ocsp.globalsign.com/alphasslcasha256g4
104.18.20.226 1.4 kB URL ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.20.226:0
Hash bb6a96662f408b4e15e275cb29a5daba
4244f81385eb59fb4bc74ab8b0919a176bb4f342
b6a87f4d21f259a807b70e32db471abacfe34a358818fa0eaa78a9ab8de789de
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 27 May 2023 07:50:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Wed, 31 May 2023 07:50:51 GMT
ETag: "4244f81385eb59fb4bc74ab8b0919a176bb4f342"
Last-Modified: Sat, 27 May 2023 07:50:52 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cdcab5f1a590b41-OSL
noscrublinks.com/?a=3146&oc=37644&c=71081&m=7&s1=4&s2=5ef95781dd3f4eeb9208cb158a82ecc4
34.251.29.167302 Found 274 B URL User Request GET HTTP/1.1 noscrublinks.com/?a=3146&oc=37644&c=71081&m=7&s1=4&s2=5ef95781dd3f4eeb9208cb158a82ecc4
IP 34.251.29.167:443
Certificate IssuerGlobalSign nv-sa
Subject*.noscrublinks.com
Fingerprint93:00:32:C9:F5:7C:AE:47:9E:E9:01:33:AF:D2:06:74:46:38:15:46
ValiditySat, 11 Feb 2023 04:19:01 GMT - Thu, 14 Mar 2024 04:19:00 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 9f93ba4d9caa4d804040d97af16f8e06
590a48158fce7da94a964112d21360bc0d3b988f
5b850516b7d870d19bd7d48e40e4d94ac895219aa5a10dbb34b85f113b2b3be3
Analyzer Verdict Alert quad9 Sinkholed
GET /?a=3146&oc=37644&c=71081&m=7&s1=4&s2=5ef95781dd3f4eeb9208cb158a82ecc4 HTTP/1.1
Host: noscrublinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 274
Content-Type: text/html; charset=utf-8
Date: Sat, 27 May 2023 07:50:52 GMT
Location: https://rdroot.com/?a=3146&oc=37644&c=71081&m=7&s1=4&s2=5ef95781dd3f4eeb9208cb158a82ecc4&ckmguid=bbdd179d-a8e1-496c-b0d4-85bf9c3f6a2d
Connection: close
ocsp.globalsign.com/alphasslcasha256g4
104.18.20.226 1.4 kB URL ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.20.226:0
Hash 68c257f5049071fec96dbd2b89beca9d
ffc3c7b4f55aca275e91aba625986cc44e67a300
4ee38a108e606ebbf7d8bf253c9595f6eec75e376ff9de2aa468064e20d65360
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 27 May 2023 07:50:52 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Wed, 31 May 2023 06:26:05 GMT
ETag: "ffc3c7b4f55aca275e91aba625986cc44e67a300"
Last-Modified: Sat, 27 May 2023 06:26:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cdcab62fd480b41-OSL
rdroot.com/?a=3146&oc=37644&c=71081&m=7&s1=4&s2=5ef95781dd3f4eeb9208cb158a82ecc4&ckmguid=bbdd179d-a8e1-496c-b0d4-85bf9c3f6a2d
34.251.29.167302 Found 226 B URL User Request GET HTTP/1.1 rdroot.com/?a=3146&oc=37644&c=71081&m=7&s1=4&s2=5ef95781dd3f4eeb9208cb158a82ecc4&ckmguid=bbdd179d-a8e1-496c-b0d4-85bf9c3f6a2d
IP 34.251.29.167:443
Certificate IssuerGlobalSign nv-sa
Subject*.rdroot.com
FingerprintAD:1D:1F:41:3A:CA:B4:92:70:1B:E8:8A:87:2E:EE:EB:D7:24:E1:3A
ValiditySat, 04 Mar 2023 02:04:00 GMT - Thu, 04 Apr 2024 02:03:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 1c89796fc613c17ea2e3e061ff3219da
3ccf97d51104028db41e53d6c9740c0e29e5e170
e5ea2bc20cb0cf331f19b91d4848aa56e790fbdf2e55eb667ec9e821ba65576c
GET /?a=3146&oc=37644&c=71081&m=7&s1=4&s2=5ef95781dd3f4eeb9208cb158a82ecc4&ckmguid=bbdd179d-a8e1-496c-b0d4-85bf9c3f6a2d HTTP/1.1
Host: rdroot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 226
Content-Type: text/html; charset=utf-8
Date: Sat, 27 May 2023 07:50:52 GMT
Location: https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=uIpriCVAM/a/rJVN4yZwChUDQAYMQjWrVd7NC+7dSP4Owh2q4jf/WQ==; domain=.rdroot.com; path=/; SameSite=None; secure; HttpOnly
trk=je/FTtoECUH8rZOOwNii6RUDQAYMQjWrVd7NC+7dSP4Owh2q4jf/WQ==; domain=.rdroot.com; expires=Tue, 27-May-2025 07:50:52 GMT; path=/; SameSite=None; secure; HttpOnly
c31530=uIpriCVAM/ZZKp3uOEI9zRR3OhJwe+ZW3NxRN+/6Bz7DFNb3FgM3zA==; domain=.rdroot.com; expires=Mon, 29-May-2023 07:50:52 GMT; path=/; SameSite=None; secure; HttpOnly
Connection: close
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 9fbd719629cc8ae556c3b023c79d3427
74945098c539bb6cede64ff574a9ce686f4de697
c994c314f6240b1326800a5bdd11caf40a1aad72d17c7ef30a383bbc8d035df7
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 27 May 2023 07:50:53 GMT
Etag: "6470d4e0-1d7"
Expires: Sat, 27 May 2023 09:50:53 GMT
Last-Modified: Fri, 26 May 2023 15:48:48 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mu2jxwVMV1Mf1kUj-dw5L86GifOT4iRc9ZmUc1GfmwTTxOQDdLmy1Q==
cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-sanitize.min.js
104.17.25.14200 OK 2.7 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/angular.js/1.5.8/angular-sanitize.min.js
IP 104.17.25.14:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (1253)
Hash 1ed87cdd5af63f804fb0889392dd3917
a2cf7a550d45293d04e79128e920b5452266da8a
a1f4330a19f15a7da83142f5b49786c47e1669bac57076e021e714814a53238f
GET /ajax/libs/angular.js/1.5.8/angular-sanitize.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 2728
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d27-16e5"
last-modified: Mon, 04 May 2020 16:04:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1479524
expires: Thu, 16 May 2024 07:50:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfzJUbshJ16gJq%2BFaGcvsFA71s%2BZnXpOFvqlAYkGrY8qMVLYtVZGyj7hYQhRlcaSydsvsZKkXJiw4G0GSmTMZUd1TBqy3Q81ie%2BDeGmoIKKQjOdPOqYR9HCQSLnyTMYtd4sexIyg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7cdcab6969beb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
104.17.25.14200 OK 4.2 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP 104.17.25.14:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (65348)
Hash c0be8e53226ac34833fd9b5dbc01ebc5
b81ef1b22de26af8a7a4656f565fbc91a69d7518
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:53 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1330112
expires: Thu, 16 May 2024 07:50:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IM2Iy68X4q9WeyiB9qJOqiZOCz8Fi6wFpD9MjgYtM%2Bgq8z1iHwjt4BVRF%2Fd9LqXs6qoUSBaW35YbHJNuW%2Ft2rLElH61dgpSn8EAYv94t9ePiSSzIjinBiqPbfIDLSqqJXrTwutQq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7cdcab6989f5b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js
104.17.25.14200 OK 17 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js
IP 104.17.25.14:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (58823)
Hash 5c158b940513c7dc2ebd901455e9b63d
f992a08c86f88b10abd35fae20d468ec52c824e6
73de4254959530e4d1d9bec586379184f96b4953dacf9cd5e5e2bdd7bfeceef7
GET /ajax/libs/moment.js/2.29.1/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 16919
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f7c5ca4-e5ee"
last-modified: Tue, 06 Oct 2020 12:01:40 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3820160
expires: Thu, 16 May 2024 07:50:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziP1ieIcEkP0B3j6cuxbgxOtSHI%2FN2vHSQraRGuTBv6jKhwlej2tV6iD2ZaZYyKhd%2FW4U8Yo31t4SKs6cHmgDMs9Y1IlpTe24SIn6SC39jvUpUaQqgP6ERCkoGgIsb1vLIHSaZjQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7cdcab698e2fb500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js
104.17.25.14200 OK 5.0 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js
IP 104.17.25.14:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type ASCII text, with very long lines (17117)
Hash 9dc30a5f28951b5f0623ac993885a2af
5c031b6959fef792df316f42575262425a1f2bfb
fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84
GET /ajax/libs/postscribe/2.0.6/postscribe.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 4996
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03faa-43d5"
last-modified: Mon, 04 May 2020 16:15:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2555015
expires: Thu, 16 May 2024 07:50:53 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOupmrX5zeLbu0uz%2BFMHwC5pxQZvCk%2FXIM08MasDLlloIrzfDzIItWBIxVJsOFp6CvgXF4kOUk9bbA5d%2BRmgg%2FZWqTMw76LVe17N3Y0uXGNPyiz%2Fo1gVVARXoXH2sNNK9LDiabCG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7cdcab698a05b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 8fdba15b1e036bbb416fbd6c272e5543
20193b9d3ced059164358e60bad68a0ea1bc87b9
1d3d0b81779aae77441b81abe782f4a37a1b88fd2863360de0865784279a7438
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 07:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 8fdba15b1e036bbb416fbd6c272e5543
20193b9d3ced059164358e60bad68a0ea1bc87b9
1d3d0b81779aae77441b81abe782f4a37a1b88fd2863360de0865784279a7438
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 07:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
