urlscan.io logo urlscan.io
SecurityTrails logo

norton-refund.com Open in urlscan Pro
166.62.28.124  Public Scan

Go To Rescan Add Verdict Report
URL: http://norton-refund.com/
Submission: On June 22 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 6 countries across 11 domains to perform 69 HTTP transactions. The main IP is 166.62.28.124, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is norton-refund.com.
This is the only time norton-refund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
39 166.62.28.124 26496 (AS-26496-...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 4 54.171.46.29 16509 (AMAZON-02)
6 18.195.42.228 16509 (AMAZON-02)
2 15.236.9.100 16509 (AMAZON-02)
2 2 66.117.28.86 15224 (OMNITURE)
1 54.76.99.142 16509 (AMAZON-02)
1 52.117.22.28 36351 (SOFTLAYER)
3 23.37.172.7 16625 (AKAMAI-AS)
1 2.16.186.48 20940 (AKAMAI-ASN1)
6 52.117.22.25 36351 (SOFTLAYER)
3 151.101.113.175 54113 (FASTLY)
2 35.241.45.82 15169 (GOOGLE)
69 14
39    166.62.28.124 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-166-62-28-124.ip.secureserver.net
norton-refund.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    54.171.46.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-46-29.eu-west-1.compute.amazonaws.com
dpm.demdex.net
6    18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
2    15.236.9.100 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-9-100.eu-west-3.compute.amazonaws.com
om.norton.com
2    66.117.28.86 (United States)

ASN15224 (OMNITURE, US)
cm.everesttech.net
1    54.76.99.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
symantec.tt.omtrdc.net
1    52.117.22.28 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 1c.16.7534.ip4.static.sl-reverse.com
mylivechat.com
3    23.37.172.7 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-172-7.deploy.static.akamaitechnologies.com
now.symassets.com
support.norton.com
1    2.16.186.48 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-48.deploy.static.akamaitechnologies.com
fast.symantec.demdex.net
6    52.117.22.25 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 19.16.7534.ip4.static.sl-reverse.com
s2.mylivechat.com
3    151.101.113.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
2    35.241.45.82 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
Domain Requested by
39 norton-refund.com norton-refund.com
6 s2.mylivechat.com mylivechat.com
s2.mylivechat.com
6 nexus.ensighten.com norton-refund.com
4 dpm.demdex.net 2 redirects norton-refund.com
3 nebula-cdn.kampyle.com norton-refund.com
2 support.norton.com
2 udc-neb.kampyle.com norton-refund.com
2 cm.everesttech.net 2 redirects
2 om.norton.com norton-refund.com
2 www.google-analytics.com norton-refund.com
1 fast.symantec.demdex.net norton-refund.com
1 now.symassets.com norton-refund.com
1 mylivechat.com norton-refund.com
1 symantec.tt.omtrdc.net norton-refund.com
1 fonts.googleapis.com norton-refund.com
69 15

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-26 -
2020-08-18		 3 months crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.mylivechat.com
Go Daddy Secure Certificate Authority - G2		 2018-10-30 -
2020-11-02		 2 years crt.sh
store.norton.com
DigiCert SHA2 Extended Validation Server CA		 2020-05-14 -
2021-04-28		 a year crt.sh

This page contains 4 frames:

Primary Page: http://norton-refund.com/
Frame ID: C5C21815DEE7572FBC4102F1B4A4CA8F
Requests: 74 HTTP requests in this frame

Frame: http://norton-refund.com/Request%20refund_files/SAML2.html
Frame ID: 69AF86A25D98A1540D9D5F75551A5FD1
Requests: 1 HTTP requests in this frame

Frame: http://fast.symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: 531D7A103C12315FB2FDA9F315AD95DE
Requests: 1 HTTP requests in this frame

Frame: http://norton-refund.com/Request%20refund_files/dest5.html
Frame ID: F5A8E9C32766ED543D269DDDD623D147
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

