monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
54.161.16.68301 Moved Permanently 134 B URL HTTP/1.1 monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
IP 54.161.16.68:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer Verdict Alert fortinet Phishing
GET /go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962 HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Fri, 06 Jan 2023 09:11:38 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://monthlysweeps.us:443/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20911
Expires: Fri, 06 Jan 2023 15:00:09 GMT
Date: Fri, 06 Jan 2023 09:11:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4517
Expires: Fri, 06 Jan 2023 10:26:55 GMT
Date: Fri, 06 Jan 2023 09:11:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 600f7ba6e1a6fbbd176cd2df19b1e4d9
cdd72b25fd91ee980aba193b12e890096e4fe852
860214860947dfbe26099f018747154823b175fceb2821a390cc655da191a6d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "860214860947DFBE26099F018747154823B175FCEB2821A390CC655DA191A6D0"
Last-Modified: Thu, 05 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2794
Expires: Fri, 06 Jan 2023 09:58:12 GMT
Date: Fri, 06 Jan 2023 09:11:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 06 Jan 2023 08:41:19 GMT
content-type: application/json
age: 1819
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WnUoHb6349FB7bclz4wP320ohTiu0Kv6Q2bNAXiqM4DYwNarwE5hs4CB3VsGUsA+QlgDuNjWgAKnmvWSbsqRBg==
x-amz-request-id: 4XAENRKPQW48Y7FH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 06 Jan 2023 09:02:06 GMT
age: 573
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 09:11:39 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 06 Jan 2023 09:08:12 GMT
age: 207
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 37f618573a182fefb809e3691fcadcfa
f93043f5eccf0384018b09bca21f379c4d1f8da8
00afa16e4110ac12092dd52e5dfc42c7b78a7fdcfd9cd35d705759464157c92b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152734
Date: Fri, 06 Jan 2023 09:11:39 GMT
Etag: "63b79769-1d7"
Expires: Sun, 08 Jan 2023 03:37:13 GMT
Last-Modified: Fri, 06 Jan 2023 03:37:13 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MUJR5YhQk6eV-fTMspQCmWYwvV2MWYzxXFxIu3v940Cf4IR2yPZhFw==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 73a99621729e1bc9e236a1085b98a0cf
5e1f71493085f6be7788f59987c1f0850b77d4d7
219d1a8d7d1a027553f72c8c024488863d8996457b31c78014002f81174f3ad1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6463
Cache-Control: max-age=92573
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:39 GMT
Etag: "63b69329-1d7"
Expires: Sat, 07 Jan 2023 10:54:32 GMT
Last-Modified: Thu, 05 Jan 2023 09:06:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
54.161.16.68200 OK 9.9 kB URL HTTP/2 monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
IP 54.161.16.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (939)
Hash ace15f3491eae149a1a8e1261445576a
febdce3cf7ed305d665e760f76c9e15448ff2af5
045ac15727c30772b9e6370d69ef72eca51d5498b3e8fc3b8d2ddf331f9ed77a
Analyzer Verdict Alert fortinet Phishing
GET /go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962 HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=1804FE06-9221-6972-C019-8291D2D981A7; _ga=GA1.2.1235020386.1672996252; _gid=GA1.2.156796633.1672996252; _gat=1; _hjSessionUser_2865935=eyJpZCI6ImQ3M2YyMGRlLWY4NjQtNTIzMC05MGU4LWYxMzZjMGU1MTNlYyIsImNyZWF0ZWQiOjE2NzI5OTYyNTI5MjIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6IjJlNjliZTMxLTEyZGYtNDk0Yi1iOWU4LTJjZTRmYWVhOGVkMCIsImNyZWF0ZWQiOjE2NzI5OTYyNTMwMjUsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:39 GMT
content-type: text/html; charset=UTF-8
content-length: 9929
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=q1j372751sum3eq2h0n6p02loall41uf; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 07a5ec80d8c96a4a1487205117e3f231
84f52008b8164535e990651a2322ec9fc0a6d148
79501493a8c7ac33afbb8aa1e99d32145a403eebb636fd5b9fb8a26b429970cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 665
Cache-Control: max-age=150510
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:39 GMT
Etag: "63b78c20-118"
Expires: Sun, 08 Jan 2023 03:00:09 GMT
Last-Modified: Fri, 06 Jan 2023 02:49:04 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
104.17.24.14200 OK 59 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (65274)
Hash a63b2977b01b6e2d2e2086c3f63a3c9a
560409f64e40f5078e1ba8d496657badd7a3a6ee
4a477bb786727bd8c49a1dbc25dd37dcce7f2ceece74576dffd8a3da739b034f
GET /ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 58913
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-46f6d"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 16039473
expires: Wed, 27 Dec 2023 09:11:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyPpgHryraT%2BCDBY27NYFz1J6Iv2jMKFIuXLzRNuIWSNMoFgAMByDIArfK91PkpayMn0X471qJu7r%2BEJTuYKl838RViCeSvXYhPgUPXYJsprB0R5FuXtzk8N0Ln3P4oWfxC1rcal"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 785353da9f5db50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
monthlysweeps.us/assets/css/datepicker.css
54.161.16.68200 OK 818 B URL HTTP/2 monthlysweeps.us/assets/css/datepicker.css
IP 54.161.16.68:0
File type ASCII text, with very long lines (3335), with no line terminators
Hash 3240fc33175e0e388f26fbac8bf8cff3
cf1a645948c9ce996e1560b9569f56822c4f9ba8
9077f43ae19f62f65d930304d4f77d3ce23ec0d4ba41e1284dac8702fbc05f96
GET /assets/css/datepicker.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
Cookie: leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=1804FE06-9221-6972-C019-8291D2D981A7; _ga=GA1.2.1235020386.1672996252; _gid=GA1.2.156796633.1672996252; _gat=1; _hjSessionUser_2865935=eyJpZCI6ImQ3M2YyMGRlLWY4NjQtNTIzMC05MGU4LWYxMzZjMGU1MTNlYyIsImNyZWF0ZWQiOjE2NzI5OTYyNTI5MjIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6IjJlNjliZTMxLTEyZGYtNDk0Yi1iOWU4LTJjZTRmYWVhOGVkMCIsImNyZWF0ZWQiOjE2NzI5OTYyNTMwMjUsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; ci_session=q1j372751sum3eq2h0n6p02loall41uf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:39 GMT
content-type: text/css
content-length: 818
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:06 GMT
etag: "d07-5c80ac2c970f8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
monthlysweeps.us/assets/css/loading_icon_1.css
54.161.16.68200 OK 580 B URL HTTP/2 monthlysweeps.us/assets/css/loading_icon_1.css
IP 54.161.16.68:0
Hash b6b8913a6a3ad6881037667493551ec5
3daae516738f878875bb15766ca06a2ed9ee442b
cc46b8ab8bf6a609d0c9336a46ef8b217c15fb2ecdef548c5c4d6ce6ebdb52cf
