ocsp.globalsign.com/alphasslcasha256g4
104.18.21.226 1.4 kB URL ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.21.226:0
Hash 78c6a21541b0890f0bb99f6a344dcdf4
b864b5f2a9334bdee806e4a158bcd2fac013c9b7
09af43f0f53f4441c3bbb742b98e850562f344003749ec5ae2d80b23abf19e28
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 02:49:07 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Tue, 06 Jun 2023 02:49:06 GMT
ETag: "b864b5f2a9334bdee806e4a158bcd2fac013c9b7"
Last-Modified: Fri, 02 Jun 2023 02:49:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d0c619a38afb503-OSL
rdroot.com/?a=3319&oc=34077&c=66196&m=7&s1=prl&s2=plc05d2c2eb3808c756226222f061ddf&ckmguid=263e1c21-81ef-490a-b736-88f40502f4db
54.228.164.76302 Found 230 B URL User Request GET HTTP/1.1 rdroot.com/?a=3319&oc=34077&c=66196&m=7&s1=prl&s2=plc05d2c2eb3808c756226222f061ddf&ckmguid=263e1c21-81ef-490a-b736-88f40502f4db
IP 54.228.164.76:443
Certificate IssuerGlobalSign nv-sa
Subject*.rdroot.com
FingerprintAD:1D:1F:41:3A:CA:B4:92:70:1B:E8:8A:87:2E:EE:EB:D7:24:E1:3A
ValiditySat, 04 Mar 2023 02:04:00 GMT - Thu, 04 Apr 2024 02:03:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b5bb5df2f6fec7dba8da4389228f6d34
3c5fe7550d932cb3d912462f99b07265dac79848
dd5619f3ebcce972cc7c36f9494001d9aea5d8ae77dd56c3c2edda8686c13d6a
GET /?a=3319&oc=34077&c=66196&m=7&s1=prl&s2=plc05d2c2eb3808c756226222f061ddf&ckmguid=263e1c21-81ef-490a-b736-88f40502f4db HTTP/1.1
Host: rdroot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 230
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Jun 2023 02:48:57 GMT
Location: https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=wADKN3HVMiJBiZVRWf35p5gzzUcghsBZGDN7/9k3D/5T85o//Ick8w==; domain=.rdroot.com; path=/; SameSite=None; secure; HttpOnly
trk=HUrvo4Xd8f9dJHuZQSBKqZgzzUcghsBZGDN7/9k3D/5T85o//Ick8w==; domain=.rdroot.com; expires=Mon, 02-Jun-2025 02:48:58 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash d1bf97784f0d7df922a76031f5c3b697
11253e1e2bd7fb6b0896b09306896296c4dd83cd
63cf2c70f70412838a6a9c00bef727fc09a5109d6857f523cee778126fab2fe4
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 02:49:07 GMT
Server: ECAcc (dcb/7EDB)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EQhJe4asNTUhgpGn90Y8bMvBmaQEhrzJx1f_BUHBeeLud7guC6oN5A==
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
104.17.24.14200 OK 4.2 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP 104.17.24.14:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (65348)
Hash c0be8e53226ac34833fd9b5dbc01ebc5
b81ef1b22de26af8a7a4656f565fbc91a69d7518
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:07 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1830406
expires: Wed, 22 May 2024 02:49:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yww2yT17q%2Bdcl1XB9%2BH77jq4QvvjqwiSJyNnVAUmNgXPYc%2FWcCAEOlbkI3FHvyS6%2BTj323QNg6h4c9M%2Fah53jhQgP3OiZe5pkVQaPKL81Olekl0GRMMe%2FjpAM4hAtZ8NHA7pZplR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0c61a00f0fb4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js
104.17.24.14200 OK 17 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js
IP 104.17.24.14:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (58823)
Hash 5c158b940513c7dc2ebd901455e9b63d
f992a08c86f88b10abd35fae20d468ec52c824e6
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
GET /ajax/libs/moment.js/2.29.1/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 16919
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f7c5ca4-e5ee"
last-modified: Tue, 06 Oct 2020 12:01:40 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4320454
expires: Wed, 22 May 2024 02:49:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COJC4CPy9XwxBTtSnx2d0X5XUooM%2FWuW14CM25xWpf9AjQLGNMVL5RxtijXfgc9zTcshCrfrdoNbQn2ndr8TuCqPBEIzQbiEzXOOBgYFfiFPOV0UxKagaqsWM1lxTKWgKEWt5Sef"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0c61a00c78b523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js
104.17.24.14200 OK 5.0 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js
IP 104.17.24.14:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (17117)
Hash 9dc30a5f28951b5f0623ac993885a2af
5c031b6959fef792df316f42575262425a1f2bfb
fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84
GET /ajax/libs/postscribe/2.0.6/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 4996
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-43d5"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3055309
expires: Wed, 22 May 2024 02:49:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiMV%2FtGXEP1HHs4crM2dUKxiC5GgVHus48ykd77Bn2F%2Fr01UbDQPPRY81aVlVqMCest1VmWqHUJUP94BwDKq%2F1L1BZsa8V7bSicJ8SbRvUEoK44sixkh3qM%2FcN%2F7X1GKN9VgehV8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0c61a01f12b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:49:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-sanitize.min.js
104.17.24.14200 OK 2.7 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-sanitize.min.js
IP 104.17.24.14:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (1253)
Hash 1ed87cdd5af63f804fb0889392dd3917
a2cf7a550d45293d04e79128e920b5452266da8a
a1f4330a19f15a7da83142f5b49786c47e1669bac57076e021e714814a53238f
GET /ajax/libs/angular.js/1.5.8/angular-sanitize.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 2728
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d27-16e5"
last-modified: Mon, 04 May 2020 16:04:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 197755
expires: Wed, 22 May 2024 02:49:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bg%2FNUjvBFX4v7GyQ26Edz%2Fw3Cq7Y25KcZsiLfhnyRt3V1jAm0zRYMmYyurVyRk6niDn03F3prihHyqtNwsMQ2gOp7g4zl8KlSKb6sqtK5yAKqW65M0Zg0Wu%2BTGNxJDT6ngqqfxsp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d0c61a01f16b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:49:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
142.250.74.106200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
IP 142.250.74.106:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (32014)
Hash 05e51b1db558320f1939f9789ccf5c8f
c72c1735b4d903d90dd51225ebefb8c74ebbc51f
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
GET /ajax/libs/jquery/3.1.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 22:56:02 GMT
expires: Wed, 29 May 2024 22:56:02 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 186785
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
142.250.74.106200 OK 57 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
IP 142.250.74.106:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (639)
Hash c8ddded85c81cfcd8dd4e54b71724d85
78069f9f3a9ca9652cb04c13ccb0670d747666b8
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
GET /ajax/libs/angularjs/1.5.8/angular.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 56572
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 08:19:31 GMT
expires: Wed, 29 May 2024 08:19:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 239376
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 02593b51cd737e1085e5837a9a47c755
aab410449655b9fddf070f3e25a1a8e5aee59530
0ea607d017e63bf06a742560b582d99802dc477bba715d9890e1d51663e50d99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:49:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 207b497443e1a2fa6471c3b46d146c3a
9bc83b1b088cd54715655e91ac8766c49ecf0e8a
02293598c888043988addcba1b9f58180d046df3c212e4a8a5d3782e185750db
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 02:49:08 GMT
Last-Modified: Fri, 02 Jun 2023 01:22:16 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9WbmN7AuyklctVgGWS05vd996c8ExKihyZIEjkE-fT3jUpCcMizpJg==
Age: 5212
api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856741473120.16979744905982508&invert_field_sensitivity=false
52.54.175.23301 Moved Permanently 134 B URL GET HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856741473120.16979744905982508&invert_field_sensitivity=false