142.250.74.42200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
IP 142.250.74.42:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (32014)
Hash 05e51b1db558320f1939f9789ccf5c8f
c72c1735b4d903d90dd51225ebefb8c74ebbc51f
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
GET /ajax/libs/jquery/3.1.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:31:32 GMT
expires: Sun, 26 May 2024 03:31:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 15561
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
142.250.74.42200 OK 57 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/angularjs/1.5.8/angular.min.js
IP 142.250.74.42:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (639)
Hash c8ddded85c81cfcd8dd4e54b71724d85
78069f9f3a9ca9652cb04c13ccb0670d747666b8
e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870
GET /ajax/libs/angularjs/1.5.8/angular.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 56572
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 02:47:21 GMT
expires: Fri, 24 May 2024 02:47:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 191012
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 1096a98738251f8b5b06b2655f6e8175
6458007edbd25418e5305b8aef006888c2859ee6
ba6237c5878e9081e7ce828ef3cf227b62c6745166d28c06f3dca481644cc136
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sat, 27 May 2023 07:50:53 GMT
Last-Modified: Sat, 27 May 2023 07:14:04 GMT
Server: ECAcc (nya/7919)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Jz04DBi2Ftnn50T_aq9qzqduvsoFIlUGy5Td6ti9TPkPY2KAWVhH8A==
Age: 2209
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 8fdba15b1e036bbb416fbd6c272e5543
20193b9d3ced059164358e60bad68a0ea1bc87b9
1d3d0b81779aae77441b81abe782f4a37a1b88fd2863360de0865784279a7438
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 07:50:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16851738532720.7838409280862151&invert_field_sensitivity=false
52.4.12.52301 Moved Permanently 134 B URL GET HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16851738532720.7838409280862151&invert_field_sensitivity=false
IP 52.4.12.52:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16851738532720.7838409280862151&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Sat, 27 May 2023 07:50:54 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16851738532720.7838409280862151&invert_field_sensitivity=false
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/js/flowpage.directives.min.js?rel=1684216440025
54.230.111.95200 OK 38 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/js/flowpage.directives.min.js?rel=1684216440025
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 9d571a457a4ba9deedffd1ba8c2c1a08
4633541c3f18e57aa43528db9d3bd461fac4de4b
4662952d2225b2df44ee7716737afe109c7c5bcf6a674dc4a0f7113c20a1123d
GET /js/flowpage.directives.min.js?rel=1684216440025 HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 26 May 2023 09:31:01 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: W/"64631abf-1d127"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3L8wxK4xG3DnR5Bb4JqPwrHea0DsQ0SQRP8VqtglrhdB1xCWIOkWfA==
age: 80392
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
104.18.11.207200 OK 11 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 104.18.11.207:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (32033)
Hash 5869c96cc8f19086aee625d670d741f9
430a443d74830fe9be26efca431f448c1b3740f9
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:53 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 30623338
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cdcab698def0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
push-sdk.net/f/sdk.js?z=764812
157.90.33.122200 OK 14 kB URL GET HTTP/2 push-sdk.net/f/sdk.js?z=764812
IP 157.90.33.122:443
ASN #24940 Hetzner Online GmbH
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerLet's Encrypt
Subjectpush-sdk.net
Fingerprint25:B7:F4:A9:C9:47:74:9A:CC:9C:F6:F8:42:C5:E0:5D:4E:6C:A5:CB
ValiditySun, 23 Apr 2023 03:31:24 GMT - Sat, 22 Jul 2023 03:31:23 GMT
File type Unicode text, UTF-8 text, with very long lines (52262), with no line terminators
Hash c64d93adc4283d4922767d9f1c6fc100
ffc856447841ee694a3c9d30eff93cec3c33c238
649cda8f506e4e72ce855cca025cbd8180c5d6be705f1363bdbd789e5fff48aa
GET /f/sdk.js?z=764812 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 07:50:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 14465
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash d4e2d954927aa1532ece1f3aad871a48
64080e5552252600638702178c90cd946984d117
7dc0934c025e5057e7011bc9b1d43c7dad69fd03c2398f15baab0385a96b230d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 07:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
216.58.207.227200 OK 45 kB URL GET HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 216.58.207.227:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:26:20 GMT
expires: Sun, 26 May 2024 03:26:20 GMT
cache-control: public, max-age=31536000
age: 15874
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
push-sdk.net/event?z=764812
157.90.33.122200 OK 0 B URL POST HTTP/2 push-sdk.net/event?z=764812
IP 157.90.33.122:443
ASN #24940 Hetzner Online GmbH
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerLet's Encrypt
Subjectpush-sdk.net
Fingerprint25:B7:F4:A9:C9:47:74:9A:CC:9C:F6:F8:42:C5:E0:5D:4E:6C:A5:CB
ValiditySun, 23 Apr 2023 03:31:24 GMT - Sat, 22 Jul 2023 03:31:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event?z=764812 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 79
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 07:50:54 GMT
content-length: 0
access-control-allow-origin: https://us-cashisgoodkvg.lp.kgaleads.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash d4e2d954927aa1532ece1f3aad871a48
64080e5552252600638702178c90cd946984d117
7dc0934c025e5057e7011bc9b1d43c7dad69fd03c2398f15baab0385a96b230d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 07:50:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
us-cashisgoodkvg.lp.kgaleads.com/favicon.ico
54.230.111.95204 No Content 0 B URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/favicon.ico
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 26 May 2023 15:57:02 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hCR4QyOWR7KFAwl8JkKTiDvRZcus8dbKIeCE0BAE-ptVU4hpTGtI3g==
age: 57232
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/config.json
54.230.111.95200 OK 12 B URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/config.json
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 90040e8e63a0c0c1ee1178c7958e8568
e96c1454ae27ca16e0d1256f514a9636f1973982
602e35a92eec4bc0a2ec6ae113f07bfc6933322fb69fe8dee416e5a67217e2a2
GET /templates/surfeyo_3/config.json HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 12
server: nginx
date: Fri, 26 May 2023 09:10:36 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
etag: "64631abf-c"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iDDS24KR_7xbAX028VhvoHyvG2dH4IDzDkCYByAXxkxJghq9TrSfOQ==
age: 81618
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/directives/pixels.html
54.230.111.95200 OK 361 B URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/directives/pixels.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
Hash 99f422b62966bd0844f290f24d617d26
d213757eb39e8eefe96a521489eeeb6349b2c3d2
6cde2e24bb939b1286c77147eed40cc96f48e208bb127f5949975f48380ce43d
GET /directives/pixels.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 361
server: nginx
date: Fri, 26 May 2023 09:10:36 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
accept-ranges: bytes
etag: "64631abd-169"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -5MsttJMliZd-g69Dq6_zanIaEaVcfCV0NEU-BHZu9cXbNK34oIiWw==
age: 81618
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/images/finish.png
54.230.111.95200 OK 3.9 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/images/finish.png
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type PNG image data, 100 x 76, 8-bit colormap, non-interlaced\012- data
Hash dd4312bce75a6d4c431807a2bee2f776
69ffcf91cc6541bfb848b73811d4f7bf3e673cd0
03131a93edbcb765f16649b35917c6d321751aae235ee789b2599fcb31b1cda6
GET /templates/surfeyo_3/images/finish.png HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3860
server: nginx