GET /assets/css/loading_icon_1.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
Cookie: leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=1804FE06-9221-6972-C019-8291D2D981A7; _ga=GA1.2.1235020386.1672996252; _gid=GA1.2.156796633.1672996252; _gat=1; _hjSessionUser_2865935=eyJpZCI6ImQ3M2YyMGRlLWY4NjQtNTIzMC05MGU4LWYxMzZjMGU1MTNlYyIsImNyZWF0ZWQiOjE2NzI5OTYyNTI5MjIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6IjJlNjliZTMxLTEyZGYtNDk0Yi1iOWU4LTJjZTRmYWVhOGVkMCIsImNyZWF0ZWQiOjE2NzI5OTYyNTMwMjUsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; ci_session=q1j372751sum3eq2h0n6p02loall41uf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:39 GMT
content-type: text/css
content-length: 580
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:07 GMT
etag: "db0-5c80ac2ce37a0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js
151.101.129.229200 OK 7.3 kB URL HTTP/2 cdn.jsdelivr.net/jquery.validation/1.15.0/jquery.validate.min.js
IP 151.101.129.229:0
File type Unicode text, UTF-8 text, with very long lines (22550)
Hash 17f3f2c0dd873827d21aec4b7c7da443
e10d2e3deff107d85726cb4f14eee82f96f2594e
5f0adea83e4171c32048eafe7032ef01093d96794c62b988fb9935041e35a998
GET /jquery.validation/1.15.0/jquery.validate.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"58a0-xaL/AT+jV8HSplcbXY5ljmcAgOo"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 06 Jan 2023 09:11:39 GMT
age: 4496891
x-served-by: cache-fra-eddf8230115-FRA, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7320
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
104.17.24.14200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (20322)
Hash df9fe6d48e380554eb0ec9687bed3246
207263d754220200c1916edfbda262f62223ecf5
91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9
GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1221500
expires: Wed, 27 Dec 2023 09:11:39 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WklFUf5Xfvwp2P5%2F%2B0lfEKWW53uAPw5MPAt7oyxGCYCixSaXct%2Bv5gL8IJMEUI6EOb2AHLfXS%2BQRdIfrOboR2Juy14syLfRUEIuS5YwYmtJwhPYpUlYl8r748%2BzCZNu%2Fj%2F8BlILu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 785353dabf7fb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
monthlysweeps.us/assets/css/sweeps.css
54.161.16.68200 OK 1.6 kB URL HTTP/2 monthlysweeps.us/assets/css/sweeps.css
IP 54.161.16.68:0
Hash a5c77602d9ceb6c6450244ffb0baf0d1
0a8756bf9ec23f2957f9165941196551cc046cf7
d1bdae39d462d3c7ccb9f86a413c69df0026d2c06558af9b691a0e98bf0cdd4e
GET /assets/css/sweeps.css HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
Cookie: leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=1804FE06-9221-6972-C019-8291D2D981A7; _ga=GA1.2.1235020386.1672996252; _gid=GA1.2.156796633.1672996252; _gat=1; _hjSessionUser_2865935=eyJpZCI6ImQ3M2YyMGRlLWY4NjQtNTIzMC05MGU4LWYxMzZjMGU1MTNlYyIsImNyZWF0ZWQiOjE2NzI5OTYyNTI5MjIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6IjJlNjliZTMxLTEyZGYtNDk0Yi1iOWU4LTJjZTRmYWVhOGVkMCIsImNyZWF0ZWQiOjE2NzI5OTYyNTMwMjUsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; ci_session=q1j372751sum3eq2h0n6p02loall41uf
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:39 GMT
content-type: text/css
content-length: 1639
server: Apache/2.4.41 (Ubuntu)
last-modified: Fri, 02 Sep 2022 17:56:19 GMT
etag: "172c-5e7b572772120-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65451)
Hash d549b312f7a7d228b4ec229a6547dfdc
0766794582ad530ec0f8c2595f741086afffa312
f6488b2915e0ceee723f4320492511d46c6ba1860d5975d085e6da8913f55f44
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:39 GMT
content-encoding: gzip
content-length: 30288
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1538f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CNvn350GEocBCiRiYzZlZmQ4My0zMWE0LTRmOWQtODcyZC0wNTNiMmFkYmFmYzIQ+OiCoKvU+wIaBgjLy9+dBiIMOTEuOTAuNDIuMTU0KICIAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkNDg1YTNkNzgtMjA4YS00ZjJmLTgzNWQtZWE3ZTE5OTVhZDk5GNDsASIYCAISFGNkczI0MC5zazEuaHdjZG4ubmV0.pcd5dly81bAfwyS2Mi2nkilvTJdS6eUMWf6DCJnEVYI=
x-hw: 1672996299.dop203.sk1.t,1672996299.cds215.sk1.hn,1672996299.cds240.sk1.c
X-Firefox-Spdy: h2
cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js
151.101.129.229200 OK 5.2 kB URL HTTP/2 cdn.jsdelivr.net/jquery.validation/1.15.0/additional-methods.min.js
IP 151.101.129.229:0
File type Unicode text, UTF-8 text, with very long lines (17590)
Hash 4c0e8d136f8e41d83cb99f52be04f280
eecf9c91f361ac05dfaa6b7167aea6f0d4ddf7cd
81659fd2d8cc8d38327f4450954654b19dbb8a95a2b1e402e47869f0ca9dddc6
GET /jquery.validation/1.15.0/additional-methods.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"4547-g4rGbD7KxrYTawSb3Q4U8vAilSw"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 06 Jan 2023 09:11:40 GMT
age: 5708381
x-served-by: cache-fra-eddf8230100-FRA, cache-bma1673-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5199
X-Firefox-Spdy: h2
ads.pro-market.net/ads/scripts/site-141028.js
95.101.10.9200 OK 1.1 kB URL HTTP/1.1 ads.pro-market.net/ads/scripts/site-141028.js
IP 95.101.10.9:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (514), with CRLF line terminators
Hash 540b7c85a21cf48ee81735b2ffcc335f
e5eaedc157c73717aab322629e3f1ad8569bc0a1
aa2916440a5dc9e91cc213dc3503845a97fe91cfd12fe8e6cd92032b675a4da9
GET /ads/scripts/site-141028.js HTTP/1.1
Host: ads.pro-market.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 23 Jul 2019 13:39:45 GMT
Server: nginx/1.0.15
Content-Encoding: gzip
Content-Length: 1101
Content-Type: application/x-javascript
Cache-Control: max-age=86400
Date: Fri, 06 Jan 2023 09:11:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
push.services.mozilla.com/
54.148.213.75101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.213.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZcNSvme3eDKk0FlGlO9PwA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gscvRJRYMVeKQ1GOHhTiSKk/F2Y=
monthlysweeps.us/assets/img/campaign/1249_welcome.png
54.161.16.68200 OK 24 kB URL HTTP/2 monthlysweeps.us/assets/img/campaign/1249_welcome.png
IP 54.161.16.68:0
File type PNG image data, 500 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e24581b6aac99ec3e2297b320425e76
98e9aa8c6a5ab7064f6cf148f4e92fe07d31c914
79ec893d60a62640fa88f45c8c4900e67036a253cf4cddac29fc6da403fa2ff0
GET /assets/img/campaign/1249_welcome.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