IP 52.54.175.23:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856741473120.16979744905982508&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Fri, 02 Jun 2023 02:49:08 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856741473120.16979744905982508&invert_field_sensitivity=false
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash de06f6fcbc144014f20c63dd5fe236b4
7f10e556cc7c7786c031a226d3efc006f8511c28
ae157c3fec7620409ce8cf7d841a47c30b487c02bbc82df9127345b7b1149f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:49:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
216.58.207.227200 OK 45 kB URL GET HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 216.58.207.227:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:26:20 GMT
expires: Sun, 26 May 2024 03:26:20 GMT
cache-control: public, max-age=31536000
age: 516168
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 2d9e7d845c42aec4589c403d4b45693b
80d593859b0cddcfa86f5ee21aa493195907cc89
3e63410cf8d649093c72ba17c2f9a7f903804b9631172fd6b33b45379957c3d7
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 02:49:08 GMT
Last-Modified: Fri, 02 Jun 2023 01:13:37 GMT
Server: ECAcc (dcb/7EDB)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Kk0hnnhT61rd5Go0gHFO54Owlen43K_GMAy6lZDEuxbZQYux5gXUrQ==
Age: 5731
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash de06f6fcbc144014f20c63dd5fe236b4
7f10e556cc7c7786c031a226d3efc006f8511c28
ae157c3fec7620409ce8cf7d841a47c30b487c02bbc82df9127345b7b1149f3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Jun 2023 02:49:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/config.json
54.230.111.19200 OK 12 B URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/config.json
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 90040e8e63a0c0c1ee1178c7958e8568
e96c1454ae27ca16e0d1256f514a9636f1973982
602e35a92eec4bc0a2ec6ae113f07bfc6933322fb69fe8dee416e5a67217e2a2
GET /templates/surfeyo_3/config.json HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 12
server: nginx
date: Thu, 01 Jun 2023 12:27:25 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
etag: "64631abf-c"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: faPb-G2GtwG9P5wzxHczjHtOYqoVT9JGtOxyTv53OkLj5yEUm379Gw==
age: 51703
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
104.18.11.207200 OK 21 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP 104.18.11.207:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65371)
Hash ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:07 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-06-08 21:21:23
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: f3a3007506374a305b1a96efe5ee1490
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 4345359
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d0c619ffe2eb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/favicon.ico
54.230.111.19204 No Content 0 B URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/favicon.ico
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 01 Jun 2023 20:15:05 GMT
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GtaDeAaJ76QbUnkrrwwV-Q2WdrRTYmmiChtNOIHY1bS0dN3At8AJDQ==
age: 23643
X-Firefox-Spdy: h2
lpapi.d-promo.com/flowImpression/store/
104.21.87.36200 OK 0 B URL POST HTTP/2 lpapi.d-promo.com/flowImpression/store/
IP 104.21.87.36:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerLet's Encrypt
Subjectd-promo.com
Fingerprint0D:2A:CB:0F:D8:FB:B3:C4:60:B4:E7:F2:59:23:15:6C:44:01:05:0C
ValiditySat, 06 May 2023 07:44:34 GMT - Fri, 04 Aug 2023 07:44:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /flowImpression/store/ HTTP/1.1
Host: lpapi.d-promo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 02 Jun 2023 02:49:08 GMT
content-type: text/plain charset=UTF-8
content-length: 0
access-control-allow-origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McBfafRwPIEAwq7%2FHlv%2Fwf5dSO7Ceq6vDcd10USTdnOArQVvY9FO6iqtgp1Vq6pPyY4qkVzNCHXDZlsTGpdqIpN31CvSRwivCQzsLMqrKIB8j4%2FtWVJFbPE0FZT3G8qpaXqzQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0c61a5bb94b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/alphasslcasha256g4
104.18.21.226 1.4 kB URL ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.21.226:0
Hash 78c6a21541b0890f0bb99f6a344dcdf4
b864b5f2a9334bdee806e4a158bcd2fac013c9b7
09af43f0f53f4441c3bbb742b98e850562f344003749ec5ae2d80b23abf19e28
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 02 Jun 2023 02:49:08 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Tue, 06 Jun 2023 02:49:06 GMT
ETag: "b864b5f2a9334bdee806e4a158bcd2fac013c9b7"
Last-Modified: Fri, 02 Jun 2023 02:49:07 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d0c61a60d5cb503-OSL
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/images/finish.png
54.230.111.19200 OK 3.9 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/images/finish.png
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type PNG image data, 100 x 76, 8-bit colormap, non-interlaced\012- data
Hash dd4312bce75a6d4c431807a2bee2f776
69ffcf91cc6541bfb848b73811d4f7bf3e673cd0
03131a93edbcb765f16649b35917c6d321751aae235ee789b2599fcb31b1cda6
GET /templates/surfeyo_3/images/finish.png HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3860
server: nginx
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
date: Thu, 01 Jun 2023 16:42:01 GMT
etag: "64631abf-f14"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Przvr2sSvGNJH0Qebt4FvDJAOWh0b_NOwWHsS_ftbFbY7UypuFfy5Q==
age: 36427
X-Firefox-Spdy: h2
im.pblinq.com/upload/1559724654_consumers-connect-presents_white.png
104.21.86.26200 OK 6.1 kB URL GET HTTP/2 im.pblinq.com/upload/1559724654_consumers-connect-presents_white.png
IP 104.21.86.26:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerGoogle Trust Services LLC
Subject*.pblinq.com
Fingerprint73:80:B3:14:32:C9:05:AC:38:37:B3:49:83:67:FB:7F:BA:D9:07:88
ValidityFri, 07 Apr 2023 03:29:56 GMT - Thu, 06 Jul 2023 03:29:55 GMT
File type PNG image data, 600 x 153, 8-bit colormap, non-interlaced\012- data
Hash 724e75a6e4da973450950b8f2cf7052a
daa060f39296ee319a82b66e4590a6898384e23d
e6fa70e11ac1727df042f6242b5ab9e69dad8b060ed44bf3be35fe291058b656
GET /upload/1559724654_consumers-connect-presents_white.png HTTP/1.1
Host: im.pblinq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:08 GMT
content-type: image/png
content-length: 6060
last-modified: Mon, 13 Feb 2023 09:03:23 GMT
etag: "63e9fcdb-17ac"
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WloSkWlnv%2FzgfoCVgceOrUZbroFdsif%2B5I7WShNHF8XkpC%2B%2Fyyl6JAXwqnRhrH7ftUnSPpQ1ucNmHcGPz6hK8oZI0ISHyq06wqYlb73rOZAWErt4Q152jAkLovOmUUHz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0c61a66bdbb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/
54.230.111.19 21 kB URL us-cashisgoodvrtr1.lp.my-leads.biz/
IP 54.230.111.19:0
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 1f2bd6439330d8f51fb3b4a9986fd803
5bfdaeaa388dc331efd232c01bf589fb77998d14
8443c377e85d963123d169b8b8c3a9be418a951855c5cb817aa4afc3afdd5554
GET / HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Thu, 01 Jun 2023 11:42:02 GMT
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DQdlrDVi0jDLYeZGSt82wSnzp4OCwlbUqDR_hizIf04ZzWhXaddQkA==
age: 54425
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/directives/footer.html
54.230.111.19200 OK 392 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/directives/footer.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type HTML document, ASCII text
Size 392 kB (392274 bytes)
Hash 002fa26e37eb735d68e7a40e9a241293
82f3897cc384c0b4b642b0082caf73707f6ab705
858e251745aa486a840abcd75cee65bd95d3b56b4d882c3d301bb81394ee06e6
GET /directives/footer.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Thu, 01 Jun 2023 15:20:55 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-836"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tR7vjbKmu1rNIzZMh_l-mtwRK5_RK8tyJC0qTb8bagDY38JR4tDxjQ==
age: 41293