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
date: Fri, 26 May 2023 09:31:05 GMT
etag: "64631abf-f14"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Tpes5vvPv-zclbm5TT6gxR_yKiZ9ALu2dGbqkOsl0mKh4Kyvd5FGMw==
age: 80389
X-Firefox-Spdy: h2
ocsp.globalsign.com/alphasslcasha256g4
104.18.20.226 1.4 kB URL ocsp.globalsign.com/alphasslcasha256g4
IP 104.18.20.226:0
Hash 68c257f5049071fec96dbd2b89beca9d
ffc3c7b4f55aca275e91aba625986cc44e67a300
4ee38a108e606ebbf7d8bf253c9595f6eec75e376ff9de2aa468064e20d65360
POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 27 May 2023 07:50:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Wed, 31 May 2023 06:26:05 GMT
ETag: "ffc3c7b4f55aca275e91aba625986cc44e67a300"
Last-Modified: Sat, 27 May 2023 06:26:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7cdcab6fcf5d0b41-OSL
im.d-promo.com/upload/1678473872_cashapperwann.png
188.114.96.1200 OK 103 kB URL GET HTTP/2 im.d-promo.com/upload/1678473872_cashapperwann.png
IP 188.114.96.1:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerLet's Encrypt
Subjectd-promo.com
Fingerprint0D:2A:CB:0F:D8:FB:B3:C4:60:B4:E7:F2:59:23:15:6C:44:01:05:0C
ValiditySat, 06 May 2023 07:44:34 GMT - Fri, 04 Aug 2023 07:44:33 GMT
File type PNG image data, 533 x 633, 8-bit/color RGBA, non-interlaced\012- data
Size 103 kB (103239 bytes)
Hash 408e49ba8b32cc78246795eb3bacf691
95ea1dbb5a9678cb4dea226a4f2fdf485aed9dab
6ca730b723cc1ea439d8b95f447546e3a758e3764677b1727675b6248ba58027
GET /upload/1678473872_cashapperwann.png HTTP/1.1
Host: im.d-promo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:54 GMT
content-type: image/png
content-length: 103239
last-modified: Fri, 10 Mar 2023 18:44:32 GMT
etag: "640b7a90-19347"
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhgcNBjdBQ7v9FIPQmO3Pst%2Bc0Q1bgpacYnw4bFhQcuHXNISe1UM0BT1yghAtkuFszHp8VTgxsH88SJrpzX2Xk44FDZS903P%2FZ4aZLfL7MZrar0trZxGdv%2BFS%2B81WF1Sig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdcab6f683c0b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/directives/footer.html
54.230.111.95200 OK 610 B URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/directives/footer.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type HTML document, ASCII text
Hash 002fa26e37eb735d68e7a40e9a241293
82f3897cc384c0b4b642b0082caf73707f6ab705
858e251745aa486a840abcd75cee65bd95d3b56b4d882c3d301bb81394ee06e6
GET /directives/footer.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Fri, 26 May 2023 19:09:35 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-836"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ss5atTZeWy7ZgUm6TZwTm41uA_jASmGlEdwmMiI1dBGtnrbiuN_24g==
age: 45679
X-Firefox-Spdy: h2
api.trustedform.com/certs
52.4.12.52201 Created 475 B URL POST HTTP/2 api.trustedform.com/certs
IP 52.4.12.52:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Hash 647d120ca94341ecfc9fb916182cee2d
47054774da3374916de892d6283c6225663384ad
65f1498a6e4e6f307d3f0326469c247d38e33288c570872ed986cc47dc084470
POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 643
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 201 Created
date: Sat, 27 May 2023 07:50:54 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/directives/feedback-form.html
54.230.111.95200 OK 889 B URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/directives/feedback-form.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
Hash 857183a12a1d3f5b169e3061eca586b6
640204f18aab0068464bb7234221b8572722c23b
24051281c43b4638239d604bbdc49165fb45430016dd42d1112ec76a771aeae0
GET /directives/feedback-form.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 889
server: nginx
date: Fri, 26 May 2023 09:10:36 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
accept-ranges: bytes
etag: "64631abd-379"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zkHzVc6sIutOTD1F6JUj1sZW5eAhfX0WWTAnPP956yIIqHaNxSKyXA==
age: 81618
X-Firefox-Spdy: h2
lpapi.d-promo.com/flowImpression/store/
188.114.97.1204 No Content 0 B URL OPTIONS HTTP/3 lpapi.d-promo.com/flowImpression/store/
IP 188.114.97.1:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerLet's Encrypt
Subjectd-promo.com
Fingerprint0D:2A:CB:0F:D8:FB:B3:C4:60:B4:E7:F2:59:23:15:6C:44:01:05:0C
ValiditySat, 06 May 2023 07:44:34 GMT - Fri, 04 Aug 2023 07:44:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /flowImpression/store/ HTTP/1.1
Host: lpapi.d-promo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sat, 27 May 2023 07:50:54 GMT
content-type: text/plain charset=UTF-8
content-length: 0
access-control-allow-origin: https://us-cashisgoodkvg.lp.kgaleads.com
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dHzeMKDzxSfLqKCrZCwU14ytnYaDbS8w5a7xEr%2FPZU9%2FRUYbq1HfTwkbcaXs9b21Kfk0Lk2ALWmwozsNim3M%2F0xYxh6IyoR1QGSF30VgTx%2BX%2B58rneHCrkGdkPQKrAOzVJMw4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdcab70e8cb1c06-OSL
alt-svc: h3=":443"; ma=86400
us-cashisgoodkvg.lp.kgaleads.com/
54.230.111.95 13 kB URL us-cashisgoodkvg.lp.kgaleads.com/
IP 54.230.111.95:0
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash c5e925cd46c51aea8b1c4cf8af97209b
eaa465c4c1c236670c3710075e809dd235b6a25a
8fd93245206af095b184ff1b1877d6829a5c7f24fa555f9f6d71274cbac6ab83
GET / HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Sat, 27 May 2023 02:46:13 GMT
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9BB3cmaA82He2DEviMGLhZphLfEfx9rLc--lVoPyjp9XGr5tcvnjdw==
age: 18280
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/page-header-web.html
54.230.111.95200 OK 2.7 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/page-header-web.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text
Hash cd9d5dfed1b5441ece0680f9094aaac9
ecba2f5eec87093e299ef3cc7aecbaeb99095806
bebc5d4e4f27afdc8eb6fb39800e9d13dafefcae3c813daf37116a1d84ddaab6
GET /templates/surfeyo_3/page-header-web.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Fri, 26 May 2023 09:31:05 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: W/"64631abf-a40"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Rz4u_x1EBcRWoydvqogn_tkwyxX4DgKg7tS4VrrLHJmGbg5BrkrwCQ==
age: 80389
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_2/css/animate.css
54.230.111.95200 OK 398 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_2/css/animate.css
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type gzip compressed data, max speed, from Unix\012- data
Size 398 kB (398276 bytes)
Hash 9d0651ac72af149783b69ba427b36b1c
7c3a82eff404758acc956fc92561fded0f1e8476
d553f959aea20b4b2bfdd4aad0025c3d3290110a9d09f0ca13c3c0d4ec980049
GET /templates/surfeyo_2/css/animate.css HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 26 May 2023 19:09:37 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
content-encoding: gzip
etag: W/"64631abf-1252b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6Ma5VN1D2gW2Utrpf5vAhsL2_-qq0BgRmoHPvYZhGGU93-XkmAWMpQ==
age: 45677
X-Firefox-Spdy: h2
im.pblinq.com/upload/1559724654_consumers-connect-presents_white.png
188.114.96.1200 OK 6.1 kB URL GET HTTP/2 im.pblinq.com/upload/1559724654_consumers-connect-presents_white.png
IP 188.114.96.1:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerGoogle Trust Services LLC
Subject*.pblinq.com
Fingerprint73:80:B3:14:32:C9:05:AC:38:37:B3:49:83:67:FB:7F:BA:D9:07:88
ValidityFri, 07 Apr 2023 03:29:56 GMT - Thu, 06 Jul 2023 03:29:55 GMT
File type PNG image data, 600 x 153, 8-bit colormap, non-interlaced\012- data
Hash 724e75a6e4da973450950b8f2cf7052a
daa060f39296ee319a82b66e4590a6898384e23d
e6fa70e11ac1727df042f6242b5ab9e69dad8b060ed44bf3be35fe291058b656
GET /upload/1559724654_consumers-connect-presents_white.png HTTP/1.1
Host: im.pblinq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:55 GMT
content-type: image/png
content-length: 6060
last-modified: Mon, 13 Feb 2023 09:03:23 GMT
etag: "63e9fcdb-17ac"
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izis12pYM2PuPxftZHUpZQ6pJYAKKSyCk0siORXdwJaFgToU1BCsDa0z%2BHPWTmPXxJzkXiKtTeRn5GkBFB8TqrZI7tauN12Vryov7LOhbeN1z1%2BpTRxXc%2B2DjCznSEvv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdcab71b866fabc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
104.18.11.207200 OK 20 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP 104.18.11.207:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65371)
Hash ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:53 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-06-08 21:21:23
