ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash d5b0efcf7b4e1b86376592b90d5f0645
599cc90e88d316877eb46ad16ae2789e6bd2ece9
dad811d65e2636c2175f58381e07fe6ca197924d8c39a613edea45228d082b45
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 24 May 2023 06:54:09 GMT
Etag: "646dac73-1d7"
Expires: Wed, 24 May 2023 08:54:09 GMT
Last-Modified: Wed, 24 May 2023 06:19:31 GMT
Server: ECAcc (dcb/7F5A)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h7iaHnfcfMSSVfz8XPpFCY7_7FK5uLa-c0bsr0PEsu5lxyB43b3wVg==
Age: 68
paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404/?em=0
52.2.18.249301 Moved Permanently 304 B URL User Request GET HTTP/2 paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404/?em=0
IP 52.2.18.249:443
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9fd057e53b7c742442ce88b92507e771
58457efa9d332f9fcd9859e7f2a2037d2bb584ff
87798d668f4b1c519cb344d6d2d025c9679d069dd822fff00b08681341fc3d98
Analyzer Verdict Alert fortinet Phishing
GET /go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404/?em=0 HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 24 May 2023 06:54:09 GMT
content-type: text/html; charset=iso-8859-1
content-length: 304
location: http://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
server: Apache/2.4.41 (Ubuntu)
X-Firefox-Spdy: h2
paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
107.21.226.142200 OK 134 B URL User Request GET HTTP/2 paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
IP 107.21.226.142:443
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
Analyzer Verdict Alert fortinet Phishing
GET /go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0 HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Wed, 24 May 2023 06:54:09 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://paidsurvey.pro:443/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
52.2.18.249200 OK 6.9 kB URL User Request GET HTTP/2 paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
IP 52.2.18.249:443
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (939)
Hash 7df7d5c23d9c63c00aa1371ee2ec273e
5b4d08c6dc680399dabdb7a7c22cf0f81288175c
18cbf37c15a438d4874693035c3da8c8b99959c2253b9eb24d3e51fa64e55b29
Analyzer Verdict Alert fortinet Phishing
GET /go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0 HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:10 GMT
content-type: text/html; charset=UTF-8
content-length: 6899
server: Apache/2.4.41 (Ubuntu)
set-cookie: ci_session=k6bh75rmft7f7phbg7ffpjfse2iacbe6; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
104.17.25.14200 OK 59 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js
IP 104.17.25.14:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65274)
Hash 537fb5541479dbe0e06b56c5d21e5c73
cb2ba1c0cc5d244bf6484d74ec197efb074e9a6a
1fb32ef65d7b57f33a43580329dbf6ee37beb5b4b64272a6a0d705ca9abf3484
GET /ajax/libs/bootstrap-formhelpers/2.3.0/js/bootstrap-formhelpers.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 58913
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d8e-46f6d"
last-modified: Mon, 04 May 2020 16:06:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1692640
expires: Mon, 13 May 2024 06:54:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEx%2BPTn3erlA8bvQXs0OcNUBO0BVY2M41w70cI1u5AtxlqOUFCKau8ixk4esI7nHBHSo95FCUuK85I2CPO6%2BaQ2lCmq0jUSyP71EdxVgB3Es1f%2FvN4NSFHFX%2BCWHZP6AtbpA7Dml"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7cc3a0358d4db505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
paidsurvey.pro/assets/css/paidsurveypro/style_post_reg_form.css
52.2.18.249200 OK 1.7 kB URL GET HTTP/2 paidsurvey.pro/assets/css/paidsurveypro/style_post_reg_form.css
IP 52.2.18.249:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 3260edbb4e8f8fef4eecc1e48f49c0e1
9a82c7df54d2aec1a10839685549054e29efe3f8
3723549d909bd261854b7fe740fc619cf0f086ea81c06e9e42bd780b1cf655a5
GET /assets/css/paidsurveypro/style_post_reg_form.css HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Cookie: ci_session=k6bh75rmft7f7phbg7ffpjfse2iacbe6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:10 GMT
content-type: text/css
content-length: 1717
server: Apache/2.4.41 (Ubuntu)
last-modified: Wed, 24 Nov 2021 19:26:26 GMT
etag: "1f14-5d18dd57ebc80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
paidsurvey.pro/assets/fontawesome/css/all.css
52.2.18.249200 OK 13 kB URL GET HTTP/2 paidsurvey.pro/assets/fontawesome/css/all.css
IP 52.2.18.249:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
Hash 30bcab9c086559aad11d39876ecebcec
8a4a55db46c5dbfef9c6703fa2d04e89cbfcf633
0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc
GET /assets/fontawesome/css/all.css HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Cookie: ci_session=k6bh75rmft7f7phbg7ffpjfse2iacbe6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:10 GMT
content-type: text/css
content-length: 13366
server: Apache/2.4.41 (Ubuntu)
last-modified: Wed, 06 Apr 2022 19:24:40 GMT
etag: "11f69-5dc015018c968-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash c02ea2eb31eb1af30ad378cddf6f94b5
f6190e85f669f8282ec9c4a36cf7f552c82f4989
e218cdd31cbdc6f9019a3ba5dbcd1451c74d4c9704bb0187b0b2dcc7481a4daa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 06:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash b177a0b4c4732543dc622b5d30d3f29e
4291249786016059808cb395192d04186b9fe26e
e2bd71d5a4e41775ed06882a32cf1cf344d72e6a04d5b4925050bd73dcc60cba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 06:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash c02ea2eb31eb1af30ad378cddf6f94b5
f6190e85f669f8282ec9c4a36cf7f552c82f4989
e218cdd31cbdc6f9019a3ba5dbcd1451c74d4c9704bb0187b0b2dcc7481a4daa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 06:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