X-Firefox-Spdy: h2
im.d-promo.com/upload/1614699983_38kswk_(2)_(2)_(10).png
104.21.87.36200 OK 159 kB URL GET HTTP/3 im.d-promo.com/upload/1614699983_38kswk_(2)_(2)_(10).png
IP 104.21.87.36:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerLet's Encrypt
Subjectd-promo.com
Fingerprint0D:2A:CB:0F:D8:FB:B3:C4:60:B4:E7:F2:59:23:15:6C:44:01:05:0C
ValiditySat, 06 May 2023 07:44:34 GMT - Fri, 04 Aug 2023 07:44:33 GMT
File type PNG image data, 659 x 690, 8-bit/color RGBA, non-interlaced\012- data
Size 159 kB (158970 bytes)
Hash a1ef41f6ff492e4f42fe931f8d0d348c
74002939927eed8c35cb6174bc80984d1d3202e8
66226b36d4fb7227537d516372693e52ae8de077c1bc72cbba047282a90bea24
GET /upload/1614699983_38kswk_(2)_(2)_(10).png HTTP/1.1
Host: im.d-promo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 02 Jun 2023 02:49:08 GMT
content-type: image/png
content-length: 158970
last-modified: Tue, 02 Mar 2021 15:46:23 GMT
etag: "603e5dcf-26cfa"
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvVuvjrH6tH9L7fXzPtZdxVx6AhbCZIfm9JCPDYMKO7IAC%2Ba73Zy%2B3NTHepszaRETXCqIH13c%2BJwmY47kz6UL8X5CR1kZBouMbBliCwPMi%2FHBtKyyC%2FSWMrAGGbON%2B3kzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0c61a64c0bb4f1-OSL
alt-svc: h3=":443"; ma=86400
us-cashisgoodvrtr1.lp.my-leads.biz/directives/feedback-form.html
54.230.111.19200 OK 889 B URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/directives/feedback-form.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
Hash 857183a12a1d3f5b169e3061eca586b6
640204f18aab0068464bb7234221b8572722c23b
24051281c43b4638239d604bbdc49165fb45430016dd42d1112ec76a771aeae0
GET /directives/feedback-form.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 889
server: nginx
last-modified: Tue, 16 May 2023 05:55:09 GMT
accept-ranges: bytes
date: Thu, 01 Jun 2023 16:42:00 GMT
etag: "64631abd-379"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EL_Vjucidz-WO6KeLkMjtHM6FlNyAxqrIenl7YtF-fzLJtFiVEcQMg==
age: 36429
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/productdetailer/images/deliver.png
54.230.111.19200 OK 3.7 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/productdetailer/images/deliver.png
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type PNG image data, 480 x 380, 8-bit colormap, non-interlaced\012- data
Hash b4a4b8b337af5ccbccbc7dd3ea38ad58
e329d8204c8f4c09fb72021c031ff1f933701185
43cc909b864265ea763bb9fc89fc789162ce43bb5054998f2c72586442326b55
GET /templates/productdetailer/images/deliver.png HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3691
server: nginx
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
date: Thu, 01 Jun 2023 16:42:01 GMT
etag: "64631abf-e6b"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bgAJq2m8QeL25Sho2CHsNgcPi5hcrVFYUPwAADcHO1VE7bvSPOAmKQ==
age: 36428
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/productdetailer/images/finish-icon.png
54.230.111.19200 OK 1.9 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/productdetailer/images/finish-icon.png
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type PNG image data, 70 x 90, 8-bit colormap, non-interlaced\012- data
Hash bb58463d5620d3338e1dbc86072bef8f
1e08f07c3e58781221007f5e87a88b21023965de
498fe301d99911563563edc1f20bff040a0bbe6977f4cd32d0c358ff3b39ecfd
GET /templates/productdetailer/images/finish-icon.png HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1866
server: nginx
date: Fri, 02 Jun 2023 01:42:41 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
etag: "64631abf-74a"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0criLxOjJSto12x2CWnAmkoV_T3h_3wHmrRCniNqZw3uZ7zkf2dfcg==
age: 3988
X-Firefox-Spdy: h2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856741473120.16979744905982508&invert_field_sensitivity=false
54.230.111.103200 OK 3.4 kB URL GET HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856741473120.16979744905982508&invert_field_sensitivity=false
IP 54.230.111.103:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 90c4cab652d671f26571ebfbfe1801a2
6c0e6bd349690e958dcb8e138d8fcbfe41d5e812
8c764aedf2476fa813d1018c34f95980aa2aa0474b085d35e429484c6a3cae15
GET /bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16856741473120.16979744905982508&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 02 Jun 2023 02:49:09 GMT
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: 3_b23spJZawDo2DonqGySoPkWa3Umuag
etag: W/"88ddf717f635b54023edd7480431e1d1"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QwB6BcBIft2v2klOW3rJqiQ2zthvSjKB9KTjTe36GVapQGJJyjrVxQ==
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/element-left.html
54.230.111.19200 OK 34 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/element-left.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
Hash 4fca64853147bf4f0ff44cc2ff834650
8af8f3f1b1855db4e347c934abdcb58a11160eef
a54489ebdaaecbbfcafcc0a8a5ea1177e6121ee0867edb7fa828aa0c913c3bda
GET /templates/surfeyo_3/element-left.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Thu, 01 Jun 2023 07:53:02 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: W/"64631abf-540"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zUDCzuoRRddoPRz9WKGeDaf5eTj3flCr5YtZC63iWvjjFSjgnqVJdg==
age: 68167
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/images/tick_circ_anim.gif
54.230.111.19200 OK 9.0 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/images/tick_circ_anim.gif
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 200 x 200\012- data
Hash c906b57e8e4cb5247f773b757537b714
d648e987cf9853f888fbc183762246cff1abc0d1
f0cbed8ea368ac5b14d43cb79c277e8360a9ecfc5b4a70151f7bae2a02a50d55
GET /templates/surfeyo_3/images/tick_circ_anim.gif HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 9027
server: nginx
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
date: Thu, 01 Jun 2023 16:42:03 GMT
etag: "64631abf-2343"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0Y6Q3zuTB6oTVcjmwL7ieAe0ptXAdL-OGEnaJk6AAChmz02CUwLsEA==
age: 36426
X-Firefox-Spdy: h2
api.trustedform.com/certs
52.54.175.23201 Created 475 B URL POST HTTP/2 api.trustedform.com/certs
IP 52.54.175.23:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Hash 8f51f7d3e8871bfac6e51dd62cc52cb5
bb2e4f47f1705b3cdbd018edb2879c29b7a88ced
01159608d9e339a516809ed7d0352f690a80ca2a174a4a24bbde51583bd3f85f
POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 593
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 201 Created
date: Fri, 02 Jun 2023 02:49:09 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.39.js
54.230.111.103200 OK 38 kB URL GET HTTP/2 cdn.trustedform.com/trustedform-1.8.39.js
IP 54.230.111.103:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9c2830f2c2e5b9cb27e0e7f151317cbe
7e0b45f1cf0f826b0aaaf792e20bdd77d27c6b3a
fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14
GET /trustedform-1.8.39.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: OadgesbszW_FbzYEqgjtb7SPpT8rHyZy
server: AmazonS3
content-encoding: gzip
date: Fri, 02 Jun 2023 02:49:09 GMT
etag: W/"9c2830f2c2e5b9cb27e0e7f151317cbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E2PQrOQMyoQlJ1Ud2HWWWVSV29X7av3nX4LY4AEjgV7232kB_sQiCw==
X-Firefox-Spdy: h2
api.trustedform.com/certs/ac8ff09c63f666807556a7904106dfdfbc289f95/fingerprints
52.54.175.23204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/ac8ff09c63f666807556a7904106dfdfbc289f95/fingerprints
IP 52.54.175.23:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/ac8ff09c63f666807556a7904106dfdfbc289f95/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 305
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Jun 2023 02:49:09 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_2/images/icon-safe-server-en.png
54.230.111.19200 OK 4.4 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_2/images/icon-safe-server-en.png
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type PNG image data, 100 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash af3d668b49272a483d247a4eb304118a