Cookie: leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=1804FE06-9221-6972-C019-8291D2D981A7; _ga=GA1.2.1235020386.1672996252; _gid=GA1.2.156796633.1672996252; _gat=1; _hjSessionUser_2865935=eyJpZCI6ImQ3M2YyMGRlLWY4NjQtNTIzMC05MGU4LWYxMzZjMGU1MTNlYyIsImNyZWF0ZWQiOjE2NzI5OTYyNTI5MjIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6IjJlNjliZTMxLTEyZGYtNDk0Yi1iOWU4LTJjZTRmYWVhOGVkMCIsImNyZWF0ZWQiOjE2NzI5OTYyNTMwMjUsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; ci_session=q1j372751sum3eq2h0n6p02loall41uf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:39 GMT
content-type: image/png
content-length: 23920
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:33:23 GMT
etag: "5d70-5d7afdc8e1548"
accept-ranges: bytes
X-Firefox-Spdy: h2
monthlysweeps.us/assets/img/sweepstakes250/two.png
54.161.16.68200 OK 915 B URL HTTP/2 monthlysweeps.us/assets/img/sweepstakes250/two.png
IP 54.161.16.68:0
File type PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Hash a1914f8236d7704856f5c5762e86c109
ea40712fad474fab16b7e2f1505bcb42302cd6ec
6c21621aeb7ad165ee758074b65bbf2fa35498a74320a940c52a3208375ef26d
GET /assets/img/sweepstakes250/two.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
Cookie: leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=1804FE06-9221-6972-C019-8291D2D981A7; _ga=GA1.2.1235020386.1672996252; _gid=GA1.2.156796633.1672996252; _gat=1; _hjSessionUser_2865935=eyJpZCI6ImQ3M2YyMGRlLWY4NjQtNTIzMC05MGU4LWYxMzZjMGU1MTNlYyIsImNyZWF0ZWQiOjE2NzI5OTYyNTI5MjIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6IjJlNjliZTMxLTEyZGYtNDk0Yi1iOWU4LTJjZTRmYWVhOGVkMCIsImNyZWF0ZWQiOjE2NzI5OTYyNTMwMjUsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; ci_session=q1j372751sum3eq2h0n6p02loall41uf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:39 GMT
content-type: image/png
content-length: 915
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:30 GMT
etag: "393-5429f55c8a780"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e5782ef491c4bb5e1dc5245aed1640b7
2a34a0380e837befa2d6f2ba794c58fca083302a
88fa0e25126e72bd99d8333a8093ad8fa9d2ada9f2012bc64af23c5a7dd143a3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e24748ddfc8a0057e443c7787306ef80
136a387bda286fecf9fc66c17e5417253002b6b8
2afbd44506fd53817ae85f7cd4ba8adbb58bc52565b360e2a45250146836674a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
monthlysweeps.us/assets/img/sweepstakes250/one.png
54.161.16.68200 OK 801 B URL HTTP/2 monthlysweeps.us/assets/img/sweepstakes250/one.png
IP 54.161.16.68:0
File type PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Hash 03744c9d39310c5d2af2cf2a23616580
603f0d70ddc7d77f6341dc0caf9e0740b33ae061
afbc2f9fe529022b98f966b254c8d3173a40998fdd01ee3739df99a8a3169a0b
GET /assets/img/sweepstakes250/one.png HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
Cookie: leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=1804FE06-9221-6972-C019-8291D2D981A7; _ga=GA1.2.1235020386.1672996252; _gid=GA1.2.156796633.1672996252; _gat=1; _hjSessionUser_2865935=eyJpZCI6ImQ3M2YyMGRlLWY4NjQtNTIzMC05MGU4LWYxMzZjMGU1MTNlYyIsImNyZWF0ZWQiOjE2NzI5OTYyNTI5MjIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6IjJlNjliZTMxLTEyZGYtNDk0Yi1iOWU4LTJjZTRmYWVhOGVkMCIsImNyZWF0ZWQiOjE2NzI5OTYyNTMwMjUsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; ci_session=q1j372751sum3eq2h0n6p02loall41uf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:39 GMT
content-type: image/png
content-length: 801
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 01 Dec 2016 21:16:31 GMT
etag: "321-5429f55d7e9c0"
accept-ranges: bytes
X-Firefox-Spdy: h2
monthlysweeps.us/assets/js/datepicker.js
54.161.16.68200 OK 5.3 kB URL HTTP/2 monthlysweeps.us/assets/js/datepicker.js
IP 54.161.16.68:0
File type ASCII text, with very long lines (16878)
Hash 6c28af1b6fa9301701dfefc5dbfe5159
134cfa1c0a5a837f002034b8ea1a8c6243b96bac
4a47c7c7ccb099528d7387eadcc4989bbbc17d75981507635d015da4711bb932
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/datepicker.js HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
Cookie: leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=1804FE06-9221-6972-C019-8291D2D981A7; _ga=GA1.2.1235020386.1672996252; _gid=GA1.2.156796633.1672996252; _gat=1; _hjSessionUser_2865935=eyJpZCI6ImQ3M2YyMGRlLWY4NjQtNTIzMC05MGU4LWYxMzZjMGU1MTNlYyIsImNyZWF0ZWQiOjE2NzI5OTYyNTI5MjIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6IjJlNjliZTMxLTEyZGYtNDk0Yi1iOWU4LTJjZTRmYWVhOGVkMCIsImNyZWF0ZWQiOjE2NzI5OTYyNTMwMjUsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; ci_session=q1j372751sum3eq2h0n6p02loall41uf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:39 GMT
content-type: application/javascript
content-length: 5285
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:09 GMT
etag: "42ac-5c80ac2fab258-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash c47975eaa8f4fe8f7b3924ae42c61e5f
0ec428ab689841f33bd81d06d69a396eec3b1527
b77300487ab5a630dd4a54b8f8206c91a001ad4ba0d42ece61cdc4a62cd7b8fa
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 09:11:40 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "72D144FC440C1F8CE495C55FFC2D98F1B73A520E"
Expires: Fri, 06 Jan 2023 20:00:00 GMT
Last-Modified: Fri, 06 Jan 2023 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2622
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785353dbac94b506-OSL
www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
216.58.207.228200 OK 582 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
IP 216.58.207.228:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 0c698d35b1370b9ed427fdc5358623f8
f5dd5b71f88e202ba4be2ca1872b0c3d2545edcb
8b4b5758e13f2e5322af6eb978170f66df68a76eff53e08e19ba64e3678657bf
GET /recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 06 Jan 2023 09:11:40 GMT
date: Fri, 06 Jan 2023 09:11:40 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e5782ef491c4bb5e1dc5245aed1640b7
2a34a0380e837befa2d6f2ba794c58fca083302a
88fa0e25126e72bd99d8333a8093ad8fa9d2ada9f2012bc64af23c5a7dd143a3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ff3b4cd0aa28a61ef1a039c7ff73ce71
1081a41936a63ccdf3e9ebc021835a19c4125a87
367f96729ad2d9dbe57a5881a37c0bc7893ad0858af6fff7f8b565204eae3a1f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
monthlysweeps.us/assets/img/campaign/1249_bg.jpg
54.161.16.68200 OK 205 kB URL HTTP/2 monthlysweeps.us/assets/img/campaign/1249_bg.jpg
IP 54.161.16.68:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 205 kB (205247 bytes)
Hash 73d2b31df9ec1fe0c4e66a01e5e785b0
5fe301ad5e2579be8b15c0f3a1fa85e83e144741
ec9b940fa1d7e84102af2028679eaad91995a59b4f47728f2144efac555928c7
GET /assets/img/campaign/1249_bg.jpg HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