paidsurvey.pro/assets/bootstrap/css/bootstrap.min.css
52.2.18.249200 OK 23 kB URL GET HTTP/2 paidsurvey.pro/assets/bootstrap/css/bootstrap.min.css
IP 52.2.18.249:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65306)
Hash abe91756d18b7cd60871a2f47c1e8192
7c1c9e0573e5cea8bad3733be2fc63aa8c68ea8d
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
GET /assets/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Cookie: ci_session=k6bh75rmft7f7phbg7ffpjfse2iacbe6
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:10 GMT
content-type: text/css
content-length: 22983
server: Apache/2.4.41 (Ubuntu)
last-modified: Wed, 06 Apr 2022 19:41:50 GMT
etag: "260c5-5dc018d808750-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
paidsurvey.pro/assets/img/paidsurveypro/logo_2.png
52.2.18.249200 OK 7.7 kB URL GET HTTP/2 paidsurvey.pro/assets/img/paidsurveypro/logo_2.png
IP 52.2.18.249:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 528 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash 24e9fec46556b8e6da40793918b38e8e
c479c6db92bba34a5f5144228cebf86f653a68de
710ac0e79f5c621657cfd20a38808d39b44e2f1ffc086cf1788d2027c84a895c
GET /assets/img/paidsurveypro/logo_2.png HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Cookie: ci_session=k6bh75rmft7f7phbg7ffpjfse2iacbe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:10 GMT
content-type: image/png
content-length: 7748
server: Apache/2.4.41 (Ubuntu)
last-modified: Sun, 21 Nov 2021 11:03:00 GMT
etag: "1e44-5d14a738da100"
accept-ranges: bytes
X-Firefox-Spdy: h2
paidsurvey.pro/assets/img/paidsurveypro/shape.png
52.2.18.249200 OK 1.5 kB URL GET HTTP/2 paidsurvey.pro/assets/img/paidsurveypro/shape.png
IP 52.2.18.249:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 38 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a2669fdcc31d5aafb4ee04622465075
2cd89f66fb6f1b8714bd02b2d4a7b61645f3763f
f4eba9f8acbd653e4182a55d2642e1c10163aade9a8488748b33d2dfaf72adaa
GET /assets/img/paidsurveypro/shape.png HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Cookie: ci_session=k6bh75rmft7f7phbg7ffpjfse2iacbe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:10 GMT
content-type: image/png
content-length: 1489
server: Apache/2.4.41 (Ubuntu)
last-modified: Sun, 21 Nov 2021 11:03:00 GMT
etag: "5d1-5d14a738da100"
accept-ranges: bytes
X-Firefox-Spdy: h2
paidsurvey.pro/assets/img/paidsurveypro/logo.png
52.2.18.249200 OK 5.6 kB URL GET HTTP/2 paidsurvey.pro/assets/img/paidsurveypro/logo.png
IP 52.2.18.249:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 358 x 62, 8-bit/color RGBA, non-interlaced\012- data
Hash aeb6cc8515a3234200cefd5c858566e2
69766aedd5c65da90ecaa45c8a4d0175ed0170d2
3ae8eb018f2fde55584c48108d428aced1304a422e36d94cbf50c136322f4b2e
GET /assets/img/paidsurveypro/logo.png HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Cookie: ci_session=k6bh75rmft7f7phbg7ffpjfse2iacbe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:10 GMT
content-type: image/png
content-length: 5567
server: Apache/2.4.41 (Ubuntu)
last-modified: Fri, 26 Nov 2021 15:40:28 GMT
etag: "15bf-5d1b2e90ed300"
accept-ranges: bytes
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
142.250.74.138200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 142.250.74.138:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (32025)
Hash 4a356126b9573eb7bd1e9a7494737410
8258d046f17dd3c15a5d3984e1868b7b5d1db329
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 22:50:29 GMT
expires: Wed, 22 May 2024 22:50:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 29021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
142.250.74.132200 OK 586 B URL GET HTTP/2 www.google.com/recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi
IP 142.250.74.132:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint85:AD:43:66:C0:73:07:1B:B5:5D:4A:83:4B:76:3F:DA:4B:2B:E1:F8
ValidityMon, 24 Apr 2023 12:01:16 GMT - Mon, 17 Jul 2023 12:01:15 GMT
File type ASCII text, with very long lines (884), with no line terminators
Hash 9129d2e31585bb161afe4b695c7464d7
b572bed4d8b52fc1f2ccb5cad540368230a63100
79c3c039839252f22f961a235e5b610ea1444132e5b0338b45ff6ff5e852e185
GET /recaptcha/api.js?render=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Wed, 24 May 2023 06:54:10 GMT
date: Wed, 24 May 2023 06:54:10 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
142.250.74.138200 OK 64 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.11.4/jquery-ui.min.js
IP 142.250.74.138:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (32035)
Hash d935d506ae9c8dd9e0f96706fbb91f65
7f650ee30c6a4d3eea04032039b20ff72997559b
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
GET /ajax/libs/jqueryui/1.11.4/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 64481
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 03:58:21 GMT
expires: Wed, 22 May 2024 03:58:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 96949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
paidsurvey.pro/assets/fontawesome/js/fontawesome.min.js
52.2.18.249200 OK 13 kB URL GET HTTP/2 paidsurvey.pro/assets/fontawesome/js/fontawesome.min.js
IP 52.2.18.249:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (37145)
Hash 884e73502238edc93424438a65ed571d
1a39cfe45f8d25350c06a55371953290fd08583b
d65190b9987c6b812271c33111cd7c2748789e1af9a029971173f371af8b6eb9
Analyzer Verdict Alert fortinet Phishing
GET /assets/fontawesome/js/fontawesome.min.js HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Cookie: ci_session=k6bh75rmft7f7phbg7ffpjfse2iacbe6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:10 GMT
content-type: application/javascript
content-length: 13045
server: Apache/2.4.41 (Ubuntu)
last-modified: Wed, 06 Apr 2022 19:24:43 GMT