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: f3a3007506374a305b1a96efe5ee1490
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 3845065
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cdcab699e110afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
api.trustedform.com/certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/fingerprints
52.4.12.52204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/fingerprints
IP 52.4.12.52:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 348
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 27 May 2023 07:50:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/info-footer.html
54.230.111.95200 OK 443 B URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/info-footer.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
Hash 4c3b0f52d833a6339e00836573b7e2df
f75d3dd4f9a209ea738396a275ceb7c6be58b89b
4814d7d10ff2f9745ddb722146d5248a03ef420ac1d6306a0158a97a66bd726f
GET /templates/surfeyo_3/info-footer.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 443
server: nginx
date: Fri, 26 May 2023 09:31:06 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: "64631abf-1bb"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T1rkG3QNCYXEg5oc0btbiAyP9wo6-ICFPRUGjLt7dSXDZtCO6YAsJw==
age: 80389
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/images/loader.gif
54.230.111.95200 OK 33 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/images/loader.gif
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 142 x 142\012- data
Hash 5572838d351b66bf6a3350b6d8d23cb8
0bc2e818c38f1fded1464eacb354d86b491b6d0f
13a08170e75cc7b7e9ceec58486200df29f0345a9e3072b79a3cdb243095e7ee
GET /images/loader.gif HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 32701
server: nginx
last-modified: Tue, 16 May 2023 05:55:10 GMT
accept-ranges: bytes
date: Fri, 26 May 2023 09:31:07 GMT
etag: "64631abe-7fbd"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: i7jIU3jXIRW5m3am0KbRPNEB6VflkDqEre_Yu3ZfwnMaN6uH3i1qjQ==
age: 80388
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/element-left.html
54.230.111.95200 OK 9.8 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/element-left.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
Hash 4fca64853147bf4f0ff44cc2ff834650
8af8f3f1b1855db4e347c934abdcb58a11160eef
a54489ebdaaecbbfcafcc0a8a5ea1177e6121ee0867edb7fa828aa0c913c3bda
GET /templates/surfeyo_3/element-left.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Sat, 27 May 2023 00:50:06 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: W/"64631abf-540"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oPs3g9xXM_Rc2W5U6jhP7djc_-Pap7PXMH_yTTFzmNbmhfQICeyN4g==
age: 25248
X-Firefox-Spdy: h2
api.trustedform.com/certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/events
52.4.12.52204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/events
IP 52.4.12.52:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1178
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 27 May 2023 07:50:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_2/images/icon-safe-server-%7B%7Bflow.landing_page.settings.language%7D%7D.png
54.230.111.95200 OK 14 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_2/images/icon-safe-server-%7B%7Bflow.landing_page.settings.language%7D%7D.png
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash a30faf0ed6538e1ddd00eb5bc9e6c04c
f0c5d097c0a68df60448c1c97b8959772e0c3b21
23ca74af2dfcaf3f908a0b98a8ff9bbca0d9c506180c0424658ab6382a881003
GET /templates/surfeyo_2/images/icon-safe-server-%7B%7Bflow.landing_page.settings.language%7D%7D.png HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Fri, 26 May 2023 09:31:09 GMT
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U_XpaQdCiBaZCOI0lExgqaKxE4HHvJKC-T2VZ2jFpf6UfhgWzrZimw==
age: 80388
X-Firefox-Spdy: h2
lpapi.d-promo.com/flowImpression/store/
188.114.97.1204 No Content 3.6 kB URL OPTIONS HTTP/3 lpapi.d-promo.com/flowImpression/store/
IP 188.114.97.1:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerLet's Encrypt
Subjectd-promo.com
Fingerprint0D:2A:CB:0F:D8:FB:B3:C4:60:B4:E7:F2:59:23:15:6C:44:01:05:0C
ValiditySat, 06 May 2023 07:44:34 GMT - Fri, 04 Aug 2023 07:44:33 GMT
File type ASCII text, with no line terminators
Hash 77822449739d379a72efd5210a7d7040
1dbdae90a84b27d7a000588fce8de8fd054b75f3
a5a7a95a3998da2b1fb189d70e4ab697e7854a9abc4c847e1fdc729ee25ea8ae
POST /flowImpression/store/ HTTP/1.1
Host: lpapi.d-promo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 186
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 May 2023 07:50:56 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.28
access-control-allow-headers: Content-Type, X-Requested-With, Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://us-cashisgoodkvg.lp.kgaleads.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFen9b6oH3tRM07gOmkNHoMP2nWAA2cg6cZvoZTQWOTiLSy1r0HPNoD8Pnicsz7vfBAh%2F%2BmVgXD%2Bdx50Ohf1Fs2TUMCcBkiM0IcoEjIAhNTZirFUyXcO91U9zj7qVvs%2B%2FLWkYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdcab7a8a0b1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
us-cashisgoodkvg.lp.kgaleads.com/directives/input-field.html
54.230.111.95200 OK 1.9 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/directives/input-field.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type exported SGML document, Unicode text, UTF-8 text, with very long lines (535)
Hash 67e1611d3aa07c5b3383ebb837b5aef9
8053e868c17c3d6a8ca90c877a9dd4e7cd8c32c7
850512d8a9c30f414af5202b1d5fd72c873cea8ca292e711fe0abe29957fe47f
GET /directives/input-field.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Fri, 26 May 2023 19:09:42 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-1372"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5p5PwbN6JiCv8Pl3sBiECnUSW9edU1xvAAUAJaCm-sbcDqpebiSh1w==
age: 45675
X-Firefox-Spdy: h2
lpapi.d-promo.com/survey/getSurveyData/32_questions.json/
188.114.97.1200 OK 107 kB URL GET HTTP/3 lpapi.d-promo.com/survey/getSurveyData/32_questions.json/
IP 188.114.97.1:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerLet's Encrypt
Subjectd-promo.com
Fingerprint0D:2A:CB:0F:D8:FB:B3:C4:60:B4:E7:F2:59:23:15:6C:44:01:05:0C
ValiditySat, 06 May 2023 07:44:34 GMT - Fri, 04 Aug 2023 07:44:33 GMT
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size 107 kB (106703 bytes)
Hash 43ef344fdb2158f79bde36589f60b8d9
577ec0901b30597f3b80e8394ec29e98aae58f9c
80233979f158de7c4f68c63d4ccb0f6051d1cfd5e71c380dbb3a03485c3efd9d
GET /survey/getSurveyData/32_questions.json/ HTTP/1.1
Host: lpapi.d-promo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 27 May 2023 07:50:57 GMT
content-type: application/javascript
x-powered-by: PHP/7.4.28
access-control-allow-origin: https://us-cashisgoodkvg.lp.kgaleads.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DoOVeBmf2Lj5cypfSB8Xiaf2uVXmL3jFrSKcctcSOwNDmGWRJOU4HO4eUnCgnKMjqPDsGa8yjHPrn0Rgxe5ph0%2FvEcjI6eCzoajyemIc7Mn3xOzf5c0j%2BsyhG8kkhCJGrBCWAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdcab7e3d241c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 3414da96a3b0e6322694a601f5ffe360
ed3aa9d5cdf90ae4f1901a6e15e57b9557d6f31b
486a206e8c9933fbfe6070d858b8c33565ca01e1c2cd013bd39a7eb050fe9503
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sat, 27 May 2023 07:50:57 GMT
Last-Modified: Sat, 27 May 2023 06:20:24 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Y-lDdibXJx74qI35ACFpEWcxv5KxG92m67OIJsCbhTqOm1qIZxQV8w==
Age: 5433
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/css/dataentry.css
54.230.111.95200 OK 2.5 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/css/dataentry.css
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
Hash 6e34f0807c12d2265407dfadf8b7ac8c
9d74153ec31b51e15d103183f824550d4d60c69f
64bbdf09b27cf8c455a61d7ff421e22399f7080793f2d352429d82c2af502fe6
GET /templates/surfeyo_3/css/dataentry.css HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 26 May 2023 10:29:25 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
content-encoding: br
etag: W/"64631abf-14eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6hChPlCrs0l35oPCPBNulM5kwmbabNuzacjU5zQqaIhB-Mbm1lXAXQ==
age: 76891
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/directives/progress-bar.html
