urlscan.io logo urlscan.io
SecurityTrails logo

itep.ningutengo.com Open in urlscan Pro
2606:4700:3036::6815:2b60  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7333808459260887131&website=417-b57be3fz&placem...
Effective URL: https://itep.ningutengo.com/oc/28b4a0e543?affclick=0289105B5EA861707684650921405&pubid=25_29611306
Submission: On February 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 15 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3036::6815:2b60, located in United States and belongs to CLOUDFLARENET, US. The main domain is itep.ningutengo.com.
TLS certificate: Issued by GTS CA 1P5 on February 3rd 2024. Valid for: 3 months.
This is the only time itep.ningutengo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.68.85.158 16276 (OVH)
1 1 104.26.7.190 13335 (CLOUDFLAR...)
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 185.66.201.43 201702 (SKHOSTING-EU)
3 2607:f8b0:400... 15169 (GOOGLE)
1 185.66.201.8 201702 (SKHOSTING-EU)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 170.106.62.80 132203 (TENCENT-N...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 3.217.195.192 14618 (AMAZON-AES)
1 1 34.95.127.121 396982 (GOOGLE-CL...)
1 1 23.192.55.164 16625 (AKAMAI-AS)
1 1 23.204.76.34 16625 (AKAMAI-AS)
1 2600:1403:9c0... ()
21 11
1    51.68.85.158 (France)

ASN16276 (OVH, FR)
cimentbuilder.one
1    104.26.7.190 (None, )

ASN13335 (CLOUDFLARENET, US)
admoustache.aftrad-visit.com
4    2606:4700:3036::6815:670 (United States)

ASN13335 (CLOUDFLARENET, US)
mety.panparan.com
2    2606:4700:3033::ac43:b9bc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    185.66.201.43 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.43.skhosting.eu
342888.top
3    2607:f8b0:4004:c1d::64 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    185.66.201.8 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.8.skhosting.eu
6662.world
1    2607:f8b0:4004:c08::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4004:c07::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    170.106.62.80 (Ashburn, United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
mengine.fusetracking.com
1    2606:4700:3036::6815:2b60 (United States)

ASN13335 (CLOUDFLARENET, US)
itep.ningutengo.com
1    2606:4700:3035::6815:304e (United States)

ASN13335 (CLOUDFLARENET, US)
rtrackt.com
2    3.217.195.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-195-192.compute-1.amazonaws.com
norton.ow5a.net
1    34.95.127.121 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com
www.ojrq.net
1    23.192.55.164 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-55-164.deploy.static.akamaitechnologies.com
buy.norton.com
1    23.204.76.34 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-76-34.deploy.static.akamaitechnologies.com
www.norton.com
1    2600:1403:9c00:d83::1015 (None, )

ASN- ()
us.norton.com
Apex Domain
Subdomains		 Transfer
4 panparan.com
mety.panparan.com
6 KB
3 norton.com
buy.norton.com — Cisco Umbrella Rank: 183282
www.norton.com — Cisco Umbrella Rank: 58393
us.norton.com
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 ow5a.net
norton.ow5a.net — Cisco Umbrella Rank: 367033
2 KB
2 addlnk.com
cdn.addlnk.com
2 KB
1 ojrq.net
www.ojrq.net — Cisco Umbrella Rank: 6954
558 B
1 rtrackt.com
rtrackt.com
599 B
1 ningutengo.com
itep.ningutengo.com
985 B
1 fusetracking.com
mengine.fusetracking.com
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
83 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 80
342 B
1 6662.world
6662.world
327 B
1 342888.top
342888.top
980 B
1 aftrad-visit.com
admoustache.aftrad-visit.com
553 B
1 cimentbuilder.one
cimentbuilder.one
412 B
21 15
Domain Requested by
4 mety.panparan.com 1 redirects mety.panparan.com
3 www.google-analytics.com 342888.top
www.google-analytics.com
www.googletagmanager.com
2 norton.ow5a.net 2 redirects
2 cdn.addlnk.com mety.panparan.com
itep.ningutengo.com
1 us.norton.com itep.ningutengo.com
1 www.norton.com 1 redirects
1 buy.norton.com 1 redirects
1 www.ojrq.net 1 redirects
1 rtrackt.com 1 redirects
1 itep.ningutengo.com mengine.fusetracking.com
1 mengine.fusetracking.com 6662.world
1 www.googletagmanager.com www.google-analytics.com
1 stats.g.doubleclick.net www.google-analytics.com
1 6662.world 342888.top
1 342888.top mety.panparan.com
1 admoustache.aftrad-visit.com 1 redirects
1 cimentbuilder.one 1 redirects
21 17

This site contains no links.

