1&pid=baf10209-80a5-41ac-802d-5f81b7295010&_=359562157 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 315
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:49 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:03:49 GMT; Max-Age=2592000; path=/
rguserid=40c02588-e889-4f2c-b97b-3e472757983e; expires=Sat, 01-Jul-2023 18:03:49 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:03:49 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:03:49 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
signals.aimtell.com/pageview?id_site=12408&v=3.974&support=0&state=default&wl=1
200 OK 43 B URL POST HTTP/2 signals.aimtell.com/pageview?id_site=12408&v=3.974&support=0&state=default&wl=1
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerCloudflare, Inc.
Subjectaimtell.com
Fingerprint1C:CD:DA:C4:62:7E:59:6E:A3:E5:F3:89:A3:BD:88:CA:D9:F0:F7:3D
ValiditySat, 08 Apr 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /pageview?id_site=12408&v=3.974&support=0&state=default&wl=1 HTTP/1.1
Host: signals.aimtell.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:50 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: https://monthlysweeps.us
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse, Aimtell-Signal, Aimtell-Iso
aimtell-hash-exists: 0
aimtell-iso: NO
aimtell-signal: 0
aimtell-traverse: 0
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0960261fcffab4-OSL
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=a9s0v6so8of7
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash 83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:55:34 GMT
expires: Tue, 28 May 2024 23:55:34 GMT
cache-control: public, max-age=31536000
age: 238096
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
200 OK 166 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 238461
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=a9s0v6so8of7
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 17:31:32 GMT
expires: Wed, 29 May 2024 17:31:32 GMT
cache-control: public, max-age=31536000
age: 174738
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=a9s0v6so8of7
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 21:40:21 GMT
expires: Wed, 29 May 2024 21:40:21 GMT
cache-control: public, max-age=31536000
age: 159809
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
200 OK 112 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=a9s0v6so8of7
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type ASCII text, with no line terminators
Hash ffdfcf8fae84f7684f006bf5af012c06
b31182bbb1c60a114919bf05e698805b61f76aba
1bf768716a75b7620d341f775d10d79ee73a3a47f6609a24ca25dd88e4aeda95
GET /recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=a9s0v6so8of7
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Thu, 01 Jun 2023 18:03:50 GMT
date: Thu, 01 Jun 2023 18:03:50 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=a9s0v6so8of7
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 21:48:58 GMT
expires: Mon, 05 Jun 2023 21:48:58 GMT
cache-control: public, max-age=604800
age: 245692
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
200 OK 166 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js
IP
Requested by https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (660)
Size 166 kB (166449 bytes)
Hash 95a32a4d8f8be968bc15d6ab9b9491d1
fbfbcb40c8d8997096cd2ea3d8cfc3dee1981015
a41096fbcf982d79bf075bf2378c9c0c2e8ada5bdc94bd7cc794454135ccf981
GET /recaptcha/releases/CDFvp7CXAHw7k3HxO47Gm1O9/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166449
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 May 2023 23:49:29 GMT
expires: Tue, 28 May 2024 23:49:29 GMT
cache-control: public, max-age=31536000
age: 238461
last-modified: Mon, 22 May 2023 20:58:33 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
api.trustedform.com/certs
201 Created 475 B URL POST HTTP/2 api.trustedform.com/certs
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Hash 6a2ec9fedfc1eb9c359309ffa21e5852
f90e1d227c79fcfef226445c792a6f8aa8f5d9b2
cde3568fbf1854ce94984e892fc18bbf555d63bb41b38131c7d24233158baba8
POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 684
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 201 Created
date: Thu, 01 Jun 2023 18:03:51 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&uuid=affd18fb5bee41bdb42fdc94599cf515
200 OK 20 B URL GET HTTP/2 create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&uuid=affd18fb5bee41bdb42fdc94599cf515
IP
Requested by https://deviceid.trueleadid.com/iframe.html?token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&uuid=affd18fb5bee41bdb42fdc94599cf515 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:50 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
rguserid=5b86d937-98c5-436a-9306-a37e991f04f3; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
api.trustedform.com/certs/34815b90b7a2919d1d9314c9d1e57404d541f104/snapshot
204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/34815b90b7a2919d1d9314c9d1e57404d541f104/snapshot
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/34815b90b7a2919d1d9314c9d1e57404d541f104/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 20627
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 01 Jun 2023 18:03:51 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=5&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562161