54.230.111.95200 OK 1.3 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/directives/progress-bar.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
Hash 5a62d0d7a40c4063d7ea4edf49343bb4
f7a3af09adcf83d14063052b17cd82d56b20a187
8003455e29d8fbf305f1dc6a2d26818b3fcebc4e0bba801d66d47de14a9f6afc
GET /directives/progress-bar.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Fri, 26 May 2023 09:10:36 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-9b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qaqpX4AAveeenGkj02faJyh26pAL_z4xdFNH3Vve8CD2gJYwFs86bg==
age: 81618
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash e25d94cfa45a29c932fae528da538185
1d8fe43592b56bf06968d220c8f8197b99c0c72f
3b5a87c65aa8794afa47ea457b8334d0290ea29d9ff7d5fd0c828565f470026e
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sat, 27 May 2023 07:50:58 GMT
Last-Modified: Sat, 27 May 2023 06:21:15 GMT
Server: ECAcc (nya/79EB)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U_f5O_s2tygRpVTBePvbbbpfxXgLWY0pDIqCYjYv1LLg4ZjtWcmBmA==
Age: 5383
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
216.58.207.227200 OK 47 kB URL GET HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 216.58.207.227:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:39:40 GMT
expires: Sun, 26 May 2024 03:39:40 GMT
cache-control: public, max-age=31536000
age: 15079
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/images/select-bg-dark.jpg
54.230.111.95200 OK 1.4 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/images/select-bg-dark.jpg
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 33x60, components 3\012- data
Hash 5fb6eaab8c7ff3a1333407c88eafdddc
ebcd7b445072d6a18d86dec7d6738d3d8829e637
b40999a37bed029d5ab48ffa8665d60306003fedc5e86147f89ead41555d51f7
GET /images/select-bg-dark.jpg HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/css/template.css
Cookie: leadid_token-B45AA041-3C06-BF07-E07C-262147A32593-A62329FC-B047-95CA-1835-43098649FF47=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1409
server: nginx
date: Sat, 27 May 2023 07:50:59 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: "64631abf-581"
accept-ranges: bytes
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gzx02_cFbS-8EQuLw9rHB9xPE5A1roU4CNIT-YfdLGWffrlWhQu0iw==
X-Firefox-Spdy: h2
api.trustedform.com/certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/events
52.4.12.52204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/events
IP 52.4.12.52:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 826
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 27 May 2023 07:51:00 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/events
52.4.12.52204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/events
IP 52.4.12.52:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 226
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Sat, 27 May 2023 07:51:03 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/flowpage-web.html?1685173853897
54.230.111.95200 OK 3.8 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/flowpage-web.html?1685173853897
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type exported SGML document, ASCII text, with very long lines (3939), with no line terminators
Hash dd22495db6a128d6ed3e3b8877ed12b7
abac9b6b913b68d24d22feba31c3ab7e7cc8b30a
46efee9e11d90adda141dc307c6098753fea8982b4aba41920a4ba7fe6b943bb
GET /templates/surfeyo_3/flowpage-web.html?1685173853897 HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Sat, 27 May 2023 07:50:54 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: W/"64631abf-ebf"
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Rp3rXYyJh79I91LAimyAWnqm-HRLv3q_dqsDdD_fPHSR3XL3ekQ09A==
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=3&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489539
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489539
IP 3.213.164.48:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=3&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489539 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 5234
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:58 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 26-Jun-2023 07:50:58 GMT; Max-Age=2592000; path=/
rguserid=5c688b51-3a30-478f-bb9a-76f9ce3425c6; expires=Mon, 26-Jun-2023 07:50:58 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 26-Jun-2023 07:50:58 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 26-Jun-2023 07:50:58 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
deviceid.trueleadid.com/iframe.html?token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
34.227.181.128200 OK 4.2 kB URL GET HTTP/2 deviceid.trueleadid.com/iframe.html?token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
IP 34.227.181.128:443
Requested by https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
Certificate IssuerAmazon
Subjectdeviceid.trueleadid.com
FingerprintD8:8B:86:53:4A:F3:E9:53:1D:C4:CD:CB:91:CD:50:50:B0:84:BA:DB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4323), with no line terminators
Hash 27a57862137bf0b580930f288703c507
20114057bbb1f8a2ca6f1b6a2d81fe7f2b75c64a
b0019d4447d91be93f68b8fb233b8fcccc542e3dffc16d4dc9c9f71bc9704550
GET /iframe.html?token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:58 GMT
content-type: text/html
server: nginx
last-modified: Tue, 23 May 2023 16:17:22 GMT
etag: W/"646ce712-1049"
expires: Sun, 28 May 2023 07:50:58 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/productdetailer/images/finish-icon.png
54.230.111.95200 OK 1.9 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/productdetailer/images/finish-icon.png
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type PNG image data, 70 x 90, 8-bit colormap, non-interlaced\012- data
Hash bb58463d5620d3338e1dbc86072bef8f
1e08f07c3e58781221007f5e87a88b21023965de
498fe301d99911563563edc1f20bff040a0bbe6977f4cd32d0c358ff3b39ecfd
GET /templates/productdetailer/images/finish-icon.png HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 1866
server: nginx
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
date: Fri, 26 May 2023 09:31:05 GMT
etag: "64631abf-74a"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RcRcdjVqypfUMk5x4SYit17UeYQaQB0vAHHZvvrLZLLtE7vSI3xWLQ==
age: 80389
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/
54.230.111.95200 OK 67 kB URL User Request GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/
IP 54.230.111.95:443
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (60952)
Hash 8178764c3f13be09825d5290b0ed2391
b6f1d0eea735deb84bc2a330208bfe8d02a3f783
8131e5f4ca3d06ec075812928187182e0e4ec6a768691e9118fa12c7a8e127da
GET / HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Sat, 27 May 2023 02:46:13 GMT
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9BB3cmaA82He2DEviMGLhZphLfEfx9rLc--lVoPyjp9XGr5tcvnjdw==
age: 18280
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/css/template.css
54.230.111.95200 OK 21 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/css/template.css
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
Hash 57858c81505fe9a4302c989bc76dd90e
392db00f15a41e841c906245626074627236f60f
7d3d2973796cb37efef46595d2323374699f79fd23b6a69de94bf83e0040e4d2
GET /templates/surfeyo_3/css/template.css HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 26 May 2023 19:09:35 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
content-encoding: gzip
etag: W/"64631abf-519d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K3EETrKfMK7swsgdPXKl5iZEaslo7HSh4FCeohOsNarT7UhK2D3xLw==
age: 45679
X-Firefox-Spdy: h2
im.d-promo.com/upload/1614342841_beach.jpg
188.114.97.1200 OK 392 kB URL GET HTTP/3 im.d-promo.com/upload/1614342841_beach.jpg
IP 188.114.97.1:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerLet's Encrypt
Subjectd-promo.com
Fingerprint0D:2A:CB:0F:D8:FB:B3:C4:60:B4:E7:F2:59:23:15:6C:44:01:05:0C
ValiditySat, 06 May 2023 07:44:34 GMT - Fri, 04 Aug 2023 07:44:33 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1528x817, components 3\012- data
Size 392 kB (391708 bytes)
Hash 0cefce610d8aa2edbe2d50e5bc306a37
1d2cb32dd53a1b64e0b4e1813b0f7d4fd960db46
7724233926ffc05179fd0bba11182df35bf37b2ec54ceeeeb06f0c84162f60c0
GET /upload/1614342841_beach.jpg HTTP/1.1
Host: im.d-promo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 27 May 2023 07:50:55 GMT
content-type: image/jpeg
content-length: 391708