Cookie: leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=1804FE06-9221-6972-C019-8291D2D981A7; _ga=GA1.2.1235020386.1672996252; _gid=GA1.2.156796633.1672996252; _gat=1; _hjSessionUser_2865935=eyJpZCI6ImQ3M2YyMGRlLWY4NjQtNTIzMC05MGU4LWYxMzZjMGU1MTNlYyIsImNyZWF0ZWQiOjE2NzI5OTYyNTI5MjIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6IjJlNjliZTMxLTEyZGYtNDk0Yi1iOWU4LTJjZTRmYWVhOGVkMCIsImNyZWF0ZWQiOjE2NzI5OTYyNTMwMjUsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; ci_session=q1j372751sum3eq2h0n6p02loall41uf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:40 GMT
content-type: image/jpeg
content-length: 205247
server: Apache/2.4.41 (Ubuntu)
last-modified: Thu, 10 Feb 2022 20:33:23 GMT
etag: "321bf-5d7afdc8ca618"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1de1afea838e0cb0ddc9c68b00cb8e26
0c1f6d5e2dd08a9d89f476a58a0d44effe299739
0b267cc72096e86ae793df666c881f4ebd2d0273644ba47ecf55bf5ce9207dcd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 09:11:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 06 Jan 2023 02:10:12 GMT
Expires: Fri, 13 Jan 2023 02:10:11 GMT
Etag: "0c1f6d5e2dd08a9d89f476a58a0d44effe299739"
Cache-Control: max-age=578910,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 785353dc7bbfb4fd-OSL
ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1249169444874962&subid=1249169444874962
209.151.244.116200 OK 700 B URL HTTP/1.1 ldsapi.tmginteractive.com/generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1249169444874962&subid=1249169444874962
IP 209.151.244.116:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (852), with CRLF line terminators
Hash 209ac511732cd919ab0a49598b5ba504
47359328ba3638cb14c7de85098c605d894cfaa9
39685c7c92ff945b7996db153113fbbfa733fcafa74c76be4552408d0d309fbe
GET /generateplacementscript.aspx?placement=13488000&publisher=139136&affid=1249169444874962&subid=1249169444874962 HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Fri, 06 Jan 2023 09:11:40 GMT
Content-Length: 700
ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1249169444874962&subid=1249169444874962
209.151.244.116200 OK 4.8 kB URL HTTP/1.1 ldsapi.tmginteractive.com/GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1249169444874962&subid=1249169444874962
IP 209.151.244.116:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15041), with CRLF line terminators
Hash a754b0865afa4985abcaf407091f8353
4e7940cdb3713db1c2fc7f5edeeb7aefca3c4d9a
101aca3d08a1f093d33c4b73792ce5589a8bb28d70835eae447075e4b2e67da1
GET /GenericPlacementScriptDiv.aspx?tmgrt=ancs&mainPlacement=13488000&hasLoadOptimation=0&hasMinAssets=1&placement=13488000&publisher=139136&affid=1249169444874962&subid=1249169444874962 HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Fri, 06 Jan 2023 09:11:40 GMT
Content-Length: 4804
tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif
13.107.237.53200 OK 43 B URL HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/images/spacer.gif
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /amsus/ldsapi/assets/images/spacer.gif HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
content-type: image/gif
content-md5: MlRyYBVx8x4b8AZ0w2jTNQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 580ab999-d01e-0067-7773-20e754000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0r+W3YwAAAAC9jW8FK8O6S7cRA06uGYxVQU1TMDRFREdFMTkxMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0zOW3YwAAAAD2o0rNVThwTbubZ60cvycKU1ZHMjBFREdFMDUxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:40 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419
13.107.237.53200 OK 520 B URL HTTP/2 tmgassets.azureedge.net/amsus/ns/assets/awesome-font/font-awesome.css?version=120419
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (520), with no line terminators
Hash 004c48ee12ed64e223dae51fffda80ca
a3a70b71586d8573a400bd4a2a0eb9bf8ec39c17
735903b0b0ffc434c5dd315d19c20594526dd23bcc44480e69edfbe20f4fb117
GET /amsus/ns/assets/awesome-font/font-awesome.css?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 520
content-type: text/css
content-md5: AExI7hLtZOIj2uUf/9qAyg==
last-modified: Fri, 21 May 2021 11:01:09 GMT
etag: 0x8D91C47BDA9A147
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 9fd6cc47-901e-000d-4479-1ebbff000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0fbG0YwAAAABDr/yLJorPT4//BIQl99+rQU1TMDRFREdFMTgxMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0zOW3YwAAAAAqCaWGjhjxTJ3F69W3p192U1ZHMjBFREdFMDUxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:40 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17071
Expires: Fri, 06 Jan 2023 13:56:12 GMT
Date: Fri, 06 Jan 2023 09:11:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17071
Expires: Fri, 06 Jan 2023 13:56:12 GMT
Date: Fri, 06 Jan 2023 09:11:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17071
Expires: Fri, 06 Jan 2023 13:56:12 GMT
Date: Fri, 06 Jan 2023 09:11:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1780bdca4138463723f65222d72004e2
c0acbd7a8cf08d7b675dd8a0cdb73d4ff4fbdb8b
92d022d0945f2e9ff1b27013792745c4ca2d65150693532049985efdf9022efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92D022D0945F2E9FF1B27013792745C4CA2D65150693532049985EFDF9022EFA"
Last-Modified: Wed, 04 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17071
Expires: Fri, 06 Jan 2023 13:56:12 GMT
Date: Fri, 06 Jan 2023 09:11:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e96507584bce9f14a50123fb78a8102
c45249ddffb15b9e957af8f5203d7d06ddf32cf8
118f62631c92e42b135046647e828eb80a54405603f5b461320b483bce0c55ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4210cd0d-e5ae-416b-b3b1-984a5c3f750c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11746
x-amzn-requestid: 1df278ae-becc-4016-a2c4-b41d07badc43
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eRlHbGlWoAMF-Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b6e895-5ec70fd53a30bd8c340440b6;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 15:11:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H5RdWl_JgJKAYmtiYd7GxKKk0ke7VUR7JvWXxdO1EEftsH8VnopgBw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 15:14:08 GMT
age: 64653
etag: "c45249ddffb15b9e957af8f5203d7d06ddf32cf8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d256d063b2698bb9d915589a2c79fbce
d7c083857e9512ad3ecb3bbaf285409926473ceb
d4e5f901f62fa98b525fc1ecbe187032fd2d0e112c6f1b9534b742b2d6c05b08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5809
x-amzn-requestid: 16b4843e-ac69-402f-87e7-66c24984cecb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSeJoHgwIAMFhdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b743d7-507b52112e0f1176182e5d99;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:40:39 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JGGMyfzW2uwEbY-V22ZCWjFegXRLY-wAlWxSjLCM6C1A5kjXa2DTGw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 22:03:31 GMT