200 OK 20 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=5&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562161
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
POST /2.11.9/InitFormData?msn=5&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562161 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1064
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:51 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:03:51 GMT; Max-Age=2592000; path=/
rguserid=dbd3a85e-ca1f-47a1-9ea9-3ed768d3d47c; expires=Sat, 01-Jul-2023 18:03:51 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:03:51 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:03:51 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
api.trustedform.com/certs/34815b90b7a2919d1d9314c9d1e57404d541f104/events
204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/34815b90b7a2919d1d9314c9d1e57404d541f104/events
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/34815b90b7a2919d1d9314c9d1e57404d541f104/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 226
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Thu, 01 Jun 2023 18:03:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
200 OK 140 kB URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65324)
Size 140 kB (140421 bytes)
Hash fee68c0f2f583161134a1fcb5950501d
8e52dd818562db0ba0764bba172cb91ce248d8b0
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
GET /bootstrap/4.1.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 718, 718
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 2021-04-13 02:48:26
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: b584a7f7756eea1e54b5f28d657ba679
cdn-cache: HIT
cf-cache-status: HIT
age: 11537432
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d09600d882bb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
monthlysweeps.us/favicon.ico
200 OK 5.4 kB URL GET HTTP/2 monthlysweeps.us/favicon.ico
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b0a102991e7332643ae57365023c00c8
4ea4c55c982e08bda104d2e8e981594c067cef24
1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc
GET /favicon.ico HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Cookie: ci_session=ej7if86mtp0n0ndvbdqv61n4sjeh9h7d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:48 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:08 GMT
etag: "1536-5c80ac2e78fe8"
accept-ranges: bytes
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419
200 OK 2.0 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (2124), with no line terminators
Hash a9d00438ec759f27468801313fe9a7af
085b65a60b73669577962221fcee98b49daf3082
158752f85a758ad52e9c3060df35b936874654bfb68ace7b85619021bfa10394
GET /amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: Shzc0tuaykHxXX+tfi+uUQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
x-cache: TCP_HIT
x-ms-request-id: 7fdac97f-301e-0000-288e-9454f3000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ZaB4ZAAAAAA39716mzObTLdllqNzLkwyQU1TMDRFREdFMTkxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0g914ZAAAAAD6dhXcU6XrR732KxyKd04TU1ZHMjBFREdFMDUxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:03:47 GMT
X-Firefox-Spdy: h2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16856426280870.4664923758046091&invert_field_sensitivity=false
200 OK 7.5 kB URL GET HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16856426280870.4664923758046091&invert_field_sensitivity=false
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (7726), with no line terminators
Hash 9922363fd118cee80f733b7f8cf45e5c
c58005d21a1da4c611549651099127ff0f2ab9f6
1c01e146dfe11b2f712393fa866f782d0ea7d52ba076fb66739de8bbcd712565
GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16856426280870.4664923758046091&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monthlysweeps.us/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Thu, 01 Jun 2023 18:03:50 GMT
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: 3_b23spJZawDo2DonqGySoPkWa3Umuag
etag: W/"88ddf717f635b54023edd7480431e1d1"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8il7A6HHrP2EH2uudIU8mG8lRI_9ikvTZDHpNFFOgitE6aNZP5U4Fg==
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n
200 OK 5.8 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (5890), with no line terminators
Hash 054c03ee5f93d8bb3a90805207848ca5
ef5bd470af73880b802ec80e33b0a68aed1d2df5
926b873683cc2a93a405e8882e8be9cc247bfd058337ea628d97c5f0e13422ff
GET /amsus/ldsapi/assets/script/standard.min.js?version=20220221n HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: YTnb0ehLGLRubF63e3IyDA==
last-modified: Mon, 21 Feb 2022 16:55:53 GMT
etag: 0x8D9F55B05E46BD0
x-cache: TCP_HIT
x-ms-request-id: 0780a5f2-901e-0024-448e-94cdbd000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ZaB4ZAAAAAClG6XiI9wESLGp/YDdrLH3QU1TMDRFREdFMTgxMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0g914ZAAAAADaDJFQ4yZLQKHDXqzHErLOU1ZHMjBFREdFMDUxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:03:47 GMT
X-Firefox-Spdy: h2
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
200 OK 3.5 kB URL GET HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3675), with no line terminators
Hash f296cf3fca2786c12a670712ef7f00bc
da1b0e716af4460dcf59ade38450cb62798954d1
