Report - monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966

Report Overview

Submitted URL
monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966
IP
54.161.23.57
ASN
#14618 AMAZON-AES
Submitted
2022-12-06 00:58:21
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	827 B	68 kB	104.17.24.14
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	607 B	708 B	108.177.14.155
create.lidstatic.com	24133	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423 B	567 B	172.67.41.229
api.trustedform.com	23021	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	1.8 kB	50.17.203.65
cdn.trustedform.com	24659	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	867 B	42 kB	54.230.111.91
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	812 B	1.8 kB	188.114.99.234
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	4.9 kB	143.204.42.88
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	142.250.74.131
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.89.114.252
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	164 kB	142.250.74.35
create.leadid.com	14598	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	20 kB	54.156.11.63
monthlysweeps.us	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.8 kB	504 kB	54.161.16.68
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	6.9 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	746 B	142.250.74.106
vc.hotjar.io	2334	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	425 B	368 B	54.230.111.91
deviceid.trueleadid.com	2097	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	670 B	332 B	52.73.153.179
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	4.1 kB	143.204.55.84
vars.hotjar.com	1014	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	506 B	1.7 kB	143.204.55.101
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.8 kB	23.36.76.226
ads.pro-market.net	47212	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	1.4 kB	23.36.76.128
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	415 B	1.2 kB	142.250.74.132
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	60 kB	34.120.237.76
ldsapi.tmginteractive.com	85617	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	8.4 kB	209.151.244.116
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	21 kB	142.250.74.110
script.hotjar.com	887	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	69 kB	143.204.55.46
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.21.226
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	81 kB	172.64.133.15
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	84 kB	142.250.74.35
tmgassets.azureedge.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	158 kB	13.107.246.53
d2m2wsoho8qq12.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	663 B	2.0 kB	143.204.42.49
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	31 kB	69.16.175.42
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	803 B	14 kB	151.101.129.229
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	964 B	172.64.155.188

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	Phishing
2022-12-06	medium	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	Phishing
2022-12-06	medium	monthlysweeps.us/assets/js/datepicker.js	Phishing
2022-12-06	medium	monthlysweeps.us/go/api/zip/undefined?get_param=value	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (59)

	URL	Size	First Seen	Last Seen
	vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html	2.3 kB	2023-03-08	2023-03-26
Pretty URL vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html IP 143.204.55.101 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:11 Last Seen2023-03-26 01:38:12 Times Seen2 Hash 2ab04d2242413cc15369fa816e1a02f8 8ff148dd539f0fff0892dcc2075839c315cb8642 fe51660a3d21efbefab64694f51d02f2bcee4e82c324895e93c78ba6179508a3 Loading...

	unknown	0 B	2023-03-07	2024-04-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 13:01:30 Times Seen37038897 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js	20 kB	2023-03-07	2024-04-23
Pretty URL cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-23 23:14:21 Times Seen7658 Hash 6b08ddc901000d51fa1f06a35518f302 bafe987c18cbe0587de3e6360e7da40a2885614b 02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n	5.8 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen159 Hash 10616855bf3a8c21b9b134fee239b3c6 dba045ba0742cfc54ef7a864e50d4372a8217919 0b248c5b1e6aa82997e9e8ac79a837e5ebe0b5e3478ea8e24500487cad65085c Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419	2.0 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen159 Hash aa9ff88f2d52cd1f5e46f8a07aec5e78 13a3853b6f53a862d8cb02346df5b1c555ccc6f6 e62184b995250b6cd0e3f0bccfa159ba6bd3751def6abc8c0f2c96df6ef27427 Loading...

	ads.pro-market.net/ads/scripts/site-141028.js	2.2 kB	2023-03-07	2023-05-05
Pretty URL ads.pro-market.net/ads/scripts/site-141028.js IP 23.36.76.128 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-05-05 20:04:46 Times Seen629 Hash 365b5ee3c0302c78c16f7de2f16f2e9c 8c2e46af5cfe004d044f84067ce8e41a20bfa806 07f9667f25cfdb29c4bd56f3fc9d9f2fdc095ef87f0563b4f0bfc0dc66530b9a Loading...

	monthlysweeps.us/assets/js/datepicker.js	17 kB	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/assets/js/datepicker.js IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:39 Times Seen275 Hash 50e8118195525667c97c698ae2063198 b81b9cdd700240e03f5a700577cf2f162b5d2cda 6d41c10e9bae08259ba5b58757e8dbf6713dfa033fee3330ae37e85660c85726 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	251 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen133 Hash 5e5e656f3e03c73caf1e8041dc391cb9 2bdd8662597ed7b2cff53dcbe25c09c330405072 8b87151430dbd8fd8e394bd633281ec51254fe0cd5326d441a7ad56895e0e5c8 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	64 B	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen203 Hash 43c10d2b2f042467d4d17140c6e4d179 df16bc29f5ac9468b35c32bb0d834221cf5171a4 6e67dc180a86d584ee19d9a3635ce615cc1fe3612f7adfac03df055d25066dc3 Loading...

	deviceid.trueleadid.com/iframe.html?token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4	4.1 kB	2023-03-07	2023-04-05
Pretty URL deviceid.trueleadid.com/iframe.html?token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 IP 52.73.153.179 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen431 Hash 1d08eacf8810260f7f983057db5300af a6fa3b482a165ab84c34b418bee093c439f74034 61ea1ea5a132046ca584940a34a1eae6c007dc56062d2a76cf0dea486a52048b Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	60 B	2023-03-08	2023-03-08
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:57:28 Last Seen2023-03-08 19:57:28 Times Seen1 Hash 78c0a6371cdec200c9b91b8e43f038e5 df918a4db33a3ace7fff581b563683501bb3b27e aaf0e66dca0b92e97ef33d5d5dc4502df1c3693612da760f8892b27b7d9b3c92 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	278 B	2023-03-07	2023-04-06
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:58 Last Seen2023-04-06 08:01:19 Times Seen43 Hash d7a5e70d4ec0dc538219b8c13a4abc66 5cd945fbd5fc94308093a4c6d73c3cdcf4fd84af a4eb87e2c2e0f9d03998c3cbf03a16607948ee3d477b6e60d145e611f191d4ee Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	819 B	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen197 Hash b543295aeb728bc0b47cd37af1155cc3 4de5193a69a306a61a681f1b8bbcec3074dfa0a0 6827f7cf902367971025104b0c9e266cc9a8b2c133980f54eed0b3accc65baf6 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	592 B	2023-03-07	2024-01-19
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen746 Hash b7819f20ec3d377b9fb124f8f0e8ceb4 bc1c20068326ed8b2630a25df9f6f4b2dc281638 a4124d51bb27da6fe4eb67bb019de6d0999d38cfe588b59f38ceaebe7c409488 Loading...

	api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16702882886110.49328869304913125&invert_field_sensitivity=false	8.1 kB	2023-03-08	2023-03-11
Pretty URL api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16702882886110.49328869304913125&invert_field_sensitivity=false IP 50.17.203.65 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:24 Last Seen2023-03-11 23:52:09 Times Seen1 Hash 226cf2375a4ea1f8ea8315621d70424b f563bd859cada4ebd6603e8bcd86cba3da23851f bd75ac2badeaca7640f3e2ac16fd231c9fdfbe727b722999313ed9834c58d8f7 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	355 B	2023-03-07	2024-01-19
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen582 Hash 75e4cb955a63d07fced3932d9d8f6fe0 d73015dc9bf416fd308c9f40d350945f0cfc1720 8d1c6afe9fcc4a69fd903b60adf921b932fa4baead70e2c5984550770588841a Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	397 B	2023-03-07	2024-01-19
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-19 16:43:41 Times Seen579 Hash d54e487a455caded5dec88dad6038538 7aac4b5089e75a37a0281aee2080ae3081b4b387 5c263fa7f8418b34917b5ae5689fbd313530820aeaac85e768084e745c2ea239 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20221201a	3.0 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20221201a IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen159 Hash b07baa2517c1f03c950406a88a1f6c99 0c3c68e0c2a3784374962534bffa9f2b269e891a 14350d698fd8a3e89854a22bb7602a63e1ef45bfd82b1a1f4f9abf2e5d140bf5 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-23
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js IP 188.114.99.234 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-23 23:14:21 Times Seen6304 Hash ce6e785579ae4cb555c9de311d1b9271 5ef2c15b47d7290698c737676ba9c3056b45f2e8 0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339 Loading...

	cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js	23 kB	2023-03-07	2024-04-03
Pretty URL cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-04-03 15:26:41 Times Seen747 Hash c4499184878d17d8af6f4181c0d03102 c5a2ff013fa357c1d2a6571b5d8e658e670080ea aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860 Loading...

	ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966	858 B	2023-03-08	2023-03-08
Pretty URL ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966 IP 209.151.244.116 ASN #11051 CYBERVERSE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:57:28 Last Seen2023-03-08 19:57:28 Times Seen1 Hash 3f00f73894f3bfd4cbc40dfa8275b8a0 e362790494c6c126c076f6d83389060a6c2dd140 1e6c6d6832eb5110a8c24be991da19184e341d8e4d3bcdfabfd4d61c5123f898 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	1.2 kB	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen131 Hash 290521b524b82ebb5e14abaa01b9c1d8 e19492d85482147f62fb918a12559d134613d1c6 6393e147bc9a141d678f284121df133e3602f8119776b958aeb9424420de193e Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	636 B	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen203 Hash 15b9512f5be4a2575dcc59ac37856c2e 061aea4612abe4faf05c4a3f0f0fac7e888c0546 be6eb2c523a276099bad06bc2e02f8917e998f73ac0cda2426521cb4632a2be1 Loading...

	static.hotjar.com/c/hotjar-2865935.js?sv=6	7.6 kB	2023-03-08	2023-03-08
Pretty URL static.hotjar.com/c/hotjar-2865935.js?sv=6 IP 143.204.55.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:57:24 Last Seen2023-03-08 19:57:30 Times Seen1 Hash 6fe26606aad962064edcb2ce493896e8 f494dfb7dd4c77198bf0009270e1f8d848338332 6c9e13ef03fba2baad000775764a416542977ea69d91a223801a01f7db782b8a Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=2mdkimc9og4p	69 B	2023-03-07	2024-04-24
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=2mdkimc9og4p IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-24 12:23:29 Times Seen99365 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=2mdkimc9og4p	35 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9tb250aGx5c3dlZXBzLnVzOjQ0Mw..&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=2mdkimc9og4p IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:57:28 Last Seen2023-03-08 19:57:28 Times Seen1 Hash 0e22d5a1e5adc720efe01f761cc7b749 462c189d76ebe6592ca589e705963c6d5725b2ac 1f37e6f9981595afba8079bf27a3663f408f38c7d7e33690434a158b11e7ef42 Loading...

	tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js	41 kB	2023-03-07	2023-06-01
Pretty URL tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-06-01 20:05:18 Times Seen262 Hash 26c749b13ae86712f7a25dcec26f3856 18065acf65c1d3ae276069cafc3b1ee60773ac7d c2bde97781b1ee79ac29c16508b257a62f14e5cc423c9d21007701bb30c51b71 Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20221201a	140 kB	2023-03-08	2023-03-11
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20221201a IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:25 Last Seen2023-03-11 23:52:09 Times Seen1 Hash 436162c70438fe5d6259fbf0ccf126e0 84ab3a16644bdcab9dadaa72a453de0ba1abd8ba 3daf2a62d043a36dcbef09156cb05a235bc0bc88e17dfaa4fb92428d09879bce Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	59 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen131 Hash 3343475b76e305c87e4909ec17461632 d804d3249185ffc4b3194d122eba05ae7fa9068a bfc2a2ab607a55ce5886b480478989829ea8758da7facad490635683e6629e43 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	3.9 kB	2023-03-07	2023-04-06
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:58 Last Seen2023-04-06 08:01:19 Times Seen43 Hash d64841ff0fc699c7df7c7e11818b4e22 e5fe39b60c7c852a806e000beb0bfe80e4da8c0a f2f3211b728d697a5f6cd605bfd5074fefd6b6ca439affa07cae7ffa9735a028 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	1.7 kB	2023-03-07	2023-03-14
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:58 Last Seen2023-03-14 14:48:26 Times Seen1 Hash 20c7983bb7d39ef1fb9e9cb1c8346e70 a87728f497f968bd03e4f8afc7ec697248e60975 bed2be306f932c7494a53eb2f5586b4cc0f606e81468a823ff561cba93983438 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	93 B	2023-03-07	2023-04-06
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:58 Last Seen2023-04-06 08:01:19 Times Seen43 Hash 7ac1e39b1d744602bc870cf03bcfddd0 73bceab8f4329bd7bdada8df7956249e86a13ffc 3709af90fba20c69446f2ea7e1e5c21101f7109c5b0b885f21d430247af00385 Loading...

	ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966	15 kB	2023-03-08	2023-03-08
Pretty URL ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966 IP 209.151.244.116 ASN #11051 CYBERVERSE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:57:28 Last Seen2023-03-08 19:57:28 Times Seen1 Hash 00d5c81652c3db2dacc235e2e3bedeb4 d4694206f1553bebbdef68e8535142228321a2d1 07f925fb807775f63b434fe7510b6e1cac23277d64d8dc6103b1b2fb9ac944e3 Loading...

	tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103	47 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen201 Hash 9425c8e694426b8078e0ebbaf1299fc2 d07edb40c26273a374d6f6f4863081df3c22de67 013a484e9d90cbc93f749fe4004a1408007f2da1a8a2b5493a502ff98c2ac211 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	235 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen132 Hash e41f80529cf4002c391833271af2f37b 4d7eb0ef27b477b04b992ca50da1c3bb19498c12 3a462ec73996538ce080b96a3e55af30dbedfda9e00e6e9cdd089aac8956a301 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	1.5 kB	2023-03-07	2023-12-29
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33:58 Last Seen2023-12-29 04:03:38 Times Seen53 Hash a46a0a1e4f99984e7805bac546ffdb34 9d7b75ab871a82d36f3989a552e6bd970a9b3878 ea7f500cacb3370c9c268ff1e8829772349270527b95c9c5172e750f65293dc9 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	cdn.trustedform.com/trustedform-1.8.31.js	104 kB	2023-03-08	2023-03-11
Pretty URL cdn.trustedform.com/trustedform-1.8.31.js IP 54.230.111.91 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:24 Last Seen2023-03-11 23:52:09 Times Seen1 Hash 642f630e75dc2888743ef1bcac8f0de0 b152abc46c1fd54f1bc62eb7574a7ef738b29666 c102b5b4bad6ca69014958b96fe4d60157681ea8451ef76a4d11897eed8577ee Loading...

	cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js	18 kB	2023-03-07	2024-04-15
Pretty URL cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-04-15 10:27:43 Times Seen259 Hash 35fd33d8c4423cfffc1d4d3ccc7540e8 838ac66c3ecac6b6136b049bdd0e14f2f022952c 219324a6611109fcb8c440e9e38af1802240ee8f1453d557353cc20cdaaead6e Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	399 B	2023-03-07	2023-05-08
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-05-08 11:53:33 Times Seen4 Hash 5c82890d7436d8ec5f068fb6c7a26c25 2e25a5ad23209c32bc02e4fa3aa982b429c3468e b335bc100f2c8821c1de9742b26482417d79a44e3fcb865125e7e0a5f8f46727 Loading...

	tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?105k5j2022105j12ckl05llk161jkk581000	2.4 kB	2023-03-07	2023-12-29
Pretty URL tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?105k5j2022105j12ckl05llk161jkk581000 IP 13.107.246.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen166 Hash f7082dbcfd1c56c968ab751a3ee9f0b0 930f3fa7714bb7fa94ea7f98e49cbc8c80e41878 505729c526d3287d1e914583830cb41750101d011da93b0e9670c5c397abd08d Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	236 B	2023-03-08	2023-03-08
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:57:28 Last Seen2023-03-08 19:57:28 Times Seen1 Hash 94a95e97d4f31d268bcb0b0952e1d516 c829483044a41d54627f210a1bec162ae4dcf15b 55787ea35b33b7aa98659ffb54ec3456ca1fced57a60ef55f6aec2d504115ee6 Loading...

	www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi	884 B	2023-03-08	2023-03-11
Pretty URL www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:25 Last Seen2023-03-11 23:52:09 Times Seen1 Hash 75bdd4f796ce2dda153c9a1089741461 81de48185468be55b61efe0a0b8da0f3857d29b3 781502b2c2e6484420d5d54184a75cb560e8a823c00ff14b860939115f344f6c Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	1.9 kB	2023-03-08	2023-03-08
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:57:28 Last Seen2023-03-08 19:57:28 Times Seen1 Hash e15af80b3d585d84c3384d4d03567ddb 3dc83e152709ebc197f5c7577c0ee3434a8c1e7c a699858aa4cc1feff0951e8642bd55892e28e019483e49a72bc9843686bb6ee7 Loading...

	monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966	31 B	2023-03-07	2023-04-05
Pretty URL monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 IP 54.161.16.68 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 01:36:18 Times Seen132 Hash f0dd4e668cb669f70d1d71baf4e997d4 d50cf8f2eb31b6051f03ba1415a38c510cf1572e e96f51430063dc23626602bfa108e18b004b9a4f5f87fb2aee1144fed6cfca6c Loading...

	create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2	126 kB	2023-03-07	2024-01-16
Pretty URL create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 IP 172.67.41.229 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2024-01-16 16:52:02 Times Seen739 Hash 97495a102c98049f30e62264b1eb50f5 2826aca635888817ca3869a59dda0f1c53e32788 e3d44f6e098f5d3c6b47bb00453dbb1d58b7848332ffc70fc756009b189ba322 Loading...

	d2m2wsoho8qq12.cloudfront.net/iframe.html?token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4	3.4 kB	2023-03-07	2023-04-05
Pretty URL d2m2wsoho8qq12.cloudfront.net/iframe.html?token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 IP 143.204.42.49 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-04-05 02:09:14 Times Seen430 Hash dd90e68a27b15b3378f44fa576f7cde5 64a9f1d55a2ff24678318bd48fde93fcec154397 5127171a2622e36e3899b78eaea4e123fffbc640879520918c6a3b79b0548037 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9027de80c706edfca79202845a6c7552	22 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 15:47:55 Last Seen2023-03-13 05:24:13 Times Seen1 Hash 9027de80c706edfca79202845a6c7552 2c1e881e00159b49b7b241bd17f93c1788773d2a 77363f7986be93a204a91ba121d26532ec35e7bc651b2cbd5ebf69096ed33f78 Loading...

	#2 Eval - 3546a3cbd082296d178d798889142a9d	22 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 15:47:55 Last Seen2023-03-13 05:24:13 Times Seen1 Hash 3546a3cbd082296d178d798889142a9d 79a87def07861d9335bd36a9f5a15e653acf882e 394d9c39a1fb60f7b8bc78d73d3bfde8cba8a5e839a15101f37fe539d8983623 Loading...

