urlscan.io logo urlscan.io
SecurityTrails logo

paidamerican.com Open in urlscan Pro
2606:4700:30::681f:5420  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://puzz.biglist.com/go/1518/44711048479/4/12322/6
Effective URL: https://paidamerican.com/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3d%26PubSrc%3d%26p...
Submission: On June 03 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 7 domains to perform 8 HTTP transactions. The main IP is 2606:4700:30::681f:5420, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is paidamerican.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 10th 2019. Valid for: a year.
This is the only time paidamerican.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 207.99.117.60 8001 (NET-ACCES...)
1 104.239.231.222 27357 (RACKSPACE)
1 1 54.72.199.154 16509 (AMAZON-02)
1 1 34.193.67.225 14618 (AMAZON-AES)
1 1 52.87.61.210 14618 (AMAZON-AES)
4 7 2606:4700:30:... 13335 (CLOUDFLAR...)
2 6 2606:4700:30:... 13335 (CLOUDFLAR...)
8 3
1    207.99.117.60 (Denver, United States)

ASN8001 (NET-ACCESS-CORP - Net Access Corporation, US)
PTR: k27.biglist.com
puzz.biglist.com
1    104.239.231.222 (San Antonio, United States)

ASN27357 (RACKSPACE - Rackspace Hosting, US)
PTR: puzz.com
www.puzz.com
1    54.72.199.154 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-199-154.eu-west-1.compute.amazonaws.com
puzz.go2cloud.org
1    34.193.67.225 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-193-67-225.compute-1.amazonaws.com
dapitbtsj.com
1    52.87.61.210 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-87-61-210.compute-1.amazonaws.com
affntwklnk.com
7    2606:4700:30::6812:268c (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
poll.surveyvoicesresearch.com
6    2606:4700:30::681f:5420 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
paidamerican.com
Apex Domain
Subdomains		 Transfer
7 surveyvoicesresearch.com
poll.surveyvoicesresearch.com
13 KB
6 paidamerican.com
paidamerican.com
31 KB
1 affntwklnk.com
affntwklnk.com
923 B
1 dapitbtsj.com
dapitbtsj.com
341 B
1 go2cloud.org
puzz.go2cloud.org
2 KB
1 puzz.com
www.puzz.com
438 B
1 biglist.com
puzz.biglist.com
374 B
8 7
Domain Requested by
7 poll.surveyvoicesresearch.com 4 redirects poll.surveyvoicesresearch.com
6 paidamerican.com 2 redirects paidamerican.com
1 affntwklnk.com 1 redirects
1 dapitbtsj.com 1 redirects
1 puzz.go2cloud.org 1 redirects
1 www.puzz.com
1 puzz.biglist.com 1 redirects
8 7

This site contains links to these domains. Also see Links.

Domain
davidcdaniel.us
www.cloudflare.com
Subject Issuer Validity Valid
puzz.com
Go Daddy Secure Certificate Authority - G2		 2018-06-26 -
2020-06-26		 2 years crt.sh
sni194247.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-05-25 -
2019-12-01		 6 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-05-10 -
2020-05-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://paidamerican.com/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3d%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
Frame ID: 84A082229377807557F01F7B476EB246
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://puzz.biglist.com/go/1518/44711048479/4/12322/6 HTTP 302
    https://www.puzz.com/vdh.html?bp75&aff_sub2=jmarch%40quiktrip.com&aff_sub3= Page URL
  2. https://puzz.go2cloud.org/aff_c?offer_id=734&aff_id=2&aff_sub=bp75&aff_sub2=jmarch%40quiktrip.com&aff_... HTTP 302
    https://dapitbtsj.com/?f5c=1y8B9OYbfDyFAZl4H2dLP1kv5z3QO907vQJDRoz7h5U%3d&s1=bp75&email=jmarch%40q... HTTP 302
    https://affntwklnk.com/?f5c=1y8B9OYbfDyFAZl4H2dLP1kv5z3QO907vQJDRoz7h5U%3d&s1=bp75&email=jmarch%40q... HTTP 302
    https://poll.surveyvoicesresearch.com/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyf... Page URL
  3. https://poll.surveyvoicesresearch.com/cdn-cgi/l/chk_jschl?s=e320b230bbf1c80131b0f063dda0684a34dad4f5-1559563801-18... HTTP 302
    https://poll.surveyvoicesresearch.com/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyf... HTTP 302
    https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=CFA8873D-7D98-C1AC-33D2-EDA748129CF0A7E31116&iframe=1&... Page URL
  4. https://poll.surveyvoicesresearch.com/?flow=CFA8873D-7D98-C1AC-33D2-EDA748129CF0A7E31116&iframe=1&&PubSrc=%26page%... HTTP 302
    https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=4530FA80-4C42-C0B8-DEC6-8CE7A534AB60161577B9&iframe=1&... Page URL
  5. https://poll.surveyvoicesresearch.com/?flow=4530FA80-4C42-C0B8-DEC6-8CE7A534AB60161577B9&iframe=1&&PubSrc=%26PubSr... HTTP 302
    https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&... Page URL
  6. https://paidamerican.com/cdn-cgi/l/chk_jschl?s=a6f0d01539ed7d7a6a7c4ac2ccc7538f54f8eff7-1559563806-18... HTTP 302
    https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&... Page URL
  7. https://paidamerican.com/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSr... Page URL
  8. https://paidamerican.com/cdn-cgi/l/chk_jschl?s=ba1936e31b9f2d0c7754f2b70166a58edeab4519-1559563811-18... HTTP 302
    https://paidamerican.com/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSr... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