69
Requests

20 %
HTTPS

14 %
IPv6

11
Domains

15
Subdomains

14
IPs

6
Countries

1245 kB
Transfer

3234 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 31
  • http://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1592814398792 HTTP 302
  • http://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1592814398792
Request Chain 34
  • http://cm.everesttech.net/cm/dd?d_uuid=72238609874954026972047591065318991522 HTTP 302
  • https://cm.everesttech.net/cm/dd?d_uuid=72238609874954026972047591065318991522 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XvBrQAAAAzHl6lL0 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XvBrQAAAAzHl6lL0
Request Chain 54
  • http://www.google-analytics.com/r/collect?v=1&_v=j82&a=1713726373&t=pageview&_s=1&dl=http%3A%2F%2Fnorton-refund.com%2F&ul=en-us&de=UTF-8&dt=Request%20refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=286790095&gjid=1248199026&cid=709026376.1592814401&tid=UA-12436054-34&_gid=514637739.1592814401&_r=1&z=1929809719 HTTP 307
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1713726373&t=pageview&_s=1&dl=http%3A%2F%2Fnorton-refund.com%2F&ul=en-us&de=UTF-8&dt=Request%20refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=286790095&gjid=1248199026&cid=709026376.1592814401&tid=UA-12436054-34&_gid=514637739.1592814401&_r=1&z=1929809719

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
norton-refund.com/ 		63 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
4fd64fd469f1820b093856db25c5fd7a1b9d5510fc124ca173101eed121afbbe

Request headers

Host
norton-refund.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:37 GMT
Server
Apache
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Last-Modified
Sat, 20 Jun 2020 23:17:34 GMT
ETag
"3a09fc-fdc4-5a88c36f9bf59-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
15639
Keep-Alive
timeout=5
Content-Type
text/html
cool-2.1.15.min.js.download
norton-refund.com/Request%20refund_files/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/cool-2.1.15.min.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:08 GMT
Server
Apache
ETag
"3a00b6-3643-5a81a4c672f00-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
5197
a02533d94a
norton-refund.com/Request%20refund_files/ 		57 B
341 B 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/a02533d94a
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:38 GMT
Last-Modified
Mon, 15 Jun 2020 07:23:08 GMT
Server
Apache
ETag
"3a00b3-39-5a81a4c672f00"
Vary
User-Agent
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
57
embed.js.download
norton-refund.com/Request%20refund_files/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/embed.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
a4bc4400fae1325f022e299d6eae2a752e24a2e585e90c7e290e60228f9ae2cb

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:08 GMT
Server
Apache
ETag
"3a00ba-60f-5a81a4c672f00-gzip"
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5
Content-Length
662
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,500,600,900
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56cdd79129dc2218446af392bb4aaf7f5bc6ff19989d7deb276adb2067deb6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 22 Jun 2020 08:26:37 GMT
server
ESF
date
Mon, 22 Jun 2020 08:26:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 22 Jun 2020 08:26:37 GMT
nr-spa-1169.min.js.download
norton-refund.com/Request%20refund_files/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/nr-spa-1169.min.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
37072a42526245f257b725698d7e70dfab281bfd00d38f1112dafd36a6e04176

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:08 GMT
Server
Apache
ETag
"3a00ca-92b2-5a81a4c672f00-gzip"
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
application/javascript
Keep-Alive
timeout=5
Content-Length
13997
36cc8274cb3216048f8414078284304d.js.download
norton-refund.com/Request%20refund_files/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/36cc8274cb3216048f8414078284304d.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
d08e9088d1e91daf4e736d0ae8798fdb528c85b9d369caa0c623303563093d2c

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:08 GMT
Server
Apache
ETag
"3a00b1-602d-5a81a4c672f00-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
5027
33cceced0ea71b3e23e47d73363b7801.js.download
norton-refund.com/Request%20refund_files/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/33cceced0ea71b3e23e47d73363b7801.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
6205d3d751b72d38c7be1dddba99dd142c10f4a170b001ba853677a4e447d481