last-modified: Fri, 26 Feb 2021 12:34:01 GMT
etag: "6038eab9-5fa1c"
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQVgEaYCu6q4%2B6OcpHcrijSrQvBaet5a4DVu1NMvWybqORFWi9u3Ku%2BacWXam43ozM%2BUqVstqUMrdV0p5HEHq5GbCldiYsttz6Bj9KmFb47%2Fa94zO40F%2B5HMM7%2FqChRu3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdcab716fc1b50c-OSL
alt-svc: h3=":443"; ma=86400
create.leadid.com/2.11.9/SaveDeviceId.js?lac=B45AA041-3C06-BF07-E07C-262147A32593&lck=A62329FC-B047-95CA-1835-43098649FF47&methods=48&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&uuid=9561a86ba60e4babafce6c4678e5938c
3.213.164.48200 OK 0 B URL GET HTTP/2 create.leadid.com/2.11.9/SaveDeviceId.js?lac=B45AA041-3C06-BF07-E07C-262147A32593&lck=A62329FC-B047-95CA-1835-43098649FF47&methods=48&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&uuid=9561a86ba60e4babafce6c4678e5938c
IP 3.213.164.48:443
Requested by https://deviceid.trueleadid.com/iframe.html?token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2.11.9/SaveDeviceId.js?lac=B45AA041-3C06-BF07-E07C-262147A32593&lck=A62329FC-B047-95CA-1835-43098649FF47&methods=48&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&uuid=9561a86ba60e4babafce6c4678e5938c HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:58 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 26-Jun-2023 07:50:58 GMT; Max-Age=2592000; path=/
rguserid=a211aa64-8cb3-4349-ae59-1cad0627fab6; expires=Mon, 26-Jun-2023 07:50:58 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 26-Jun-2023 07:50:58 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 26-Jun-2023 07:50:58 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/directives/forms/date-selector.html
54.230.111.95200 OK 7.3 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/directives/forms/date-selector.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (8039), with no line terminators
Hash 6778f802eee78ee352e64e08c8c1cbdf
855cb6f92b4751fd85a6f47e33256cd475021732
c801fec6f9c7c458e38e1557d789c6daf46aafb02ec0e07f585d84296c667376
GET /directives/forms/date-selector.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Fri, 26 May 2023 10:29:25 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-1cb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: piKw493e4d7bighEUcRz-mKVBDUqNFy8MOfbp7LooGfo9BhJLy1CPg==
age: 76892
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/css/animations.css
54.230.111.95200 OK 5.7 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/css/animations.css
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (6007), with no line terminators
Hash 436430f57eaad08bcd5da9ff6450b406
f6b2490cad1ebb8a163531dafd6e35ead4e0bda9
29aecd853b5fb695df8b90730412536de79899e9537e64cf0234f72e72c62a5b
GET /css/animations.css HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sat, 27 May 2023 02:46:15 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-1642"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kKBSPGeBz9pee6wK_I0ozvhxfnoYPW-pF9A_wnjboh0PjzoISf-i0Q==
age: 18279
X-Firefox-Spdy: h2
rdroot.com/p.ashx?o=31530&en=evt01&t=2290041837&r=2290041837
34.251.29.167200 OK 2 B URL GET HTTP/1.1 rdroot.com/p.ashx?o=31530&en=evt01&t=2290041837&r=2290041837
IP 34.251.29.167:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerGlobalSign nv-sa
Subject*.rdroot.com
FingerprintAD:1D:1F:41:3A:CA:B4:92:70:1B:E8:8A:87:2E:EE:EB:D7:24:E1:3A
ValiditySat, 04 Mar 2023 02:04:00 GMT - Thu, 04 Apr 2024 02:03:59 GMT
File type ASCII text, with no line terminators
Hash 227dc251e1411f6b6fffcd1c30486f4d
8c71b835789865c9f242316c7ebbdc25cea35b2d
6a4b804705e725b9f4fd4adf6500180b54cc5ddefed460e48d1be724fed155d6
GET /p.ashx?o=31530&en=evt01&t=2290041837&r=2290041837 HTTP/1.1
Host: rdroot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Length: 2
Content-Type: text/plain; charset=utf-8
Date: Sat, 27 May 2023 07:50:54 GMT
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: close
us-cashisgoodkvg.lp.kgaleads.com/directives/forms/surfeyo.html
54.230.111.95200 OK 13 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/directives/forms/surfeyo.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (400)
Hash f7cff524c92ac427b655a76adfb8db20
ae277194987da7abed1b1530aa6f7a32de9bcec3
cf1bd25605c3efecde113c9162d32a434b7d3e5fb7b3f00d23ff12b95739d560
GET /directives/forms/surfeyo.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Sat, 27 May 2023 04:04:51 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: gzip
etag: W/"64631abd-31c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gF1HkS2xUQLwbLqMqNbaZThJY9rfWUOtGMqA1JLYBT4-7-tDktXG3Q==
age: 13566
X-Firefox-Spdy: h2
lpapi.d-promo.com/click/generate/?reqid=2290041837&oid=31530&aid=3146&cid=590118&sid=4
188.114.96.1200 OK 4 B URL GET HTTP/2 lpapi.d-promo.com/click/generate/?reqid=2290041837&oid=31530&aid=3146&cid=590118&sid=4
IP 188.114.96.1:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerLet's Encrypt
Subjectd-promo.com
Fingerprint0D:2A:CB:0F:D8:FB:B3:C4:60:B4:E7:F2:59:23:15:6C:44:01:05:0C
ValiditySat, 06 May 2023 07:44:34 GMT - Fri, 04 Aug 2023 07:44:33 GMT
File type ASCII text, with no line terminators
Hash 37a6259cc0c1dae299a7866489dff0bd
2be88ca4242c76e8253ac62474851065032d6833
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
GET /click/generate/?reqid=2290041837&oid=31530&aid=3146&cid=590118&sid=4 HTTP/1.1
Host: lpapi.d-promo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:54 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.28
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWJF3a5dfLBlk4eypjdrGhxibWtk6PU0u45NJLTai18Wii93SFbdSCE7YHvnDwuTmsrvDXXr5wxLP%2FFf%2FUsZ9RvUI6Ro7mrkNB9tseS11XDgi3QM9%2BJYCHAfISFyTvnW90Q6MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7cdcab6fa8810b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/images/tick_circ_anim.gif
54.230.111.95200 OK 9.0 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/images/tick_circ_anim.gif
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type GIF image data, version 89a, 200 x 200\012- data
Hash c906b57e8e4cb5247f773b757537b714
d648e987cf9853f888fbc183762246cff1abc0d1
f0cbed8ea368ac5b14d43cb79c277e8360a9ecfc5b4a70151f7bae2a02a50d55
GET /templates/surfeyo_3/images/tick_circ_anim.gif HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 9027
server: nginx
date: Fri, 26 May 2023 09:31:07 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
etag: "64631abf-2343"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qrUvLAg01uV83yv6qb0rZTnoL-I_7nQc_jVolUA0rypZjXyFJ2v11w==
age: 80388
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/dataentry-web.html?1685173856112
54.230.111.95200 OK 1.3 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/dataentry-web.html?1685173856112
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (1526), with no line terminators
Hash 8bc2010306a3b721f6520dcff707de53
534d6ece1493c35fb8febb3724e326fa4b2a4adb
cd106a25cd132a79cc15cefc4769de0cdba90094d98398b4cd3e39cf9473651c
GET /templates/surfeyo_3/dataentry-web.html?1685173856112 HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Sat, 27 May 2023 07:50:56 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: W/"64631abf-52c"
content-encoding: br
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9thbtIwSXKWqlbVF2RJ2h18HxUpvx3e50ouTierIPbUyGfnZWrRkbg==
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/vod_3/img/icon_email.png
54.230.111.95200 OK 1.1 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/vod_3/img/icon_email.png
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 9b189039bc8ab54d7f20e84ed2dae363
8830b77072f57f68adc81eec57a75dd9f64d7483
9034554d05b1baf60532ed325d8b644e8adb1a646e02f75dc779235d34198126
GET /templates/vod_3/img/icon_email.png HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 1068
server: nginx
date: Fri, 26 May 2023 09:31:09 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
etag: "64631abf-42c"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lEcYTqFEE5vIAEfiGfsZXBmt8j6JISIrqqQS1WyTG6cgmHxjExzSYA==
age: 80388
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&_=442489537
3.213.164.48200 OK 36 B URL POST HTTP/2 create.leadid.com/2.11.9/GenerateToken?msn=1&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&_=442489537
IP 3.213.164.48:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 61567c08b882bd60bb8f9a0c0e0c8a66