77103f1f6c5c8bb8bb72dcb46be40baa8f9fbdb1
7aa5cf393eb30425ff7614230bf655bc662664ea401fc5b2a113e0b78c8526d1
GET /templates/surfeyo_2/images/icon-safe-server-en.png HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 4383
server: nginx
date: Thu, 01 Jun 2023 20:23:42 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
etag: "64631abf-111f"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BCJG69cq4poRYzF1qH3XrVIH9GjBdga_d2VVq1kS9dkthhmxEKVzqA==
age: 23129
X-Firefox-Spdy: h2
lpapi.d-promo.com/flowImpression/store/
104.21.87.36200 OK 3.6 kB URL POST HTTP/2 lpapi.d-promo.com/flowImpression/store/
IP 104.21.87.36:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerLet's Encrypt
Subjectd-promo.com
Fingerprint0D:2A:CB:0F:D8:FB:B3:C4:60:B4:E7:F2:59:23:15:6C:44:01:05:0C
ValiditySat, 06 May 2023 07:44:34 GMT - Fri, 04 Aug 2023 07:44:33 GMT
File type ASCII text, with no line terminators
Hash 3f03ec91bcc716a88387064dc67a6931
b23004ec3cc3cb69efc708356edc18ed205321ae
d4f282b960d0717fd64f14d4b1adea023086400a804e7a2db3d59b0cd50d4281
POST /flowImpression/store/ HTTP/1.1
Host: lpapi.d-promo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 186
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 02 Jun 2023 02:49:10 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.28
access-control-allow-headers: Content-Type, X-Requested-With, Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlAxVG%2F59zty2bkdgVuv5QNK2djXLMvUXFMIW%2FLHPGIFVA4yjpcyF6AJx%2BhzySzsCSmxUmzE%2BXXvDwHwjjNrRY%2FhqjApyvgbk1TWnhp0moqyrJyjQIvWapSM4VKu5ADB%2FNkXtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0c61b1890ab4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
104.22.38.182200 OK 41 kB URL GET HTTP/2 create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
IP 104.22.38.182:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerCloudflare, Inc.
Subjectlidstatic.com
FingerprintF7:D5:3C:A9:3E:B6:D5:BF:11:CB:69:9F:0B:34:88:4F:18:79:BC:88
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 62c59d0f3f54c894d3ff6e41fde3c66e
bfa7c918bb8a46682212cdb74eb258b1007d92eb
24d1d4e65e7c1babb3ca8fd5f4bbec04a6e9064e80b12751d56564ab299ecfb4
GET /campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:11 GMT
content-type: text/javascript
x-amz-id-2: BoCVd8ENYu8h5htc8/lzkhm10qTbUWXLUISbs39lIiX6uJ4KhN6mzjAhpNgCoqTQ7fjm22jv6Lw=
x-amz-request-id: 3JGVPN2611X1PZJE
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 01:03:14 GMT
etag: W/"c1b63af7a7b19a763acad8d5c8cd9bbf"
cache-control: max-age=1800
x-amz-version-id: 5yLl2FQWzrJvU7eydGWwVP0icPOiI1rY
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0c61b44a6c2e00-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/css/dataentry.css
54.230.111.19200 OK 136 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/css/dataentry.css
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
Size 136 kB (136129 bytes)
Hash 6e34f0807c12d2265407dfadf8b7ac8c
9d74153ec31b51e15d103183f824550d4d60c69f
64bbdf09b27cf8c455a61d7ff421e22399f7080793f2d352429d82c2af502fe6
GET /templates/surfeyo_3/css/dataentry.css HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Thu, 01 Jun 2023 08:59:46 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
content-encoding: br
etag: W/"64631abf-14eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uEjbnCDxZ-w9tTaBA-PnThl6Y61ZwKaQ1IjDHLQSyqNtzCXGeAQGiQ==
age: 64165
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash e7eafee9cd81c026bdf4e75674e53167
bb9cda08e516c844a9a23a583e84aca44b0bdcac
47ff7af988dbd9a28612f17003deb5600935f82d01c02b1e990ff563d7085ac2
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 02:49:12 GMT
Last-Modified: Fri, 02 Jun 2023 01:11:52 GMT
Server: ECAcc (bsa/EB6C)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kUhITeTX0htz17IALneLP1Ds2xQpSKrE0MTov70kd0wymUQVkWSnNQ==
Age: 5841
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
54.230.245.38200 OK 1.4 kB URL GET HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
IP 54.230.245.38:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f383924b4df21ad2fe7e8882c61bd5ce
465f78b89eaf1a5aaea70d27ddef8bd19b72fee5
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
GET /iframe.html?token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Thu, 01 Jun 2023 11:40:03 GMT
ETag: W/"643ec1f4-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: vBR_ZB9BG0anUMaZIURgUAUIQ6IFYFCzxxR_GEtlhGvb8Xd7Ta4D1A==
Age: 54612
api.trustedform.com/certs/ac8ff09c63f666807556a7904106dfdfbc289f95/events
52.54.175.23204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/ac8ff09c63f666807556a7904106dfdfbc289f95/events
IP 52.54.175.23:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/ac8ff09c63f666807556a7904106dfdfbc289f95/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12410
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Jun 2023 02:49:12 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 63023287e7f9be47395378f24999fefa
4ff568349b8ec1ea5338de951282e4611691a282
72f31241a3dbd2299197adaa3eb23a73702c5d62d57a76d2859b0a64122ac94a
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 02 Jun 2023 02:49:12 GMT
Last-Modified: Fri, 02 Jun 2023 01:16:50 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8wTHuqVtEh9lC-wPgrjU1lBMMfmfd8qMjHX-UOhEX_5U7bNzark7wA==
Age: 5542
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
216.58.207.227200 OK 47 kB URL GET HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 216.58.207.227:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:39:40 GMT
expires: Sun, 26 May 2024 03:39:40 GMT
cache-control: public, max-age=31536000
age: 515373
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/images/select-bg-dark.jpg
54.230.111.19200 OK 1.4 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/images/select-bg-dark.jpg
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 33x60, components 3\012- data
Hash 5fb6eaab8c7ff3a1333407c88eafdddc
ebcd7b445072d6a18d86dec7d6738d3d8829e637
b40999a37bed029d5ab48ffa8665d60306003fedc5e86147f89ead41555d51f7
GET /images/select-bg-dark.jpg HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/css/template.css
Cookie: leadid_token-B45AA041-3C06-BF07-E07C-262147A32593-A62329FC-B047-95CA-1835-43098649FF47=03E84D7B-7AFD-3B36-FA1E-7D91963F176B
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1409
server: nginx
date: Fri, 02 Jun 2023 02:49:13 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: "64631abf-581"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QiZOnQp7y1HhNwzmsoZtO2CzEhBuEU7x7psLgjFc4pYbOy0ojaStfQ==
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/directives/input-field.html
54.230.111.19200 OK 789 B URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/directives/input-field.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type exported SGML document, Unicode text, UTF-8 text, with very long lines (535)
Hash 67e1611d3aa07c5b3383ebb837b5aef9
8053e868c17c3d6a8ca90c877a9dd4e7cd8c32c7
850512d8a9c30f414af5202b1d5fd72c873cea8ca292e711fe0abe29957fe47f
GET /directives/input-field.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Thu, 01 Jun 2023 12:45:18 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-1372"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DFITwo0HE6FP67wiV5gx2bwUGZqTDgY0ez5GdCRWqDZ2OPMSn9mduA==
age: 50633
X-Firefox-Spdy: h2
api.trustedform.com/certs/ac8ff09c63f666807556a7904106dfdfbc289f95/events
52.54.175.23204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/ac8ff09c63f666807556a7904106dfdfbc289f95/events
IP 52.54.175.23:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/ac8ff09c63f666807556a7904106dfdfbc289f95/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 226
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Fri, 02 Jun 2023 02:49:18 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644233
18.209.156.195200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=4&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644233