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:08 GMT
Server
Apache
ETag
"3a00b0-4192-5a81a4c672f00-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
4133
909b6ef427ceca5318f8b3c30c561716.js.download
norton-refund.com/Request%20refund_files/ 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/909b6ef427ceca5318f8b3c30c561716.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
84c43541fc4023f6be914e8603d2d2a4b7b69879172dcf5603d5525593139785

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:08 GMT
Server
Apache
ETag
"3a00b2-5a47-5a81a4c672f00-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
4003
0ff1adb6468e2f5e41e690577f04ab62.js.download
norton-refund.com/Request%20refund_files/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/0ff1adb6468e2f5e41e690577f04ab62.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
0a6e06c1af5bc256b78db3817faa0b6c503db7685c94d8a74f8bafe947f0047e

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:08 GMT
Server
Apache
ETag
"3a00ae-6529-5a81a4c672f00-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
5301
1101df39ed2dc35f30aa57f2fd79d760.js.download
norton-refund.com/Request%20refund_files/ 		673 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/1101df39ed2dc35f30aa57f2fd79d760.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
c01b3088ac796cf4ba4aa2b14cac96c54961891b48f30781ddcc4562aa534db9

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:39 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:08 GMT
Server
Apache
ETag
"3a00af-2a1-5a81a4c672f00-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
300
serverComponent.php
norton-refund.com/Request%20refund_files/ 		713 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/serverComponent.php
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache / PHP/7.3.17
Resource Hash
5a2f7f723887eeffecb84c6e48cefe13d411f8c36ae2fd1a211686c29a49f6c3

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:38 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/7.3.17
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=5
Content-Length
338
analytics.js.download
norton-refund.com/Request%20refund_files/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/analytics.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00b4-b344-5a81a4c85b380-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
18472
support-v2-min.css
norton-refund.com/Request%20refund_files/ 		391 KB
128 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/support-v2-min.css
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
3ccfb459c69fd68bf9a996043537f1a1a264ab6d89528fa722c697dbac8a2515

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00d1-61dba-5a81a4c85b380-gzip"
Vary
Accept-Encoding,User-Agent
Upgrade
h2,h2c
Transfer-Encoding
chunked
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
text/css
Keep-Alive
timeout=5
Bootstrap.js.download
norton-refund.com/Request%20refund_files/ 		112 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/Bootstrap.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
94d1e6cf783de73325a1ac2826cdadbeebbe5cf7de78f50de736e9ec29a1f05f

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00b5-1c1ca-5a81a4c85b380-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
35583
s_code_min.js.download
norton-refund.com/Request%20refund_files/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/s_code_min.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
148f6ddd1795c842934bbe18e5812ab8f0f95f52c483a7ce86c24b84f2ade78a

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00cd-fee8-5a81a4c85b380-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
22636
support-min-v2.js.download
norton-refund.com/Request%20refund_files/ 		928 KB
354 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/support-min-v2.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
7d4b937783d3b4713bbbbb2381a057e7112807f257a7abe5ab4a140bd2f25c36

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:38 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00d0-e8052-5a81a4c85b380-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
logo_NLOK_dark_198x37.png
norton-refund.com/Request%20refund_files/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/Request%20refund_files/logo_NLOK_dark_198x37.png
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
d1bff1c2544bfa155fc5146a5eaa4a576570f2e3aa9a40a427719450131fe7ab

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Last-Modified
Mon, 15 Jun 2020 10:25:18 GMT
Server
Apache
ETag
"3a00c3-15ba-5a81cd7e1bf80"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
5562
icon-search.png
norton-refund.com/Request%20refund_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/Request%20refund_files/icon-search.png
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
674d6953836f65882f91b490ed45024104d8a472627a690802aab4db0565bc48

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00bf-531-5a81a4c85b380"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1329
logo_NLOK_132x26_lt.svg
norton-refund.com/Request%20refund_files/ 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/Request%20refund_files/logo_NLOK_132x26_lt.svg
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
9c28255a4751f9bb7447d173b7c974f1dd50e9ce458ff10d3a6bbbb9be35f8c6