etag: "91d3-5dc015047c4c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
paidsurvey.pro/assets/bootstrap/js/bootstrap.bundle.min.js
52.2.18.249200 OK 22 kB URL GET HTTP/2 paidsurvey.pro/assets/bootstrap/js/bootstrap.bundle.min.js
IP 52.2.18.249:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type ASCII text, with very long lines (65299)
Hash 0aa8d64e726c4a57adb5c88f9115996b
901169527507ff9e662cf64d8e361f359308970d
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
Analyzer Verdict Alert fortinet Phishing
GET /assets/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Cookie: ci_session=k6bh75rmft7f7phbg7ffpjfse2iacbe6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:10 GMT
content-type: application/javascript
content-length: 22447
server: Apache/2.4.41 (Ubuntu)
last-modified: Wed, 06 Apr 2022 19:41:52 GMT
etag: "13397-5dc018da07718-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash c02ea2eb31eb1af30ad378cddf6f94b5
f6190e85f669f8282ec9c4a36cf7f552c82f4989
e218cdd31cbdc6f9019a3ba5dbcd1451c74d4c9704bb0187b0b2dcc7481a4daa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 06:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash 430d419c6ea6e18afe2b0a88c95427e2
06d04d98d858c0e59d9ade936cbe30b163ace637
d22ecf4f72f3e51345778a5e96d6febf31b2f0ec206ff4e50f4a995418c78540
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 06:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash 0e2a51fc0a704370c246690b8e25c332
28b056e0210c4e5139982c887bbd5b416a7c888e
639b72f46177c45cf6faed4c59c70f988ba038216aceeb1a9734de3364da854d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 06:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash 0e2a51fc0a704370c246690b8e25c332
28b056e0210c4e5139982c887bbd5b416a7c888e
639b72f46177c45cf6faed4c59c70f988ba038216aceeb1a9734de3364da854d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 06:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/balootammudu2/v22/1Pt2g8TIS_SAmkLguUdFP8UaJcKOwnsX.woff2
142.250.74.35200 OK 30 kB URL GET HTTP/2 fonts.gstatic.com/s/balootammudu2/v22/1Pt2g8TIS_SAmkLguUdFP8UaJcKOwnsX.woff2
IP 142.250.74.35:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 30244, version 1.0\012- data
Hash 9ebc0b97694270dc85b50b9bf4028d27
da0f7cc78ece99207be372a81b167a63280ce453
5475554290fe850f61f90bae1d2859e3c1f3a9762e8940c56aa6219b3f98eee0
GET /s/balootammudu2/v22/1Pt2g8TIS_SAmkLguUdFP8UaJcKOwnsX.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 02:58:30 GMT
expires: Fri, 17 May 2024 02:58:30 GMT
cache-control: public, max-age=31536000
age: 532541
last-modified: Tue, 08 Nov 2022 20:00:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/balootammudu2/v22/1Pt2g8TIS_SAmkLguUdFP8UaJcKOwnsX.woff2
142.250.74.35200 OK 30 kB URL GET HTTP/2 fonts.gstatic.com/s/balootammudu2/v22/1Pt2g8TIS_SAmkLguUdFP8UaJcKOwnsX.woff2
IP 142.250.74.35:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 30244, version 1.0\012- data
Hash 9ebc0b97694270dc85b50b9bf4028d27
da0f7cc78ece99207be372a81b167a63280ce453
5475554290fe850f61f90bae1d2859e3c1f3a9762e8940c56aa6219b3f98eee0
GET /s/balootammudu2/v22/1Pt2g8TIS_SAmkLguUdFP8UaJcKOwnsX.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 02:58:30 GMT
expires: Fri, 17 May 2024 02:58:30 GMT
cache-control: public, max-age=31536000
age: 532541
last-modified: Tue, 08 Nov 2022 20:00:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/balootammudu2/v22/1Pt2g8TIS_SAmkLguUdFP8UaJcKOwnsX.woff2
142.250.74.35200 OK 30 kB URL GET HTTP/2 fonts.gstatic.com/s/balootammudu2/v22/1Pt2g8TIS_SAmkLguUdFP8UaJcKOwnsX.woff2
IP 142.250.74.35:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 30244, version 1.0\012- data
Hash 9ebc0b97694270dc85b50b9bf4028d27
da0f7cc78ece99207be372a81b167a63280ce453
5475554290fe850f61f90bae1d2859e3c1f3a9762e8940c56aa6219b3f98eee0
GET /s/balootammudu2/v22/1Pt2g8TIS_SAmkLguUdFP8UaJcKOwnsX.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 02:58:30 GMT
expires: Fri, 17 May 2024 02:58:30 GMT
cache-control: public, max-age=31536000
age: 532541
last-modified: Tue, 08 Nov 2022 20:00:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
paidsurvey.pro/assets/img/campaign/1300_welcome.png
52.2.18.249200 OK 316 kB URL GET HTTP/2 paidsurvey.pro/assets/img/campaign/1300_welcome.png
IP 52.2.18.249:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type PNG image data, 660 x 633, 8-bit/color RGB, non-interlaced\012- data
Size 316 kB (315546 bytes)
Hash 04255e12d6356b1ff86a932585d7870a
1b392c0e12f87a0dc4798366223ece6fc781834c
c87eb7b2388bb9ca774cdb6c1ba82c1b6c507308dd0697897acec9180d7643ad
GET /assets/img/campaign/1300_welcome.png HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Cookie: ci_session=k6bh75rmft7f7phbg7ffpjfse2iacbe6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:11 GMT
content-type: image/png
content-length: 315546
server: Apache/2.4.41 (Ubuntu)
last-modified: Wed, 11 Jan 2023 16:10:59 GMT
etag: "4d09a-5f1ff3efd79f8"
accept-ranges: bytes
X-Firefox-Spdy: h2
paidsurvey.pro/assets/fontawesome/webfonts/fa-solid-900.woff2
52.2.18.249200 OK 78 kB URL GET HTTP/2 paidsurvey.pro/assets/fontawesome/webfonts/fa-solid-900.woff2
IP 52.2.18.249:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Hash d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Analyzer Verdict Alert fortinet Phishing
GET /assets/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/assets/fontawesome/css/all.css
Cookie: ci_session=k6bh75rmft7f7phbg7ffpjfse2iacbe6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:11 GMT
content-type: font/woff2
content-length: 78268
server: Apache/2.4.41 (Ubuntu)
last-modified: Wed, 06 Apr 2022 19:25:58 GMT
etag: "131bc-5dc0154bc9788"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash 0e2a51fc0a704370c246690b8e25c332
28b056e0210c4e5139982c887bbd5b416a7c888e