IP 18.209.156.195:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=4&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644233 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 5560
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:14 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 02-Jul-2023 02:49:14 GMT; Max-Age=2592000; path=/
rguserid=9cb4d85f-ff64-4826-88d1-77c0afe2b6aa; expires=Sun, 02-Jul-2023 02:49:14 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 02-Jul-2023 02:49:14 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 02-Jul-2023 02:49:14 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&_=681644230
18.209.156.195200 OK 36 B URL POST HTTP/2 create.leadid.com/2.11.9/GenerateToken?msn=1&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&_=681644230
IP 18.209.156.195:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash e5fa35b5ff76c4ef8e5dd11da77982e6
08322a2e6bd5076324687ebac8c0c6ccd8d954df
6d860f430d55df0e1e7da373757503e622921a16b8085b6e373b6039bf4bfe63
POST /2.11.9/GenerateToken?msn=1&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&_=681644230 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 182
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:12 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 02-Jul-2023 02:49:12 GMT; Max-Age=2592000; path=/
rguserid=91da5249-fe07-424a-a607-09c2379bfbc4; expires=Sun, 02-Jul-2023 02:49:12 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 02-Jul-2023 02:49:12 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 02-Jul-2023 02:49:12 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/preload-web.html
54.230.111.19200 OK 3.8 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/preload-web.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (4481), with no line terminators
Hash 9db081772b069b266fb37b397c5a5e37
9dae123e0347c8b62dc81a1a71b65bae5d2dd471
94e4b5867c5ad9b3ffbed106a49ab5255b990a6593b9bd7f85ba579ab25869cc
GET /templates/surfeyo_3/preload-web.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Fri, 02 Jun 2023 02:49:08 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
content-encoding: br
etag: W/"64631abf-efb"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SjSAR4QSD-x2KBPtgCFFaAliK9gnL2vjwZP8UnC77OWPiCQDWmFu8A==
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/flowpage-web.html?1685674147832
54.230.111.19200 OK 3.8 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/flowpage-web.html?1685674147832
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type exported SGML document, ASCII text, with very long lines (3939), with no line terminators
Hash dd22495db6a128d6ed3e3b8877ed12b7
abac9b6b913b68d24d22feba31c3ab7e7cc8b30a
46efee9e11d90adda141dc307c6098753fea8982b4aba41920a4ba7fe6b943bb
GET /templates/surfeyo_3/flowpage-web.html?1685674147832 HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Fri, 02 Jun 2023 02:49:08 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: W/"64631abf-ebf"
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MhurFjlfcCjMFTQi-gN30NpdYXQWsYbSl4k5RSF3mz1CsS2IubeqeA==
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/directives/forms/surfeyo.html
54.230.111.19200 OK 13 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/directives/forms/surfeyo.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (400)
Hash f7cff524c92ac427b655a76adfb8db20
ae277194987da7abed1b1530aa6f7a32de9bcec3
cf1bd25605c3efecde113c9162d32a434b7d3e5fb7b3f00d23ff12b95739d560
GET /directives/forms/surfeyo.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Thu, 01 Jun 2023 08:59:46 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: gzip
etag: W/"64631abd-31c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b4_m_AboegeJk4muAaZZZx-C-3HRRicGz0UbH6hk_tfmJTS1Ctjf3A==
age: 64165
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/page-header-web.html
54.230.111.19200 OK 2.6 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/page-header-web.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (2791), with no line terminators
Hash 6b71d466b4b861f8e695f26fccffabd2
b672dc66d41adfc0b2bc5690b13d536ee031708c
7b0c8b57a6feca97a2421c4ee492a1029dd8b283e0c16bbb1b543ada8aa05c14
GET /templates/surfeyo_3/page-header-web.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Thu, 01 Jun 2023 07:53:02 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: W/"64631abf-a40"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SfBB70VqQcmasJ6TYpZIJxSUg-rhGrkWEVP24Oahi9mdTkY7TIO1rQ==
age: 68166
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/css/vendor/pikaday.css
54.230.111.19200 OK 4.4 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/css/vendor/pikaday.css
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (4656), with no line terminators
Hash 1031d9c8c94a50333eb44e21bde123cd
4c742801146785cd4ec8470893dad35929da7f94
98ae571b91c6fbce7c002abf56a67e0e27abe52622506f8e0e43f2b6a3609ef1
GET /css/vendor/pikaday.css HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Thu, 01 Jun 2023 15:20:55 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-1144"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AVD4cBQTqnPmxPO0g4NCOK7QIaGB7pnaVZ99tkMIlRtFoGKuupJHRA==
age: 41293
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/images/loader.gif
54.230.111.19200 OK 33 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/images/loader.gif
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 142 x 142\012- data
Hash 5572838d351b66bf6a3350b6d8d23cb8
0bc2e818c38f1fded1464eacb354d86b491b6d0f
13a08170e75cc7b7e9ceec58486200df29f0345a9e3072b79a3cdb243095e7ee
GET /images/loader.gif HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 32701
server: nginx
last-modified: Tue, 16 May 2023 05:55:10 GMT
accept-ranges: bytes
date: Thu, 01 Jun 2023 16:42:02 GMT
etag: "64631abe-7fbd"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HJ6Tc5Rz2ftcMPSQ2na9VF4Q4qPP1y6eydPzFfKkPqP8vXRRaURPOQ==
age: 36427
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/vod_3/img/icon_password.png
54.230.111.19200 OK 863 B URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/vod_3/img/icon_password.png
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 1257cfa73f8bccbde7aa1d29148192c5
55615db7fc6b289f8ff7eddab876cf65515fc038
c09186f2f15ec5cf081385148f0e6aa5ea225a268f1fd9a48aa1a19c395de09f
GET /templates/vod_3/img/icon_password.png HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 863
server: nginx
date: Thu, 01 Jun 2023 20:23:43 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
etag: "64631abf-35f"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dor1Qh7JITL52tCikKKWimU12W22_iDW1kaALkI5W427bMhAiajl5g==
age: 23128
X-Firefox-Spdy: h2
lpapi.d-promo.com/click/generate/?reqid=2290575655&oid=27966&aid=3319&cid=585949&sid=prl
104.21.87.36200 OK 4 B URL GET HTTP/2 lpapi.d-promo.com/click/generate/?reqid=2290575655&oid=27966&aid=3319&cid=585949&sid=prl
IP 104.21.87.36:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerLet's Encrypt
Subjectd-promo.com
Fingerprint0D:2A:CB:0F:D8:FB:B3:C4:60:B4:E7:F2:59:23:15:6C:44:01:05:0C
ValiditySat, 06 May 2023 07:44:34 GMT - Fri, 04 Aug 2023 07:44:33 GMT
File type ASCII text, with no line terminators
Hash 37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
GET /click/generate/?reqid=2290575655&oid=27966&aid=3319&cid=585949&sid=prl HTTP/1.1
Host: lpapi.d-promo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:08 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.28
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUW7bE9reu87dAKLPD6GQv5sz%2Bxe2IfZZlJRigti83NeFaBYYQ%2FupxFUORYplD44rhXYxIlepR99tQQVLJGMsDxJ%2FjjRSFqg3vz4lWn1%2FfcLGe9bIEbPfcoq80K7HGlZhxURuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0c61a5bd77b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
rdroot.com/p.ashx?o=27966&en=evt01&t=2290575655&r=2290575655