Subject Issuer Validity Valid
panparan.com
GTS CA 1P5		 2024-01-07 -
2024-04-06		 3 months crt.sh
addlnk.com
GTS CA 1P5		 2024-02-04 -
2024-05-04		 3 months crt.sh
342888.top
R3		 2023-12-26 -
2024-03-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
6662.world
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.fusetracking.com
Thawte TLS RSA CA G1		 2023-05-17 -
2024-05-16		 a year crt.sh
ningutengo.com
GTS CA 1P5		 2024-02-03 -
2024-05-03		 3 months crt.sh
www.norton.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-27 -
2024-04-18		 7 months crt.sh

This page contains 2 frames:

Frame: https://us.norton.com/products/norton-360-deluxe?irgwc=1&clickid=z8611vQoCxyPTPqRiO0B10VLUkHw46X01TiOUE0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599
Frame ID: 58EB04198152D3FBC3A7CA3A08A55EF4
Requests: 19 HTTP requests in this frame

Frame: https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: 62F4CFCB1D989CE98799E8914F678A99
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7333808459260887131&website... HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=31000c... HTTP 302
    https://mety.panparan.com/rc/a91581ead4?affclick=2014b3PWRARZH7r5QR4bdekg9qdEWpuApctjNkerrabmFnP5Re1cm... Page URL
  2. https://342888.top/692fdd6300e7c8ac6d37/d93493d774/?cv=pub9c8e690a5d2a43c4bc89c508ad64c6dd&plac... Page URL
  3. https://6662.world/go.php?go=https%3A%2F%2Fmengine.fusetracking.com%2Ftl%3Fa%3D25%26o%3D265944%... Page URL
  4. https://mengine.fusetracking.com/tl?a=25&o=265944&aff_click_id=30affC1707684650aff43941a555053a409a618&sub_af... Page URL
  5. https://itep.ningutengo.com/oc/28b4a0e543?affclick=0289105B5EA861707684650921405&pubid=25_29611306 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