	#3 Eval - bd5d4a79b8b6cde301f570673ad19e18	27 B	2023-03-07	2023-12-29
Pretty Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-29 04:03:38 Times Seen200 Hash bd5d4a79b8b6cde301f570673ad19e18 7de704c433042a1827654062d3e0ec8dc3c9349e 52b43864b9f1786d8c0d2d679562e90dc2a00c9d68ea80188a37d9b01d23dd47 Loading...

	#4 Eval - 74398333e887261f16d67573074982c5	19 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 19:57:28 Last Seen2023-03-08 19:57:28 Times Seen1 Hash 74398333e887261f16d67573074982c5 e7e3f8fec962dbec824cb242080d8d85998171b6 8043359472b33b72988d958d9d1a08a404a0eb1ef93a9070180f3fe1868009ac Loading...

	#5 Eval - d276a813167b497c4a90d8fd4821c67b	64 B	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 15:47:55 Last Seen2023-03-13 05:24:13 Times Seen1 Hash d276a813167b497c4a90d8fd4821c67b 49c6aeaf4992e439e2b89ff75e95f90c685fb815 115c2cd05cb70229863899ca2e056679642ce900998f36d057f93d4c40332a56 Loading...

	#6 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-04-24
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-24 13:01:30 Times Seen37038897 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#7 Eval - 1d8533a4fb344159c56557e4adea0c82	16 kB	2023-03-08	2023-03-13
Pretty Observations First Seen2023-03-08 15:47:55 Last Seen2023-03-13 05:24:13 Times Seen1 Hash 1d8533a4fb344159c56557e4adea0c82 866ad1804bc5f2cd4cd95e73a0684b33b70a13d1 b2114ca8069486d06bb9a9a5f5547e7cfe4fe5ef5447857d285247e2d41bf138 Loading...

	#8 Eval - 1884229cd160674550c4b157dec6f4cc	39 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 19:57:28 Last Seen2023-03-08 19:57:28 Times Seen1 Hash 1884229cd160674550c4b157dec6f4cc bd7e83bc21aff438916a34ba3afe12ed58ba464c 046df412c3a7ad800a4c922590f5af003de406cd74a69c59ec0c8aa320f2569c Loading...

	#9 Eval - 5923e6a91fd004cc0815f0a5494f6368	14 B	2023-03-07	2024-04-21
Pretty Observations First Seen2023-03-07 01:03:43 Last Seen2024-04-21 23:55:26 Times Seen2540 Hash 5923e6a91fd004cc0815f0a5494f6368 6f0cc8f774ac9d8240ffe81a9c659c9612d7bb70 0510de046e8325540849bad09f31eaaa3e9256fafd330c5d57327dc948812a33 Loading...

		Size	First Seen	Last Seen
	#1 Write - e6868732a2c2b9f5ea47cdd0cfc89b31	830 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 19:57:28 Last Seen2023-03-08 19:57:28 Times Seen1 Hash e6868732a2c2b9f5ea47cdd0cfc89b31 a4800ef7742dfac5c720c992be2fca64b5645647 63289fc4428f9e84a7a8cd6ab89351da73802556d783da4e34d2e54ece4a05d9 Loading...

	#2 Write - 2c4aa6bc4d6e0036b06c23fcd4838ff1	15 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 19:57:28 Last Seen2023-03-08 19:57:28 Times Seen1 Hash 2c4aa6bc4d6e0036b06c23fcd4838ff1 49d935d0739a38f693aeafc5090a5694993a5649 64752867e4f6ac1375020b91c95d21e6c7bd0d03e63f9070267d66fd91d59a17 Loading...

HTTP Transactions (104)

URL IP Response Size

monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966

54.161.16.68

301 Moved Permanently

134 B

URL HTTP/1.1
monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966
IP
54.161.16.68:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Tue, 06 Dec 2022 00:58:08 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://monthlysweeps.us:443/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7368
Expires: Tue, 06 Dec 2022 03:00:56 GMT
Date: Tue, 06 Dec 2022 00:58:08 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4553
Cache-Control: max-age=125344
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:08 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:47:12 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 00:20:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2268
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9929
Expires: Tue, 06 Dec 2022 03:43:37 GMT
Date: Tue, 06 Dec 2022 00:58:08 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: XGoGfAoFfhVVPquI/GdJuEQFYvTBTiWXw05ZnQZ4gyv7vVhTfp76WcVXFrhv0eXFT2vFwPxNNe4=
x-amz-request-id: 6F66PH3853K6E2E7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 00:46:53 GMT
age: 675
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 00:58:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b67ecbdd4de8db2d6b6b4998682df264
2beb2d1fc5aa0c8e2afa469548218b4745fe1cfe
494c8432837155643a883eda1d774f02f54064851257014de1d2b72dac7aac81

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=100616
Date: Tue, 06 Dec 2022 00:58:08 GMT
Etag: "638d6768-1d7"
Expires: Wed, 07 Dec 2022 04:55:04 GMT
Last-Modified: Mon, 05 Dec 2022 03:37:12 GMT
Server: ECS (dcb/7ECA)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o0JEB5_lcfFUKBQAQXNu_1Jpec4FQ34J6C8ecLVhjL-eUqTd2auBZA==
Age: 4672

monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966

54.161.16.68

200 OK

9.9 kB

URL HTTP/2
monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966
IP
54.161.16.68:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (939)
Size
9.9 kB (9945 bytes)
Hash
360b03794489f02e80576662460bb8c6
06d353da7f5c23fe7dc6b842108a248e0dc5f5a7
e4c0fef2d104a482dc677da34098cf47c552d8809cadbb3cb696b5da158b61a3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966 HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:08 GMT
content-type: text/html; charset=UTF-8
content-length: 9945
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=p5t099po0os0bchd3pog9umordjtous9; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 00:11:20 GMT
cache-control: public,max-age=3600
age: 2809
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b9e460c077e837add10b7e423b149f6e
cde6854da1c7108d3d6c8184f9a39d2d20ba0c78
874a4babc2bf54d880f94425142d3cce3151d964efd54c8bffec992b064c1be3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4373
Cache-Control: max-age=112560
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Etag: "638d973c-117"
Expires: Wed, 07 Dec 2022 08:14:09 GMT
Last-Modified: Mon, 05 Dec 2022 07:01:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4556
Cache-Control: max-age=120279
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:22:48 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5719
Cache-Control: max-age=162133
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:00:22 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

monthlysweeps.us/assets/css/datepicker.css

54.161.16.68

200 OK

818 B

URL HTTP/2
monthlysweeps.us/assets/css/datepicker.css
IP
54.161.16.68:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (3335), with no line terminators
Size
818 B (818 bytes)
Hash
3240fc33175e0e388f26fbac8bf8cff3
cf1a645948c9ce996e1560b9569f56822c4f9ba8
9077f43ae19f62f65d930304d4f77d3ce23ec0d4ba41e1284dac8702fbc05f96

HTTP Headers

GET /assets/css/datepicker.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966
Cookie: ci_session=p5t099po0os0bchd3pog9umordjtous9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: text/css
content-length: 818
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:06 GMT
etag: "d07-5c80ac2c970f8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.3.1.min.js

69.16.175.42

200 OK

30 kB

URL HTTP/2
code.jquery.com/jquery-3.3.1.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
30 kB (30288 bytes)
Hash
d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44

HTTP Headers

GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670288289.dop221.sk1.t,1670288289.cds257.sk1.hn,1670288289.cds217.sk1.c
X-Firefox-Spdy: h2

cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js

151.101.129.229

200 OK

5.2 kB

URL HTTP/2
cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (17590)
Size
5.2 kB (5199 bytes)
Hash
4c0e8d136f8e41d83cb99f52be04f280
eecf9c91f361ac05dfaa6b7167aea6f0d4ddf7cd
81659fd2d8cc8d38327f4450954654b19dbb8a95a2b1e402e47869f0ca9dddc6

HTTP Headers

GET /jquery.validation/1.15.0/additional-methods.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"4547-g4rGbD7KxrYTawSb3Q4U8vAilSw"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 00:58:09 GMT
age: 3000370
x-served-by: cache-fra-eddf8230100-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5199
X-Firefox-Spdy: h2

monthlysweeps.us/assets/css/loading_icon_1.css

54.161.16.68

200 OK

580 B

URL HTTP/2
monthlysweeps.us/assets/css/loading_icon_1.css
IP
54.161.16.68:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
580 B (580 bytes)
Hash
b6b8913a6a3ad6881037667493551ec5
3daae516738f878875bb15766ca06a2ed9ee442b
cc46b8ab8bf6a609d0c9336a46ef8b217c15fb2ecdef548c5c4d6ce6ebdb52cf

HTTP Headers

GET /assets/css/loading_icon_1.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966
Cookie: ci_session=p5t099po0os0bchd3pog9umordjtous9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: text/css
content-length: 580
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:07 GMT
etag: "db0-5c80ac2ce37a0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

monthlysweeps.us/assets/css/sweeps.css

54.161.16.68

200 OK

1.6 kB

URL HTTP/2
monthlysweeps.us/assets/css/sweeps.css
IP
54.161.16.68:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
1.6 kB (1639 bytes)
Hash
a5c77602d9ceb6c6450244ffb0baf0d1
0a8756bf9ec23f2957f9165941196551cc046cf7
d1bdae39d462d3c7ccb9f86a413c69df0026d2c06558af9b691a0e98bf0cdd4e