639b72f46177c45cf6faed4c59c70f988ba038216aceeb1a9734de3364da854d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 06:54:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 94eafcc515cb1af9886748a47b57ecdc
093861471590048229ab6f70c064be5dcae32bdb
6d4d0011da64e608f41499308e88122a7236c019a870e35963f296d95550068d
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=7200'
Date: Wed, 24 May 2023 06:54:12 GMT
Server: ECAcc (dcb/7342)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: r7SATARATVPzcXbGXDGCSi4FHfWezal4h2xXphZLyFZ3vE5AzxK2zw==
pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=paidsurvey.pro
54.230.111.92200 OK 2.2 kB URL GET HTTP/2 pushpros.tech/GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=paidsurvey.pro
IP 54.230.111.92:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectpushpros.tech
FingerprintF1:27:D4:0A:37:DD:69:2C:97:CF:48:D1:1A:24:56:E0:17:C8:BB:F9
ValidityThu, 04 May 2023 00:00:00 GMT - Sat, 01 Jun 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2180), with no line terminators
Hash 8173121dd2ef25de3bd3b7592f5f1015
b4ba1825783c0b9073dc00c99954aa044fbabca5
1eab3aded037eb8deafe4e84a0d2da5d4521b8411f7993f9f11b96d04d963702
GET /GetPushScript?key=2Xa3N8H4tIMDq5DaLOjgimHq4HG8UhWO&domain=paidsurvey.pro HTTP/1.1
Host: pushpros.tech
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paidsurvey.pro/
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json
content-length: 2180
date: Wed, 24 May 2023 06:54:12 GMT
x-amzn-requestid: 4c162c41-3131-4389-871c-7aefba0345ad
access-control-allow-origin: *
x-amz-apigw-id: FaknNFXAoAMF4YQ=
x-amzn-trace-id: Root=1-646db494-61d03cb429f3137353107712;Sampled=0;lineage=ce85cba6:0
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v1KLQZs-ZmX_mGFwdGw_oq5ri9JRbOsgbRjtaUb1_1KlhK8NCcyI7Q==
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash cb364d5cc4b166dd977e2590d7224d69
40c38320de85c898067a2f8923d90c39e1724027
bc193221b3312a085692182ff4bddb795cd6a9fb62a942b138bb8d186c8febd6
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Wed, 24 May 2023 06:54:12 GMT
Etag: "646c676b-1d7"
Last-Modified: Wed, 24 May 2023 05:22:40 GMT
Server: ECAcc (dcb/7342)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Uf68udGkBmwOCYTgqSbpFyIJ_7EqUIFlvTqwrNeNjbqBPt-1MBSRvA==
Age: 5492
api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16849112516310.9645196778211956&invert_field_sensitivity=false
3.211.160.236301 Moved Permanently 134 B URL GET HTTP/2 api.trustedform.com/trustedform.js?provide_referrer=false&field=trusted_form&l=16849112516310.9645196778211956&invert_field_sensitivity=false
IP 3.211.160.236:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trustedform.js?provide_referrer=false&field=trusted_form&l=16849112516310.9645196778211956&invert_field_sensitivity=false HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: awselb/2.0
date: Wed, 24 May 2023 06:54:12 GMT
content-type: text/html
content-length: 134
location: https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=trusted_form&l=16849112516310.9645196778211956&invert_field_sensitivity=false
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 53c52feccb0103c859fc8bc9a3919c70
29ac9e397bc4eb2362d60bd86f769a93fb69d8b8
6a6d410494eb074a485ae3ed9b22b79c68c9f2f81ed8b0e22a170c61d38599df
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Wed, 24 May 2023 06:54:12 GMT
Etag: "646d18a1-1d7"
Expires: Wed, 24 May 2023 08:54:12 GMT
Last-Modified: Tue, 23 May 2023 19:48:49 GMT
Server: ECAcc (dcb/7FDF)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nFQ_xK1rA3obuTEw4QfyGu92cRGhHj012KhTCrS_y7k4Zyy3lMQCDw==
Age: 2580
ocsp.r2m01.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash e69de27dc53eacb7868ee32c1ae7297b
444e73cdaeba49c2384ff89d9ec32b299166a730
bb05b3ba6a64b60272d7e9d0495a57c195dc05fde9a07751e783e6376c611401
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Wed, 24 May 2023 06:54:12 GMT
Last-Modified: Wed, 24 May 2023 06:39:22 GMT
Server: ECAcc (bsa/EB26)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5ZRjtbv6S_e89kQRdoHN5Et0Ke7AoKr1fkCuEjX9WU9r4GyziahrYA==
Age: 890
d2m2wsoho8qq12.cloudfront.net/iframe.html?token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
54.230.245.35200 OK 1.4 kB URL GET HTTP/1.1 d2m2wsoho8qq12.cloudfront.net/iframe.html?token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP 54.230.245.35:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f383924b4df21ad2fe7e8882c61bd5ce
465f78b89eaf1a5aaea70d27ddef8bd19b72fee5
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
GET /iframe.html?token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: d2m2wsoho8qq12.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 18 Apr 2023 16:14:44 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Wed, 24 May 2023 00:53:00 GMT
ETag: W/"643ec1f4-dbb"
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OurkTzf9FG2X_wC3Vf9RDUDVUrfuN-VZ5WuzuIgK6mr_YiYqBE-K_w==
Age: 21703
s3.amazonaws.com/trackpush/trackpush.min.js
52.217.162.232200 OK 13 kB URL GET HTTP/1.1 s3.amazonaws.com/trackpush/trackpush.min.js
IP 52.217.162.232:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjects3.amazonaws.com
Fingerprint94:B9:7C:21:8C:A0:94:8C:1A:34:F7:CB:48:59:A4:A2:B4:E5:81:03
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 20 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (47625), with no line terminators
Hash d470356148c00da67db3c9bdaecc90f9
d12a4df31633cf9a982bd6e8c3ffbc2449b1753f
5ea9947b55246bd7e281b10027a5ed301039077b0589afff470b73c561a93054
GET /trackpush/trackpush.min.js HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: yal5k6tSe0od5tzKqVgw/X+nSb+AVJiPOVQrsXEMYydQOpneXCr8xCWQ5R2QjXEvRVOuWgkCYtA=
x-amz-request-id: 3TAC485SQWAV0RH4
Date: Wed, 24 May 2023 06:54:13 GMT
Last-Modified: Thu, 03 Nov 2022 18:51:50 GMT