88a4b057a6d84bb6c08c9f5274bc6f6195a0e92f
cfddaec1dd2f95c36184680d930764def50e76622aac15452c14071112247417
POST /2.11.9/GenerateToken?msn=1&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&_=442489537 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 180
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:58 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 26-Jun-2023 07:50:57 GMT; Max-Age=2592000; path=/
rguserid=c0c07576-3a04-4b3b-b8be-c22f21eb9703; expires=Mon, 26-Jun-2023 07:50:57 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 26-Jun-2023 07:50:57 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 26-Jun-2023 07:50:57 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/css/vendor/pikaday.css
54.230.111.95200 OK 4.4 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/css/vendor/pikaday.css
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (4656), with no line terminators
Hash 1031d9c8c94a50333eb44e21bde123cd
4c742801146785cd4ec8470893dad35929da7f94
98ae571b91c6fbce7c002abf56a67e0e27abe52622506f8e0e43f2b6a3609ef1
GET /css/vendor/pikaday.css HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 26 May 2023 17:51:31 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-1144"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JpEuW7LiwbMwN8zepqDSdCMC3Awb_qKsma5MtKAQaHfn7F2vgP2yKg==
age: 50363
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489540
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=4&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489540
IP 3.213.164.48:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=4&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489540 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 5554
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:59 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 26-Jun-2023 07:50:59 GMT; Max-Age=2592000; path=/
rguserid=af4d6b28-8bbe-45f5-98d4-5d0c64466c8d; expires=Mon, 26-Jun-2023 07:50:59 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 26-Jun-2023 07:50:59 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 26-Jun-2023 07:50:59 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
172.67.41.229200 OK 126 kB URL GET HTTP/2 create.lidstatic.com/campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2
IP 172.67.41.229:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerCloudflare, Inc.
Subjectlidstatic.com
FingerprintF7:D5:3C:A9:3E:B6:D5:BF:11:CB:69:9F:0B:34:88:4F:18:79:BC:88
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT
Size 126 kB (126350 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /campaign/a62329fc-b047-95ca-1835-43098649ff47.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:57 GMT
content-type: text/javascript
x-amz-id-2: iJSfjs8JO9vKTWwIafJ1WF3WQyRQe9ZCe+MM1PHT+AIjNRx7zKWHVmjK13VLdiySk7TAmKs71CM=
x-amz-request-id: HWGWHH1DAC3530XV
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 01:03:14 GMT
etag: W/"c1b63af7a7b19a763acad8d5c8cd9bbf"
cache-control: max-age=1800
x-amz-version-id: 5yLl2FQWzrJvU7eydGWwVP0icPOiI1rY
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cdcab7e78feb4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
54.230.245.38200 OK 3.5 kB URL GET HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593
IP 54.230.245.38:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3675), with no line terminators
Hash f296cf3fca2786c12a670712ef7f00bc
da1b0e716af4460dcf59ade38450cb62798954d1
eabbab0c6023ae05e66d758837fa85258b724f04781c69ce36225c586a0c8db7
GET /iframe.html?token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=A62329FC-B047-95CA-1835-43098649FF47&lac=B45AA041-3C06-BF07-E07C-262147A32593 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Sat, 27 May 2023 05:20:16 GMT
ETag: W/"643ec1f4-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uvoAa9KLgAeL0T-deAOylENNTWiaoVaGQIeCj9sTUFVgqYfelYPbyQ==
Age: 55423
fonts.googleapis.com/css?family=PT+Sans:400,700
216.58.207.202200 OK 2.6 kB URL GET HTTP/2 fonts.googleapis.com/css?family=PT+Sans:400,700
IP 216.58.207.202:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (2670), with no line terminators
Hash e5b75587dcfd67ba93f9a8fa023b39e3
2f3c55aadf91822649739ca51e1e4494cd9fd301
ee6b1a3d767ed3ac9b1f0cabad7bda1dfa9abb8ecb144c9c4f1e40127f60b5a3
GET /css?family=PT+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 May 2023 07:50:54 GMT
date: Sat, 27 May 2023 07:50:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_2/images/icon-safe-server-en.png
54.230.111.95200 OK 4.4 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_2/images/icon-safe-server-en.png
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type PNG image data, 100 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash af3d668b49272a483d247a4eb304118a
77103f1f6c5c8bb8bb72dcb46be40baa8f9fbdb1
7aa5cf393eb30425ff7614230bf655bc662664ea401fc5b2a113e0b78c8526d1
GET /templates/surfeyo_2/images/icon-safe-server-en.png HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 4383
server: nginx
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
date: Fri, 26 May 2023 09:31:08 GMT
etag: "64631abf-111f"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8j0fcNemJAE0y97tyyX_lgdbUhW_qIKYPGe1U-8TdECGcOUKlNZtAg==
age: 80389
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/animation-dataentry_start-web.html
54.230.111.95200 OK 1.1 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/animation-dataentry_start-web.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (1148), with no line terminators
Hash 59457abb1f82d0e4f1e54b724ad04476
009555d380c2f2fe2f1ec0e0aa78692d215112b1
7c9bb6d63d926937d2c941084fbb018dd53e6dd4eb06b0fcc1e4f7dbeeb5332b
GET /templates/surfeyo_3/animation-dataentry_start-web.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Sat, 27 May 2023 02:46:12 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: W/"64631abf-43f"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UFXXNqdG2pN3DBqVdWYCtq_hg_6AgqqT0j3H855HANWTIw6LS9WS3g==
age: 18283
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=5&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489541
0.0.0.0 0 B URL POST create.leadid.com/2.11.9/Snap?msn=5&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489541
IP 0.0.0.0:0
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=5&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489541 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 279210
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
create.leadid.com/2.11.9/Snap?msn=6&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489542
0.0.0.0 0 B URL POST create.leadid.com/2.11.9/Snap?msn=6&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489542
IP 0.0.0.0:0
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=6&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489542 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 412727
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
apidata.info/js
188.114.97.1200 OK 817 B IP 188.114.97.1:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerLet's Encrypt
Subjectapidata.info
FingerprintD0:CD:49:3C:C6:EF:20:C2:AF:EB:14:91:74:90:30:60:54:B3:FF:DA
ValidityWed, 17 May 2023 03:20:00 GMT - Tue, 15 Aug 2023 03:19:59 GMT
File type ASCII text, with very long lines (817), with no line terminators
Hash ac7b01765f758ee3bd0e3cf7e89885ee
7397829110df743a5850c4de19742ccb5992b54e
bd62933057790e8275343d3adf51ab1c82ab8ab1051861e8536c02bef13ef2bf
GET /js HTTP/1.1
Host: apidata.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:53 GMT
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-max-age: 3600
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0yzUwsMxUiQaGXifMTZ0qi%2FIPt8qx8n7l7ORmMTRktUfJgHeuj7MxcrhG%2FqQvUsCYTgMs5ABTdcQnU0KvvhpOSMmP%2BQVcuxELXVqxM5LrtXmEcEVUTLpU9emR9Rn%2FQs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: __cflb=02DiuGQ4mUqJj6izyopp8yhqksk2KbwnuxniEwcG6dD2C; SameSite=Lax; path=/; expires=Sun, 28-May-23 06:50:53 GMT; HttpOnly
server: cloudflare
cf-ray: 7cdcab6a6f14b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.39.js
54.230.111.60200 OK 105 kB URL GET HTTP/2 cdn.trustedform.com/trustedform-1.8.39.js
IP 54.230.111.60:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 105 kB (104691 bytes)
Hash 9c2830f2c2e5b9cb27e0e7f151317cbe
7e0b45f1cf0f826b0aaaf792e20bdd77d27c6b3a
fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14