HTTP Headers

GET /assets/css/sweeps.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966
Cookie: ci_session=p5t099po0os0bchd3pog9umordjtous9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: text/css
content-length: 1639
server: Apache/2.4.41 (Ubuntu)
last-modified: Fri, 02 Sep 2022 17:56:19 GMT
etag: "172c-5e7b572772120-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3875
Cache-Control: max-age=160289
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 21:29:38 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 280

cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

104.17.24.14

200 OK

6.5 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (20322)
Size
6.5 kB (6458 bytes)
Hash
df9fe6d48e380554eb0ec9687bed3246
207263d754220200c1916edfbda262f62223ecf5
91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9

HTTP Headers

GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 373854
expires: Sun, 26 Nov 2023 00:58:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ek7SjrN3RwVAr4dvA%2FexkB7xdIAhqliaNjdWIHmmFuoCwa5cOaDat2AiRWxE%2FhDpq%2FSogb8587A3u8uKAUhpY1Ck7hANAG%2Fh8UyVSQQIB73KHQ90Cc0PZwQl8dOWT4GycM50oeop"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775112501be5b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js

151.101.129.229

200 OK

7.3 kB

URL HTTP/2
cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (22550)
Size
7.3 kB (7320 bytes)
Hash
17f3f2c0dd873827d21aec4b7c7da443
e10d2e3deff107d85726cb4f14eee82f96f2594e
5f0adea83e4171c32048eafe7032ef01093d96794c62b988fb9935041e35a998

HTTP Headers

GET /jquery.validation/1.15.0/jquery.validate.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"58a0-xaL/AT+jV8HSplcbXY5ljmcAgOo"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Dec 2022 00:58:09 GMT
age: 1788880
x-served-by: cache-fra-eddf8230115-FRA, cache-bma1635-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7320
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ads.pro-market.net/ads/scripts/site-141028.js

23.36.76.128

200 OK

1.1 kB

URL HTTP/1.1
ads.pro-market.net/ads/scripts/site-141028.js
IP
23.36.76.128:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (514), with CRLF line terminators
Size
1.1 kB (1101 bytes)
Hash
540b7c85a21cf48ee81735b2ffcc335f
e5eaedc157c73717aab322629e3f1ad8569bc0a1
aa2916440a5dc9e91cc213dc3503845a97fe91cfd12fe8e6cd92032b675a4da9

HTTP Headers

GET /ads/scripts/site-141028.js HTTP/1.1
Host: ads.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Last-Modified: Tue, 23 Jul 2019 13:39:45 GMT
Server: nginx/1.0.15
Content-Type: application/x-javascript
Content-Encoding: gzip
Content-Length: 1101
Cache-Control: max-age=86400
Date: Tue, 06 Dec 2022 00:58:09 GMT
Connection: keep-alive
Vary: Accept-Encoding

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
83508e2764c69782f1bae91e8b4f62f6
a00ea71e0f3d3be36c287f904ae306e5cb7d32cf
058fcc238e1df7cd76946926f203e4c5cea3f743a259c812199af346c1cbbf43

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4024
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Last-Modified: Mon, 05 Dec 2022 23:51:05 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
83508e2764c69782f1bae91e8b4f62f6
a00ea71e0f3d3be36c287f904ae306e5cb7d32cf
058fcc238e1df7cd76946926f203e4c5cea3f743a259c812199af346c1cbbf43

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4040
Cache-Control: max-age=130575
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Etag: "638ddee8-117"
Expires: Wed, 07 Dec 2022 13:14:24 GMT
Last-Modified: Mon, 05 Dec 2022 12:07:04 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js

104.17.24.14

200 OK

59 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65274)
Size
59 kB (58913 bytes)
Hash
a63b2977b01b6e2d2e2086c3f63a3c9a
560409f64e40f5078e1ba8d496657badd7a3a6ee
4a477bb786727bd8c49a1dbc25dd37dcce7f2ceece74576dffd8a3da739b034f

HTTP Headers

GET /ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 58913
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-46f6d"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 13331463
expires: Sun, 26 Nov 2023 00:58:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4H5qweZ6egKS6VyyShU7l3gdf64tQiD%2Ft%2FYnPsadEPSnR%2BuqQ8lzW6uaPu9757DeyOaXe70Q84IOiK5FBKcGIypc%2FeR8Y6bNzoFO90W5yF1DgEMzGIE9fKzFnjfTtfadjBvA7Ny"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775112505c08b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
b9e460c077e837add10b7e423b149f6e
cde6854da1c7108d3d6c8184f9a39d2d20ba0c78
874a4babc2bf54d880f94425142d3cce3151d964efd54c8bffec992b064c1be3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4373
Cache-Control: max-age=112560
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Etag: "638d973c-117"
Expires: Wed, 07 Dec 2022 08:14:09 GMT
Last-Modified: Mon, 05 Dec 2022 07:01:16 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
3f4ef8a54bffe08abfd72fbbe3b259e8
28770087be63936aabfdd9d802739767c8fca454
642f68596c1c285397713d2b1147f77a94a5e2eadcb8b18632133f1f87276639

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5719
Cache-Control: max-age=162133
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Etag: "638e539f-118"
Expires: Wed, 07 Dec 2022 22:00:22 GMT
Last-Modified: Mon, 05 Dec 2022 20:25:03 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi

142.250.74.132

200 OK

583 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
583 B (583 bytes)
Hash
b411b4a1e7bb27e3166ad9f9a18b0b5b
89af18140b91a4b5bcfda5ba63a8892e68f80c93
061858ed950071974b09307c5d1250a7d2c1c2a0847dcef1e5378ef0afebcaa3

HTTP Headers

GET /recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Tue, 06 Dec 2022 00:58:09 GMT
date: Tue, 06 Dec 2022 00:58:09 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
01d5f0bc745607029db69018cebc8424
482ebd293354315c14a08694eabc42d80f87ecf2
639f03d8620461367fd91af6746c26780c6f9b65390347eda96a6e15636b7231

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 00:58:09 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "345CC975D2B66C9F12835CE19F73F6D5939BD9D5"
Expires: Tue, 06 Dec 2022 11:00:00 GMT
Last-Modified: Mon, 05 Dec 2022 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3560
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775112508d50b4f3-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
83508e2764c69782f1bae91e8b4f62f6
a00ea71e0f3d3be36c287f904ae306e5cb7d32cf
058fcc238e1df7cd76946926f203e4c5cea3f743a259c812199af346c1cbbf43

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4024
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Last-Modified: Mon, 05 Dec 2022 23:51:05 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

monthlysweeps.us/assets/js/datepicker.js

54.161.16.68

200 OK

5.3 kB

URL HTTP/2
monthlysweeps.us/assets/js/datepicker.js
IP
54.161.16.68:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (16878)
Size
5.3 kB (5285 bytes)
Hash
6c28af1b6fa9301701dfefc5dbfe5159
134cfa1c0a5a837f002034b8ea1a8c6243b96bac
4a47c7c7ccb099528d7387eadcc4989bbbc17d75981507635d015da4711bb932

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/datepicker.js HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966
Cookie: ci_session=p5t099po0os0bchd3pog9umordjtous9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: application/javascript
content-length: 5285
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:09 GMT
etag: "42ac-5c80ac2fab258-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2

172.64.133.15

200 OK

78 kB

URL HTTP/2
use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Size
78 kB (78268 bytes)
Hash
d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

HTTP Headers

GET /releases/v5.15.4/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: font/woff2
content-length: 78268
x-amz-id-2: Wjg64c/JJ4jV+hjKu5tLv222OipCY8lvXM3o0wVJYvGap35GDqGnPjy+UsrY/GJQmNfLMzIfdaw=
x-amz-request-id: 4FDRRP263103MTHE
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
etag: "d824df7eb2e268626a2dd9a6a741ac4e"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Uz%2FArqAFUqpyKTiE9Xqtjo8pZTFCBL995H0i7g7jA7bQx%2FFfD8Y%2B6D6u8VdL%2F%2B%2FB8FjrcpKRG5uRy%2BzoDuhMlm4oArPX69FQj0wR3qjH0yY3HFsedanp5n%2BM9%2BNzv8gu2%2BLrR4B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775112511d800712-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.89.114.252

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.114.252:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N1EN9eKqh2c0fIcXXBmF6A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ptOhaVF5+y+TyNkASwZBLVRt5kE=

fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

142.250.74.35

200 OK

18 kB

URL HTTP/2
fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17908, version 1.0\012- data
Size
18 kB (17908 bytes)
Hash
e46b4e2e3b47cc232937ebf72b4c537e
2675bc06ee643b8c935370325a327efb74746e6a
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

HTTP Headers

GET /s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17908
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:31:58 GMT
expires: Tue, 05 Dec 2023 21:31:58 GMT
cache-control: public, max-age=31536000
age: 12371
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

monthlysweeps.us/assets/img/sweepstakes250/one.png

54.161.16.68

200 OK

801 B

URL HTTP/2
monthlysweeps.us/assets/img/sweepstakes250/one.png
IP
54.161.16.68:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Size
801 B (801 bytes)
Hash
03744c9d39310c5d2af2cf2a23616580
603f0d70ddc7d77f6341dc0caf9e0740b33ae061
afbc2f9fe529022b98f966b254c8d3173a40998fdd01ee3739df99a8a3169a0b