67 %
HTTPS

47 %
IPv6

15
Domains

17
Subdomains

11
IPs

4
Countries

116 kB
Transfer

301 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7333808459260887131&website=417-b57be3fz&placement=417&eyeg=1 HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=31000c93fb22152183d3d61835528643178130211-202402-flb*5738009-ccc5a*m7333808459260887131*sl_5738009-ccc5a*9a38a71c830a8415f67e933793bbd306bb664471*417-b57be3fz*417 HTTP 302
    https://mety.panparan.com/rc/a91581ead4?affclick=2014b3PWRARZH7r5QR4bdekg9qdEWpuApctjNkerrabmFnP5Re1cmEdVsFr1ZbmtcUbaD7&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf Page URL
  2. https://342888.top/692fdd6300e7c8ac6d37/d93493d774/?cv=pub9c8e690a5d2a43c4bc89c508ad64c6dd&placementName=cde43947 Page URL
  3. https://6662.world/go.php?go=https%3A%2F%2Fmengine.fusetracking.com%2Ftl%3Fa%3D25%26o%3D265944%26aff_click_id%3D30affC1707684650aff43941a555053a409a618%26sub_affid%3D29611306&do=dd8f32b8d92c7593eec75eac3afe228c Page URL
  4. https://mengine.fusetracking.com/tl?a=25&o=265944&aff_click_id=30affC1707684650aff43941a555053a409a618&sub_affid=29611306 Page URL
  5. https://itep.ningutengo.com/oc/28b4a0e543?affclick=0289105B5EA861707684650921405&pubid=25_29611306 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7333808459260887131&website=417-b57be3fz&placement=417&eyeg=1 HTTP 302
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=31000c93fb22152183d3d61835528643178130211-202402-flb*5738009-ccc5a*m7333808459260887131*sl_5738009-ccc5a*9a38a71c830a8415f67e933793bbd306bb664471*417-b57be3fz*417 HTTP 302
  • https://mety.panparan.com/rc/a91581ead4?affclick=2014b3PWRARZH7r5QR4bdekg9qdEWpuApctjNkerrabmFnP5Re1cmEdVsFr1ZbmtcUbaD7&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
Request Chain 2
  • https://mety.panparan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Request Chain 13
  • https://rtrackt.com/clickout/18855/268491/?click_id=pub7590c3b931ad4d209821b02466192c35&sub_id2=51368025_25_29611306 HTTP 302
  • https://norton.ow5a.net/c/2503992/1640775/4405?SharedId=1599&SubId1=8a79c8ec23731238d0a7e5591e8b7e2cc175fb1dcf7337a24471da14531f9b38 HTTP 302
  • https://www.ojrq.net/p/?return=https%3A%2F%2Fnorton.ow5a.net%2Fc%2F2503992%2F1640775%2F4405%3FSharedId%3D1599%26SubId1%3D8a79c8ec23731238d0a7e5591e8b7e2cc175fb1dcf7337a24471da14531f9b38%26level%3D1&cid=4405&tpsync=yes&auth=56db791a901327db HTTP 302
  • https://norton.ow5a.net/c/2503992/1640775/4405?SharedId=1599&SubId1=8a79c8ec23731238d0a7e5591e8b7e2cc175fb1dcf7337a24471da14531f9b38&level=1&brwsr=3e3f5166-c91f-11ee-bba7-95ea0645036b&brwsrsig=yTASWcWvfSMYxMXSNN3MAUe0Smy0yJ HTTP 301
  • https://buy.norton.com/aff_norton360deluxe?irgwc=1&clickid=z8611vQoCxyPTPqRiO0B10VLUkHw46X01TiOUE0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599 HTTP 302
  • https://www.norton.com/products/norton-360-deluxe?irgwc=1&clickid=z8611vQoCxyPTPqRiO0B10VLUkHw46X01TiOUE0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599 HTTP 301
  • https://us.norton.com/products/norton-360-deluxe?irgwc=1&clickid=z8611vQoCxyPTPqRiO0B10VLUkHw46X01TiOUE0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
a91581ead4
mety.panparan.com/rc/
Redirect Chain
  • http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7333808459260887131&website=417-b57be3fz&placement=417&eyeg=1
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=31000c93fb22152183d3d61835528643178130211-202402-flb*5738009-ccc5a*m7333808459260887131*sl...
  • https://mety.panparan.com/rc/a91581ead4?affclick=2014b3PWRARZH7r5QR4bdekg9qdEWpuApctjNkerrabmFnP5Re1cmEdVsFr1ZbmtcUbaD7&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mety.panparan.com/rc/a91581ead4?affclick=2014b3PWRARZH7r5QR4bdekg9qdEWpuApctjNkerrabmFnP5Re1cmEdVsFr1ZbmtcUbaD7&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:670 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03dfb12c3304154b2f74fcd6a9b0ab6486e1a6e9599cf5f726d855d6dc0b868e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
853f7762999a4370-EWR
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sun, 11 Feb 2024 20:50:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4fZsN04g2SY6G4Xi47X6BfItQ6R8%2BVo7sezbSfdIPHr%2FHZeQrzByYc0HZS57tzcSsRKbo1vFBK4W50U8bSunPh6jY%2FO2r1bToXaA%2FHpF9zuB6NVw8xkPFoicKa14gbXAjC94tbQ94fbv0tQEj5cPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