age: 40090
etag: "d7c083857e9512ad3ecb3bbaf285409926473ceb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vIFVXgt2RmoplkAVOtUrOkXj3LmhRw-XEPe7fugZ2-mv_iDY07XzUg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 00:24:30 GMT
age: 31631
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafe4b7f1-288c-42bf-b205-89884e4876aa.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafe4b7f1-288c-42bf-b205-89884e4876aa.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d11a58dc74191f322f3b6c3fe24a532e
20f69a48e4f06393c17d48ce59d04ea3e325bdde
ed207b34e8453566b7e4b9f4fea9bd2584605915ee0c05a0d9c4f63ea8ba3cf3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafe4b7f1-288c-42bf-b205-89884e4876aa.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14366
x-amzn-requestid: 4bb6a458-3fa9-4bdb-b736-bd683f9de0f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eScw6Fr6oAMFoNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7419f-3f1d9219450f36a118919103;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:31:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qq_1COp2lMOOFT1YjBsgKFU1e0CUpIhbZYq2vQcPbJiOl6Rxo3IUXQ==
via: 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 22:04:03 GMT
age: 40058
etag: "20f69a48e4f06393c17d48ce59d04ea3e325bdde"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 905c01ccaa57e0ea71e9a2f58bbb2ca4
6cf4b068623644dd0ca790dbc75e3533e7759f8b
4b579d86c6b957bf5c777b44b474c1c8fac699ffe695757d43f9752b079ef42a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4473
x-amzn-requestid: 4732a7f2-382c-41a0-a96a-dbd073af76dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eScwQG6hoAMFQaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7419b-4b3c3ebf3c06242b360e6421;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:31:07 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gwxWbkGIJgnJKjE2vGO2EtjwRrLcjtGcmG8CQ9cBa7-AYpGbCzZRnA==
via: 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 22:05:44 GMT
age: 39957
etag: "6cf4b068623644dd0ca790dbc75e3533e7759f8b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5808502d-e3d7-4ff0-885f-be3e4728a380.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5808502d-e3d7-4ff0-885f-be3e4728a380.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c43cd789c8a417cccb0fd1d0976b13f2
f7be1e65af4baa06da326d643a624fe46abe1ea2
863d781dc296cd5edb0f2630f4bb29533323917f455f512e7679e4afa0346323
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5808502d-e3d7-4ff0-885f-be3e4728a380.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 09:11:41 GMT
content-type: image/jpeg
content-length: 4577
x-amzn-requestid: 5e67ddf8-53fd-4cad-b6b9-8202560bf598
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSd60GXjoAMF41Q=
x-content-type-options: nosniff
etag: "f7be1e65af4baa06da326d643a624fe46abe1ea2"
x-amzn-trace-id: Root=1-63b74378-042659c73cd71e1004a14faa;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:39:04 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1lbzfXbU7LtEjnlHa7ZypSnkSumraYEkaMdWkfa-OjnSgNVB0VMsXw==
age: 439
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?406k6j2023406j01ckl06llk016jkk114000
13.107.237.53200 OK 1.3 kB URL HTTP/2 tmgassets.azureedge.net/amsus/ns/js/13488000.min.js?406k6j2023406j01ckl06llk016jkk114000
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash c2ab2b22e00fde989b1da5d2046a2d9a
54dc2669de827bf443bf17cc5d798a8fa55b6802
44eef61ed4d8f184459144780a4784e4a2af75c72642d1af28f6d18e0425c784
GET /amsus/ns/js/13488000.min.js?406k6j2023406j01ckl06llk016jkk114000 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: 9wgtvP0cVsloq3UaPunwsA==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4E2F58
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: df72edf5-001e-0047-02ae-218b98000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0r+W3YwAAAACS9drlK2WHT6KxWVrYJUDjQU1TMDRFREdFMTgwNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0zOW3YwAAAACQdbtt6KBxRp1kjGPlP1+CU1ZHMjBFREdFMDUxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:40 GMT
X-Firefox-Spdy: h2
ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1331240360&affid=1249169444874962&subid=1249169444874962&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
209.151.244.116200 OK 710 B URL HTTP/1.1 ldsapi.tmginteractive.com/ManageImpressions/ReportViaJsCampaign.aspx?hKey=1331240360&affid=1249169444874962&subid=1249169444874962&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar=
IP 209.151.244.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (351), with CRLF line terminators
Hash e5afbf41b7275d982b6edb225d33eabb
f7eaa66a25d7b7474a8a8bd4a5ab19a00637e247
564f2505dd0195737045d2b572b48ea3c33e3b42548d8bef5777605a271e05b4
POST /ManageImpressions/ReportViaJsCampaign.aspx?hKey=1331240360&affid=1249169444874962&subid=1249169444874962&Placement=13488000&Publisher=139136&CurrentCamps=10023.10023/226/0/225&PreviousCamps=&TrackOn=load&IP_ADDRESS=91.90.42.154&UserEmail=&postfn=beacon&oovar= HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Fri, 06 Jan 2023 09:11:41 GMT
Content-Length: 710
tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0
13.107.237.53200 OK 84 kB URL HTTP/2 tmgassets.azureedge.net/amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format, TrueType, length 83760, version 1.0\012- data
Hash fdf491ce5ff5b2da02708cd0e9864719
7f2f3c55c2de192387c351b995115f6b79e09173
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
GET /amsus/ns/assets/awesome-font/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://tmgassets.azureedge.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 83760
content-type: font/woff
content-md5: /fSRzl/1stoCcIzQ6YZHGQ==
last-modified: Fri, 21 May 2021 11:01:16 GMT
etag: 0x8D91C47C18878E8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 51336dee-201e-003d-2b45-1fe1d5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0vSy1YwAAAABNnugG61HDTKZVxccem0DGQU1TMDRFREdFMTgxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
access-control-allow-headers: *
access-control-allow-methods: GET
x-azure-ref: 0zeW3YwAAAABcwU/x72y3RrdOLlpNAGvMU1ZHMjBFREdFMDUxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:41 GMT
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 4e23abe92dbc8f502a25507e4d141325
b34d0f103e2065fcc13501e4b71646d41ceeb28a
1bb059b847639d9ec7cba8c3f3a5e788163865160712635cb65bd00530320ee4
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 09:11:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 04 Jan 2023 10:10:15 GMT