34.251.29.167200 OK 2 B URL GET HTTP/1.1 rdroot.com/p.ashx?o=27966&en=evt01&t=2290575655&r=2290575655
IP 34.251.29.167:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerGlobalSign nv-sa
Subject*.rdroot.com
FingerprintAD:1D:1F:41:3A:CA:B4:92:70:1B:E8:8A:87:2E:EE:EB:D7:24:E1:3A
ValiditySat, 04 Mar 2023 02:04:00 GMT - Thu, 04 Apr 2024 02:03:59 GMT
File type ASCII text, with no line terminators
Hash 227dc251e1411f6b6fffcd1c30486f4d
8c71b835789865c9f242316c7ebbdc25cea35b2d
6a4b804705e725b9f4fd4adf6500180b54cc5ddefed460e48d1be724fed155d6
GET /p.ashx?o=27966&en=evt01&t=2290575655&r=2290575655 HTTP/1.1
Host: rdroot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 2
Content-Type: text/plain; charset=utf-8
Date: Fri, 02 Jun 2023 02:49:01 GMT
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: close
create.leadid.com/2.11.9/Snap?msn=6&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644235
18.209.156.195200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=6&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644235
IP 18.209.156.195:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=6&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644235 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 413650
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:18 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 02-Jul-2023 02:49:18 GMT; Max-Age=2592000; path=/
rguserid=4fb30e49-7314-4c4d-b6df-ea6c94e52136; expires=Sun, 02-Jul-2023 02:49:18 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 02-Jul-2023 02:49:18 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 02-Jul-2023 02:49:18 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/animation-dataentry_start-web.html
54.230.111.19200 OK 1.1 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/animation-dataentry_start-web.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (1148), with no line terminators
Hash 59457abb1f82d0e4f1e54b724ad04476
009555d380c2f2fe2f1ec0e0aa78692d215112b1
7c9bb6d63d926937d2c941084fbb018dd53e6dd4eb06b0fcc1e4f7dbeeb5332b
GET /templates/surfeyo_3/animation-dataentry_start-web.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Fri, 02 Jun 2023 02:49:09 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
content-encoding: br
etag: W/"64631abf-43f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3NYguw6Lz_xLcR4Ug6YeVh-8AdAxpl_O48REcfG98ctvFyqftWS7bQ==
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644232
18.209.156.195200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644232
IP 18.209.156.195:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=3&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644232 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 5234
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:12 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 02-Jul-2023 02:49:12 GMT; Max-Age=2592000; path=/
rguserid=51df7e1d-c013-4bf8-8c15-6d20f0cd4b75; expires=Sun, 02-Jul-2023 02:49:12 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 02-Jul-2023 02:49:12 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 02-Jul-2023 02:49:12 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
104.18.11.207200 OK 37 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 104.18.11.207:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:07 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 31123632
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d0c619fde29b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
api.trustedform.com/certs/ac8ff09c63f666807556a7904106dfdfbc289f95/snapshot
52.54.175.23204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/ac8ff09c63f666807556a7904106dfdfbc289f95/snapshot
IP 52.54.175.23:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/ac8ff09c63f666807556a7904106dfdfbc289f95/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12875
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Fri, 02 Jun 2023 02:49:09 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_2/images/icon-safe-server-%7B%7Bflow.landing_page.settings.language%7D%7D.png
54.230.111.19200 OK 66 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_2/images/icon-safe-server-%7B%7Bflow.landing_page.settings.language%7D%7D.png
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (60880)
Hash ed25470127190180a06e09f3a3d7cc46
e7be81c8e6906821dff6947587f3bb16be3108a4
76d2a2450316d53093ca43d69793d77b6ab2b2ec4da98e63e74cc55c5d439bd7
GET /templates/surfeyo_2/images/icon-safe-server-%7B%7Bflow.landing_page.settings.language%7D%7D.png HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Thu, 01 Jun 2023 08:59:49 GMT
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pRn4Q4Cqrx_ZHLqvl64wz61WXzVA0HK3auYjsxF4NlxuaBw-xWUKpA==
age: 64162
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/js/flowpage.directives.min.js?rel=1684216440025
54.230.111.19200 OK 119 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/js/flowpage.directives.min.js?rel=1684216440025
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
Size 119 kB (119079 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/flowpage.directives.min.js?rel=1684216440025 HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 01 Jun 2023 07:52:59 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
content-encoding: gzip
etag: W/"64631abf-1d127"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RtKs_qvgU3VMKXwKK5FnIRmYHV2NFZmEitCsq7QbfHftJgYbSqdU_A==
age: 68168
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Sans:400,700
142.250.74.74200 OK 2.6 kB URL GET HTTP/2 fonts.googleapis.com/css?family=PT+Sans:400,700
IP 142.250.74.74:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (2670), with no line terminators
Hash e5b75587dcfd67ba93f9a8fa023b39e3
2f3c55aadf91822649739ca51e1e4494cd9fd301
ee6b1a3d767ed3ac9b1f0cabad7bda1dfa9abb8ecb144c9c4f1e40127f60b5a3
GET /css?family=PT+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Jun 2023 02:49:08 GMT
date: Fri, 02 Jun 2023 02:49:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/directives/progress-bar.html
54.230.111.19200 OK 2.5 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/directives/progress-bar.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (2629), with no line terminators
Hash f5436c17352573f208d8043e21612cd3
669d78dcb07dbe9af9ddaaa0c2a9659fe2de787a
522f40cac22419a59a32078b7c016b483cb13a6ad03dc81e36d8fac6c893a786
GET /directives/progress-bar.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Thu, 01 Jun 2023 08:59:39 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-9b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nRC1ZXWaAl2iUDKfkLwFVdqX6yluMabX6za9sqU0Qkc8jWDiYpCP9w==
age: 64170
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/directives/sponsor-modal.html
54.230.111.19200 OK 2.8 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/directives/sponsor-modal.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3252), with no line terminators
Hash b86029f6976cb0aa41095a8803e92893
401a844396c19c34860a44cd55bae0edb12b90c1
10f34118ac82431ab902753d18451a4434f78bb6f6b1312baebc21586cebb4a5
GET /directives/sponsor-modal.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Thu, 01 Jun 2023 08:59:49 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-b1b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C0SaxPRGwuybOSOfMCEDAFjS6Dcbh0uJPs5Qo2nXWkgWo5dXkik__Q==
age: 64162
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/vod_3/img/icon_email.png
54.230.111.19200 OK 1.1 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/vod_3/img/icon_email.png
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 9b189039bc8ab54d7f20e84ed2dae363
8830b77072f57f68adc81eec57a75dd9f64d7483
9034554d05b1baf60532ed325d8b644e8adb1a646e02f75dc779235d34198126
GET /templates/vod_3/img/icon_email.png HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 1068
server: nginx