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00c2-2979-5a81a4c85b380-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
2652
logo_norton_LL_rev_140x43.png
norton-refund.com/Request%20refund_files/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/Request%20refund_files/logo_norton_LL_rev_140x43.png
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
f5a17243e9ea6042ca6a2fe7cb9c62b6560a77040afa490cf0aa70d00622dfef

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Last-Modified
Tue, 16 Jun 2020 23:43:04 GMT
Server
Apache
ETag
"3a00c5-c6b-5a83c1ac25200"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
3179
logo_norton_121x37.png
norton-refund.com/Request%20refund_files/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/Request%20refund_files/logo_norton_121x37.png
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
5f47fba41730f297c88a6a1bcd30176565f8ca798c53447fdcd09366aa3c0d92

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Last-Modified
Tue, 16 Jun 2020 23:45:32 GMT
Server
Apache
ETag
"3a00c4-d4f-5a83c23949f00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
3407
icon_quick_help-2_56x44.png
norton-refund.com/Request%20refund_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/Request%20refund_files/icon_quick_help-2_56x44.png
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
bb62cf8aac62f04731182c224d2e453e8af456fbeda189a9ac010bf929c3cbf8

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00bc-5d1-5a81a4c85b380"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1489
icon-download.png
norton-refund.com/Request%20refund_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/Request%20refund_files/icon-download.png
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
605526d5b8bab71c673019227b0fa55411de0d6b99a48b66623816c18a65e833

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00be-713-5a81a4c85b380"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1811
icon_rebate.png
norton-refund.com/Request%20refund_files/ 		510 B
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/Request%20refund_files/icon_rebate.png
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
4944474737058eb6b23b6abcfb6af6c944e81e84990221389667d42abc639e79

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00bd-1fe-5a81a4c85b380"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
510
icon-trs.png
norton-refund.com/Request%20refund_files/ 		941 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/Request%20refund_files/icon-trs.png
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
fa9f0f9c7ce21153295f4afe392d90ffdc3d1c1708e8f4e024c8a3f03b6f1637

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00c0-3ad-5a81a4c85b380"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
941
product_key_jan2017.png
norton-refund.com/Request%20refund_files/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/Request%20refund_files/product_key_jan2017.png
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
c64f9d71df2dcfbc855781ce87ba1312ae0884e974488af33f6d919b8cd75b90

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00cc-42d80-5a81a4c85b380"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
273792
om_code_support_min.js.download
norton-refund.com/Request%20refund_files/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/om_code_support_min.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
cd1f77da52f15bee084ad8b4daa1a279452c914d3c9f56c2e04e054d8a5a9712

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00cb-1bd7-5a81a4c85b380-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
2224
NortonLifeLock-Horizontal-Light.png
norton-refund.com/Request%20refund_files/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/Request%20refund_files/NortonLifeLock-Horizontal-Light.png
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
315e14dcb98db7379ef0995fbe4d5b8d73de7ba0c23c83ea4cff7d2e7d6ab62d

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00c8-35e5-5a81a4c85b380"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
13797
download_icon_black_52x45.png
norton-refund.com/Request%20refund_files/ 		651 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/Request%20refund_files/download_icon_black_52x45.png
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
05d91117cb9546fe605e74a60e1ffe63dd2317e70a5429ca9cfdf22a80961e4f

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00b9-28b-5a81a4c85b380"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
651
generic1591994803878.js.download
norton-refund.com/Request%20refund_files/ 		368 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/generic1591994803878.js.download
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
fd39d091510ad73a5d9dce96a48bacc4bb5ccfa93b686b473d211869ada2d9e2

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
Server
Apache
ETag
"3a00bb-5bf67-5a81a4c85b380-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
6422
date
Mon, 22 Jun 2020 06:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 22 Jun 2020 08:39:38 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
rd
dpm.demdex.net/id/
Redirect Chain
  • http://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1592814398792
  • http://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1592814398792
367 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1592814398792
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
54.171.46.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-46-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e02c3469343c99e93b6005d80a0da177967ca0108364a0c154948c18b90df278