Expires: Wed, 11 Jan 2023 10:10:14 GMT
Etag: "b34d0f103e2065fcc13501e4b71646d41ceeb28a"
Cache-Control: max-age=603758,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 59
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785353e72e600af6-OSL
monthlysweeps.us/go/api/zip/undefined?get_param=value
54.161.16.68200 OK 111 B URL HTTP/2 monthlysweeps.us/go/api/zip/undefined?get_param=value
IP 54.161.16.68:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4072747d6757278fe77c6970474ad27d
7404af04b7ef1db62f26e0a08fe82ab5a184e901
7d911cc2e66702b54cfca359fb39a67a65259e9ed6706c4a78516d20a4670e6f
Analyzer Verdict Alert fortinet Phishing
GET /go/api/zip/undefined?get_param=value HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
Cookie: leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=1804FE06-9221-6972-C019-8291D2D981A7; _ga=GA1.2.1235020386.1672996252; _gid=GA1.2.156796633.1672996252; _gat=1; _hjSessionUser_2865935=eyJpZCI6ImQ3M2YyMGRlLWY4NjQtNTIzMC05MGU4LWYxMzZjMGU1MTNlYyIsImNyZWF0ZWQiOjE2NzI5OTYyNTI5MjIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6IjJlNjliZTMxLTEyZGYtNDk0Yi1iOWU4LTJjZTRmYWVhOGVkMCIsImNyZWF0ZWQiOjE2NzI5OTYyNTMwMjUsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; ci_session=q1j372751sum3eq2h0n6p02loall41uf
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:42 GMT
content-type: application/json; charset=UTF-8
content-length: 111
server: Apache/2.4.41 (Ubuntu)
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
set-cookie: ci_session=q1j372751sum3eq2h0n6p02loall41uf; path=/; HttpOnly; SameSite=Lax
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash ff19eac1dc8de90ed85a846e8e1dc40a
f5a5d675cb6fd713c3075a46e77a89ae7d1f922f
06071ac15872608a976104e99b3ca01f28644687b92fbe37ef569d1587298ac3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134123
Date: Fri, 06 Jan 2023 09:11:42 GMT
Etag: "63b7474e-1d7"
Expires: Sat, 07 Jan 2023 22:27:05 GMT
Last-Modified: Thu, 05 Jan 2023 21:55:26 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: d4u_PyZ03sUAfRnaIyLEshotqfsMaXZ24s1co1ZbWvwcYq7pMqs3IQ==
Age: 1899
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 62b016fa93b91c553dc2ebb769f0c78c
bd091f7c74aca633e30ca6289b0c4cdcaeddac06
f2f28d3aadb5388618947d61e080a752d4f5540118058c454ccfe6e36c964165
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103664
Date: Fri, 06 Jan 2023 09:11:42 GMT
Etag: "63b6beca-1d7"
Expires: Sat, 07 Jan 2023 13:59:26 GMT
Last-Modified: Thu, 05 Jan 2023 12:12:58 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Duz7nX9890Pi9hcME-Tp_XOJMq8lGIKExttKl5GhlxS1oEX8uRLClA==
Age: 6388
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 62b016fa93b91c553dc2ebb769f0c78c
bd091f7c74aca633e30ca6289b0c4cdcaeddac06
f2f28d3aadb5388618947d61e080a752d4f5540118058c454ccfe6e36c964165
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=103501
Date: Fri, 06 Jan 2023 09:11:42 GMT
Etag: "63b6beca-1d7"
Expires: Sat, 07 Jan 2023 13:56:43 GMT
Last-Modified: Thu, 05 Jan 2023 12:12:58 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KTBnuVAHQyyFd3mhiQDTDA1-hpFlh8cNT01kbzvzcmUkO3u1SV8QEg==
Age: 6225
api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16729962911170.6375300230799672&invert_field_sensitivity=false
54.167.87.86301 Moved Permanently 134 B URL HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16729962911170.6375300230799672&invert_field_sensitivity=false
IP 54.167.87.86:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trustedform.js?provide_referrer=false&field=trusted_form&l=16729962911170.6375300230799672&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Fri, 06 Jan 2023 09:11:42 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16729962911170.6375300230799672&invert_field_sensitivity=false
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 06 Jan 2023 07:43:41 GMT
expires: Fri, 06 Jan 2023 09:43:41 GMT
cache-control: public, max-age=7200
age: 5281
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
monthlysweeps.us/favicon.ico
54.161.16.68200 OK 5.4 kB URL HTTP/2 monthlysweeps.us/favicon.ico
IP 54.161.16.68:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b0a102991e7332643ae57365023c00c8
4ea4c55c982e08bda104d2e8e981594c067cef24
1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc
GET /favicon.ico HTTP/1.1
Host: monthlysweeps.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/go/to/ss28jn/key/cdd777f9ae86082f66873f9d4098137a/aid/16944/s1/4874962
Cookie: leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=1804FE06-9221-6972-C019-8291D2D981A7; _ga=GA1.2.1235020386.1672996252; _gid=GA1.2.156796633.1672996252; _gat=1; _hjSessionUser_2865935=eyJpZCI6ImQ3M2YyMGRlLWY4NjQtNTIzMC05MGU4LWYxMzZjMGU1MTNlYyIsImNyZWF0ZWQiOjE2NzI5OTYyNTI5MjIsImV4aXN0aW5nIjpmYWxzZX0=; _hjFirstSeen=1; _hjIncludedInSessionSample=0; _hjSession_2865935=eyJpZCI6IjJlNjliZTMxLTEyZGYtNDk0Yi1iOWU4LTJjZTRmYWVhOGVkMCIsImNyZWF0ZWQiOjE2NzI5OTYyNTMwMjUsImluU2FtcGxlIjpmYWxzZX0=; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; ci_session=q1j372751sum3eq2h0n6p02loall41uf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:42 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:08 GMT
etag: "1536-5c80ac2e78fe8"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 09:11:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 9533d2cd1e4b32de0c057e8e7f189264
15235dfa56bf981684b2c202bca51cbe94ce608c
0096b9ba416e487ea40a03ec2ac9a15ed0cf08fecd49220bef0da1bcc29170a5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 06 Jan 2023 09:11:42 GMT
Etag: "63b798b8-1d7"
Last-Modified: Fri, 06 Jan 2023 07:33:33 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7dpqpBl7bjcz847dlr6djIh-qalVFoL3YGl39_jVhF9qDYx4vEEd3w==
Age: 5892
ldsapi.tmginteractive.com/api/hitsnap.ashx
209.151.244.116200 OK 21 B URL HTTP/1.1 ldsapi.tmginteractive.com/api/hitsnap.ashx
IP 209.151.244.116:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8736cdfe08480bca66cffeee06268705
81af0417f969f93848b1cf30fce1db93884facc1
838a7c62adda8d131d694ae13ba2c5b73579aeb0f327d9f23e23880943a8a289
POST /api/hitsnap.ashx HTTP/1.1
Host: ldsapi.tmginteractive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 10688
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: application/json; charset=utf-8
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Service-Ip: 105
Date: Fri, 06 Jan 2023 09:11:42 GMT
Content-Length: 21
script.hotjar.com/modules.352fddba5b21bbfc3a08.js
143.204.55.68200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.352fddba5b21bbfc3a08.js
IP 143.204.55.68:0
File type Unicode text, UTF-8 text, with very long lines (48638)
Hash 3256c76707175033b83ffe82f89b32ec
d33e93f001d08e0449fde66b60493900f8f5c62e
cdb9b4030412de584b24a407d6186cd5971df1b3fb3168d819c8d9b9e5927bdf
GET /modules.352fddba5b21bbfc3a08.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68894
date: Thu, 22 Dec 2022 08:07:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "3256c76707175033b83ffe82f89b32ec"
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Lu9W49P493fT8T9I7EP48K6Z53YhRxOVPBCil2NP5KC-o4ypraQKpA==
age: 1299878
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.105200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.105:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5bXpvPnDEBVOFi0AJ2Bxn0tMGw99CDtMZUdxK8mmuUuYM3CCd3-CRw==
age: 3787298
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash ddaf4b50774e90b6886253a6264d6bf4
a292d6b87f83cd057cd891b3899feb9e5551af9a
6cbbab3db91b963abfa6ad48f5280a8109584275d17f3db8e99fc2431b4534db
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 06 Jan 2023 09:11:44 GMT
Last-Modified: Fri, 06 Jan 2023 07:40:40 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wi4_lUb9SCH_PYj95Zf9WMcywaZMP7EcZrK5RCFYzGyvDcu2VXLjBw==
Age: 5464
api.trustedform.com/certs
54.167.87.86201 Created 475 B URL HTTP/2 api.trustedform.com/certs
IP 54.167.87.86:0
File type JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Hash 8f21b1831722e4ebfeb2411348bdd185
22a1d881aefd8aa1820810d9b8058d01ea16c415
58d2b7e914ab6f39337ddaf3e1a55e5e2d68a471d8305bac450b19e8742a8f6f
POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 646
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
date: Fri, 06 Jan 2023 09:11:44 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.34.js
54.230.111.103200 OK 38 kB URL HTTP/2 cdn.trustedform.com/trustedform-1.8.34.js
IP 54.230.111.103:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 65f8b88497206d3c7e99b3f02bde0273
f3db1820c42a4af12d779565ffac3e5939ae6059
d17e762db18d7157739db91fea83f2e7e1d8ae0790640fa75900e73dc2e19b4b
GET /trustedform-1.8.34.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 03 Jan 2023 19:03:16 GMT
x-amz-version-id: hES6nR96ubfYj.1_xD4qXUN3eVWpqkfz
server: AmazonS3
content-encoding: gzip
date: Fri, 06 Jan 2023 09:11:43 GMT
etag: W/"25857b744e24e1165d58b27253270dd7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zCuyBsAo0I_d47MWRy8dfuhqUxEM8MVOtZKWqY4LHJIhx5r9f5kKhw==
age: 7
X-Firefox-Spdy: h2
api.trustedform.com/certs/d5453422c6473445c5fb024d62303a48208a7e6d/fingerprints
54.167.87.86204 No Content 0 B URL HTTP/2 api.trustedform.com/certs/d5453422c6473445c5fb024d62303a48208a7e6d/fingerprints
IP 54.167.87.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/d5453422c6473445c5fb024d62303a48208a7e6d/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 262
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 06 Jan 2023 09:11:45 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js
13.107.237.53200 OK 0 B URL HTTP/2 tmgassets.azureedge.net/amsus/ns/js/offers_extended_functions.min.js
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /amsus/ns/js/offers_extended_functions.min.js HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: JsdJsTroZxL3ol3Owm84Vg==
last-modified: Mon, 07 Mar 2022 22:37:07 GMT
etag: 0x8DA008B03257DBD
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: c891a9da-d01e-0023-3ee5-203b38000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0sOW3YwAAAACJypyOHtUfSp3as/6IeZ5aQU1TMDRFREdFMTgxNAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0zeW3YwAAAABVqVl5ufRASJ740HUAzQ+fU1ZHMjBFREdFMDUxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:41 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419
13.107.237.53200 OK 0 B URL HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/browserdetect.min.js?version=120419
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /amsus/ldsapi/assets/script/browserdetect.min.js?version=120419 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: Shzc0tuaykHxXX+tfi+uUQ==
last-modified: Fri, 21 May 2021 12:34:19 GMT
etag: 0x8D91C54C1586655
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 7a4209f6-201e-005b-26ae-21538f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0r+W3YwAAAABXc5b9MzYqR7YieJuq72skQU1TMDRFREdFMTgxOAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0zOW3YwAAAAAUqiewFOVBS5HhOwMBO6HuU1ZHMjBFREdFMDUxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:40 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20221213a
13.107.237.53200 OK 0 B URL HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/common.min.js?version=20221213a
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /amsus/ldsapi/assets/script/common.min.js?version=20221213a HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: Y+TIcCdAHXHOVnwTN0xIZw==
last-modified: Tue, 13 Dec 2022 17:19:36 GMT
etag: 0x8DADD2E35D9C241
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: aac75348-d01e-000a-0633-1f4d7a000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0nMO2YwAAAACHjX+6qvtURrjlRlMGHX5eQU1TMDRFREdFMTkxNwAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0zOW3YwAAAADDCnRBZMqwS6Dmss5BToLDU1ZHMjBFREdFMDUxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:40 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?406k6j2023406j01ckl06llk016jkk114000
13.107.237.53200 OK 0 B URL HTTP/2 tmgassets.azureedge.net/amsus/ns/css/13488000.min.css?406k6j2023406j01ckl06llk016jkk114000
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /amsus/ns/css/13488000.min.css?406k6j2023406j01ckl06llk016jkk114000 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-encoding: br
content-md5: WEcI6Omll5/fQKo/f35d8g==
last-modified: Mon, 14 Mar 2022 19:57:50 GMT
etag: 0x8DA05F4EB4EA477
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 3b4afaa2-101e-003e-3aa3-1ee2d2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0r+W3YwAAAACIzqclLsO8SJt7a7WVj2m9QU1TMDRFREdFMTkyMAAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0zOW3YwAAAACNb9cCULCNQLZ5JG2ZzuInU1ZHMjBFREdFMDUxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:40 GMT
X-Firefox-Spdy: h2
create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
104.22.38.182200 OK 0 B URL HTTP/2 create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
IP 104.22.38.182:0
GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:41 GMT
content-type: text/javascript
x-amz-id-2: JxVKDIpfEXNN8mHvjD3KE2sZrSK8aILbw6OCqrpOgmpb4AtcJoNHDWOFUB/aO5N7GKxjfIthE8I=
x-amz-request-id: R45MKB81Y6E236VE
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 00:55:16 GMT
etag: W/"97495a102c98049f30e62264b1eb50f5"