ETag: "cbd14612441d2cca730df2e3c9f185c1"
Cache-Control: max-age=86400
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Type: text/javascript
Server: AmazonS3
Content-Length: 13264
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 9635d71640f89a021ce59471160731ce
c3ab1560be2396559d7d865132567b8bbd576738
9c0452bc3e7e05bef1cbb2212c753323c05d647b951a1aaa01ebfcabc6eb8094
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=7200'
Date: Wed, 24 May 2023 06:54:12 GMT
Server: ECAcc (dcb/7F94)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: RPkg69PWPDLogVSbFhNDuUImHvWVTj74ESB1oc7Ge1xguiSGG2l-eQ==
signals.aimtell.com/pageview?id_site=27093&v=3.974&support=0&state=default&wl=1
104.18.30.151200 OK 43 B URL POST HTTP/2 signals.aimtell.com/pageview?id_site=27093&v=3.974&support=0&state=default&wl=1
IP 104.18.30.151:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerCloudflare, Inc.
Subjectaimtell.com
Fingerprint1C:CD:DA:C4:62:7E:59:6E:A3:E5:F3:89:A3:BD:88:CA:D9:F0:F7:3D
ValiditySat, 08 Apr 2023 00:00:00 GMT - Sun, 07 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /pageview?id_site=27093&v=3.974&support=0&state=default&wl=1 HTTP/1.1
Host: signals.aimtell.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:13 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: https://paidsurvey.pro
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, *
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse, Aimtell-Signal
aimtell-hash-exists: 0
aimtell-signal: 0
aimtell-traverse: 0
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc3a0453b061c0e-OSL
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
142.250.74.35200 OK 167 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9wYWlkc3VydmV5LnBybzo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=gt6eymgnlfb0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (554)
Size 167 kB (166637 bytes)
Hash 213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d
GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 19:21:59 GMT
expires: Wed, 22 May 2024 19:21:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 41534
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
paidsurvey.pro/favicon.ico
52.2.18.249200 OK 5.4 kB URL GET HTTP/2 paidsurvey.pro/favicon.ico
IP 52.2.18.249:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectmonthly-promos.net
Fingerprint89:97:6F:8F:EE:A9:F7:08:4A:F7:7D:41:A0:84:AC:D9:77:A1:E3:E2
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 27 Sep 2023 23:59:59 GMT
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b0a102991e7332643ae57365023c00c8
4ea4c55c982e08bda104d2e8e981594c067cef24
1dfc58ffbcb07c761f79eb6b46f50b3789bd21e41a0b4cb1aca82b1dd8020fcc
GET /favicon.ico HTTP/1.1
Host: paidsurvey.pro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Cookie: ci_session=k6bh75rmft7f7phbg7ffpjfse2iacbe6; leadid_token-FCB958C1-1AC9-561E-1E7C-7EB79158EEC4-3CCED9A6-4A67-D637-ACDC-CCF79B4A5210=4C70DD1A-821A-6D5F-E11A-4C178EB28072
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:13 GMT
content-type: image/vnd.microsoft.icon
content-length: 5430
server: Apache/2.4.41 (Ubuntu)
last-modified: Mon, 26 Jul 2021 18:17:08 GMT
etag: "1536-5c80ac2e78fe8"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227 471 B URL ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 098457c304e1d4a0ce7c64c39013d1ca
848f6c2ea30148d7faec970825f5fab87141325b
8417989930a41541985281e3081e85ad5eb9471ae63e4d24ea20e0481c95271d
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Wed, 24 May 2023 06:54:13 GMT
Last-Modified: Wed, 24 May 2023 05:28:52 GMT
Server: ECAcc (nya/789D)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _H2Ek-1UuTGf5HehGDkDpy3zs1cz1CZG2BvqoysjIxyIGZdxtRkGCg==
Age: 5121
www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9wYWlkc3VydmV5LnBybzo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=gt6eymgnlfb0
142.250.74.132200 OK 27 kB URL GET HTTP/3 www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9wYWlkc3VydmV5LnBybzo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=gt6eymgnlfb0
IP 142.250.74.132:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (42113)
Hash 817be1fef4f5dbee476375486ccab6d2
32efa4320845a0c4d5e046232ac80cbc7fbde140
3576bec12124afd16462a40b1628e8f64be4a7bc5cafab2f7896d391fa7ad99d
GET /recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9wYWlkc3VydmV5LnBybzo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=gt6eymgnlfb0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 May 2023 06:54:13 GMT
content-security-policy: script-src 'nonce-mJPv-lqa3LX34NPQgMWH2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 27326
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
142.250.74.35200 OK 25 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9wYWlkc3VydmV5LnBybzo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=gt6eymgnlfb0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (56403), with no line terminators
Hash 83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 10:23:44 GMT
expires: Wed, 22 May 2024 10:23:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/css
vary: Accept-Encoding
age: 73830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
142.250.74.35200 OK 167 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9wYWlkc3VydmV5LnBybzo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=gt6eymgnlfb0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (554)
Size 167 kB (166637 bytes)
Hash 213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d
GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 19:21:59 GMT
expires: Wed, 22 May 2024 19:21:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 41535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9wYWlkc3VydmV5LnBybzo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=gt6eymgnlfb0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:31:32 GMT