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v072-0d319d816.edge-irl1.demdex.com 5.73.2.20200611122118 3ms (+1ms)
Pragma
no-cache
Content-Encoding
gzip
X-TID
4KnochSDTUw=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://norton-refund.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
303
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Access-Control-Allow-Origin
http://norton-refund.com
X-TID
8+y+IKJ1TEA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
http://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1592814398792
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
serverComponent.php
nexus.ensighten.com/symantec/support/ 		276 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
http://nexus.ensighten.com/symantec/support/serverComponent.php?r=3214182755.270214&ClientID=21&PageID=http%3A%2F%2Fnorton-refund.com%2F
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/Request%20refund_files/Bootstrap.js.download
Protocol
HTTP/1.1
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
78a71306ad77b7baa986bb63ca3aad8609b843d7adbaa7bd9d9a0bdc24d451ce

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Cache-Control
no-cache, no-store
Server
nginx
Connection
keep-alive
Content-Type
text/javascript
Content-Length
276
Expires
Mon, 22 Jun 2020 08:26:39 GMT
id
om.norton.com/ 		48 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://om.norton.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&mid=72089503596451431602027068821788928531&ts=1592814398893
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/Request%20refund_files/Bootstrap.js.download
Protocol
HTTP/1.1
Server
15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-9-100.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
2517489f477000913576ee175c9c1e21133ef5adbac0d2eec4a7fd922a52b500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 22 Jun 2020 08:26:38 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-6f7565dc8b-x2vkl
vary
Origin
x-c
master-1308.I3d0a82.M0-421
p3p
CP="This is not a P3P policy"
access-control-allow-origin
http://norton-refund.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • http://cm.everesttech.net/cm/dd?d_uuid=72238609874954026972047591065318991522
  • https://cm.everesttech.net/cm/dd?d_uuid=72238609874954026972047591065318991522
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XvBrQAAAAzHl6lL0
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XvBrQAAAAzHl6lL0
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XvBrQAAAAzHl6lL0
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.46.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-46-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v072-088ecd0e8.edge-irl1.demdex.com 5.73.2.20200611122118 1ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
xQh4aVcjTqQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
z4h35ZylSxU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=XvBrQAAAAzHl6lL0
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
e.gif
nexus.ensighten.com/error/ 		0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nexus.ensighten.com/error/e.gif?msg=jQuery%20is%20not%20defined&lnn=-1&fn=&cid=21&client=symantec&publishPath=support&rid=3269520&did=550854&errorName=ReferenceError
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Cache-Control
no-cache, no-store
Server
nginx
Connection
keep-alive
Expires
Mon, 22 Jun 2020 08:26:39 GMT
json
symantec.tt.omtrdc.net/m2/symantec/mbox/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://symantec.tt.omtrdc.net/m2/symantec/mbox/json?mbox=sym_global_mbox&mboxSession=a093f009d9c84d248ae576acd46aabcc&mboxPC=&mboxPage=61aadea547a946a8ab902d51c0f076fb&mboxRid=a6e8696d270448eeb4eee90dcce7e094&mboxVersion=1.8.1&mboxCount=1&mboxTime=1592821600269&mboxHost=norton-refund.com&mboxURL=http%3A%2F%2Fnorton-refund.com%2F&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&at_property=03865692-c665-ce04-e7fd-481068efb59c&site_country=us&site_language=en&product_name=home&product_version_name=current&product_layout=Retail&page_name=hho%3A%20help-solutions&entsrc=direct&docid=kb20100111150039EN&title=Request%20refund&searchterm=&searchresults=false&searchtype=all%20of%20support&site_section=consumer&site_subsection=help-solutions&vendor_id=&partner=&ispid=&bizseg=&visitor_segment=consumer&ced_module=&ced_error=&license=&ct_open=&repsuite=symanteccom%2Csymantecconsumersupport&contactinitiated=false&directToChat=false&contactType=&afterHours=&user_login_status=signed%20out&pvselector_displayed=false&selected_hot_topic_category=&mboxMCSDID=7AA8E587B27CE480-2091107E746CCCBB&vst.trk=om.norton.com&vst.trks=oms.norton.com&mboxMCGVID=72089503596451431602027068821788928531&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/Request%20refund_files/support-min-v2.js.download
Protocol
HTTP/1.1
Server
54.76.99.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a8f6fc6a37890580c0c5a2a8cccd532f9d91471d97e5d187ffa765d503625ce0