853f7760ca7a8c39-EWR
content-length
195
content-type
text/html; charset=utf-8
date
Sun, 11 Feb 2024 20:50:49 GMT
location
https://mety.panparan.com/rc/a91581ead4?affclick=2014b3PWRARZH7r5QR4bdekg9qdEWpuApctjNkerrabmFnP5Re1cmEdVsFr1ZbmtcUbaD7&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEDswFJB9y7DrLK1WprM1eqDLG6E6fzAB1%2Bni6kemlDNipItkDhKtECRRXVqPzVvL1VuGH7zPWkULKIsf6s2VgI%2FRjfkgLmiUH4Twl4H%2FwZ7IGxwenad%2BWlNrzIxqHO8NEvDfs8YtEhgt2eoqEg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: mety.panparan.com
URL: https://mety.panparan.com/rc/a91581ead4?affclick=2014b3PWRARZH7r5QR4bdekg9qdEWpuApctjNkerrabmFnP5Re1cmEdVsFr1ZbmtcUbaD7&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b9bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 20:50:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SGX9SYN20NWV0QR5
age
802
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8hNVH292z9UujQftIxJkVD9kvBYWNfg031XHZ/WZ5CICM5myJj4TV0FnSM2KA7kyNrdwhBP62Ao=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z4bAZH97rjIFG4gM6cwF9ns4o8B9V4hWC8IFB8hpm0P4hvBj3mz7x%2Fm80KkejIER8LsfD%2Bn8u%2BV7SizwFB4Px1oT6aBtv7xtRiYz6KgoHdG0eNh%2B2xODGWfzTcRaXKd2Pq%2BjfDaNKP2J5%2BHJow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
853f77642d6143ed-EWR
main.js
mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame 62F4
Redirect Chain
  • https://mety.panparan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Protocol
H2
Server
2606:4700:3036::6815:670 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eea8534064573adbcb8ade7682244a88fcfe3ca4ef833e77fb350105dcfddb74
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 20:50:49 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B7KQAiTXWIraGdDk9e38F4CXl2Wi67cmt05YWi2fZybC1ju%2B8I5C3XVQtmgaNnkOnhJDOZkWvXbwhM0ym09DhR3xMBpK2dHqS1Zf%2BvugIKVbFi%2BiXyTAstvjLDviRpeYE8ifiW4TjXEtaJlXUYzy4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
853f7764bc374370-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 11 Feb 2024 20:50:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWd2tdy14q6vDzodn2%2F9mO5dYHcSpugBZUlk4cZMNdtcKrfn%2BLsxHijbuO5Vfp%2FcA%2B9YQhdKEXefHKWeBBS%2FDaUhGYfNdmZbTjqlyxSgeV36db8B1rIT8f16WW%2BavKkKLkxZ3r%2F4TdtkmMOj447b7A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
cache-control
max-age=300, public
cf-ray
853f77649c214370-EWR
alt-svc
h3=":443"; ma=86400
853f7762999a4370
mety.panparan.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 62F4 		0
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/jsd/r/853f7762999a4370
Requested by
Host: mety.panparan.com
URL: https://mety.panparan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:670 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Feb 2024 20:50:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFJ%2F6JkHa0Mp8XhgnupIJja3KEVzH%2F1zNtnxs3TeLbkdjMIi6qzxSEhmwOvA0mW5buTnjw%2FmzUL5j6o8B5UNvkEoqyPF5uUSgSPkBXG0HvJot7c5Tptx9Dw3DbppJ7QghLlSUZ5l6NCi00%2FpA5h6lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
853f77659dc117e9-EWR
alt-svc
h3=":443"; ma=86400
/
342888.top/692fdd6300e7c8ac6d37/d93493d774/ 		1 KB
980 B 		Document
General
Check archive.org
Download Go to
Full URL
https://342888.top/692fdd6300e7c8ac6d37/d93493d774/?cv=pub9c8e690a5d2a43c4bc89c508ad64c6dd&placementName=cde43947
Requested by
Host: mety.panparan.com
URL: https://mety.panparan.com/rc/a91581ead4?affclick=2014b3PWRARZH7r5QR4bdekg9qdEWpuApctjNkerrabmFnP5Re1cmEdVsFr1ZbmtcUbaD7&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.43.skhosting.eu
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 11 Feb 2024 20:50:50 GMT
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex,nofollow
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 342888.top
URL: https://342888.top/692fdd6300e7c8ac6d37/d93493d774/?cv=pub9c8e690a5d2a43c4bc89c508ad64c6dd&placementName=cde43947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://342888.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 11 Feb 2024 18:55:59 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6891
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 11 Feb 2024 20:55:59 GMT
go.php