GET /trustedform-1.8.39.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: OadgesbszW_FbzYEqgjtb7SPpT8rHyZy
server: AmazonS3
content-encoding: gzip
date: Sat, 27 May 2023 07:50:54 GMT
etag: W/"9c2830f2c2e5b9cb27e0e7f151317cbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PGrXvdMB2j8ypEhxakYi3C13OdE9CpFLKUatrsanUoJd_S_RCjHbzw==
age: 14
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/%7B%7Bcms.image_3%7D%7D
54.230.111.95200 OK 67 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/%7B%7Bcms.image_3%7D%7D
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (60952)
Hash f63ff9c10cb6755825590751653e9f9d
8472c31451de6d204fd02e958c28b9131cddbdf8
adcb54b2274fc28900bc2d2f274c2700ee125b18429cafbbac09489c14ba9c90
GET /%7B%7Bcms.image_3%7D%7D HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Fri, 26 May 2023 09:31:05 GMT
x-powered-by: PHP/7.3.33
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ramLJik45qXepARpssj8Fi7myjPdHER2E0eIV_W8j1Y9Lz2NjwakzQ==
age: 80389
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489538
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/SaveDom?msn=2&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489538
IP 3.213.164.48:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/SaveDom?msn=2&pid=eb4f6d4c-dc66-4b33-bf2c-f0e08687e27a&token=D622A7AC-73F0-B4CB-3505-E368FEA2C6CD&_=442489538 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 496
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 27 May 2023 07:50:58 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Mon, 26-Jun-2023 07:50:58 GMT; Max-Age=2592000; path=/
rguserid=7cb95d01-1d55-4877-9540-eae3acb38ba1; expires=Mon, 26-Jun-2023 07:50:58 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Mon, 26-Jun-2023 07:50:58 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Mon, 26-Jun-2023 07:50:58 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/preload-web.html
54.230.111.95200 OK 3.8 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/surfeyo_3/preload-web.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (4481), with no line terminators
Hash 9db081772b069b266fb37b397c5a5e37
9dae123e0347c8b62dc81a1a71b65bae5d2dd471
94e4b5867c5ad9b3ffbed106a49ab5255b990a6593b9bd7f85ba579ab25869cc
GET /templates/surfeyo_3/preload-web.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Fri, 26 May 2023 09:31:04 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
etag: W/"64631abf-efb"
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AJgEFYoNFyCJUczh0Rfu6VoJqfTefKAYvGaBuZSC-wwbD6y5dgnFWg==
age: 80390
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/productdetailer/images/deliver.png
54.230.111.95200 OK 3.7 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/productdetailer/images/deliver.png
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type PNG image data, 480 x 380, 8-bit colormap, non-interlaced\012- data
Hash b4a4b8b337af5ccbccbc7dd3ea38ad58
e329d8204c8f4c09fb72021c031ff1f933701185
43cc909b864265ea763bb9fc89fc789162ce43bb5054998f2c72586442326b55
GET /templates/productdetailer/images/deliver.png HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 3691
server: nginx
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
date: Fri, 26 May 2023 09:31:05 GMT
etag: "64631abf-e6b"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9EmKgfxmdosKivzdmDWErbKay-Kd5uEJbaDREjefBE2Czg-BiaPZkg==
age: 80389
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/directives/sponsor-modal.html
54.230.111.95200 OK 2.8 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/directives/sponsor-modal.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3252), with no line terminators
Hash b86029f6976cb0aa41095a8803e92893
401a844396c19c34860a44cd55bae0edb12b90c1
10f34118ac82431ab902753d18451a4434f78bb6f6b1312baebc21586cebb4a5
GET /directives/sponsor-modal.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
server: nginx
date: Fri, 26 May 2023 19:09:41 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
content-encoding: br
etag: W/"64631abd-b1b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sEKYMEBZN7fEwL9pPQSEUe4FNeZ704rFoLoXXlvMdpfg087Imuyggw==
age: 45676
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/templates/vod_3/img/icon_password.png
54.230.111.95200 OK 863 B URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/templates/vod_3/img/icon_password.png
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 1257cfa73f8bccbde7aa1d29148192c5
55615db7fc6b289f8ff7eddab876cf65515fc038
c09186f2f15ec5cf081385148f0e6aa5ea225a268f1fd9a48aa1a19c395de09f
GET /templates/vod_3/img/icon_password.png HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/png
content-length: 863
server: nginx
last-modified: Tue, 16 May 2023 05:55:11 GMT
accept-ranges: bytes
date: Fri, 26 May 2023 09:31:09 GMT
etag: "64631abf-35f"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ScOP2X6kB5HMJZn3wD9D7G8QJ6BwcukvoPuZiYGAowuE0FFx9FUVRw==
age: 80388
X-Firefox-Spdy: h2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16851738532720.7838409280862151&invert_field_sensitivity=false
54.230.111.60200 OK 7.5 kB URL GET HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16851738532720.7838409280862151&invert_field_sensitivity=false
IP 54.230.111.60:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (7726), with no line terminators
Hash 9922363fd118cee80f733b7f8cf45e5c
c58005d21a1da4c611549651099127ff0f2ab9f6
1c01e146dfe11b2f712393fa866f782d0ea7d52ba076fb66739de8bbcd712565
GET /bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16851738532720.7838409280862151&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 27 May 2023 07:50:55 GMT
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: 3_b23spJZawDo2DonqGySoPkWa3Umuag
etag: W/"88ddf717f635b54023edd7480431e1d1"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RpkoRimkw1WbkFFW3Dscc24tadyHCF8-uryUbSmj4w5F5DiyQ1vvVg==
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/directives/advertiser-modal.html
54.230.111.95200 OK 896 B URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/directives/advertiser-modal.html
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (973), with no line terminators
Hash 63ac56cd6b4a15cb29b7627a2173b289
6fc4c34a83800181d5472bd38fe231c8200e0bce
d10a12907b0edc597877851827b331ff0f11c396bb711be578c3bc66a89991b1
GET /directives/advertiser-modal.html HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html
content-length: 896
server: nginx
date: Fri, 26 May 2023 10:29:25 GMT
last-modified: Tue, 16 May 2023 05:55:09 GMT
accept-ranges: bytes
etag: "64631abd-380"
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jcCZT7qEd7arr7GxEwdLX22YphUrwLQpUIVmlH4y6JdlX9OTqQaqPg==
age: 76892
X-Firefox-Spdy: h2
api.trustedform.com/certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/snapshot
52.4.12.52204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/snapshot
IP 52.4.12.52:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/43bee0653af27bd3a7053c15de416cd5e608b3c5/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 12215
Origin: https://us-cashisgoodkvg.lp.kgaleads.com
DNT: 1
Connection: keep-alive
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
date: Sat, 27 May 2023 07:50:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
us-cashisgoodkvg.lp.kgaleads.com/js/flowpage.min.js?rel=1684216440025
54.230.111.95200 OK 397 kB URL GET HTTP/2 us-cashisgoodkvg.lp.kgaleads.com/js/flowpage.min.js?rel=1684216440025
IP 54.230.111.95:443
Requested by https://us-cashisgoodkvg.lp.kgaleads.com/#/?reqid=2290041837&oid=31530&a=3146&cid=590118&s1=4
Certificate IssuerAmazon
Subject*.lp.kgaleads.com
FingerprintF9:10:77:5A:91:6C:46:3B:8F:F1:CC:E1:04:E4:C6:13:0B:32:D6:36
ValidityMon, 28 Nov 2022 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT
Size 397 kB (397447 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/flowpage.min.js?rel=1684216440025 HTTP/1.1
Host: us-cashisgoodkvg.lp.kgaleads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://us-cashisgoodkvg.lp.kgaleads.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 26 May 2023 19:09:31 GMT
last-modified: Tue, 16 May 2023 05:55:11 GMT
content-encoding: gzip
etag: W/"64631abf-61087"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: stVnSc1axFkEU3vQin7uLLhlzrIhRNGcjqlQz9w3_w5bzmBl-DdtXw==
age: 45682
X-Firefox-Spdy: h2