date: Thu, 01 Jun 2023 20:23:43 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
etag: "64631abf-42c"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CbFuWZ_QjIUBZ41RlWfTnpSZFqGXlOE1u4h-wqQpSzmBbIQfMzQ2jQ==
age: 23128
X-Firefox-Spdy: h2
apidata.info/js
188.114.97.1200 OK 817 B IP 188.114.97.1:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerLet's Encrypt
Subjectapidata.info
FingerprintD0:CD:49:3C:C6:EF:20:C2:AF:EB:14:91:74:90:30:60:54:B3:FF:DA
ValidityWed, 17 May 2023 03:20:00 GMT - Tue, 15 Aug 2023 03:19:59 GMT
File type ASCII text, with very long lines (817), with no line terminators
Hash ac7b01765f758ee3bd0e3cf7e89885ee
7397829110df743a5850c4de19742ccb5992b54e
bd62933057790e8275343d3adf51ab1c82ab8ab1051861e8536c02bef13ef2bf
GET /js HTTP/1.1
Host: apidata.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:07 GMT
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-max-age: 3600
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjAeNEbPXw7dSibAndsGolsK8uahfDTEldvju7DKEM79ZSWbxFvmAnM09gJm7qunM7d8T3GTHYj3S4s%2BeXPfWASa7EfPvMHVtbazAAimbhA2kbCOz35ZsmhHKRhVlxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cflb=02DiuGQ4mUqJj6izyopp8yhqksk2KbwnuDoLqq2zPUFaU; SameSite=Lax; path=/; expires=Sat, 03-Jun-23 01:49:07 GMT; HttpOnly
server: cloudflare
cf-ray: 7d0c61a02954b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
lpapi.d-promo.com/survey/getSurveyData/32_questions.json/
104.21.87.36200 OK 598 kB URL GET HTTP/3 lpapi.d-promo.com/survey/getSurveyData/32_questions.json/
IP 104.21.87.36:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerLet's Encrypt
Subjectd-promo.com
Fingerprint0D:2A:CB:0F:D8:FB:B3:C4:60:B4:E7:F2:59:23:15:6C:44:01:05:0C
ValiditySat, 06 May 2023 07:44:34 GMT - Fri, 04 Aug 2023 07:44:33 GMT
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size 598 kB (597503 bytes)
Hash d0bd54eeefb361f75d163de884b51f6b
89cfbd7fbb9b4805fb09a35ce604feb390cd994e
d5e66f46a49e823b7f4d702713cc396ff19b4f96b60fcbd222513b3a3c2ef589
GET /survey/getSurveyData/32_questions.json/ HTTP/1.1
Host: lpapi.d-promo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 02:49:11 GMT
content-type: application/javascript
x-powered-by: PHP/7.4.28
access-control-allow-origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jClxnfZOmfOLRpAovAedTqXNsiaegNAtGAeH84v5KiOsRHv4UoZwFUQiePvTmB9gboR45FJWwZa%2BAxvk1wReBPNo9WGq4h8wapUPEVdSSgLDM8hrqfzJRerJo8FmCpl04zqcBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d0c61b4fae0b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
us-cashisgoodvrtr1.lp.my-leads.biz/directives/advertiser-modal.html
54.230.111.19200 OK 896 B URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/directives/advertiser-modal.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (973), with no line terminators
Hash 63ac56cd6b4a15cb29b7627a2173b289
6fc4c34a83800181d5472bd38fe231c8200e0bce
d10a12907b0edc597877851827b331ff0f11c396bb711be578c3bc66a89991b1
GET /directives/advertiser-modal.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 896
server: nginx
date: Thu, 01 Jun 2023 20:15:06 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
accept-ranges: bytes
etag: "64631abd-380"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d1C6Zl-ZeNgqBvFaK9qZltDlDY77ExMqgMfsyvFrmZDNkClavfObeQ==
age: 23645
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/directives/pixels.html
54.230.111.19200 OK 361 B URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/directives/pixels.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (387), with no line terminators
Hash 927594ca8f885e3b8245c4f270455b06
eaf5e90374e311f64face7ba6643c29913f581eb
ae315b9b164e28a862d8fd249a65aaa43d88218f841b2955c5524b481bcb53f9
GET /directives/pixels.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 361
server: nginx
date: Thu, 01 Jun 2023 20:15:03 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
accept-ranges: bytes
etag: "64631abd-169"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VF1sRrhpdhn7ciDVovuwmvoA12qTMO97hcdXEuK89pa8c8D-upjrZw==
age: 23645
X-Firefox-Spdy: h2
im.d-promo.com/upload/1614342841_beach.jpg
104.21.87.36200 OK 392 kB URL GET HTTP/3 im.d-promo.com/upload/1614342841_beach.jpg
IP 104.21.87.36:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerLet's Encrypt
Subjectd-promo.com
Fingerprint0D:2A:CB:0F:D8:FB:B3:C4:60:B4:E7:F2:59:23:15:6C:44:01:05:0C
ValiditySat, 06 May 2023 07:44:34 GMT - Fri, 04 Aug 2023 07:44:33 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1528x817, components 3\012- data
Size 392 kB (391708 bytes)
Hash 0cefce610d8aa2edbe2d50e5bc306a37
1d2cb32dd53a1b64e0b4e1813b0f7d4fd960db46
7724233926ffc05179fd0bba11182df35bf37b2ec54ceeeeb06f0c84162f60c0
GET /upload/1614342841_beach.jpg HTTP/1.1
Host: im.d-promo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 02 Jun 2023 02:49:08 GMT
content-type: image/jpeg
content-length: 391708
last-modified: Fri, 26 Feb 2021 12:34:01 GMT
etag: "6038eab9-5fa1c"
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SZ1A10hWuY8IOFRbmxUtDOUZD2EfD7met4JUsf0cpJCIla%2BFoSOmYUpWqMBQJ3%2BSUwrK6IrWfHZsooafdsDfajJ5PLS1FIVZIx2RzJSk8v9CkIQhaNj%2FkM%2Bkzly%2FGog8pg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d0c61a69c29b4f1-OSL
alt-svc: h3=":443"; ma=86400
us-cashisgoodvrtr1.lp.my-leads.biz/js/flowpage.min.js?rel=1684216440025
54.230.111.19200 OK 397 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/js/flowpage.min.js?rel=1684216440025
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
Size 397 kB (397447 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/flowpage.min.js?rel=1684216440025 HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 01 Jun 2023 13:15:08 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
content-encoding: gzip
etag: W/"64631abf-61087"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h0ZHkOKtllA6tnhayflt0QwbFF2lATPwA0_zIchCPXquqqOjtke33g==
age: 48839
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/css/animations.css
54.230.111.19200 OK 5.7 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/css/animations.css
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (6007), with no line terminators
Hash 436430f57eaad08bcd5da9ff6450b406
f6b2490cad1ebb8a163531dafd6e35ead4e0bda9
29aecd853b5fb695df8b90730412536de79899e9537e64cf0234f72e72c62a5b
GET /css/animations.css HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Thu, 01 Jun 2023 04:12:11 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-1642"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6ndmm_icMrCRaDHcyYQ3MTWzSW_v4dwOIGzuJ7XSDliPZ65AR-oFqg==
age: 81417
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_2/css/animate.css
54.230.111.19200 OK 75 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_2/css/animate.css
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
Hash ebe2c5ebc2fac0dc0a24e41fdda6d5b8
7da16d98354375d82adc7a7bff424346faf662f3
95da3176e728e04616d92fe5f50f7ace2a0e52e4f012dba748a32f7745bcbc54
GET /templates/surfeyo_2/css/animate.css HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Thu, 01 Jun 2023 12:27:25 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
content-encoding: gzip
etag: W/"64631abf-1252b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PWjPSd6PZJfrF_WfIMRc7zvoV7EnkXhL4FhJTR02eG_LKZdR7QjxzQ==
age: 51703
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/directives/forms/date-selector.html
54.230.111.19200 OK 7.3 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/directives/forms/date-selector.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (8039), with no line terminators
Hash 6778f802eee78ee352e64e08c8c1cbdf
855cb6f92b4751fd85a6f47e33256cd475021732
c801fec6f9c7c458e38e1557d789c6daf46aafb02ec0e07f585d84296c667376
GET /directives/forms/date-selector.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Thu, 01 Jun 2023 12:45:18 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-1cb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZbqGZZt1VK44zW97CNBPy6tF0hT29_dnyvp0CE9uOpVe0nTyOufnUA==