HTTP Headers

GET /assets/img/sweepstakes250/one.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966
Cookie: ci_session=p5t099po0os0bchd3pog9umordjtous9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: image/png
content-length: 801
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:31 GMT
etag: "321-5429f55d7e9c0"
accept-ranges: bytes
X-Firefox-Spdy: h2

monthlysweeps.us/assets/img/sweepstakes250/two.png

54.161.16.68

200 OK

915 B

URL HTTP/2
monthlysweeps.us/assets/img/sweepstakes250/two.png
IP
54.161.16.68:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Size
915 B (915 bytes)
Hash
a1914f8236d7704856f5c5762e86c109
ea40712fad474fab16b7e2f1505bcb42302cd6ec
6c21621aeb7ad165ee758074b65bbf2fa35498a74320a940c52a3208375ef26d

HTTP Headers

GET /assets/img/sweepstakes250/two.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966
Cookie: ci_session=p5t099po0os0bchd3pog9umordjtous9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: image/png
content-length: 915
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:30 GMT
etag: "393-5429f55c8a780"
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

142.250.74.35

200 OK

23 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:22 GMT
expires: Fri, 01 Dec 2023 12:29:22 GMT
cache-control: public, max-age=31536000
age: 390527
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

142.250.74.35

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 546421
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

monthlysweeps.us/assets/img/campaign/1253_bg.jpg

54.161.16.68

200 OK

475 kB

URL HTTP/2
monthlysweeps.us/assets/img/campaign/1253_bg.jpg
IP
54.161.16.68:0
ASN
#14618 AMAZON-AES

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1080, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], progressive, precision 8, 1920x1080, components 3\012- data
Size
475 kB (474838 bytes)
Hash
9f9ec0bd4b699f784446c17a1273a4ac
e79666717b7b004f554e6bfec1d073b4627ed3a7
9b092cd2a17b5e84e2e12622d1cad8c40f2df0aa44a8b0d7a320a1e1209aca41

HTTP Headers

GET /assets/img/campaign/1253_bg.jpg HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966
Cookie: ci_session=p5t099po0os0bchd3pog9umordjtous9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: image/jpeg
content-length: 474838
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 18:54:27 GMT
etag: "73ed6-5d7ae7abcb0c8"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
8a4bdfd8270e7fdb6d3194f5d79364c8
8d3d119b4c029029f4241e5955cbbc9612812720
97ac405f1be6fa17fa454f7d7900331eafa05d84e06b7af867b4df5493edb3ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 00:58:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 14:10:14 GMT
Expires: Mon, 12 Dec 2022 14:10:13 GMT
Etag: "8d3d119b4c029029f4241e5955cbbc9612812720"
Cache-Control: max-age=565323,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775112515801b527-OSL

ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966

209.151.244.116

200 OK

700 B

URL HTTP/1.1
ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (852), with CRLF line terminators
Size
700 B (700 bytes)
Hash
3039e2a356159d981d4373ef5f0dfdbd
d6c11a36ff3df2b045a7bfc94dcac7d9a71c412b
45f44335a8da78da9e0b6809b87b1e44ebab885203a104a2a7cd05b3f3144d97

HTTP Headers

GET /generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966 HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 110
Date: Tue, 06 Dec 2022 00:58:09 GMT
Content-Length: 700

ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966

209.151.244.116

200 OK

4.8 kB

URL HTTP/1.1
ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document, ASCII text, with very long lines (15041), with CRLF line terminators
Size
4.8 kB (4803 bytes)
Hash
e4bcbced702e5480d3470d1ed22e102d
6d92886ccd9708b9a702c8fa2f9149d0be7cc333
d3cf190c31fb3a273ccf73471fe0103a24ec05c3d5f39ebeec473ee5bcbefb81

HTTP Headers

GET /GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1253169444874966&subid=1253169444874966 HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 110
Date: Tue, 06 Dec 2022 00:58:09 GMT
Content-Length: 4803

tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif

13.107.246.53

200 OK

43 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /amsus/ldsapi/assets/images/spacer.gif HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
content-type: image/gif
content-md5: MlRyYBVx8x4b8AZ0w2jTNQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 72a73fa5-801e-003b-6d9c-0816ad000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0nJOOYwAAAABjvjXmfG1BQbSJouBYqN75QU1TMDRFREdFMTgxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0opOOYwAAAABIXsHcvFjqRJimf+wFO2XPU1ZHMjBFREdFMDYxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 06 Dec 2022 00:58:10 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419

13.107.246.53

200 OK

520 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (520), with no line terminators
Size
520 B (520 bytes)
Hash
004c48ee12ed64e223dae51fffda80ca
a3a70b71586d8573a400bd4a2a0eb9bf8ec39c17
735903b0b0ffc434c5dd315d19c20594526dd23bcc44480e69edfbe20f4fb117

HTTP Headers

GET /amsus/ns/assets/awesome-font/font-awesome.css?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 520
content-type: text/css
content-md5: AExI7hLtZOIj2uUf/9qAyg==
last-modified: Fri, 21 May 2021 11:01:09 GMT
etag: 0x8D91C47BDA9A147
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 727d9bd2-001e-004c-268c-0593ec000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0j52KYwAAAAB5qNkjpEcOToeABktVenu4QU1TMDRFREdFMTgxNQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0opOOYwAAAABOMw8Vl9iHRYrleuSkjdynU1ZHMjBFREdFMDYxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 06 Dec 2022 00:58:10 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103

13.107.246.53

200 OK

17 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (3119)
Size
17 kB (16678 bytes)
Hash
2a65636a4289b2131e1dfac93fc11f69
02d0c4c899d359228bf91f107c0aafc7e8bf2148
c2a9917f03e73bda930682a45890bdb572012784d76f0b59ba213fe99701016a

HTTP Headers

GET /amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: E4ptMzZLxbawD4B7RV5YCQ==
last-modified: Wed, 03 Nov 2021 09:07:36 GMT
etag: 0x8D99EA961032FA1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: e4314bb8-401e-0062-668c-05132b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0vNmLYwAAAADhii8D8w0DSrfBxlooUMOVQU1TMDRFREdFMTgwNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0opOOYwAAAABoHQEn8R6wQqrGGO9SCRFdU1ZHMjBFREdFMDYxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 06 Dec 2022 00:58:10 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20221201a

13.107.246.53

200 OK

25 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20221201a
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65536), with no line terminators
Size
25 kB (24867 bytes)
Hash
fa50968d834485700236db7d16f23811
e630fc0ebec458dbff0b4263041efe20f8045402
b9089e72b76798713e70f8fbc1636689353e28d0747203bbe6be424552c0fc9e

HTTP Headers

GET /amsus/ldsapi/assets/script/common.min.js?version=20221201a HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: Q2FixwQ4/l1iWfvwzPEm4A==
last-modified: Thu, 01 Dec 2022 13:55:22 GMT
etag: 0x8DAD3A3B0E3B40B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 29e3c67c-901e-002f-02c6-08d5c9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0mxuOYwAAAAA4mgU4bcImRqZ8ydq/r1ByQU1TMDRFREdFMTgxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0opOOYwAAAADvbk/bU8qIT6eH8FInH3iaU1ZHMjBFREdFMDYxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 06 Dec 2022 00:58:10 GMT
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15732 bytes)
Hash
b5e953213b7b13b8ee202406147fac52
67a09d8cd23ed444667b225f7fbf4bb17b9f42dd
cf6b2502f0a992148f9401c16a329cae5a6c21fb81f03131f3e69c58bc608110

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42536ef2-6e40-4541-ac60-0ff74058daa7.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15732
x-amzn-requestid: 7467ddb0-b9f9-47e9-ac31-c7599fe45698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csVIIESBIAMFU6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e689a-79e3f8b66e1cf72f3283ac5b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:54:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3seQ7H4qrlKKpuIWUobiey92ZMkB4jWqd5v6T6379g0V0y6XdVFvWQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:21 GMT
age: 9349
etag: "67a09d8cd23ed444667b225f7fbf4bb17b9f42dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?105k5j2022105j12ckl05llk161jkk581000

13.107.246.53

200 OK

10 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?105k5j2022105j12ckl05llk161jkk581000
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (8788), with no line terminators
Size
10 kB (10007 bytes)
Hash
f9a9907c3325300c4a7624e01a5fbf08
c7b9946dabfd8447ed1d4da327a82fb12cb19c2e
b83833b3d482ef8885dc600d7aaa47154433b7320cb42d63f4dbfec18d7d52df

HTTP Headers

GET /amsus/ns/css/13488000.min.css?105k5j2022105j12ckl05llk161jkk581000 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
content-encoding: br
content-md5: WEcI6Omll5/fQKo/f35d8g==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4EA477
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 3472ce4c-b01e-0055-2e0d-09bf84000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0nJOOYwAAAAAcrJEuImIyRKkb8KVdWjCoQU1TMDRFREdFMTgxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0opOOYwAAAACklLvPUHpQTa5Gk1N54nLGU1ZHMjBFREdFMDYxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 06 Dec 2022 00:58:10 GMT
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9354 bytes)
Hash
2e11524d75503e35c404d6c9a12ac540
5626b75f5c2523f1a0fc301839a06a4e2407f106
d5eb74d026014c0a68893bde1107a9a111b1f0af835e28bb740308017ef80b7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9354
x-amzn-requestid: fb2dad44-2f8c-4f02-bbc5-405e9586e5af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmctYGLdoAMFyDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e55-28b5680933de0ff4208240be;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9DoDl2ynVT-wtTVbAsUO7LoGG8T559DkLEfVf8ALbnAGcjajBq25yQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:36:28 GMT
age: 76902
etag: "5626b75f5c2523f1a0fc301839a06a4e2407f106"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6422 bytes)
Hash
2409529ecac5140de749d864da85af0d
99f431b4ca446996dbacb969440e2ecfb11fd9e0
81b379b16874d6644b0cf63e02c5174e44a40ab7cb4f4727bb96ad44bfcaa72f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6422
x-amzn-requestid: 7c6de5da-a534-4b39-ba5a-b3613404bbaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnAaTEHuIAMFuKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4774-01fdb62864e594235b569f78;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:08:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iNIswtAzDZrcEhTO1li8CCP7VfwpfFdP8gJPCcm222TGPA2JSlMJRw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 07:25:07 GMT
age: 63183
etag: "99f431b4ca446996dbacb969440e2ecfb11fd9e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12293 bytes)
Hash
53afd826523f4c18bf968764818d7ca7
9a26884875abb0652c568c50438b65f801779f9a
4f9dfeda67a040fef9c6987a7c334a91c993c84f694fa91771fcf7fd1d2e4937