6662.world/ 		573 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6662.world/go.php?go=https%3A%2F%2Fmengine.fusetracking.com%2Ftl%3Fa%3D25%26o%3D265944%26aff_click_id%3D30affC1707684650aff43941a555053a409a618%26sub_affid%3D29611306&do=dd8f32b8d92c7593eec75eac3afe228c
Requested by
Host: 342888.top
URL: https://342888.top/692fdd6300e7c8ac6d37/d93493d774/?cv=pub9c8e690a5d2a43c4bc89c508ad64c6dd&placementName=cde43947
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.8 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.8.skhosting.eu
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://342888.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 11 Feb 2024 20:50:50 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
collect
www.google-analytics.com/j/ 		16 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1765545309&t=pageview&_s=1&dl=https%3A%2F%2F342888.top%2F692fdd6300e7c8ac6d37%2Fd93493d774%2F%3Fcv%3Dpub9c8e690a5d2a43c4bc89c508ad64c6dd%26placementName%3Dcde43947&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=331712888&gjid=1340316522&cid=266417945.1707684651&tid=UA-68398243-1&_gid=1211386922.1707684651&_r=1&_slc=1&z=1165487748
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://342888.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 11 Feb 2024 20:50:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://342888.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-68398243-1&cid=266417945.1707684651&jid=331712888&gjid=1340316522&_gid=1211386922.1707684651&_u=IEBAAEAAAAAAACAAI~&z=1160601650
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://342888.top/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 11 Feb 2024 20:50:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://342888.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		234 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H0S4FW156W&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://342888.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 20:50:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84810
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 11 Feb 2024 20:50:50 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H0S4FW156W&gtm=45je4270v9123150048za200&_p=1707684650583&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=266417945.1707684651&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2F342888.top%2F692fdd6300e7c8ac6d37%2Fd93493d774%2F%3Fcv%3Dpub9c8e690a5d2a43c4bc89c508ad64c6dd%26placementName%3Dcde43947&sid=1707684650&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=869
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H0S4FW156W&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://342888.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 11 Feb 2024 20:50:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://342888.top
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tl
mengine.fusetracking.com/ 		840 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mengine.fusetracking.com/tl?a=25&o=265944&aff_click_id=30affC1707684650aff43941a555053a409a618&sub_affid=29611306
Requested by
Host: 6662.world
URL: https://6662.world/go.php?go=https%3A%2F%2Fmengine.fusetracking.com%2Ftl%3Fa%3D25%26o%3D265944%26aff_click_id%3D30affC1707684650aff43941a555053a409a618%26sub_affid%3D29611306&do=dd8f32b8d92c7593eec75eac3afe228c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.62.80 Ashburn, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://6662.world/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
840
content-type
text/html; charset=utf-8
date
Sun, 11 Feb 2024 20:50:50 GMT
expires
Sun, 06 Nov 1994 08:49:37 GMT
p3p
CP="NOI CUR OUR NOR INT"
pragma
no-cache
server
nginx
x-robots-tag
noindex, nofollow
Primary Request 28b4a0e543
itep.ningutengo.com/oc/ 		1 KB
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://itep.ningutengo.com/oc/28b4a0e543?affclick=0289105B5EA861707684650921405&pubid=25_29611306
Requested by
Host: mengine.fusetracking.com
URL: https://mengine.fusetracking.com/tl?a=25&o=265944&aff_click_id=30affC1707684650aff43941a555053a409a618&sub_affid=29611306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2b60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aec05ee9722ae9543fbecb9d1e802f9b97058a60368e56fb8e7308b786c8e96