age: 50633
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644231
18.209.156.195200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/SaveDom?msn=2&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644231
IP 18.209.156.195:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/SaveDom?msn=2&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644231 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 496
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:12 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 02-Jul-2023 02:49:12 GMT; Max-Age=2592000; path=/
rguserid=c5cbc7ec-9b4d-40d4-9d79-b7911cb21d14; expires=Sun, 02-Jul-2023 02:49:12 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 02-Jul-2023 02:49:12 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 02-Jul-2023 02:49:12 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=5&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644234
18.209.156.195200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=5&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644234
IP 18.209.156.195:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=5&pid=a67612d1-d516-4f61-92b5-90e1ce81cee7&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&_=681644234 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 278921
Origin: https://us-cashisgoodvrtr1.lp.my-leads.biz
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:18 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 02-Jul-2023 02:49:18 GMT; Max-Age=2592000; path=/
rguserid=b8b9fe72-f03b-42be-ac7d-f363e57cc114; expires=Sun, 02-Jul-2023 02:49:18 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 02-Jul-2023 02:49:18 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 02-Jul-2023 02:49:18 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/info-footer.html
54.230.111.19200 OK 443 B URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/info-footer.html
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (500), with no line terminators
Hash fb6e8b874d4163179059172389250849
c2d496b5048f0c50da8e9f56eed947b2a3ee1a87
fd93c45d35469c5645bea8339218061cd8f6bf4c26d4a210a20b5ad493fea02e
GET /templates/surfeyo_3/info-footer.html HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 443
server: nginx
date: Thu, 01 Jun 2023 07:53:02 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: "64631abf-1bb"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -gw18_t07AFnA_fTxuf1sPAl0IOnZhXvU9tAOVBrSWAz9Eb7YcwrEw==
age: 68167
X-Firefox-Spdy: h2
deviceid.trueleadid.com/iframe.html?token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
52.3.16.193200 OK 4.2 kB URL GET HTTP/2 deviceid.trueleadid.com/iframe.html?token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
IP 52.3.16.193:443
Requested by https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
Certificate IssuerAmazon
Subjectdeviceid.trueleadid.com
FingerprintD8:8B:86:53:4A:F3:E9:53:1D:C4:CD:CB:91:CD:50:50:B0:84:BA:DB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4323), with no line terminators
Hash 27a57862137bf0b580930f288703c507
20114057bbb1f8a2ca6f1b6a2d81fe7f2b75c64a
b0019d4447d91be93f68b8fb233b8fcccc542e3dffc16d4dc9c9f71bc9704550
GET /iframe.html?token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:12 GMT
content-type: text/html
server: nginx
last-modified: Tue, 23 May 2023 16:17:22 GMT
etag: W/"646ce712-1049"
expires: Sat, 03 Jun 2023 02:49:12 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/css/template.css
54.230.111.19200 OK 21 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/css/template.css
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
Hash 57858c81505fe9a4302c989bc76dd90e
392db00f15a41e841c906245626074627236f60f
7d3d2973796cb37efef46595d2323374699f79fd23b6a69de94bf83e0040e4d2
GET /templates/surfeyo_3/css/template.css HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Thu, 01 Jun 2023 08:59:38 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
content-encoding: gzip
etag: W/"64631abf-519d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qHtZQisBLkiwaYL6GlBe11pivgQxtYG7QdfPh4g9-uq4gQcoRUPpBw==
age: 64170
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/%7B%7Bcms.image_3%7D%7D
54.230.111.19200 OK 66 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/%7B%7Bcms.image_3%7D%7D
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (60880)
Hash 81b02689f54d88cb56c6f8c57b27118d
e63067eeb38f5b9a7237262095374330a4bc4cc8
40e065019e52bae141a00ff2fdc74da2df1644bcd61930bb35637ccab7a1bb52
GET /%7B%7Bcms.image_3%7D%7D HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Thu, 01 Jun 2023 07:53:02 GMT
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3684tx5ma9BpOZ3sbzw1MJR6aYIx_N9EBID9tFUZ0KZH6s81j5nmWw==
age: 68166
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/
54.230.111.19200 OK 66 kB URL User Request GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/
IP 54.230.111.19:443
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (60880)
Hash 7e0bc7a0e45f9483067e8249d058020c
c50fb91c5590e6fe5743d745b6c39eeae4cc3db1
8fba0eb99c23628dd5ad751c13f405c9527693227323c539113bea692a8346d3
GET / HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Thu, 01 Jun 2023 11:42:02 GMT
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DQdlrDVi0jDLYeZGSt82wSnzp4OCwlbUqDR_hizIf04ZzWhXaddQkA==
age: 54425
X-Firefox-Spdy: h2
us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/dataentry-web.html?1685674150223
54.230.111.19200 OK 1.3 kB URL GET HTTP/2 us-cashisgoodvrtr1.lp.my-leads.biz/templates/surfeyo_3/dataentry-web.html?1685674150223
IP 54.230.111.19:443
Requested by https://us-cashisgoodvrtr1.lp.my-leads.biz/#/?reqid=2290575655&oid=27966&a=3319&cid=585949&s1=prl
Certificate IssuerAmazon
Subject*.lp.brk-leads.com
FingerprintA6:8D:57:4E:40:BE:C8:2E:50:25:C2:6E:8A:D0:C8:A9:B7:9A:DA:29
ValidityWed, 08 Mar 2023 00:00:00 GMT - Fri, 05 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (1526), with no line terminators
Hash 8bc2010306a3b721f6520dcff707de53
534d6ece1493c35fb8febb3724e326fa4b2a4adb
cd106a25cd132a79cc15cefc4769de0cdba90094d98398b4cd3e39cf9473651c
GET /templates/surfeyo_3/dataentry-web.html?1685674150223 HTTP/1.1
Host: us-cashisgoodvrtr1.lp.my-leads.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodvrtr1.lp.my-leads.biz/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Fri, 02 Jun 2023 02:49:10 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: W/"64631abf-52c"
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EKgutuk0tIcG6osENiFzGA--3lZECjhD7ZWiLaE92teBz6KFOTU5TA==
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDeviceId.js?lac=B45AA041-3C06-BF07-E07C-262147A32593&lck=A62329FC-B047-95CA-1835-43098649FF47&methods=48&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&uuid=6626e24dbb1149ae9cc27b1e9f918251
18.209.156.195200 OK 0 B URL GET HTTP/2 create.leadid.com/2.11.9/SaveDeviceId.js?lac=B45AA041-3C06-BF07-E07C-262147A32593&lck=A62329FC-B047-95CA-1835-43098649FF47&methods=48&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&uuid=6626e24dbb1149ae9cc27b1e9f918251
IP 18.209.156.195:443
Requested by https://deviceid.trueleadid.com/iframe.html?token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2.11.9/SaveDeviceId.js?lac=B45AA041-3C06-BF07-E07C-262147A32593&lck=A62329FC-B047-95CA-1835-43098649FF47&methods=48&token=03E84D7B-7AFD-3B36-FA1E-7D91963F176B&uuid=6626e24dbb1149ae9cc27b1e9f918251 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 02 Jun 2023 02:49:13 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Sun, 02-Jul-2023 02:49:13 GMT; Max-Age=2592000; path=/
rguserid=f0737797-8c70-4235-9483-bbdeb3bf1808; expires=Sun, 02-Jul-2023 02:49:13 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Sun, 02-Jul-2023 02:49:13 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Sun, 02-Jul-2023 02:49:13 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2