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba08976-65c4-4b8b-9ef1-92055a7b5235.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12293
x-amzn-requestid: 49891ceb-3f74-4e83-8064-f54fc8b30961
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyGHPOIAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-651e4e0c55257bcc553cd176;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4f0QQ4-21m-DiP4oUtIG75_vremc835laqhfDerlqCuW-WyKClvc9Q==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:29:38 GMT
age: 8912
etag: "9a26884875abb0652c568c50438b65f801779f9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n

13.107.246.53

200 OK

11 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (5818), with no line terminators
Size
11 kB (10567 bytes)
Hash
bb688e2bc67fcdb645690b90fe53d150
26e81666a22d07ab00a1011d1f983360d0fad9e3
5aa048f9d6e2759858855f7cce0ff9e1937bf7663cb43e0ec330442a7f10b94e

HTTP Headers

GET /amsus/ldsapi/assets/script/standard.min.js?version=20220221n HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: YTnb0ehLGLRubF63e3IyDA==
last-modified: Mon, 21 Feb 2022 16:55:53 GMT
etag: 0x8D9F55B05E46BD0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: b11d75d8-601e-0075-59c6-08d348000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0mxuOYwAAAABm7p2IpoVvRJ1MqMvj7yJ7QU1TMDRFREdFMTgxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0opOOYwAAAAAhLGMt05E9RLmkdqE51QrPU1ZHMjBFREdFMDYxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 06 Dec 2022 00:58:10 GMT
X-Firefox-Spdy: h2

ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsPlacement.aspx?hKey=1321695792&affid=1253169444874966&subid=1253169444874966&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=

209.151.244.116

200 OK

661 B

URL HTTP/1.1
ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsPlacement.aspx?hKey=1321695792&affid=1253169444874966&subid=1253169444874966&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
661 B (661 bytes)
Hash
92b2cc1abdbe4ac110d8bc2ec13fb725
8a9dc650c6c9a1cf4802d925ec67f61afd7d1ceb
149317a25a0e606006654db4e9eff62b3a145c2167d18cb37c9e465b2201f931

HTTP Headers

POST /ManageImpressions/ReportViaJsPlacement.aspx?hKey=1321695792&affid=1253169444874966&subid=1253169444874966&Placement=13488000&Publisher=139136&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 110
Date: Tue, 06 Dec 2022 00:58:10 GMT
Content-Length: 661

ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1321695792&affid=1253169444874966&subid=1253169444874966&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=

209.151.244.116

200 OK

709 B

URL HTTP/1.1
ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1321695792&affid=1253169444874966&subid=1253169444874966&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (351), with CRLF line terminators
Size
709 B (709 bytes)
Hash
4d031c65a98de051ece73418373ce785
ca683b80201bdebcbc0a88a55faa0ee1df1e04e8
de0f2545a89742549781faeded7af996e5833a515cace1738558281f567306a5

HTTP Headers

POST /ManageImpressions/ReportViaJsCampaign.aspx?hKey=1321695792&affid=1253169444874966&subid=1253169444874966&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 110
Date: Tue, 06 Dec 2022 00:58:10 GMT
Content-Length: 709

tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0

13.107.246.53

200 OK

84 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format, TrueType, length 83760, version 1.0\012- data
Size
84 kB (83760 bytes)
Hash
fdf491ce5ff5b2da02708cd0e9864719
7f2f3c55c2de192387c351b995115f6b79e09173
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

HTTP Headers

GET /amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://tmgassets.azureedge.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 83760
content-type: font/woff
content-md5: /fSRzl/1stoCcIzQ6YZHGQ==
last-modified: Fri, 21 May 2021 11:01:16 GMT
etag: 0x8D91C47C18878E8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: c2412954-001e-0047-53da-058b98000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0vdmLYwAAAADc5VFlEzlsQLxmETWNBGfFQU1TMDRFREdFMTkxMQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
access-control-allow-headers: *
access-control-allow-methods: GET
x-azure-ref: 0o5OOYwAAAACg/bJkaTMnRr+k1gch0sltU1ZHMjBFREdFMDYxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 06 Dec 2022 00:58:11 GMT
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419

13.107.246.53

200 OK

1.0 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2046), with no line terminators
Size
1.0 kB (1007 bytes)
Hash
c961867cd28f6b7eaf7a72ece2836b98
a76de84ac342cca7483ef05bc5b91b604284e789
f87e9c4a4c935c100f3fc7f0ecd529cf533cd849e562baf08e610f298b30af5d

HTTP Headers

GET /amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: Shzc0tuaykHxXX+tfi+uUQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 4ccf1ae0-c01e-0037-1169-07f85c000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0vNmLYwAAAAA4BsZG6OK5Q7xIQVL/jyjkQU1TMDRFREdFMTkyMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0opOOYwAAAABiSkIveIJnQ49a27cZxXzcU1ZHMjBFREdFMDYxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 06 Dec 2022 00:58:10 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
21f270d052434dd169f4fdb0bd8b9d91
39fd3a80c31a199c13b849d51e9e8f648c3cf9a0
360cefdf1e071afbf53c75da674d9a7a54691a3cae43796d1ee4901464d47244

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5232
Cache-Control: max-age=160564
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:11 GMT
Etag: "638e4f67-117"
Expires: Wed, 07 Dec 2022 21:34:15 GMT
Last-Modified: Mon, 05 Dec 2022 20:07:03 GMT
Server: ECS (amb/6B92)
X-Cache: HIT
Content-Length: 279

monthlysweeps.us/go/api/zip/undefined?get_param=value

54.161.16.68

200 OK

111 B

URL HTTP/2
monthlysweeps.us/go/api/zip/undefined?get_param=value
IP
54.161.16.68:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with no line terminators
Size
111 B (111 bytes)
Hash
4072747d6757278fe77c6970474ad27d
7404af04b7ef1db62f26e0a08fe82ab5a184e901
7d911cc2e66702b54cfca359fb39a67a65259e9ed6706c4a78516d20a4670e6f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /go/api/zip/undefined?get_param=value HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966
Cookie: ci_session=p5t099po0os0bchd3pog9umordjtous9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:11 GMT
content-type: application/json; charset=UTF-8
content-length: 111
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: ci_session=p5t099po0os0bchd3pog9umordjtous9; path=/; HttpOnly; SameSite=Lax
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
bbd589d4e23e54423dbf2153a0fb0d59
1e4df05341a0f788f4d9369c8d4db3a0bfc9aaf0
c24c1e99ef536f743d2c5afc444c3d7af61bfdc04609c31032796f07cebd9043

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=167600
Date: Tue, 06 Dec 2022 00:58:11 GMT
Etag: "638e68c5-1d7"
Expires: Wed, 07 Dec 2022 23:31:31 GMT
Last-Modified: Mon, 05 Dec 2022 21:55:17 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cg021H5yMug2aP3kelZR1q95aqkJ8z5h9nvPH9aQ_OpYN--Vx85K0Q==
Age: 5774

www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js

142.250.74.35

200 OK

163 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (730)
Size
163 kB (162976 bytes)
Hash
79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6

HTTP Headers

GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 19:09:57 GMT
expires: Tue, 05 Dec 2023 19:09:57 GMT
cache-control: public, max-age=31536000
age: 20894
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16702882886110.49328869304913125&invert_field_sensitivity=false

50.17.203.65

301 Moved Permanently

134 B

URL HTTP/2
api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16702882886110.49328869304913125&invert_field_sensitivity=false
IP
50.17.203.65:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /trustedform.js?provide_referrer=false&field=trusted_form&l=16702882886110.49328869304913125&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Tue, 06 Dec 2022 00:58:11 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16702882886110.49328869304913125&invert_field_sensitivity=false
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-2865935.js?sv=6

143.204.55.84

200 OK

3.5 kB

URL HTTP/2
static.hotjar.com/c/hotjar-2865935.js?sv=6
IP
143.204.55.84:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (5909)
Size
3.5 kB (3488 bytes)
Hash
03cc8d247cdcfc5002dec847ad4c23f9
00ee6aed69650ed7e5c387fbb0681ed2cb1e2a86
12c4ddf55646a6097616ba1a8be9ae7c4f02b945da4880dbc116a01e0bda8701

HTTP Headers

GET /c/hotjar-2865935.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 06 Dec 2022 00:58:05 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/6fe26606aad962064edcb2ce493896e8
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9d87j5h2Yd1AXQRmNv1Q3aN1_4DgGnPO-hSlXLT8lIa8lA5YB-H47Q==
age: 6
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
b2c0872722a0e6661e874164af625ad2
63d9fbdbd81f6acbbe32e42b9171c1b204b21dab
04130437871bc125e1fe68b6f3323099d0e2c7a04cab0d1eb265b4165e2224c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 00:58:11 GMT
Last-Modified: Mon, 05 Dec 2022 23:58:22 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: d10wr2RlBIC10OKDXrlNN5JYAtifZOn0Ypq8HAOVJWJg5-zMJMT54w==
Age: 3589