expires: Wed, 22 May 2024 17:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 48162
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9wYWlkc3VydmV5LnBybzo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=gt6eymgnlfb0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:40:21 GMT
expires: Wed, 22 May 2024 21:40:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 33233
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/webworker.js?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ
142.250.74.132200 OK 112 B URL GET HTTP/3 www.google.com/recaptcha/api2/webworker.js?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ
IP 142.250.74.132:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9wYWlkc3VydmV5LnBybzo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=gt6eymgnlfb0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type ASCII text, with no line terminators
Hash be5069a814de1331fe3e4cfa1a492239
7e6248c3e94c3dbf09db54f82ebc55954df99f73
3eefcd5ba2f128fa9468549daefb569acd63b7cb080f2105496fee6298c258e0
GET /recaptcha/api2/webworker.js?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9wYWlkc3VydmV5LnBybzo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=gt6eymgnlfb0
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
expires: Wed, 24 May 2023 06:54:14 GMT
date: Wed, 24 May 2023 06:54:14 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:443
Requested by https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnFqEUAAAAAFM5s_aRoZZO_zDhqoVv6uCdscQi&co=aHR0cHM6Ly9wYWlkc3VydmV5LnBybzo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&cb=gt6eymgnlfb0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 21:48:58 GMT
expires: Mon, 29 May 2023 21:48:58 GMT
cache-control: public, max-age=604800
age: 119116
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
create.leadid.com/2.11.9/InitFormData?msn=3&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326034
3.213.164.48200 OK 167 kB URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=3&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326034
IP 3.213.164.48:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
File type ASCII text, with very long lines (554)
Size 167 kB (166657 bytes)
Hash 213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d
POST /2.11.9/InitFormData?msn=3&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326034 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 2088
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:13 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Fri, 23-Jun-2023 06:54:13 GMT; Max-Age=2592000; path=/
rguserid=644bc4ca-e4a5-4403-8a98-2ae0098d9f0f; expires=Fri, 23-Jun-2023 06:54:13 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Fri, 23-Jun-2023 06:54:13 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Fri, 23-Jun-2023 06:54:13 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
api.trustedform.com/certs
3.211.160.236201 Created 475 B URL POST HTTP/2 api.trustedform.com/certs
IP 3.211.160.236:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (475), with no line terminators
Hash 42ae86ffa45b01898c4061673d09b9f2
9d4435d1f285fa573b2d5428e0f705b2a218819a
298892bbf1abb73fcde073abbd623a7b3c18fe332be9a306962dfffb910a4cd7
POST /certs HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 638
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 201 Created
date: Wed, 24 May 2023 06:54:15 GMT
content-type: application/json; charset=utf-8
content-length: 475
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/95a263942def238c97df04e43ab0105c31efe212/snapshot
3.211.160.236204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/95a263942def238c97df04e43ab0105c31efe212/snapshot
IP 3.211.160.236:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/95a263942def238c97df04e43ab0105c31efe212/snapshot HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 10099
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Wed, 24 May 2023 06:54:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
api.trustedform.com/certs/95a263942def238c97df04e43ab0105c31efe212/fingerprints
3.211.160.236204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/95a263942def238c97df04e43ab0105c31efe212/fingerprints
IP 3.211.160.236:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/95a263942def238c97df04e43ab0105c31efe212/fingerprints HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 176
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Wed, 24 May 2023 06:54:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
cdn.trustedform.com/trustedform-1.8.39.js
54.230.111.91200 OK 38 kB URL GET HTTP/2 cdn.trustedform.com/trustedform-1.8.39.js
IP 54.230.111.91:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9c2830f2c2e5b9cb27e0e7f151317cbe
7e0b45f1cf0f826b0aaaf792e20bdd77d27c6b3a
fe63c3d6c4d4486e0a2323e205377a04c96e054f37f4d87a7b8bab0091c19c14
GET /trustedform-1.8.39.js HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: OadgesbszW_FbzYEqgjtb7SPpT8rHyZy
server: AmazonS3
content-encoding: gzip
date: Wed, 24 May 2023 06:54:01 GMT
etag: W/"9c2830f2c2e5b9cb27e0e7f151317cbe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6Y6F91xk57mnV29oxx0xg_Rhj4YO9WQvVQUKWh35D4BY0F2xDyfBeg==
age: 14
X-Firefox-Spdy: h2
api.trustedform.com/certs/95a263942def238c97df04e43ab0105c31efe212/events
3.211.160.236204 No Content 0 B URL POST HTTP/2 api.trustedform.com/certs/95a263942def238c97df04e43ab0105c31efe212/events
IP 3.211.160.236:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subject*.trustedform.com
FingerprintF4:48:7E:31:35:27:13:EC:49:9C:69:FF:E9:38:DF:3E:B3:A9:C9:01
ValidityWed, 22 Feb 2023 00:00:00 GMT - Mon, 09 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /certs/95a263942def238c97df04e43ab0105c31efe212/events HTTP/1.1