cache-control: max-age=1800
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG
cf-cache-status: HIT
age: 943
vary: Accept-Encoding
server: cloudflare
cf-ray: 785353e74ed895e5-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2865935.js?sv=6
143.204.55.98200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2865935.js?sv=6
IP 143.204.55.98:0
GET /c/hotjar-2865935.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 06 Jan 2023 09:11:02 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/c9a45ead6f8ac097e163371eee24b622
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6Tj4c3CkhTTEEVfRgrNKeS4dL-9yrpQ7sQ69pbNTXk55oJ6RCZgZmw==
age: 40
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveLeadUrl?msn=1&pid=d084f33e-b6bd-4f88-9b2d-23a1d0940eae&token=1804FE06-9221-6972-C019-8291D2D981A7&_=122932741
54.156.11.63200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/SaveLeadUrl?msn=1&pid=d084f33e-b6bd-4f88-9b2d-23a1d0940eae&token=1804FE06-9221-6972-C019-8291D2D981A7&_=122932741
IP 54.156.11.63:0
POST /2.11.9/SaveLeadUrl?msn=1&pid=d084f33e-b6bd-4f88-9b2d-23a1d0940eae&token=1804FE06-9221-6972-C019-8291D2D981A7&_=122932741 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 293
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:42 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 05-Feb-2023 09:11:42 GMT; Max-Age=2592000; path=/
rguserid=5850319d-ef7c-4ebf-8912-6964e4459007; expires=Sun, 05-Feb-2023 09:11:42 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 05-Feb-2023 09:11:42 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 05-Feb-2023 09:11:42 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16729962911170.6375300230799672&invert_field_sensitivity=false
54.230.111.103200 OK 0 B URL HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16729962911170.6375300230799672&invert_field_sensitivity=false
IP 54.230.111.103:0
GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16729962911170.6375300230799672&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://monthlysweeps.us/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 06 Jan 2023 09:11:44 GMT
last-modified: Tue, 03 Jan 2023 19:03:16 GMT
x-amz-version-id: zYt6a4gkTRwxF5skanZHrLBvMRRhPJI5
etag: W/"1990193718ad6b75308b44eb5980db2c"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PT28vYJ1iQrLdWJEdx38LjouIXhikF8MGnXgInmuY-skwJfdgF82uw==
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,700|Oswald:400,600,700
IP 142.250.74.74:0
GET /css?family=Lato:400,700|Oswald:400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 06 Jan 2023 09:11:40 GMT
date: Fri, 06 Jan 2023 09:11:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n
13.107.237.53200 OK 0 B URL HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/standard.min.js?version=20220221n
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /amsus/ldsapi/assets/script/standard.min.js?version=20220221n HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: YTnb0ehLGLRubF63e3IyDA==
last-modified: Mon, 21 Feb 2022 16:55:53 GMT
etag: 0x8D9F55B05E46BD0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: b223d7e8-801e-0030-793b-200ed9000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0r+W3YwAAAAA/286yX5TcS7YVyARbvx4NQU1TMDRFREdFMTkxMQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0zOW3YwAAAACxZs56Q5tZT6U/UN4HL9pqU1ZHMjBFREdFMDUxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:40 GMT
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103
13.107.237.53200 OK 0 B URL HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/clientfp.min.js?version=20211103
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /amsus/ldsapi/assets/script/clientfp.min.js?version=20211103 HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: E4ptMzZLxbawD4B7RV5YCQ==
last-modified: Wed, 03 Nov 2021 09:07:36 GMT
etag: 0x8D99EA961032FA1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: 04250339-d01e-0023-14c5-1f3b38000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0vCy1YwAAAAD8Cx2P7HTlT6f6k6GZRS3EQU1TMDRFREdFMTgxMgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0zOW3YwAAAADKbk1c2d5eTYP/369hyG7zU1ZHMjBFREdFMDUxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:40 GMT
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=d084f33e-b6bd-4f88-9b2d-23a1d0940eae&token=1804FE06-9221-6972-C019-8291D2D981A7&_=122932743
54.156.11.63200 OK 0 B URL HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=d084f33e-b6bd-4f88-9b2d-23a1d0940eae&token=1804FE06-9221-6972-C019-8291D2D981A7&_=122932743
IP 54.156.11.63:0
POST /2.11.9/InitFormData?msn=3&pid=d084f33e-b6bd-4f88-9b2d-23a1d0940eae&token=1804FE06-9221-6972-C019-8291D2D981A7&_=122932743 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 944
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:44 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 05-Feb-2023 09:11:44 GMT; Max-Age=2592000; path=/
rguserid=4947c747-6738-44e8-aca7-3941f3b0ce19; expires=Sun, 05-Feb-2023 09:11:44 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 05-Feb-2023 09:11:44 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 05-Feb-2023 09:11:44 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20221213a
13.107.237.53200 OK 0 B URL HTTP/2 tmgassets.azureedge.net/amsus/ldsapi/assets/script/common-extentions.min.js?20221213a
IP 13.107.237.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /amsus/ldsapi/assets/script/common-extentions.min.js?20221213a HTTP/1.1
Host: tmgassets.azureedge.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-encoding: br
content-md5: G3v7pHqbSC0Gvp9zsfwXIA==
last-modified: Wed, 09 Jun 2021 12:26:50 GMT
etag: 0x8D92B41DB6898DE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-cache: TCP_HIT
x-ms-request-id: a34c5828-101e-0053-0fae-2148fc000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
x-azure-ref-originshield: 0r+W3YwAAAAAOjw+muJNaT4tKRBjsC54FQU1TMDRFREdFMTkwOQAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
x-azure-ref: 0zOW3YwAAAABzZfNmtGoDTplRcDoTzQSwU1ZHMjBFREdFMDUxNgAyODU5YzAzNS0wZjdmLTQ5ZjktOGY0Ny01ZTE1OGJlMzJjNTU=
date: Fri, 06 Jan 2023 09:11:40 GMT
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/2865935/visit-data?sv=6
54.78.116.173200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/2865935/visit-data?sv=6
IP 54.78.116.173:0
POST /api/v2/client/sites/2865935/visit-data?sv=6 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 148
Origin: https://monthlysweeps.us
Connection: keep-alive
Referer: https://monthlysweeps.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 09:11:44 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2