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 06 Dec 2022 00:41:08 GMT
expires: Tue, 06 Dec 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 1023
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

monthlysweeps.us/favicon.ico

54.161.16.68

200 OK

5.4 kB

URL HTTP/2
monthlysweeps.us/favicon.ico
IP
54.161.16.68:0
ASN
#14618 AMAZON-AES

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
5.4 kB (5430 bytes)
Hash
b0a102991e7332643ae57365023c00c8
4ea4c55c982e08bda104d2e8e981594c067cef24
1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/4mmjuy/key/0ca2876053d8f7fb9b0a65e86c3b4c54/aid/16944/s1/4874966
Cookie: ci_session=p5t099po0os0bchd3pog9umordjtous9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:11 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:08 GMT
etag: "1536-5c80ac2e78fe8"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

d2m2wsoho8qq12.cloudfront.net/iframe.html?token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4

143.204.42.49

200 OK

1.4 kB

URL HTTP/1.1
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP
143.204.42.49:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.4 kB (1449 bytes)
Hash
ef825b8a88a51cd76a51d08dfc1d4f99
5bf247bd91a4be0c3b76a70ec8e5e462de0e9f3b
2ac453ec379c3e7b0fa69b810ecf2d6771de3e7611a2599a20f8e8ce9a240af1

HTTP Headers

GET /iframe.html?token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Wed, 30 Nov 2022 13:27:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Mon, 05 Dec 2022 19:26:23 GMT
ETag: W/"63875a4b-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8w_y38dtzNYja8Eqfj9hVTO3QD9tyFkehfKbYGoeS4skvR77yA417w==
Age: 19994

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
d66f2744889a50faa666df0c3e04f24e
fcbb5b15d67c71896f1c516b34f81878dc0ecd4c
59da788eec0d6a20607c9b53323ce0293aa8436a4f782b091a2b6f655f05f6bd

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 00:58:12 GMT
Etag: "638d68bb-1d7"
Last-Modified: Tue, 06 Dec 2022 00:05:09 GMT
Server: ECS (dcb/7F37)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WPkldpmOtKZbTZCbY_0WMfMlkzfN1ZWWprjYXBvxNMpwM39_RjFybQ==
Age: 3183

ldsapi.tmginteractive.com/api/hitsnap.ashx

209.151.244.116

200 OK

21 B

URL HTTP/1.1
ldsapi.tmginteractive.com/api/hitsnap.ashx
IP
209.151.244.116:0
ASN
#11051 CYBERVERSE

File type
JSON data\012- , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
8736cdfe08480bca66cffeee06268705
81af0417f969f93848b1cf30fce1db93884facc1
838a7c62adda8d131d694ae13ba2c5b73579aeb0f327d9f23e23880943a8a289

HTTP Headers

POST /api/hitsnap.ashx HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 10688
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 110
Date: Tue, 06 Dec 2022 00:58:12 GMT
Content-Length: 21

script.hotjar.com/modules.d53d96d4fefc0e537bd8.js

143.204.55.46

200 OK

69 kB

URL HTTP/2
script.hotjar.com/modules.d53d96d4fefc0e537bd8.js
IP
143.204.55.46:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48714)
Size
69 kB (68700 bytes)
Hash
6f3e85a9867f8c1e87f393ee1344782f
9a3e0b1e33cd0bca903fbdb82e43aa71ec23d165
80cf78eadecdac25834fa2be80c9a96f5eba43069c0295d800ec8d14123f7fba

HTTP Headers

GET /modules.d53d96d4fefc0e537bd8.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68700
date: Mon, 05 Dec 2022 14:58:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "6f3e85a9867f8c1e87f393ee1344782f"
last-modified: Mon, 05 Dec 2022 14:57:50 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BJ3gqM5FS5sVrlXy6TMXfNIYCn40KKgL52_tnoLe5_Y2UqzR8CfeSA==
age: 36006
X-Firefox-Spdy: h2

cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16702882886110.49328869304913125&invert_field_sensitivity=false

54.230.111.91

200 OK

3.3 kB

URL HTTP/2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16702882886110.49328869304913125&invert_field_sensitivity=false
IP
54.230.111.91:0
ASN
#16509 AMAZON-02

File type
data
Size
3.3 kB (3293 bytes)
Hash
8a1e58e87c25a8c423659dbd6214d1f7
d3f835af637b5557c46ce89dc232b03e825b77c4
b0834fcb85f3116f23185bd4e6f7b43cdb2ded8611ac1261493732216e290aa3

HTTP Headers

GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16702882886110.49328869304913125&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monthlysweeps.us/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 06 Dec 2022 00:58:13 GMT
last-modified: Tue, 29 Nov 2022 19:24:00 GMT
x-amz-version-id: jCFTHa4_D.dnuiumCq7.wUY_tmObizl8
etag: W/"226cf2375a4ea1f8ea8315621d70424b"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ATdJ4JcMvR_AhlgvEAljs3hLkoTZTVi031c3tC93ICDgphKynb18JA==
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
964212c5724019b81896b578eae408ed
1c00d9d238d85926e6508cbfa5927c8e336e2a82
6fc5276b2465812b0c4dce609c1b1bf17e9fda6f5c47f3cb6d28eee8a1eb2864

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 06 Dec 2022 00:58:13 GMT
Last-Modified: Mon, 05 Dec 2022 23:16:41 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eotg4CPeP8puJ37uOr6-2qQHGFLAQjiTpLbuGiyq9Bh8PaBtmcdMvw==
Age: 6092

vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

143.204.55.101

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP
143.204.55.101:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1035 bytes)
Hash
e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d

HTTP Headers

GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HAEQvY85wmV3kWFPFh92uk4UiHeKOZe0TzI_JSb7oh0ThHCidWSHGg==
age: 1079287
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 00:58:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

vc.hotjar.io/sessions/2865935?s=0.25&r=0.027085426717885053

54.230.111.91

204 No Content

0 B

URL HTTP/2
vc.hotjar.io/sessions/2865935?s=0.25&r=0.027085426717885053
IP
54.230.111.91:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sessions/2865935?s=0.25&r=0.027085426717885053 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Tue, 06 Dec 2022 00:58:13 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xFNq6Hrn-Zp15_sDNJjQNI4sWy1NodtC9sax9P4NFXmPhzGT7Gjjhw==
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-39232759-1&cid=241216176.1670288290&jid=1251357078&gjid=1383210407&_gid=1062259777.1670288290&_u=IEBAAEAAAAAAACAAI~&z=555680800

108.177.14.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-39232759-1&cid=241216176.1670288290&jid=1251357078&gjid=1383210407&_gid=1062259777.1670288290&_u=IEBAAEAAAAAAACAAI~&z=555680800
IP
108.177.14.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-39232759-1&cid=241216176.1670288290&jid=1251357078&gjid=1383210407&_gid=1062259777.1670288290&_u=IEBAAEAAAAAAACAAI~&z=555680800 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://monthlysweeps.us
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Dec 2022 00:58:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20221201a

13.107.246.53

200 OK

1.0 kB

URL HTTP/2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20221201a
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (3045), with no line terminators
Size
1.0 kB (1017 bytes)
Hash
fdb9108fbad8d0510b74a6e72e3ed534
60e4dcd8fcaa28f71fd83ffb6e605f9859232107
c9221397f6bc7f92c721afbb9d715c736ce99f2f2778e76787a5d6ae06c70cd8

HTTP Headers

GET /amsus/ldsapi/assets/script/common-extentions.min.js?20221201a HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: G3v7pHqbSC0Gvp9zsfwXIA==
last-modified: Wed, 09 Jun 2021 12:26:50 GMT
etag: 0x8D92B41DB6898DE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 429cc71f-801e-0030-522e-080ed9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0mVaNYwAAAAAXVhZ3kF3aSKZ3facucyiaQU1TMDRFREdFMTkxNQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0opOOYwAAAACngm7+7GXsS60QjwPQ3uC9U1ZHMjBFREdFMDYxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 06 Dec 2022 00:58:10 GMT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 357010
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&uuid=f1599afcefac45bea7014be62fda95d2

54.156.11.63

200 OK

16 kB

URL HTTP/2
create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&uuid=f1599afcefac45bea7014be62fda95d2
IP
54.156.11.63:0
ASN
#14618 AMAZON-AES

File type
data
Size
16 kB (15572 bytes)
Hash
579bd8be420328ee775a3ad367980780
116d00f4a422b5a50e42dd60bce603d0accb7767
60ae45872473fa1dd087f37824393316016a9c2ff5318c5bd7f189052c773115

HTTP Headers

GET /2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&uuid=f1599afcefac45bea7014be62fda95d2 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:13 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 05-Jan-2023 00:58:13 GMT; Max-Age=2592000; path=/
rguserid=664ec901-d218-4eb4-be20-965437ec3512; expires=Thu, 05-Jan-2023 00:58:13 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 05-Jan-2023 00:58:13 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 05-Jan-2023 00:58:13 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

api.trustedform.com/certs

50.17.203.65

201 Created

475 B

URL HTTP/2
api.trustedform.com/certs
IP
50.17.203.65:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Size
475 B (475 bytes)
Hash
0ed6539d0ee6ae2da76b0e4fc8b37954
369475e8506b5c72d0f30b0a00f7c09371842a33
bd68495648627ac4071e7c94c815a6f2b02d7fdde8970b0c6279c9554e938a81