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
853f776caef6c45e-EWR
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sun, 11 Feb 2024 20:50:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jCHYiCrqyM7jKR87aYhqh1VQsAWm3ohg%2B3Yv7EULhCiyMXDhPJcSwMaXzQAlzcF1uzmYAeKEJzzVK09cuO7V8xldXeaxD%2FCpLk4k1GEioQm3o7CXygq8LHMGnBCvBFAtjlffKoneMim4XYNr2mHE8iO1"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
717 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: itep.ningutengo.com
URL: https://itep.ningutengo.com/oc/28b4a0e543?affclick=0289105B5EA861707684650921405&pubid=25_29611306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b9bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 20:50:51 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SGX9SYN20NWV0QR5
age
804
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
8hNVH292z9UujQftIxJkVD9kvBYWNfg031XHZ/WZ5CICM5myJj4TV0FnSM2KA7kyNrdwhBP62Ao=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=abDolbE8AyYz6jdutj%2BB6oAAPorgdRkBRbz0XgbEedBndLdcxSUg00hSVFuk4uo3mm1DlSmezUbclPnjvLULZ%2FKfZ%2BwR0%2BrS5KiJtm0KM%2BwmK%2FbUO1S87AYvzyYgZCqgIHjoaWLXhj%2BQEYz1%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
853f776e294043ed-EWR
norton-360-deluxe
us.norton.com/products/
Redirect Chain
  • https://rtrackt.com/clickout/18855/268491/?click_id=pub7590c3b931ad4d209821b02466192c35&sub_id2=51368025_25_29611306
  • https://norton.ow5a.net/c/2503992/1640775/4405?SharedId=1599&SubId1=8a79c8ec23731238d0a7e5591e8b7e2cc175fb1dcf7337a24471da14531f9b38
  • https://www.ojrq.net/p/?return=https%3A%2F%2Fnorton.ow5a.net%2Fc%2F2503992%2F1640775%2F4405%3FSharedId%3D1599%26SubId1%3D8a79c8ec23731238d0a7e5591e8b7e2cc175fb1dcf7337a24471da14531f9b38%26level%3D1...
  • https://norton.ow5a.net/c/2503992/1640775/4405?SharedId=1599&SubId1=8a79c8ec23731238d0a7e5591e8b7e2cc175fb1dcf7337a24471da14531f9b38&level=1&brwsr=3e3f5166-c91f-11ee-bba7-95ea0645036b&brwsrsig=yTAS...
  • https://buy.norton.com/aff_norton360deluxe?irgwc=1&clickid=z8611vQoCxyPTPqRiO0B10VLUkHw46X01TiOUE0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599
  • https://www.norton.com/products/norton-360-deluxe?irgwc=1&clickid=z8611vQoCxyPTPqRiO0B10VLUkHw46X01TiOUE0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599
  • https://us.norton.com/products/norton-360-deluxe?irgwc=1&clickid=z8611vQoCxyPTPqRiO0B10VLUkHw46X01TiOUE0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.norton.com/products/norton-360-deluxe?irgwc=1&clickid=z8611vQoCxyPTPqRiO0B10VLUkHw46X01TiOUE0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599
Requested by
Host: itep.ningutengo.com
URL: https://itep.ningutengo.com/oc/28b4a0e543?affclick=0289105B5EA861707684650921405&pubid=25_29611306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1403:9c00:d83::1015 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://itep.ningutengo.com/oc/28b4a0e543?affclick=0289105B5EA861707684650921405&pubid=25_29611306
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Sun, 11 Feb 2024 20:50:53 GMT
link
<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-ext-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-greek-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-700.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-800.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-500.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://cdn.quantummetric.com>;rel="preconnect",<https://symantec.demdex.net>;rel="preconnect" <https://assets.adobedtm.com>;rel="preconnect",<https://ensighten.norton.com>;rel="preconnect",<https://www.nortonlifelock.com>;rel="preconnect"
server
Apache
server-timing
cdn-cache; desc=MISS edge; dur=331 origin; dur=1001 ak_p; desc="1707684652528_389152519_486965555_133193_3995_39_82_255";dur=1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-akam-sw-version
0.5.0
x-akamai-transformed
9 41569 0 pmb=mNONE,1mRUM,2
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 11 Feb 2024 20:50:52 GMT
Expires
Sun, 11 Feb 2024 20:50:52 GMT
Location
https://us.norton.com/products/norton-360-deluxe?irgwc=1&clickid=z8611vQoCxyPTPqRiO0B10VLUkHw46X01TiOUE0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599
Pragma
no-cache
Server
AkamaiGHost
inter-latin-ext-400.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 		0
0
inter-greek-400.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 		0
0
inter-latin-700.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 		0
0
inter-latin-800.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 		0
0
inter-latin-400.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 		0
0
inter-latin-500.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
us.norton.com
URL
https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-ext-400.woff2
Domain
us.norton.com
URL
https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-greek-400.woff2
Domain
us.norton.com
URL
https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-700.woff2
Domain
us.norton.com
URL
https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-800.woff2
Domain
us.norton.com
URL
https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-400.woff2
Domain
us.norton.com
URL
https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-500.woff2

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Domain/Path Name / Value
342888.top/692fdd6300e7c8ac6d37/d93493d774 Name: shown1
Value: 0
342888.top/692fdd6300e7c8ac6d37/d93493d774 Name: total_impressions
Value: 1
.panparan.com/ Name: cf_clearance
Value: inVNjGJ1uMxQBmq_zNJy7tZibKxpI8b_.GuXzH91bPA-1707684649-1-AWpCKq6BHkac6HjdKXEKINedc+BWhuacy36wvIlhxrSojfLNQxom5PayQgYbV+6Z+mdn5UiOPSdgbz0GlDs9LNw=
342888.top/ Name: used_ad3011419
Value: 1
.342888.top/ Name: _ga
Value: GA1.2.266417945.1707684651
.342888.top/ Name: _gid
Value: GA1.2.1211386922.1707684651
.342888.top/ Name: _gat
Value: 1
.342888.top/ Name: _ga_H0S4FW156W
Value: GS1.2.1707684650.1.0.1707684650.0.0.0
rtrackt.com/ Name: PHPSESSID
Value: 70ocum62r5qlhlhpog5748d037
.ojrq.net/ Name: brwsr
Value: 3e3f5166-c91f-11ee-bba7-95ea0645036b
norton.ow5a.net/ Name: AWSALB
Value: N+F0Ipm5xYKt5kApI4Og8XSbGYU2MAYl8cTvez6HsMQf1EgF+tW/eZ7HeZlX4/ELVEQclSkH4Bk5PeUFFi77Mrao4XUvi+Y6JJnuEQ1SXz3kyg9s7txlySc+QTB8
norton.ow5a.net/ Name: AWSALBCORS
Value: N+F0Ipm5xYKt5kApI4Og8XSbGYU2MAYl8cTvez6HsMQf1EgF+tW/eZ7HeZlX4/ELVEQclSkH4Bk5PeUFFi77Mrao4XUvi+Y6JJnuEQ1SXz3kyg9s7txlySc+QTB8
.ow5a.net/ Name: brwsr
Value: 3e3f5166-c91f-11ee-bba7-95ea0645036b
norton.ow5a.net/ Name: irld
Value: Ly5URIJ1uTyN5UTFWl51Mh0aUQtLW4fxLlTXY2ehQel3E1X5E
.norton.com/ Name: dtCookie
Value: v_4_srv_5_sn_E91DB1DFACFDA12E699541713919B935_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0
buy.norton.com/ Name: JSESSIONID
Value: B9CFDC83DBC9052D879401786D82A79A
.buy.norton.com/ Name: X-CSRF-TOKEN
Value: ttVOPaWAMaqw9GE13jya9S9QeVlULLWTJqTQLLhfqRE_
.norton.com/ Name: cv
Value: exist
.norton.com/ Name: SSE
Value: ""
.norton.com/ Name: es
Value: 4e56533d317c5353473d7c4643443d4665622d31312d323032342031323a35303a35327c4c43443d4665622d31312d323032342031323a35303a3532
.norton.com/ Name: tp
Value: 4f53433d4f6e6c696e652028317374297c4353433d4f6e6c696e652028317374297c4950533d7c4459523d307c4445583d30322f31312f323032347c4950433d7c4950463d7c4950563d7c4955433d7c4950443d53796d616e7465637c49504c3d656e7c4944503d7c5043493d7c534b543d7c454e503d7c4954443d7c5452533d616666696c696174657c50534e3d7c4447463d7c4c49433d7c4d49443d7c52554c3d7c4653563d
.norton.com/ Name: COUNTRY
Value: US
.norton.com/ Name: LANGUAGE
Value: en
.norton.com/ Name: pr
Value: 5043443d30322d31312d323032347c5049443d323530333939327c5349443d313539397c5054593d496d70616374526164697573
.norton.com/ Name: PROGRAMID
Value: 2503992
.norton.com/ Name: PROGRAM_TYPE
Value: ImpactRadius
.norton.com/ Name: SHOPPERID
Value: 1599
.norton.com/ Name: LSTID
Value: ""
.norton.com/ Name: IRCID
Value: z8611vQoCxyPTPqRiO0B10VLUkHw46X01TiOUE0
.norton.com/ Name: TLID
Value: B9CFDC83DBC9052D879401786D82A79A
buy.norton.com/ Name: ESID
Value: 027569f588-be01-42W5fGhH8e5N5UIwuV1ff6k_4S9nvXt_fxWlSAmyf3OdOiN2TUpUCAlTrdmlP7hERYIH4