8
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

3
IPs

2
Countries

42 kB
Transfer

43 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://puzz.biglist.com/go/1518/44711048479/4/12322/6 HTTP 302
    https://www.puzz.com/vdh.html?bp75&aff_sub2=jmarch%40quiktrip.com&aff_sub3= Page URL
  2. https://puzz.go2cloud.org/aff_c?offer_id=734&aff_id=2&aff_sub=bp75&aff_sub2=jmarch%40quiktrip.com&aff_sub3= HTTP 302
    https://dapitbtsj.com/?f5c=1y8B9OYbfDyFAZl4H2dLP1kv5z3QO907vQJDRoz7h5U%3d&s1=bp75&email=jmarch%40quiktrip.com&firstname= HTTP 302
    https://affntwklnk.com/?f5c=1y8B9OYbfDyFAZl4H2dLP1kv5z3QO907vQJDRoz7h5U%3d&s1=bp75&email=jmarch%40quiktrip.com&firstname=&ckmguid=96b56e8e-727d-4a8e-83a9-0838a8276511 HTTP 302
    https://poll.surveyvoicesresearch.com/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyfromhome&subaff1=bp75&subaff2=200789&subaff3=107435&subaff4=moneyfromhomeCPC&DVID=&email=jmarch%40quiktrip.com&firstname= Page URL
  3. https://poll.surveyvoicesresearch.com/cdn-cgi/l/chk_jschl?s=e320b230bbf1c80131b0f063dda0684a34dad4f5-1559563801-1800-Ae5wDxVeFhfITFiujCQSOCPFUpzfbX26YWEoyBP0EcfhGRrjQ3s94IP5UER%2FDXoAuriSK1goj8K8bv7w1VF%2B0M14vfeT8WGCI0vz2QSYL4XJzahPJ3%2FAxlNlIZPlnjhWOXKxXtvSDAfYhy3ElsuCtebJKarg%2BsiHky8LigVdHYeRNbR7LEo5CGZomkeJu6jRhKeYnSyTiinz1fh9CfVlxjkYeC93K%2BH4bZIMPWZa9uy2MGQearWWAiIg%2B28llObD8a5IfL78NbdzOYnRibn7DoFY%2BV4a3hd5Fv5g4mu18GiR8%2BbpIcVVrbfykm%2FwuWRLaH7YWXuRfV5PPunFvNs%2Fg291KuaVbRsSSEENh%2Fv113qtGSFdG4MjXl3OoafiegqhOg%3D%3D&jschl_vc=de0510dcf8f566a3909a873623afafef&pass=1559563805.77-TGvpTrjPoY&jschl_answer=35.6212825362 HTTP 302
    https://poll.surveyvoicesresearch.com/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyfromhome&subaff1=bp75&subaff2=200789&subaff3=107435&subaff4=moneyfromhomeCPC&DVID=&email=jmarch%40quiktrip.com&firstname= HTTP 302
    https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=CFA8873D-7D98-C1AC-33D2-EDA748129CF0A7E31116&iframe=1&&PubSrc=%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone= Page URL
  4. https://poll.surveyvoicesresearch.com/?flow=CFA8873D-7D98-C1AC-33D2-EDA748129CF0A7E31116&iframe=1&&PubSrc=%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch%40quiktrip.com&FirstName=&WorkPhone= HTTP 302
    https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=4530FA80-4C42-C0B8-DEC6-8CE7A534AB60161577B9&iframe=1&&PubSrc=%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone= Page URL
  5. https://poll.surveyvoicesresearch.com/?flow=4530FA80-4C42-C0B8-DEC6-8CE7A534AB60161577B9&iframe=1&&PubSrc=%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch%40quiktrip.com&FirstName=&WorkPhone= HTTP 302
    https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0 Page URL
  6. https://paidamerican.com/cdn-cgi/l/chk_jschl?s=a6f0d01539ed7d7a6a7c4ac2ccc7538f54f8eff7-1559563806-1800-AUVdzLUnWOlrf5i9JUmrl77fP7jGWHwoKEBcdXG2HkdPK75%2Ffiyg%2BD%2B%2BJxk9cqqOf6O9O%2F88LbKwLunnXdPfZX4hGKpdzkgKO%2FUQCXYVHCXS134j6T0Lx%2BTsidmxVkVSp5vMTt8k6RiYjCpOk4tsAs9C5M%2F3EtUeKYRqv4mPajRcCdxkxtKSR99BkXWMTNiB9kTyZBQbTGLU3ARyGph%2FhylG6BeEZmyfhwCZVFP6BJ21oEwyUZLGgLrJVpV%2BQaEzXzSfqZSz%2F4bz%2BP9AMpRJL%2BbsgK9d0oANxj%2B%2FCzFKbUKPa31ZWfziwcGnAbJ5DeQNnTlrQJHddveAL58CSFzXFxrpA3nhmHLaK4AM0fL%2BQrE6nt0%2FGD0GozWyo7Qigs8e687g%2Bq%2FliQEuiVnQCkS8dy339KGeSUdgOXRgLgFOz4GlDq58ldqk5Q9ZHFogfaM3tyECiA%2BsEgY9OCn63XU08JGPx3ZRLGSJn0pNHTFe6%2BebH8%2FA5KDgZ0y7OYz%2FGYvgFQ%3D%3D&jschl_vc=fe372aeb05e0505f9abc9f6b00c2060b&pass=1559563810.946-RI4SeOGcfn&jschl_answer=22.3119300419 HTTP 302
    https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0 Page URL
  7. https://paidamerican.com/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3d%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0 Page URL
  8. https://paidamerican.com/cdn-cgi/l/chk_jschl?s=ba1936e31b9f2d0c7754f2b70166a58edeab4519-1559563811-1800-AUx0WncztdPX%2BFO%2Bc%2FOxjo0B9splEMkeWkfVoDGoiTeHDRCo4MSyGfcq5WiNreoSx7BE%2BcgI4zxQgFdxeALErj2RGuzJgswSdHNwSp4zWRmbHRsBrxXbbB7XqgWoetezhMXlWQC%2FkpzHYQ9%2Bor4C3EN2nQ17o%2Fc2v6wzuT5TPx1PApWVvtgq69RyoRcy7xO6sdIsUbEhEbrYqIl%2BNVRywiTkElacSejQ3gqg7dfa0WQg%2BYJqs%2BlFyaNNwTqg%2FyvIfORlTUaYzjl71tsGEfsX2OXudnuACYp%2BLd8nxSwo3%2FG1D5lInG6mBdSD1MmFEdqqfUVcIu%2BJeTAaYtw2tdPeZfhVlDo8%2FDrnYXK3wptpp31a2Obnl32qHN8NfLjrcVRv6jvaVr4ev9k6qppwVNZzauPadGiks8yMYLi48NHuo45q7J2QkrJGA9X0tP3Agg9Iq8b9YY%2BCgMV2UBkdLUttOjp%2FVU1aEZXY5Gkx5GeJMuN2&jschl_vc=3528dc2070e1dc4b7361c772681915d1&pass=1559563815.245-qb%2BbX%2BPTz1&jschl_answer=61.6593407400 HTTP 302
    https://paidamerican.com/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3d%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://puzz.biglist.com/go/1518/44711048479/4/12322/6 HTTP 302
  • https://www.puzz.com/vdh.html?bp75&aff_sub2=jmarch%40quiktrip.com&aff_sub3=
Request Chain 1
  • https://puzz.go2cloud.org/aff_c?offer_id=734&aff_id=2&aff_sub=bp75&aff_sub2=jmarch%40quiktrip.com&aff_sub3= HTTP 302
  • https://dapitbtsj.com/?f5c=1y8B9OYbfDyFAZl4H2dLP1kv5z3QO907vQJDRoz7h5U%3d&s1=bp75&email=jmarch%40quiktrip.com&firstname= HTTP 302
  • https://affntwklnk.com/?f5c=1y8B9OYbfDyFAZl4H2dLP1kv5z3QO907vQJDRoz7h5U%3d&s1=bp75&email=jmarch%40quiktrip.com&firstname=&ckmguid=96b56e8e-727d-4a8e-83a9-0838a8276511 HTTP 302
  • https://poll.surveyvoicesresearch.com/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyfromhome&subaff1=bp75&subaff2=200789&subaff3=107435&subaff4=moneyfromhomeCPC&DVID=&email=jmarch%40quiktrip.com&firstname=
Request Chain 2
  • https://poll.surveyvoicesresearch.com/cdn-cgi/l/chk_jschl?s=e320b230bbf1c80131b0f063dda0684a34dad4f5-1559563801-1800-Ae5wDxVeFhfITFiujCQSOCPFUpzfbX26YWEoyBP0EcfhGRrjQ3s94IP5UER%2FDXoAuriSK1goj8K8bv7w1VF%2B0M14vfeT8WGCI0vz2QSYL4XJzahPJ3%2FAxlNlIZPlnjhWOXKxXtvSDAfYhy3ElsuCtebJKarg%2BsiHky8LigVdHYeRNbR7LEo5CGZomkeJu6jRhKeYnSyTiinz1fh9CfVlxjkYeC93K%2BH4bZIMPWZa9uy2MGQearWWAiIg%2B28llObD8a5IfL78NbdzOYnRibn7DoFY%2BV4a3hd5Fv5g4mu18GiR8%2BbpIcVVrbfykm%2FwuWRLaH7YWXuRfV5PPunFvNs%2Fg291KuaVbRsSSEENh%2Fv113qtGSFdG4MjXl3OoafiegqhOg%3D%3D&jschl_vc=de0510dcf8f566a3909a873623afafef&pass=1559563805.77-TGvpTrjPoY&jschl_answer=35.6212825362 HTTP 302
  • https://poll.surveyvoicesresearch.com/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyfromhome&subaff1=bp75&subaff2=200789&subaff3=107435&subaff4=moneyfromhomeCPC&DVID=&email=jmarch%40quiktrip.com&firstname= HTTP 302
  • https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=CFA8873D-7D98-C1AC-33D2-EDA748129CF0A7E31116&iframe=1&&PubSrc=%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone=
Request Chain 3
  • https://poll.surveyvoicesresearch.com/?flow=CFA8873D-7D98-C1AC-33D2-EDA748129CF0A7E31116&iframe=1&&PubSrc=%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch%40quiktrip.com&FirstName=&WorkPhone= HTTP 302
  • https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=4530FA80-4C42-C0B8-DEC6-8CE7A534AB60161577B9&iframe=1&&PubSrc=%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone=
Request Chain 4
  • https://poll.surveyvoicesresearch.com/?flow=4530FA80-4C42-C0B8-DEC6-8CE7A534AB60161577B9&iframe=1&&PubSrc=%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch%40quiktrip.com&FirstName=&WorkPhone= HTTP 302
  • https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
Request Chain 5
  • https://paidamerican.com/cdn-cgi/l/chk_jschl?s=a6f0d01539ed7d7a6a7c4ac2ccc7538f54f8eff7-1559563806-1800-AUVdzLUnWOlrf5i9JUmrl77fP7jGWHwoKEBcdXG2HkdPK75%2Ffiyg%2BD%2B%2BJxk9cqqOf6O9O%2F88LbKwLunnXdPfZX4hGKpdzkgKO%2FUQCXYVHCXS134j6T0Lx%2BTsidmxVkVSp5vMTt8k6RiYjCpOk4tsAs9C5M%2F3EtUeKYRqv4mPajRcCdxkxtKSR99BkXWMTNiB9kTyZBQbTGLU3ARyGph%2FhylG6BeEZmyfhwCZVFP6BJ21oEwyUZLGgLrJVpV%2BQaEzXzSfqZSz%2F4bz%2BP9AMpRJL%2BbsgK9d0oANxj%2B%2FCzFKbUKPa31ZWfziwcGnAbJ5DeQNnTlrQJHddveAL58CSFzXFxrpA3nhmHLaK4AM0fL%2BQrE6nt0%2FGD0GozWyo7Qigs8e687g%2Bq%2FliQEuiVnQCkS8dy339KGeSUdgOXRgLgFOz4GlDq58ldqk5Q9ZHFogfaM3tyECiA%2BsEgY9OCn63XU08JGPx3ZRLGSJn0pNHTFe6%2BebH8%2FA5KDgZ0y7OYz%2FGYvgFQ%3D%3D&jschl_vc=fe372aeb05e0505f9abc9f6b00c2060b&pass=1559563810.946-RI4SeOGcfn&jschl_answer=22.3119300419 HTTP 302
  • https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
vdh.html
www.puzz.com/
Redirect Chain
  • https://puzz.biglist.com/go/1518/44711048479/4/12322/6
  • https://www.puzz.com/vdh.html?bp75&aff_sub2=jmarch%40quiktrip.com&aff_sub3=
194 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.puzz.com/vdh.html?bp75&aff_sub2=jmarch%40quiktrip.com&aff_sub3=
Protocol
HTTP/1.1
Security
TLS 1.0, ECDHE_RSA, AES_128_CBC
Server
104.239.231.222 San Antonio, United States, ASN27357 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
puzz.com
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash

Request headers

Host
www.puzz.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 03 Jun 2019 12:09:59 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
Accept-Ranges
bytes
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

Server
nginx
Date
Mon, 03 Jun 2019 12:09:59 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache, must-revalidate
Location
https://www.puzz.com/vdh.html?bp75&aff_sub2=jmarch%40quiktrip.com&aff_sub3=
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
/
poll.surveyvoicesresearch.com/
Redirect Chain
  • https://puzz.go2cloud.org/aff_c?offer_id=734&aff_id=2&aff_sub=bp75&aff_sub2=jmarch%40quiktrip.com&aff_sub3=
  • https://dapitbtsj.com/?f5c=1y8B9OYbfDyFAZl4H2dLP1kv5z3QO907vQJDRoz7h5U%3d&s1=bp75&email=jmarch%40quiktrip.com&firstname=
  • https://affntwklnk.com/?f5c=1y8B9OYbfDyFAZl4H2dLP1kv5z3QO907vQJDRoz7h5U%3d&s1=bp75&email=jmarch%40quiktrip.com&firstname=&ckmguid=96b56e8e-727d-4a8e-83a9-0838a8276511
  • https://poll.surveyvoicesresearch.com/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyfromhome&subaff1=bp75&subaff2=200789&subaff3=107435&subaff4=moneyfromhomeCPC&DVID=&e...
10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://poll.surveyvoicesresearch.com/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyfromhome&subaff1=bp75&subaff2=200789&subaff3=107435&subaff4=moneyfromhomeCPC&DVID=&email=jmarch%40quiktrip.com&firstname=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:268c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b96c331aee8d539243285cca6293f6ad4e6671a4de06270a61cf3e9c1e66e378
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
poll.surveyvoicesresearch.com
:scheme
https
:path
/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyfromhome&subaff1=bp75&subaff2=200789&subaff3=107435&subaff4=moneyfromhomeCPC&DVID=&email=jmarch%40quiktrip.com&firstname=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.puzz.com/vdh.html?bp75&aff_sub2=jmarch%40quiktrip.com&aff_sub3=
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.puzz.com/vdh.html?bp75&aff_sub2=jmarch%40quiktrip.com&aff_sub3=

Response headers

status
503
date
Mon, 03 Jun 2019 12:10:01 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
set-cookie
__cfduid=d9da5affc94d637a41bef808ed1cfaeee1559563801; expires=Tue, 02-Jun-20 12:10:01 GMT; path=/; domain=.surveyvoicesresearch.com; HttpOnly; Secure
cache-control
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4e118fc10c38c295-FRA

Redirect headers

Cache-Control
private
Content-Length
387
Content-Type
text/html; charset=utf-8
Date
Mon, 03 Jun 2019 12:10:01 GMT
Location
https://poll.surveyvoicesresearch.com/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyfromhome&subaff1=bp75&subaff2=200789&subaff3=107435&subaff4=moneyfromhomeCPC&DVID=&email=jmarch%40quiktrip.com&firstname=
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
sid=AuaXvEB0eX735HF+pAh9iemZZvz2TuHzJsp3IeheQ0mVf4BwNgpubQ==; domain=.affntwklnk.com; path=/; HttpOnly trk=gcWDYUDjZFq08qPcRBWAMOmZZvz2TuHzJsp3IeheQ0mVf4BwNgpubQ==; domain=.affntwklnk.com; expires=Mon, 03-Jun-2024 08:10:01 GMT; path=/; HttpOnly c210690=AuaXvEB0eX4pGxVJxJ/wRwCb/0q76fDVsDqWjNnHAwz8Lw/qg7zhsZYAycKY8azs; domain=.affntwklnk.com; expires=Wed, 03-Jul-2019 12:10:01 GMT; path=/; HttpOnly
Connection
close
domaintrack.aspx
poll.surveyvoicesresearch.com/
Redirect Chain
  • https://poll.surveyvoicesresearch.com/cdn-cgi/l/chk_jschl?s=e320b230bbf1c80131b0f063dda0684a34dad4f5-1559563801-1800-Ae5wDxVeFhfITFiujCQSOCPFUpzfbX26YWEoyBP0EcfhGRrjQ3s94IP5UER%2FDXoAuriSK1goj8K8bv...
  • https://poll.surveyvoicesresearch.com/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyfromhome&subaff1=bp75&subaff2=200789&subaff3=107435&subaff4=moneyfromhomeCPC&DVID=&e...
  • https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=CFA8873D-7D98-C1AC-33D2-EDA748129CF0A7E31116&iframe=1&&PubSrc=%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLo...
2 KB
933 B 		Document
General
Check archive.org
Download Go to
Full URL
https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=CFA8873D-7D98-C1AC-33D2-EDA748129CF0A7E31116&iframe=1&&PubSrc=%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone=
Requested by
Host: poll.surveyvoicesresearch.com
URL: https://poll.surveyvoicesresearch.com/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyfromhome&subaff1=bp75&subaff2=200789&subaff3=107435&subaff4=moneyfromhomeCPC&DVID=&email=jmarch%40quiktrip.com&firstname=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:268c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
233c8e71f37c756b2a1e9c911c7685a1099ef7ad3d74c4566ca41847719c23b8

Request headers

:method
GET
:authority
poll.surveyvoicesresearch.com
:scheme
https
:path
/domaintrack.aspx?flow=CFA8873D-7D98-C1AC-33D2-EDA748129CF0A7E31116&iframe=1&&PubSrc=%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://poll.surveyvoicesresearch.com/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyfromhome&subaff1=bp75&subaff2=200789&subaff3=107435&subaff4=moneyfromhomeCPC&DVID=&email=jmarch%40quiktrip.com&firstname=
accept-encoding
gzip, deflate, br
cookie
__cfduid=d731c01c2103e0ed9ee9bd4cc7496cac81559563805; cf_clearance=2f730201ddab892a81102b5cbb5d0227d3ee0160-1559563805-300-150; ASP.NET_SessionId=01aqokdykt3nddtxumquezcx; AF3_Cookie=Email=jmarch@quiktrip.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://poll.surveyvoicesresearch.com/?Flow=F2735ADF-3135-F020-DE46-ACCF5744012CC170F740&isPrePop=true&page=moneyfromhome&subaff1=bp75&subaff2=200789&subaff3=107435&subaff4=moneyfromhomeCPC&DVID=&email=jmarch%40quiktrip.com&firstname=

Response headers

status
200
date
Mon, 03 Jun 2019 12:10:06 GMT
content-type
text/html; charset=utf-8
cache-control
private
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4e118fdbda4bc295-FRA
content-encoding
br

Redirect headers

status
302
date
Mon, 03 Jun 2019 12:10:06 GMT
content-type
text/html; charset=utf-8
cache-control
private
location
https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=CFA8873D-7D98-C1AC-33D2-EDA748129CF0A7E31116&iframe=1&&PubSrc=%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone=
set-cookie
ASP.NET_SessionId=01aqokdykt3nddtxumquezcx; path=/; HttpOnly AF3_Cookie=Email=jmarch@quiktrip.com; expires=Wed, 03-Jun-2020 12:10:05 GMT; path=/
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4e118fda9e19c295-FRA
domaintrack.aspx
poll.surveyvoicesresearch.com/
Redirect Chain
  • https://poll.surveyvoicesresearch.com/?flow=CFA8873D-7D98-C1AC-33D2-EDA748129CF0A7E31116&iframe=1&&PubSrc=%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULU...
  • https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=4530FA80-4C42-C0B8-DEC6-8CE7A534AB60161577B9&iframe=1&&PubSrc=%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhome...
2 KB
957 B 		Document
General
Check archive.org
Download Go to
Full URL
https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=4530FA80-4C42-C0B8-DEC6-8CE7A534AB60161577B9&iframe=1&&PubSrc=%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:268c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
poll.surveyvoicesresearch.com
:scheme
https
:path
/domaintrack.aspx?flow=4530FA80-4C42-C0B8-DEC6-8CE7A534AB60161577B9&iframe=1&&PubSrc=%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=CFA8873D-7D98-C1AC-33D2-EDA748129CF0A7E31116&iframe=1&&PubSrc=%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone=
accept-encoding
gzip, deflate, br
cookie
__cfduid=d731c01c2103e0ed9ee9bd4cc7496cac81559563805; cf_clearance=2f730201ddab892a81102b5cbb5d0227d3ee0160-1559563805-300-150; ASP.NET_SessionId=01aqokdykt3nddtxumquezcx; AF3_Cookie=Email=jmarch@quiktrip.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=CFA8873D-7D98-C1AC-33D2-EDA748129CF0A7E31116&iframe=1&&PubSrc=%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone=

Response headers

status
200
date
Mon, 03 Jun 2019 12:10:06 GMT
content-type
text/html; charset=utf-8
cache-control
private
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4e118fdeaca4c295-FRA
content-encoding
br

Redirect headers

status
302
date
Mon, 03 Jun 2019 12:10:06 GMT
content-type
text/html; charset=utf-8
cache-control
private
location
https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=4530FA80-4C42-C0B8-DEC6-8CE7A534AB60161577B9&iframe=1&&PubSrc=%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone=
x-aspnet-version
4.0.30319
set-cookie
AF3_Cookie=Email=jmarch@quiktrip.com; expires=Wed, 03-Jun-2020 12:10:06 GMT; path=/
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4e118fdd4fe4c295-FRA
domaintrack.aspx
paidamerican.com/
Redirect Chain
  • https://poll.surveyvoicesresearch.com/?flow=4530FA80-4C42-C0B8-DEC6-8CE7A534AB60161577B9&iframe=1&&PubSrc=%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp...
  • https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeC...
10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5420 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d476425fa9863f3de363025d5d6cf8e62c8b4b4e210be1bcb52cd375b4aaf463
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
paidamerican.com
:scheme
https
:path
/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=4530FA80-4C42-C0B8-DEC6-8CE7A534AB60161577B9&iframe=1&&PubSrc=%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone=
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://poll.surveyvoicesresearch.com/domaintrack.aspx?flow=4530FA80-4C42-C0B8-DEC6-8CE7A534AB60161577B9&iframe=1&&PubSrc=%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&Email=jmarch@quiktrip.com&FirstName=&WorkPhone=

Response headers

status
503
date
Mon, 03 Jun 2019 12:10:06 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
set-cookie
__cfduid=ddd85350f95da613bdfc37098345596991559563806; expires=Tue, 02-Jun-20 12:10:06 GMT; path=/; domain=.paidamerican.com; HttpOnly
cache-control
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4e118fe15bad2754-FRA

Redirect headers

status
302
date
Mon, 03 Jun 2019 12:10:06 GMT
content-type
text/html; charset=utf-8
cache-control
private
location
https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
x-aspnet-version
4.0.30319
set-cookie
AF3_Cookie=Email=jmarch@quiktrip.com; expires=Wed, 03-Jun-2020 12:10:06 GMT; path=/
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4e118fdfd914c295-FRA
domaintrack.aspx
paidamerican.com/
Redirect Chain
  • https://paidamerican.com/cdn-cgi/l/chk_jschl?s=a6f0d01539ed7d7a6a7c4ac2ccc7538f54f8eff7-1559563806-1800-AUVdzLUnWOlrf5i9JUmrl77fP7jGWHwoKEBcdXG2HkdPK75%2Ffiyg%2BD%2B%2BJxk9cqqOf6O9O%2F88LbKwLunnXdP...
  • https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeC...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
Requested by
Host: paidamerican.com
URL: https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5420 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

:method
GET
:authority
paidamerican.com
:scheme
https
:path
/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
accept-encoding
gzip, deflate, br
cookie
__cfduid=d3d6d7bb880351cc6a28400def918ab7c1559563810; cf_clearance=7ed893a446aee3932eb868780992999a3e6c62c5-1559563810-1800-150
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0

Response headers

status
200
date
Mon, 03 Jun 2019 12:10:11 GMT
content-type
text/html; charset=utf-8
cache-control
private
vary
Accept-Encoding
set-cookie
ASP.NET_SessionId=a334hzkndpncp5og3uxcdxst; path=/; HttpOnly
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4e118ffacf482754-FRA
content-encoding
br

Redirect headers

status
302
date
Mon, 03 Jun 2019 12:10:10 GMT
content-type
text/html
content-length
159
set-cookie
__cfduid=d3d6d7bb880351cc6a28400def918ab7c1559563810; expires=Tue, 02-Jun-20 12:10:10 GMT; path=/; domain=.paidamerican.com; HttpOnly cf_clearance=7ed893a446aee3932eb868780992999a3e6c62c5-1559563810-1800-150; path=/; expires=Mon, 03-Jun-19 13:40:10 GMT; domain=.paidamerican.com; HttpOnly
location
/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
server
cloudflare
cf-ray
4e118ffabf3e2754-FRA
x-frame-options
SAMEORIGIN
/
paidamerican.com/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paidamerican.com/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3d%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5420 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c675564ea104e2c382885bccc36fd5ff1b38a3c55aadf5781e6abd2d05beb30
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
paidamerican.com
:scheme
https
:path
/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3d%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
accept-encoding
gzip, deflate, br
cookie
ASP.NET_SessionId=a334hzkndpncp5og3uxcdxst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://paidamerican.com/domaintrack.aspx?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3D%26PubSrc%3D%26page%3Dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0

Response headers

status
503
date
Mon, 03 Jun 2019 12:10:11 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
set-cookie
__cfduid=d9ad4f898b650e224d3e4dbb20b548c9e1559563811; expires=Tue, 02-Jun-20 12:10:11 GMT; path=/; domain=.paidamerican.com; HttpOnly
cache-control
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4e118ffc48812754-FRA
Primary Request /
paidamerican.com/
Redirect Chain
  • https://paidamerican.com/cdn-cgi/l/chk_jschl?s=ba1936e31b9f2d0c7754f2b70166a58edeab4519-1559563811-1800-AUx0WncztdPX%2BFO%2Bc%2FOxjo0B9splEMkeWkfVoDGoiTeHDRCo4MSyGfcq5WiNreoSx7BE%2BcgI4zxQgFdxeALEr...
  • https://paidamerican.com/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3d%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=...
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paidamerican.com/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3d%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
Requested by
Host: paidamerican.com
URL: https://paidamerican.com/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3d%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:5420 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1d9597818793c6ced32fe2401d0aa648c68d9f56afadb397464e727cadaf494
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
paidamerican.com
:scheme
https
:path
/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3d%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://paidamerican.com/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3d%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
accept-encoding
gzip, deflate, br
cookie
__cfduid=d220127ca73e8e5aaf76e92b91acbad0e1559563815
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://paidamerican.com/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3d%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0

Response headers

status
503
date
Mon, 03 Jun 2019 12:10:15 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cache-control
no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
4e1190158b1e2754-FRA

Redirect headers

status
302
date
Mon, 03 Jun 2019 12:10:15 GMT
content-type
text/html
content-length
159
set-cookie
__cfduid=d220127ca73e8e5aaf76e92b91acbad0e1559563815; expires=Tue, 02-Jun-20 12:10:15 GMT; path=/; domain=.paidamerican.com; HttpOnly
location
/?flow=CFB72C76-C88A-56F0-C11C-596A65E5DA1CCCC71E09&iframe=1&&PubSrc=%26PubSrc%3d%26PubSrc%3d%26page%3dmoneyfromhome&SubAff=bp75_200789_107435_moneyfromhomeCPC&isUserLookUp=False&isULUDone=False&PIY=pCYAbBKW3tOUyoEemqf3scYmOtkk0%257CPbMUwFGrGBVU7LUUzxfxrGsEvC-wRddTnk0
server
cloudflare
cf-ray
4e1190157b162754-FRA
x-frame-options
SAMEORIGIN

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Domain/Path Name / Value
.paidamerican.com/ Name: __cfduid
Value: d220127ca73e8e5aaf76e92b91acbad0e1559563815