HTTP Headers

POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 647
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 201 Created
date: Tue, 06 Dec 2022 00:58:13 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

cdn.trustedform.com/trustedform-1.8.31.js

54.230.111.91

200 OK

38 kB

URL HTTP/2
cdn.trustedform.com/trustedform-1.8.31.js
IP
54.230.111.91:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (65536), with no line terminators
Size
38 kB (37653 bytes)
Hash
dc54edd373e6a9a9bf8e9667d23ef607
d7efff4077adb1eb18277f74e4bea701ceae215f
f1c645e1befa0b144e73d321340a82f4edf95416ec221f9fefff09ccbd309d39

HTTP Headers

GET /trustedform-1.8.31.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 19:24:00 GMT
x-amz-version-id: zyVp10qBIDUkm0kSLQCBEAAE6CiOCr9w
server: AmazonS3
content-encoding: gzip
date: Tue, 06 Dec 2022 00:58:07 GMT
etag: W/"642f630e75dc2888743ef1bcac8f0de0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ehN9hbizla5ySUrnrouaHmBS7Yx4Ac3aDGXNZABONrnB2K4XzSB9jQ==
age: 11
X-Firefox-Spdy: h2

api.trustedform.com/certs/a53107479e4adf35361f62fdaa5966fcd864c891/fingerprints

50.17.203.65

204 No Content

0 B

URL HTTP/2
api.trustedform.com/certs/a53107479e4adf35361f62fdaa5966fcd864c891/fingerprints
IP
50.17.203.65:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/a53107479e4adf35361f62fdaa5966fcd864c891/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 262
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Tue, 06 Dec 2022 00:58:14 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

api.trustedform.com/certs/a53107479e4adf35361f62fdaa5966fcd864c891/events

50.17.203.65

204 No Content

0 B

URL HTTP/2
api.trustedform.com/certs/a53107479e4adf35361f62fdaa5966fcd864c891/events
IP
50.17.203.65:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /certs/a53107479e4adf35361f62fdaa5966fcd864c891/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 226
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Tue, 06 Dec 2022 00:58:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: 
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 9308
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?105k5j2022105j12ckl05llk161jkk581000

13.107.246.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?105k5j2022105j12ckl05llk161jkk581000
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ns/js/13488000.min.js?105k5j2022105j12ckl05llk161jkk581000 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: 9wgtvP0cVsloq3UaPunwsA==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4E2F58
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: b38749cd-501e-0039-0e0d-091457000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0nJOOYwAAAACk/BlqhbhvSaLvQ83zX3f3QU1TMDRFREdFMTkyMQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0opOOYwAAAABhuLn3WWEhTo7b7W6JCLgSU1ZHMjBFREdFMDYxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 06 Dec 2022 00:58:10 GMT
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=4&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&_=948737956

54.156.11.63

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&_=948737956
IP
54.156.11.63:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/InitFormData?msn=4&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&_=948737956 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 944
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:13 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 05-Jan-2023 00:58:13 GMT; Max-Age=2592000; path=/
rguserid=03116ec7-9277-4541-b957-97cc0dd03af6; expires=Thu, 05-Jan-2023 00:58:13 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 05-Jan-2023 00:58:13 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 05-Jan-2023 00:58:13 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.15.4/css/fontawesome.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.15.4/css/fontawesome.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.15.4/css/fontawesome.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: text/css
x-amz-id-2: UNf8WN1n3SkeNMFfRIT3bWAidjX5IodvEC2mVlah+eBi8Tl8FpPFSssxDwKKafORJFVR/1odifs=
x-amz-request-id: C6WEX3JBT8HMCZSS
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a227f005fa7ae066c1068ac4b963514c"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GS0nT6UA7Ft3%2BPDXcaEkRG02mGnvzj%2FEVIXX3FSik6SQUjwjg7EOyoDWB9YqGNBFzm4DYHP%2F%2FM7orxmD8PBh0gFpvA4SyxMk8FRadiPz5Tnm%2BpnFVIy4NVYa72HiPU38qkKBQ%2Bqm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775112507d190712-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato:400,700|Oswald:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 00:58:09 GMT
date: Tue, 06 Dec 2022 00:58:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=3&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&_=948737955

54.156.11.63

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&_=948737955
IP
54.156.11.63:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/InitFormData?msn=3&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&_=948737955 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 12855
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:12 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 05-Jan-2023 00:58:12 GMT; Max-Age=2592000; path=/
rguserid=24f09bf0-5608-491a-94f3-e4ef46bda681; expires=Thu, 05-Jan-2023 00:58:12 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 05-Jan-2023 00:58:12 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 05-Jan-2023 00:58:12 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/InitFormData?msn=5&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&_=948737957

54.156.11.63

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/InitFormData?msn=5&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&_=948737957
IP
54.156.11.63:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/InitFormData?msn=5&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&_=948737957 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1064
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:14 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 05-Jan-2023 00:58:14 GMT; Max-Age=2592000; path=/
rguserid=69323405-1c28-41f3-97ca-b430b1792890; expires=Thu, 05-Jan-2023 00:58:14 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 05-Jan-2023 00:58:14 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 05-Jan-2023 00:58:14 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css

188.114.99.234

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css
IP
188.114.99.234:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.1.0/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 723, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 2021-04-23 06:51:23
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: fb769ef43d6803d303a68c7d7f774d4c
cdn-cache: HIT
cf-cache-status: HIT
age: 18395387
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7751124f9cc4b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.15.4/css/solid.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.15.4/css/solid.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.15.4/css/solid.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: text/css
x-amz-id-2: Coc8RwmLjT6CtHXddypM+W6CImaoEHtzsvS9HZXsMMAvDoRnnJmivgKuuKPamgJANWIKigT4WzE=
x-amz-request-id: C6W8DPVWKEKTKR9Q
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"685a6b10be9f3db25acf78c5e7ba7379"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMfD8q73QZK3wK0DDjaUROp%2FrVrbd%2FSN6QLKFQsjT38tUm5J2BAcx8VUkDtwBAg1K%2FwXJPhCbplmVdVtwOUa%2BovngjqX7kZP%2FWeMqH0qdrErOK1DqAlJyWvZDTshgzpdB1rusDI%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775112507d160712-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js

13.107.246.53

200 OK

0 B

URL HTTP/2
tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amsus/ns/js/offers_extended_functions.min.js HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: JsdJsTroZxL3ol3Owm84Vg==
last-modified: Mon, 07 Mar 2022 22:37:07 GMT
etag: 0x8DA008B03257DBD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 7a3f2818-c01e-003c-5f0d-09e028000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0nZOOYwAAAACLG65Bl7llT67NqD1TwWWzQU1TMDRFREdFMTkxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0o5OOYwAAAAByMXFEfFhFR4swjXISbCEvU1ZHMjBFREdFMDYxMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Tue, 06 Dec 2022 00:58:11 GMT
X-Firefox-Spdy: h2

create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2

172.67.41.229

200 OK

0 B

URL HTTP/2
create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
IP
172.67.41.229:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:11 GMT
content-type: text/javascript
x-amz-id-2: hYDRkzS4CaEYQhNioRHxhATGWMTyJuDx0RhxjDrfZflNKPUIRnFQzNmqVphEtC+YrygG5EQl6Ng=
x-amz-request-id: 76KK9JBRVA9W18YQ
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 00:55:16 GMT
etag: W/"97495a102c98049f30e62264b1eb50f5"
cache-control: max-age=1800
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG
cf-cache-status: HIT
age: 1730
vary: Accept-Encoding
server: cloudflare
cf-ray: 7751125daa3ab50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/GenerateToken?msn=1&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&_=948737953

54.156.11.63

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&_=948737953
IP
54.156.11.63:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/GenerateToken?msn=1&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&_=948737953 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 250
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:11 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 05-Jan-2023 00:58:11 GMT; Max-Age=2592000; path=/
rguserid=9ad41a28-378a-46dd-9b1b-edff0910443b; expires=Thu, 05-Jan-2023 00:58:11 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 05-Jan-2023 00:58:11 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 05-Jan-2023 00:58:11 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

create.leadid.com/2.11.9/SaveDom?msn=2&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&_=948737954

54.156.11.63

200 OK

0 B

URL HTTP/2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&_=948737954
IP
54.156.11.63:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /2.11.9/SaveDom?msn=2&pid=ebe0a3e5-83b2-413b-839e-dbca9a48c5d1&token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&_=948737954 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 512
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:12 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Thu, 05-Jan-2023 00:58:12 GMT; Max-Age=2592000; path=/
rguserid=746aa92e-9bec-48eb-b1f8-e4c1345c1dd8; expires=Thu, 05-Jan-2023 00:58:12 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Thu, 05-Jan-2023 00:58:12 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Thu, 05-Jan-2023 00:58:12 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2

deviceid.trueleadid.com/iframe.html?token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4

52.73.153.179

200 OK

0 B

URL HTTP/2
deviceid.trueleadid.com/iframe.html?token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP
52.73.153.179:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /iframe.html?token=34C581F8-71C6-85A2-75D1-A3F4CE0E9EAF&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:13 GMT
content-type: text/html
server: nginx
last-modified: Thu, 22 Sep 2022 15:32:09 GMT
etag: W/"632c7ff9-1049"
expires: Wed, 07 Dec 2022 00:58:13 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

188.114.99.234

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP
188.114.99.234:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 06 Dec 2022 00:58:09 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 2021-06-08 18:02:12
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: a9c552a6ef500abddb12a9852509d4ed
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 15734442
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7751124facc8b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (59)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP