urlscan.io logo urlscan.io
SecurityTrails logo

us.norton.com Open in urlscan Pro
2600:141b:1c00:208b::1015  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7330512999574143054&website=24747-e251038z&plac...
Effective URL: https://us.norton.com/products/norton-360-deluxe?irgwc=1&clickid=U%3Ar3WNQDlxyPTTLSAyWvyTaMUkHwNJwVs0q52c0&adid=164077...
Submission: On February 08 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 12 domains to perform 17 HTTP transactions. The main IP is 2600:141b:1c00:208b::1015, located in and belongs to . The main domain is us.norton.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 27th 2023. Valid for: 7 months.
This is the only time us.norton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.68.85.158 16276 (OVH)
1 1 172.67.71.68 13335 (CLOUDFLAR...)
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 185.66.201.43 201702 (SKHOSTING-EU)
1 185.66.201.8 201702 (SKHOSTING-EU)
1 170.106.62.80 132203 (TENCENT-N...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... ()
2 2 3.217.195.192 ()
1 1 34.95.127.121 ()
1 1 104.102.131.233 ()
1 1 23.51.56.37 ()
1 2600:141b:1c0... ()
17 8
1    51.68.85.158 (France)

ASN16276 (OVH, FR)
www.cimentbuilder.one
1    172.67.71.68 (United States)

ASN13335 (CLOUDFLARENET, US)
admoustache.aftrad-visit.com
4    2606:4700:3036::6815:670 (United States)

ASN13335 (CLOUDFLARENET, US)
mety.panparan.com
2    2606:4700:3033::ac43:b9bc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
1    185.66.201.43 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.43.skhosting.eu
342888.top
1    185.66.201.8 (Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.8.skhosting.eu
6669.world
1    170.106.62.80 (Ashburn, United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
mengine.fusetracking.com
1    2606:4700:3030::ac43:b19a (United States)

ASN13335 (CLOUDFLARENET, US)
itep.ningutengo.com
1    2606:4700:3036::ac43:b5bc (None, )

ASN- ()
rtrackt.com
2    3.217.195.192 (None, )

ASN- ()
norton.ow5a.net
1    34.95.127.121 (None, )

ASN- ()
www.ojrq.net
1    104.102.131.233 (None, )

ASN- ()
buy.norton.com
1    23.51.56.37 (None, )

ASN- ()
www.norton.com
1    2600:141b:1c00:208b::1015 (None, )

ASN- ()
us.norton.com
Domain Requested by
4 mety.panparan.com 1 redirects mety.panparan.com
2 norton.ow5a.net 2 redirects
2 cdn.addlnk.com mety.panparan.com
itep.ningutengo.com
1 us.norton.com itep.ningutengo.com
1 www.norton.com 1 redirects
1 buy.norton.com 1 redirects
1 www.ojrq.net 1 redirects
1 rtrackt.com 1 redirects
1 itep.ningutengo.com mengine.fusetracking.com
mety.panparan.com
1 mengine.fusetracking.com 6669.world
1 6669.world 342888.top
1 342888.top mety.panparan.com
1 admoustache.aftrad-visit.com 1 redirects
1 www.cimentbuilder.one 1 redirects
17 14

This site contains no links.

Subject Issuer Validity Valid
panparan.com
GTS CA 1P5		 2024-01-07 -
2024-04-06		 3 months crt.sh
addlnk.com
GTS CA 1P5		 2024-02-04 -
2024-05-04		 3 months crt.sh
342888.top
R3		 2023-12-26 -
2024-03-25		 3 months crt.sh
6669.world
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.fusetracking.com
Thawte TLS RSA CA G1		 2023-05-17 -
2024-05-16		 a year crt.sh
ningutengo.com
GTS CA 1P5		 2024-02-03 -
2024-05-03		 3 months crt.sh
www.norton.com
DigiCert SHA2 Extended Validation Server CA		 2023-09-27 -
2024-04-18		 7 months crt.sh

This page contains 2 frames:

Primary Page: https://us.norton.com/products/norton-360-deluxe?irgwc=1&clickid=U%3Ar3WNQDlxyPTTLSAyWvyTaMUkHwNJwVs0q52c0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599
Frame ID: 7FFF4D2AFB7F04041726F306ED821F4A
Requests: 15 HTTP requests in this frame

Frame: https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: 103A1A68F989574B543787E0479B378F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7330512999574143054&website... HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=340004... HTTP 302
    https://mety.panparan.com/rc/a91581ead4?affclick=201CtSc8gospgQqvtHYN8ZMyKwY3b9nL5qUcciaSoCcyuqiindQPH... Page URL
  2. https://342888.top/692fdd6300e7c8ac6d37/d93493d774/?cv=pube7416aecf8ad442ea5e9010a14d70db7&plac... Page URL
  3. https://6669.world/go.php?go=https%3A%2F%2Fmengine.fusetracking.com%2Ftl%3Fa%3D25%26o%3D265944%... Page URL
  4. https://mengine.fusetracking.com/tl?a=25&o=265944&aff_click_id=30affC1707433098aff94c703ec83175a953a796&sub_a... Page URL
  5. https://itep.ningutengo.com/oc/28b4a0e543?affclick=028916009F92C1707433099966636&pubid=25_29611306 Page URL
  6. https://rtrackt.com/clickout/18855/268491/?click_id=pub1110992ad5ab433a9b3ef0892537512c&sub_id2=... HTTP 302
    https://norton.ow5a.net/c/2503992/1640775/4405?SharedId=1599&SubId1=ddae2e7aa67adadf1d0b7917992e9431... HTTP 302
    https://www.ojrq.net/p/?return=https%3A%2F%2Fnorton.ow5a.net%2Fc%2F2503992%2F1640775%2F4405%3FSha... HTTP 302
    https://norton.ow5a.net/c/2503992/1640775/4405?SharedId=1599&SubId1=ddae2e7aa67adadf1d0b7917992e9431... HTTP 301
    https://buy.norton.com/aff_norton360deluxe?irgwc=1&clickid=U%3Ar3WNQDlxyPTTLSAyWvyTaMUkHwNJwVs0q52c... HTTP 302
    https://www.norton.com/products/norton-360-deluxe?irgwc=1&clickid=U%3Ar3WNQDlxyPTTLSAyWvyTaMUkHwNJw... HTTP 301
    https://us.norton.com/products/norton-360-deluxe?irgwc=1&clickid=U%3Ar3WNQDlxyPTTLSAyWvyTaMUkHwNJw... Page URL

Page Statistics

17
Requests

53 %
HTTPS

36 %
IPv6

12
Domains

14
Subdomains

8
IPs

3
Countries

11 kB
Transfer

152 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7330512999574143054&website=24747-e251038z&placement=24747&eyeg=7f73b01aec5c8be5f743058d6f649bdb&eyer=0.8684176450072336&eyei=1&eyew=1237&eyeh=3000&eyetd=210&eyef=aff.offers5s.xyz HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=340004fd224ae47ec7f97de3930632dd390be0208-202402-flb*5738009-ccc5a*m7330512999574143054*sl_5738009-ccc5a*06dafe973fcfd28149dd635bcdb6700810fe267b*24747-e251038z*24747 HTTP 302
    https://mety.panparan.com/rc/a91581ead4?affclick=201CtSc8gospgQqvtHYN8ZMyKwY3b9nL5qUcciaSoCcyuqiindQPHLc7ustFtRsPzrh5q&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf Page URL
  2. https://342888.top/692fdd6300e7c8ac6d37/d93493d774/?cv=pube7416aecf8ad442ea5e9010a14d70db7&placementName=cde43947 Page URL
  3. https://6669.world/go.php?go=https%3A%2F%2Fmengine.fusetracking.com%2Ftl%3Fa%3D25%26o%3D265944%26aff_click_id%3D30affC1707433098aff94c703ec83175a953a796%26sub_affid%3D29611306&do=634e1bdff7e02fda84df949df259a0f9 Page URL
  4. https://mengine.fusetracking.com/tl?a=25&o=265944&aff_click_id=30affC1707433098aff94c703ec83175a953a796&sub_affid=29611306 Page URL
  5. https://itep.ningutengo.com/oc/28b4a0e543?affclick=028916009F92C1707433099966636&pubid=25_29611306 Page URL
  6. https://rtrackt.com/clickout/18855/268491/?click_id=pub1110992ad5ab433a9b3ef0892537512c&sub_id2=51368025_25_29611306 HTTP 302
    https://norton.ow5a.net/c/2503992/1640775/4405?SharedId=1599&SubId1=ddae2e7aa67adadf1d0b7917992e9431731388d006995aa02e712a2eb8408063 HTTP 302
    https://www.ojrq.net/p/?return=https%3A%2F%2Fnorton.ow5a.net%2Fc%2F2503992%2F1640775%2F4405%3FSharedId%3D1599%26SubId1%3Dddae2e7aa67adadf1d0b7917992e9431731388d006995aa02e712a2eb8408063%26level%3D1&cid=4405&tpsync=yes&auth=56d8334941c1ff48 HTTP 302
    https://norton.ow5a.net/c/2503992/1640775/4405?SharedId=1599&SubId1=ddae2e7aa67adadf1d0b7917992e9431731388d006995aa02e712a2eb8408063&level=1&brwsr=8ea362ad-c6d5-11ee-b2eb-f707a987bde8&brwsrsig=yWM2whTvDVLYWxL3bE2LOSFn3wmSmU HTTP 301
    https://buy.norton.com/aff_norton360deluxe?irgwc=1&clickid=U%3Ar3WNQDlxyPTTLSAyWvyTaMUkHwNJwVs0q52c0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599 HTTP 302
    https://www.norton.com/products/norton-360-deluxe?irgwc=1&clickid=U%3Ar3WNQDlxyPTTLSAyWvyTaMUkHwNJwVs0q52c0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599 HTTP 301
    https://us.norton.com/products/norton-360-deluxe?irgwc=1&clickid=U%3Ar3WNQDlxyPTTLSAyWvyTaMUkHwNJwVs0q52c0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7330512999574143054&website=24747-e251038z&placement=24747&eyeg=7f73b01aec5c8be5f743058d6f649bdb&eyer=0.8684176450072336&eyei=1&eyew=1237&eyeh=3000&eyetd=210&eyef=aff.offers5s.xyz HTTP 302
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=340004fd224ae47ec7f97de3930632dd390be0208-202402-flb*5738009-ccc5a*m7330512999574143054*sl_5738009-ccc5a*06dafe973fcfd28149dd635bcdb6700810fe267b*24747-e251038z*24747 HTTP 302
  • https://mety.panparan.com/rc/a91581ead4?affclick=201CtSc8gospgQqvtHYN8ZMyKwY3b9nL5qUcciaSoCcyuqiindQPHLc7ustFtRsPzrh5q&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
Request Chain 2
  • https://mety.panparan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
a91581ead4
mety.panparan.com/rc/
Redirect Chain
  • http://www.cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7330512999574143054&website=24747-e251038z&placement=24747&eyeg=7f73b01aec5c8be5f743058d6f649bdb&eyer=0.868417645007233...
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=340004fd224ae47ec7f97de3930632dd390be0208-202402-flb*5738009-ccc5a*m7330512999574143054*sl...
  • https://mety.panparan.com/rc/a91581ead4?affclick=201CtSc8gospgQqvtHYN8ZMyKwY3b9nL5qUcciaSoCcyuqiindQPHLc7ustFtRsPzrh5q&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mety.panparan.com/rc/a91581ead4?affclick=201CtSc8gospgQqvtHYN8ZMyKwY3b9nL5qUcciaSoCcyuqiindQPHLc7ustFtRsPzrh5q&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:670 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
328b0faaef4837acf269b2d1813e2ab4e5d16a955b0605adf5f94393c7be297c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
852779f90b6d4bc6-BUF
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 08 Feb 2024 22:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72GWfWbCOiyyxQxdUPXC1TK0MVaRpn26IitKouTW9fo6ktdUjgk2rlwxQrmz%2BZoxisBHRzWIM7r4ZCGhQFs%2B7%2BNmyu1Y8fpGDOzRdqPqQIngXetotxBiCQRQid%2B%2FDSiF22yBbtFCeILTYDo9erDmfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
852779f69a2d4bcc-BUF
content-length
194
content-type
text/html; charset=utf-8
date
Thu, 08 Feb 2024 22:58:16 GMT
location
https://mety.panparan.com/rc/a91581ead4?affclick=201CtSc8gospgQqvtHYN8ZMyKwY3b9nL5qUcciaSoCcyuqiindQPHLc7ustFtRsPzrh5q&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWE1m6o%2BHaUqfICJOGtNHEhN6tYr6uZYrYA5Gk2tDMZdXlHJl8G1GXiMfIoiHoPiD2l5shcUy3bNM0lSgUnKMwObCTXvPF9q3aFz4rCkAiEcVmAy5y24wVXs9aKjyWCF71KdBE52bo%2FbQz%2BaiGw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: mety.panparan.com
URL: https://mety.panparan.com/rc/a91581ead4?affclick=201CtSc8gospgQqvtHYN8ZMyKwY3b9nL5qUcciaSoCcyuqiindQPHLc7ustFtRsPzrh5q&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b9bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 22:58:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Q6BX7H4Y36KH9ZWF
age
3940
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
0mCWYf5g9stmw+6x+m6ZAELlZL+U+FzBEU/9akXKyMXLv/9ju/lrlYEJnu5o1MUt2/j7IT6SO/kCxWHT0fkjIA==
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSvswQqbYotLoSIyAWZfgIPIWejZCH38qLNulA%2BiyI2e5WGdGMJdhSNKHHf70%2FiXpZjXGkf5qEouBDZ1QeceJj6vI%2Fl71%2BrN0FRzC1dbto%2FIkuh%2BVNzPKGQZwdTTbzTy1s3y7U8L1AGzH7zxpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
852779fb3bd24bc9-BUF
main.js
mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame 103A
Redirect Chain
  • https://mety.panparan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Protocol
H2
Server
2606:4700:3036::6815:670 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 22:58:17 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjLMERA5GZ6jLrQGhQejTvNSbIpANcfzGEMNhEAba2m41S9FIU7896PRIel28hWqZ4%2FRYn868gdi32muCxGOVL59tq%2Bst9k0wX3e4lX4iZhZGIELrIsw0KlagLZ08h2eI6FispdrgBKP54cuODp8yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
852779fbfd704bc6-BUF
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 08 Feb 2024 22:58:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQHBhfi0ZX%2FSrkE%2Bxysye1Jv5mJZDRm7oW2e4BcYsLRiAIongC8L2rMLUx4X930dTOF5hS1dauyUK%2B%2BeRgyFL4WjuWRUAnkZLdVlh4olkcFumjqCRy5NH3ht%2Bsd2LwsKe8SQAk6j9CXRpQ6o56Oozg%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
852779fbbd5b4bc6-BUF
alt-svc
h3=":443"; ma=86400
/
342888.top/692fdd6300e7c8ac6d37/d93493d774/ 		626 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://342888.top/692fdd6300e7c8ac6d37/d93493d774/?cv=pube7416aecf8ad442ea5e9010a14d70db7&placementName=cde43947
Requested by
Host: mety.panparan.com
URL: https://mety.panparan.com/rc/a91581ead4?affclick=201CtSc8gospgQqvtHYN8ZMyKwY3b9nL5qUcciaSoCcyuqiindQPHLc7ustFtRsPzrh5q&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.43 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.43.skhosting.eu
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 08 Feb 2024 22:58:18 GMT
expires
Sun, 01 Jan 2014 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex,nofollow
852779f90b6d4bc6
mety.panparan.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 103A 		0
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mety.panparan.com/cdn-cgi/challenge-platform/h/b/jsd/r/852779f90b6d4bc6
Requested by
Host: mety.panparan.com
URL: https://mety.panparan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:670 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Feb 2024 22:58:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5NxlhtQ9BTn4g3XE4r6Nr%2FFBoq7GB3NvlFXLUcK7LzQGjkGstBvtAgRzgwVdbC56ccvKV1A1Fxr%2Bl2t2pA%2FijBIB7CJTlPKnRzjtOoGTe4WbS8bUh9GQf8klOXOZQUglVA%2F%2Fzz%2BV5bxjNBDptKjKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
852779fd0df44bc6-BUF
alt-svc
h3=":443"; ma=86400
go.php
6669.world/ 		575 B
331 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6669.world/go.php?go=https%3A%2F%2Fmengine.fusetracking.com%2Ftl%3Fa%3D25%26o%3D265944%26aff_click_id%3D30affC1707433098aff94c703ec83175a953a796%26sub_affid%3D29611306&do=634e1bdff7e02fda84df949df259a0f9
Requested by
Host: 342888.top
URL: https://342888.top/692fdd6300e7c8ac6d37/d93493d774/?cv=pube7416aecf8ad442ea5e9010a14d70db7&placementName=cde43947
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.66.201.8 , Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS
185.66.201.8.skhosting.eu
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://342888.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 08 Feb 2024 22:58:19 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
tl
mengine.fusetracking.com/ 		840 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mengine.fusetracking.com/tl?a=25&o=265944&aff_click_id=30affC1707433098aff94c703ec83175a953a796&sub_affid=29611306
Requested by
Host: 6669.world
URL: https://6669.world/go.php?go=https%3A%2F%2Fmengine.fusetracking.com%2Ftl%3Fa%3D25%26o%3D265944%26aff_click_id%3D30affC1707433098aff94c703ec83175a953a796%26sub_affid%3D29611306&do=634e1bdff7e02fda84df949df259a0f9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.62.80 Ashburn, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
00043a6e82533cf3bfb7ab8815e50a2d83e2d8049c7577a4f4ec83c848a4e039

Request headers

Referer
https://6669.world/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
840
content-type
text/html; charset=utf-8
date
Thu, 08 Feb 2024 22:58:19 GMT
expires
Sun, 06 Nov 1994 08:49:37 GMT
p3p
CP="NOI CUR OUR NOR INT"
pragma
no-cache
server
nginx
x-robots-tag
noindex, nofollow
28b4a0e543
itep.ningutengo.com/oc/ 		0
0
28b4a0e543
itep.ningutengo.com/oc/ 		1 KB
981 B 		Document
General
Check archive.org
Download Go to
Full URL
https://itep.ningutengo.com/oc/28b4a0e543?affclick=028916009F92C1707433099966636&pubid=25_29611306
Requested by
Host: mety.panparan.com
URL: https://mety.panparan.com/rc/a91581ead4?affclick=201CtSc8gospgQqvtHYN8ZMyKwY3b9nL5qUcciaSoCcyuqiindQPHLc7ustFtRsPzrh5q&pubid=1B7fmUHKE&pubid=1B5346v9JJUVyPV6DWPsZf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:b19a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74f235f827f6fe4458779b218c32abc203e978ddcc00e1d42d9a567e23d2fb86

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85277a0cca334bc6-BUF
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Thu, 08 Feb 2024 22:58:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BmIAx%2B%2F15dkm2AoCxejZYUGBGQYWrOmYvMz0JhFaQUav1T40BNEB%2BwKQCnO571dzNfinrTzTBFgbrvbj1CVbrsAwyYL1slczOGkYMGNqoH7cna9%2FRkL3HvtEN7iOBP5GwPUBHPCkFecuxLN1xC9RM5v"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: itep.ningutengo.com
URL: https://itep.ningutengo.com/oc/28b4a0e543?affclick=028916009F92C1707433099966636&pubid=25_29611306
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b9bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 22:58:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Q6BX7H4Y36KH9ZWF
age
3943
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
0mCWYf5g9stmw+6x+m6ZAELlZL+U+FzBEU/9akXKyMXLv/9ju/lrlYEJnu5o1MUt2/j7IT6SO/kCxWHT0fkjIA==
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUZW8%2B6t9roVnrHZ6z%2FQmGM2YEdwBlLpGL6gonN8ApflhldW%2FoBxH19%2B0Tw7wN%2FY15vsRCSOQ2i6JBr9wv5zgZQ5qXH75h08WY0Ym3cvV3jqoVw2vs38oPIRD0%2FdxOsHG6wOzpjjjEMxWG9tlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
85277a0e3bd44bc9-BUF
Primary Request norton-360-deluxe
us.norton.com/products/
Redirect Chain
  • https://rtrackt.com/clickout/18855/268491/?click_id=pub1110992ad5ab433a9b3ef0892537512c&sub_id2=51368025_25_29611306
  • https://norton.ow5a.net/c/2503992/1640775/4405?SharedId=1599&SubId1=ddae2e7aa67adadf1d0b7917992e9431731388d006995aa02e712a2eb8408063
  • https://www.ojrq.net/p/?return=https%3A%2F%2Fnorton.ow5a.net%2Fc%2F2503992%2F1640775%2F4405%3FSharedId%3D1599%26SubId1%3Dddae2e7aa67adadf1d0b7917992e9431731388d006995aa02e712a2eb8408063%26level%3D1...
  • https://norton.ow5a.net/c/2503992/1640775/4405?SharedId=1599&SubId1=ddae2e7aa67adadf1d0b7917992e9431731388d006995aa02e712a2eb8408063&level=1&brwsr=8ea362ad-c6d5-11ee-b2eb-f707a987bde8&brwsrsig=yWM2...
  • https://buy.norton.com/aff_norton360deluxe?irgwc=1&clickid=U%3Ar3WNQDlxyPTTLSAyWvyTaMUkHwNJwVs0q52c0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599
  • https://www.norton.com/products/norton-360-deluxe?irgwc=1&clickid=U%3Ar3WNQDlxyPTTLSAyWvyTaMUkHwNJwVs0q52c0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599
  • https://us.norton.com/products/norton-360-deluxe?irgwc=1&clickid=U%3Ar3WNQDlxyPTTLSAyWvyTaMUkHwNJwVs0q52c0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599
137 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.norton.com/products/norton-360-deluxe?irgwc=1&clickid=U%3Ar3WNQDlxyPTTLSAyWvyTaMUkHwNJwVs0q52c0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599
Requested by
Host: itep.ningutengo.com
URL: https://itep.ningutengo.com/oc/28b4a0e543?affclick=028916009F92C1707433099966636&pubid=25_29611306
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:208b::1015 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://itep.ningutengo.com/oc/28b4a0e543?affclick=028916009F92C1707433099966636&pubid=25_29611306
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 08 Feb 2024 22:58:23 GMT
link
<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-ext-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-greek-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-500.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-700.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-800.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://assets.adobedtm.com>;rel="preconnect",<https://ensighten.norton.com>;rel="preconnect",<https://www.nortonlifelock.com>;rel="preconnect",<https://cdn.quantummetric.com>;rel="preconnect",<https://symantec.demdex.net>;rel="preconnect"
server
Apache
server-timing
cdn-cache; desc=MISS edge; dur=302 origin; dur=635 ak_p; desc="1707433102565_389700020_684062283_93739_5201_27_59_255";dur=1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-akam-sw-version
0.5.0
x-akamai-transformed
9 41568 0 pmb=mNONE,1mRUM,2
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 08 Feb 2024 22:58:22 GMT
Expires
Thu, 08 Feb 2024 22:58:22 GMT
Location
https://us.norton.com/products/norton-360-deluxe?irgwc=1&clickid=U%3Ar3WNQDlxyPTTLSAyWvyTaMUkHwNJwVs0q52c0&adid=1640775&IRID=2503992&source=ir&sharedid=1599&sid=1599
Pragma
no-cache
Server
AkamaiGHost
inter-latin-ext-400.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 		0
0
inter-greek-400.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 		0
0
inter-latin-400.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 		0
0
inter-latin-500.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 		0
0
inter-latin-700.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 		0
0
inter-latin-800.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
itep.ningutengo.com
URL
https://itep.ningutengo.com/oc/28b4a0e543?affclick=028916009F92C1707433099966636&pubid=25_29611306
Domain
us.norton.com
URL
https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-ext-400.woff2
Domain
us.norton.com
URL
https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-greek-400.woff2
Domain
us.norton.com
URL
https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-400.woff2
Domain
us.norton.com
URL
https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-500.woff2
Domain
us.norton.com
URL
https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-700.woff2
Domain
us.norton.com
URL
https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-800.woff2

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
342888.top/692fdd6300e7c8ac6d37/d93493d774 Name: shown1
Value: 0
342888.top/692fdd6300e7c8ac6d37/d93493d774 Name: total_impressions
Value: 1
.panparan.com/ Name: cf_clearance
Value: OlB9DDPcUR6LzB3TPYLy13NMvosYuJGlv9_B3pbd_1A-1707433097-1-AbkCTPf4Etum+Zr81qXaBP6Ti1i7+jqEqLctys6bXxv9Q/GuJ/j2u5fYb0nBXCBwsScliiCjEpWa22zdE0N49AA=
342888.top/ Name: used_ad3011419
Value: 1