Host: api.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 226
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
date: Wed, 24 May 2023 06:54:17 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers:
cache-control: max-age=0, private, must-revalidate
server: Cowboy
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/GenerateToken?msn=1&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&_=386326032
3.213.164.48200 OK 36 B URL POST HTTP/2 create.leadid.com/2.11.9/GenerateToken?msn=1&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&_=386326032
IP 3.213.164.48:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 98f518cacbe380b0fc5e4e9164969a99
71d04ac5d58d89f8c1651991a26a69aed11b69ba
b4e07d83efcd9822d4af1ba5713ed92e4f4bd318748025574a39af70a2b9dbc1
POST /2.11.9/GenerateToken?msn=1&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&_=386326032 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 256
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:12 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Fri, 23-Jun-2023 06:54:12 GMT; Max-Age=2592000; path=/
rguserid=62214b10-369f-4ad7-9121-81186b1ab6df; expires=Fri, 23-Jun-2023 06:54:12 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Fri, 23-Jun-2023 06:54:12 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Fri, 23-Jun-2023 06:54:12 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16849112516310.9645196778211956&invert_field_sensitivity=false
54.230.111.91200 OK 7.5 kB URL GET HTTP/2 cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=trusted_form&l=16849112516310.9645196778211956&invert_field_sensitivity=false
IP 54.230.111.91:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectcdn.trustedform.com
Fingerprint03:8C:42:F7:8D:D4:F5:93:A1:2D:50:88:50:23:67:7B:A1:CD:4B:99
ValidityWed, 15 Mar 2023 00:00:00 GMT - Fri, 12 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (7726), with no line terminators
Hash 9922363fd118cee80f733b7f8cf45e5c
c58005d21a1da4c611549651099127ff0f2ab9f6
1c01e146dfe11b2f712393fa866f782d0ea7d52ba076fb66739de8bbcd712565
GET /bootstrap.js?provide_referrer=false&field=trusted_form&l=16849112516310.9645196778211956&invert_field_sensitivity=false HTTP/1.1
Host: cdn.trustedform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://paidsurvey.pro/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 24 May 2023 06:54:14 GMT
last-modified: Fri, 12 May 2023 16:55:50 GMT
x-amz-version-id: 3_b23spJZawDo2DonqGySoPkWa3Umuag
etag: W/"88ddf717f635b54023edd7480431e1d1"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 94Vs-2m6GgWcMFymhKNWa2nzTLaKUSTd4cLpLRvLjCmd9S6lT7frrg==
X-Firefox-Spdy: h2
deviceid.trueleadid.com/iframe.html?token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
3.231.15.165200 OK 4.2 kB URL GET HTTP/2 deviceid.trueleadid.com/iframe.html?token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
IP 3.231.15.165:443
Requested by https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
Certificate IssuerAmazon
Subjectdeviceid.trueleadid.com
FingerprintD8:8B:86:53:4A:F3:E9:53:1D:C4:CD:CB:91:CD:50:50:B0:84:BA:DB
ValidityFri, 24 Feb 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4323), with no line terminators
Hash 27a57862137bf0b580930f288703c507
20114057bbb1f8a2ca6f1b6a2d81fe7f2b75c64a
b0019d4447d91be93f68b8fb233b8fcccc542e3dffc16d4dc9c9f71bc9704550
GET /iframe.html?token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4 HTTP/1.1
Host: deviceid.trueleadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:13 GMT
content-type: text/html
server: nginx
last-modified: Tue, 23 May 2023 16:17:22 GMT
etag: W/"646ce712-1049"
expires: Thu, 25 May 2023 06:54:13 GMT
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control: max-age=86400, public
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/InitFormData?msn=4&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326035
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/InitFormData?msn=4&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326035
IP 3.213.164.48:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/InitFormData?msn=4&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326035 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1063
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:16 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Fri, 23-Jun-2023 06:54:16 GMT; Max-Age=2592000; path=/
rguserid=c0355a70-aba2-4be4-9cc9-109b2031251f; expires=Fri, 23-Jun-2023 06:54:16 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Fri, 23-Jun-2023 06:54:16 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Fri, 23-Jun-2023 06:54:16 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=7&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326038
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=7&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326038
IP 3.213.164.48:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=7&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326038 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 42024
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:17 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Fri, 23-Jun-2023 06:54:17 GMT; Max-Age=2592000; path=/
rguserid=ac1312c2-8738-4579-aa6b-b832f0d88329; expires=Fri, 23-Jun-2023 06:54:17 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Fri, 23-Jun-2023 06:54:17 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Fri, 23-Jun-2023 06:54:17 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
172.67.41.229200 OK 126 kB URL GET HTTP/2 create.lidstatic.com/campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2
IP 172.67.41.229:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerCloudflare, Inc.
Subjectlidstatic.com
FingerprintF7:D5:3C:A9:3E:B6:D5:BF:11:CB:69:9F:0B:34:88:4F:18:79:BC:88
ValidityTue, 28 Feb 2023 00:00:00 GMT - Wed, 28 Feb 2024 23:59:59 GMT
Size 126 kB (126350 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /campaign/3cced9a6-4a67-d637-acdc-ccf79b4a5210.js?snippet_version=2 HTTP/1.1
Host: create.lidstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:12 GMT
content-type: text/javascript
x-amz-id-2: WTtEKbKpeFIJacvEF0N0JQtanFGDA3L38KpdR9FCGsymXyGVkLWmra10+cOqhKMUVo18/6cb2CU=
x-amz-request-id: MVZYRJGR45H5JBJR
x-amz-replication-status: COMPLETED
last-modified: Fri, 12 Nov 2021 00:55:16 GMT
etag: W/"97495a102c98049f30e62264b1eb50f5"
cache-control: max-age=1800
x-amz-version-id: StKcIVmHluaEF1AzrOc3qrEmwMpZOgwG
cf-cache-status: HIT
age: 13
vary: Accept-Encoding
server: cloudflare
cf-ray: 7cc3a03deefdb50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Baloo+Tammudu+2:wght@400;500;600;700;800&display=swap
142.250.74.106200 OK 7.9 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Baloo+Tammudu+2:wght@400;500;600;700;800&display=swap
IP 142.250.74.106:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (8060), with no line terminators
Hash 4efd9ec60eaf4881d7f67a21bbfcc327
f4330cdd46bc8edc5b2434a88efaece361ef5f4d
0ff829e5f36f2793a9bd363f20b6817284cf86d554716f816082f412cbafe4a1
GET /css2?family=Baloo+Tammudu+2:wght@400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 May 2023 06:54:11 GMT
date: Wed, 24 May 2023 06:54:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=5&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326036
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=5&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326036
IP 3.213.164.48:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=5&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326036 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 180931
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:17 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Fri, 23-Jun-2023 06:54:17 GMT; Max-Age=2592000; path=/
rguserid=43803457-a355-4c9b-bd39-997c8241f460; expires=Fri, 23-Jun-2023 06:54:17 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Fri, 23-Jun-2023 06:54:17 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Fri, 23-Jun-2023 06:54:17 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDom?msn=2&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326033
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/SaveDom?msn=2&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326033
IP 3.213.164.48:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/SaveDom?msn=2&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326033 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 496
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:13 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Fri, 23-Jun-2023 06:54:13 GMT; Max-Age=2592000; path=/
rguserid=541bdbb1-17aa-4d1f-a15b-22a8e98e4ba8; expires=Fri, 23-Jun-2023 06:54:13 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Fri, 23-Jun-2023 06:54:13 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Fri, 23-Jun-2023 06:54:13 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&uuid=a40c4bd1343e4b35a624857a30519871
3.213.164.48200 OK 0 B URL GET HTTP/2 create.leadid.com/2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&uuid=a40c4bd1343e4b35a624857a30519871
IP 3.213.164.48:443
Requested by https://deviceid.trueleadid.com/iframe.html?token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2.11.9/SaveDeviceId.js?lac=FCB958C1-1AC9-561E-1E7C-7EB79158EEC4&lck=3CCED9A6-4A67-D637-ACDC-CCF79B4A5210&methods=48&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&uuid=a40c4bd1343e4b35a624857a30519871 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deviceid.trueleadid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:14 GMT
content-type: text/javascript;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Fri, 23-Jun-2023 06:54:14 GMT; Max-Age=2592000; path=/
rguserid=f88e27c5-1bab-4dc9-8087-bf1311768ec0; expires=Fri, 23-Jun-2023 06:54:14 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Fri, 23-Jun-2023 06:54:14 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Fri, 23-Jun-2023 06:54:14 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2
create.leadid.com/2.11.9/Snap?msn=6&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326037
3.213.164.48200 OK 0 B URL POST HTTP/2 create.leadid.com/2.11.9/Snap?msn=6&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326037
IP 3.213.164.48:443
Requested by https://paidsurvey.pro/go/to/pspegl/key/d86a593e9afcc0dab68d0d4bdb5e2d5c/aid/10899/s1/633404?em=0
Certificate IssuerAmazon
Subjectcreate.leadid.com
Fingerprint95:26:B9:FB:B8:EC:5B:05:C8:59:F6:30:90:D5:6D:0A:E9:88:82:7D
ValidityThu, 23 Feb 2023 00:00:00 GMT - Thu, 19 Oct 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /2.11.9/Snap?msn=6&pid=e9c5b7fe-ddab-43f7-9ed8-5316bd9c940d&token=4C70DD1A-821A-6D5F-E11A-4C178EB28072&_=386326037 HTTP/1.1
Host: create.leadid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 190881
Origin: https://paidsurvey.pro
DNT: 1
Connection: keep-alive
Referer: https://paidsurvey.pro/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 May 2023 06:54:18 GMT
content-type: text/plain;charset=UTF-8
server: nginx
set-cookie: rgisanonymous=false; expires=Fri, 23-Jun-2023 06:54:18 GMT; Max-Age=2592000; path=/
rguserid=be1d7722-7a65-4683-bf0b-e0b158217d90; expires=Fri, 23-Jun-2023 06:54:18 GMT; Max-Age=2592000; path=/
rguuid=true; expires=Fri, 23-Jun-2023 06:54:18 GMT; Max-Age=2592000; path=/
rgisanonymous=true; expires=Fri, 23-Jun-2023 06:54:18 GMT; Max-Age=2592000; path=/
cache-control: no-cache, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With, Content-Type
access-control-max-age: 1728000
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
X-Firefox-Spdy: h2