eabbab0c6023ae05e66d758837fa85258b724f04781c69ce36225c586a0c8db7
GET /iframe.html?token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Thu, 01 Jun 2023 11:40:03 GMT
ETag: W/"643ec1f4-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: q1vcjcVvlKeaa6R4PWfwW6JeCHY7mCVUAG1E92h_73GyA7APjsdAdA==
Age: 23090
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
200 OK 51 kB URL GET HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (50395)
Hash ce6e785579ae4cb555c9de311d1b9271
5ef2c15b47d7290698c737676ba9c3056b45f2e8
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 2021-06-08 18:02:12
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: a9c552a6ef500abddb12a9852509d4ed
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 31088779
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d09600d9838b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.39.js
200 OK 105 kB URL GET HTTP/2 cdn.trustedform.com/trustedform-1.8.39.js
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 105 kB (104691 bytes)
Hash 9c2830f2c2e5b9cb27e0e7f151317cbe
7e0b45f1cf0f826b0aaaf792e20bdd77d27c6b3a
fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14
GET /trustedform-1.8.39.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: OadgesbszW_FbzYEqgjtb7SPpT8rHyZy
server: AmazonS3
content-encoding: gzip
date: Thu, 01 Jun 2023 18:03:44 GMT
etag: W/"9c2830f2c2e5b9cb27e0e7f151317cbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NyDn-4tM7ictJZyCWCtUp7X5QD5UGNO-wQlghzd42ckXpqeoUD_wkg==
age: 8
X-Firefox-Spdy: h2
deviceid.trueleadid.com/iframe.html?token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
200 OK 4.2 kB URL GET HTTP/2 deviceid.trueleadid.com/iframe.html?token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP
Requested by https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
Certificate IssuerAmazon
Subjectdeviceid.trueleadid.com
FingerprintD8:8B:86:53:4A:F3:E9:53:1D:C4:CD:CB:91:CD:50:50:B0:84:BA:DB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4323), with no line terminators
Hash 27a57862137bf0b580930f288703c507
20114057bbb1f8a2ca6f1b6a2d81fe7f2b75c64a
b0019d4447d91be93f68b8fb233b8fcccc542e3dffc16d4dc9c9f71bc9704550
GET /iframe.html?token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:50 GMT
content-type: text/html
server: nginx
last-modified: Tue, 23 May 2023 16:17:22 GMT
etag: W/"646ce712-1049"
expires: Fri, 02 Jun 2023 18:03:50 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?471k1j2023471j06ckl01llk110jkk034700
200 OK 2.4 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?471k1j2023471j06ckl01llk110jkk034700
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (2581), with no line terminators
Hash a5813b8f3c2a6b19ae7d242481bfcafd
f107a77be34aecdb05282362d917c2bb4d08f7b9
d56881f993ab04fd74ccebc82b1ac4c54781380cc3a90de559bf7ac73b9d70a0
GET /amsus/ns/js/13488000.min.js?471k1j2023471j06ckl01llk110jkk034700 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=60
content-type: application/javascript
content-encoding: br
content-md5: 9wgtvP0cVsloq3UaPunwsA==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4E2F58
x-cache: TCP_HIT
x-ms-request-id: e0cd1e7c-801e-0030-36b3-940ed9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0fN14ZAAAAABslBfHc9ncSoxR2CxyUBU8QU1TMDRFREdFMTgxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0g914ZAAAAABbEL4xySBtR4dOzrICOtq5U1ZHMjBFREdFMDUxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:03:47 GMT
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=7&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562163
200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=7&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562163
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=7&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562163 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 22741
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:59 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:03:59 GMT; Max-Age=2592000; path=/
rguserid=48c7f30f-2f16-4274-929e-1c4b0fa18919; expires=Sat, 01-Jul-2023 18:03:59 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:03:59 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:03:59 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
api.trustedform.com/certs/34815b90b7a2919d1d9314c9d1e57404d541f104/fingerprints
204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/34815b90b7a2919d1d9314c9d1e57404d541f104/fingerprints
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/34815b90b7a2919d1d9314c9d1e57404d541f104/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 219
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Thu, 01 Jun 2023 18:03:51 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=6&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562162
200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=6&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562162
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=6&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562162 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 537310
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:59 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:03:59 GMT; Max-Age=2592000; path=/
rguserid=d7dff2ac-47ab-4757-a727-73b12cb99f1a; expires=Sat, 01-Jul-2023 18:03:59 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:03:59 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:03:59 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230511
200 OK 142 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20230511
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 142 kB (141939 bytes)
Hash a8946770b188db8b73fdb355e5aa528e
0fd595c22ca439470ddabe26de880d3322f343d0
b52f41e88c0efd90d7b3c6c6271c589f482c8c0e4df7fa72e451142046b2aafb
GET /amsus/ldsapi/assets/script/common.min.js?version=20230511 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: qJRncLGI24tz/bNV5apSjg==
last-modified: Thu, 11 May 2023 10:44:04 GMT
etag: 0x8DB520CA3B38234
x-cache: TCP_HIT
x-ms-request-id: 95b48d79-401e-000f-1764-94b905000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0ZaB4ZAAAAACvh+IQACqCQ71/jfNuVzRRQU1TMDRFREdFMTkxOQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0g914ZAAAAADt8jrOKLt9QoaZ1K1VSDkuU1ZHMjBFREdFMDUxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:03:47 GMT
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/solid.css
200 OK 669 B URL GET HTTP/2 use.fontawesome.com/releases/v5.15.4/css/solid.css
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type ASCII text, with very long lines (687), with no line terminators
Hash 81b4a92d760b313b45df9237b891afbd
ceec7717973bad0c64404c8dc66ffbee97ad115f
45c3854ea12c502acc89d809417b2930ad2873456b9f1a8fa7a6b27c96a7e9c0
GET /releases/v5.15.4/css/solid.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: text/css
x-amz-id-2: lBc0laXyyDmMLP1yeYZwdHM9KzoKLwWrhjHek5qku8uk4rD35C5dA/sVDgZVjK2+5RstJ5hly+A=
x-amz-request-id: FFG21EBF4QAMN4GJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"685a6b10be9f3db25acf78c5e7ba7379"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 15646
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vb7cLSymSKfHRGGhBJIgDJyybkR1JXKbPPBJYJXikgtb%2B1nGb3GNSSPgNOBCNjlvdcvGhF%2FYETlUwD7QsEEyvIXf6ebsYXomdIKdhnXCY7wG14cwjwdL5Wadzqvs2k5G7zD642WI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d09600e696671fe-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562158
200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/SaveDom?msn=2&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562158
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/SaveDom?msn=2&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562158 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 496
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:50 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
rguserid=b2c9f1e4-f5db-4e79-8c30-f85bca2bda2a; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?471k1j2023471j06ckl01llk110jkk034700
200 OK 8.8 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?471k1j2023471j06ckl01llk110jkk034700
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (8794), with no line terminators
Hash d729dbb13f364f3dc92f32a2ead36a51
9308918d0894986284d85a173e421af3ac3fdc70
50485ced72a15b489dd2af34d559b2bf297e9eb00808f56007cbdfca6eb090e0
GET /amsus/ns/css/13488000.min.css?471k1j2023471j06ckl01llk110jkk034700 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=60
content-type: text/css
content-encoding: br
content-md5: WEcI6Omll5/fQKo/f35d8g==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4EA477
x-cache: TCP_HIT
x-ms-request-id: 085f9797-d01e-0045-32b3-948962000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0fN14ZAAAAACLlZ4XLrerR5V67nPFsyOeQU1TMDRFREdFMTgxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0g914ZAAAAABpuKzv+cpTSr2OTxQzE8X4U1ZHMjBFREdFMDUxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:03:47 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js
200 OK 41 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (349), with CRLF line terminators
Hash 26c749b13ae86712f7a25dcec26f3856
18065acf65c1d3ae276069cafc3b1ee60773ac7d
c2bde97781b1ee79ac29c16508b257a62f14e5cc423c9d21007701bb30c51b71
GET /amsus/ns/js/offers_extended_functions.min.js HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: max-age=60
content-type: application/javascript
content-encoding: br
content-md5: JsdJsTroZxL3ol3Owm84Vg==
last-modified: Mon, 07 Mar 2022 22:37:07 GMT
etag: 0x8DA008B03257DBD
x-cache: TCP_HIT
x-ms-request-id: 31baf37e-b01e-005e-64b3-94a7f0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0fd14ZAAAAADLpsePDwelRKC3L/kh1PFuQU1TMDRFREdFMTkwOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0hN14ZAAAAAD2BvazJKvTQIuvb04lk7ukU1ZHMjBFREdFMDUxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:03:48 GMT
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/fontawesome.css
200 OK 58 kB URL GET HTTP/2 use.fontawesome.com/releases/v5.15.4/css/fontawesome.css
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
FingerprintC8:38:F5:E2:7C:CE:53:71:EB:92:1D:71:F5:78:FE:7C:C4:4D:65:BC
ValiditySat, 06 May 2023 03:15:52 GMT - Fri, 04 Aug 2023 03:15:51 GMT
File type ASCII text, with very long lines (57687)
Hash a227f005fa7ae066c1068ac4b963514c
0a5885758759f084fdc5fd16a550deb8be722ea8
0588d1661498d804543dc1537f9784877a962b9f0ef3c4ccee765eb7f2543611
GET /releases/v5.15.4/css/fontawesome.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:46 GMT
content-type: text/css
x-amz-id-2: ENLc9Ap15EvDOv2SoVZkmCwD2wX38zRISGZwnGSRAhxmwebPxvEUdJVY8FnDOqQVahwTbpt8ypg=
x-amz-request-id: FFGBKR4YREBWM3ME
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a227f005fa7ae066c1068ac4b963514c"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 15646
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVOl9Ydk29kQbrGTNinJeirCWyB0BYgW57QczeJRwpBmabmEjmFnOSEM%2BUkQ7AJDGKgZ8u8ENdsmrpr7zpuivlUfN936QiyXJgRSbsl2jEaHRPkjc2zUZ4ZFk54g%2FoVO2crerD%2FP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d09600e798b71fe-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562159
200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562159
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=3&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562159 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 13136
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:50 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
rguserid=94e46866-ceaa-4bbd-a472-7e84b9d50f4c; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=8&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562164
200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=8&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562164
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=8&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562164 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 359111
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:59 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:03:59 GMT; Max-Age=2592000; path=/
rguserid=c1ada740-5ef6-4b65-9743-2a9ce12b74db; expires=Sat, 01-Jul-2023 18:03:59 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:03:59 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:03:59 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562160
200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=4&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562160
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=4&pid=baf10209-80a5-41ac-802d-5f81b7295010&token=CB79FAFA-59C7-6C13-3BB2-957C66BF6E25&_=359562160 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 944
Origin: https://monthlysweeps.us
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 01 Jun 2023 18:03:50 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
rguserid=4217b26d-2106-43b9-bb94-1d780bb8d3c4; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sat, 01-Jul-2023 18:03:50 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230511
200 OK 3.0 kB URL GET HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20230511
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerMicrosoft Corporation
Subject*.azureedge.net
Fingerprint3A:4F:3D:B0:64:92:54:38:F3:88:18:72:9F:BB:02:81:DA:62:D3:AC
ValidityThu, 20 Apr 2023 10:26:00 GMT - Sun, 14 Apr 2024 10:26:00 GMT
File type ASCII text, with very long lines (3051), with no line terminators
Hash f9d9e56e092720d794d067c2ecc79204
e94ebea310544b675e8262ef74ebeee59794d239
98762112e9e6dc47babbee855afe27a2622ab50f67bada49f66d3a20f2c494c0
GET /amsus/ldsapi/assets/script/common-extentions.min.js?20230511 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: G3v7pHqbSC0Gvp9zsfwXIA==
last-modified: Wed, 09 Jun 2021 12:26:50 GMT
etag: 0x8D92B41DB6898DE
x-cache: TCP_HIT
x-ms-request-id: ea2fa924-301e-0044-48b3-94889f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0fN14ZAAAAADLei4ZCRcLT5q824JUB6rqQU1TMDRFREdFMTkxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0g914ZAAAAAD4CH0sai9XSpvpGNtqpmxBU1ZHMjBFREdFMDUxMwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Thu, 01 Jun 2023 18:03:47 GMT
X-Firefox-Spdy: h2
api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16856426280870.4664923758046091&invert_field_sensitivity=false
301 Moved Permanently 7.5 kB URL GET HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16856426280870.4664923758046091&invert_field_sensitivity=false
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trustedform.js?provide_referrer=false&field=trusted_form&l=16856426280870.4664923758046091&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Thu, 01 Jun 2023 18:03:48 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16856426280870.4664923758046091&invert_field_sensitivity=false
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=a9s0v6so8of7
200 OK 52 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=a9s0v6so8of7
IP
Requested by https://monthlysweeps.us/go/to/4mmjuy/key/27b358a841b1312a63f0cdb6919bcd03/aid/13/s1/17841_RAD_%7bcampaign%7d_%7badzone%7d_%7bcountry%7d?em=0&
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint5D:BA:19:A5:81:25:05:32:72:13:A7:18:CF:67:8C:D6:6F:13:B3:EF
ValidityMon, 08 May 2023 08:20:09 GMT - Mon, 31 Jul 2023 08:20:08 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43839)
Hash dcebb5d9b01f7ecdba276ea30de007de
a06933a0a037128419cb452ac34547ff4ff898cb
d228df8512c8b2742bf797342191339417c1b456366e5042c4385e3b743c24f4
GET /recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=CDFvp7CXAHw7k3HxO47Gm1O9&size=invisible&cb=a9s0v6so8of7 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://monthlysweeps.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 01 Jun 2023 18:03:49 GMT
content-security-policy: script-src 'nonce-vxsy-YyzbA5HFLaeWSjgpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28604
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
107.21.226.142
104.18.10.207
0.0.0.0