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jun 2020 08:26:40 GMT
Content-Encoding
gzip
Vary
Origin,Accept-Encoding
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://norton-refund.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Transfer-Encoding
chunked
X-Request-ID
a6e8696d270448eeb4eee90dcce7e094
chatinline.aspx
mylivechat.com/ 		318 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mylivechat.com/chatinline.aspx?hccid=36825054
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.117.22.28 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
1c.16.7534.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3c9751201e8fa8141c02ddb56114d6c88aa1c6b6330411ee97e45772105f0b0b

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:45 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
340
SAML2.html
norton-refund.com/Request%20refund_files/ Frame 69AF 		110 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/SAML2.html
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
af59e3631d3abed0dae58a92731ce802d3ae775043fa3e031c9655677eda5662

Request headers

Host
norton-refund.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://norton-refund.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
at_check=true; mbox=session#a093f009d9c84d248ae576acd46aabcc#1592816261
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://norton-refund.com/

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Server
Apache
Last-Modified
Tue, 16 Jun 2020 23:11:54 GMT
ETag
"3a00ce-6e-5a83bab4c6280-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
110
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html
truncated
/ 		561 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fbf2b6280f08f2fdef91f81d2be55851540981ac802453b4aaa03e7c3c0c3ff

Request headers

Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a22b874af2e8637851b7f7dc55192602a5ee3af1d8729497eb06e36733a96af

Request headers

Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bcfd955b8c4f9d34379c0a381bc70c866ae8cc3e0a729d8a0b9c1e493bff7cdc

Request headers

Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b21959ac034bc5348c1a725fd220458d765d95e27daeb80478d8b0ecc640d93

Request headers

Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8587c91cae0e80976b294671e4a93fde0fc839d944a1f536263076829cbbc2d8

Request headers

Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b548b3f0d74461816ff49f23a4d1de0278cdcb17b77fdb58419a24bc4e029698

Request headers

Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3c64e6af6dc757501e020a9b4fb28aeb87417d661cd6d8b6f757dfc9406c3e7

Request headers

Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
bnr_hands_tablet_laptop2_1170x240.jpg
now.symassets.com/content/dam/norton/global/images/non-product/banners/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://now.symassets.com/content/dam/norton/global/images/non-product/banners/bnr_hands_tablet_laptop2_1170x240.jpg
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.172.7 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-172-7.deploy.static.akamaitechnologies.com
Software
Apache/2.4.29 (Unix) Communique/4.2.2 /
Resource Hash
c7f87fd7417ff2e6b29df132bb4bd054fa5858e3071a24913e76b1da0a9cd5e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 06 Feb 2019 13:41:05 GMT
server
Apache/2.4.29 (Unix) Communique/4.2.2
etag
"b097-58139e0aa65c9"
status
200
content-type
image/jpeg
access-control-allow-origin
*
date
Mon, 22 Jun 2020 08:26:40 GMT
accept-ranges
bytes
content-length
45207
x-xss-protection
1; mode=block
print.gif
norton-refund.com/images/kb/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/images/kb/print.gif
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6c503a980841fa555a9bd8ca7d4e847bd69c42349fa1838fe2a5ad3b2d83275

Request headers

Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
spritemap-main-icons.png
norton-refund.com/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://norton-refund.com/images/spritemap-main-icons.png
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:41 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
glyphicons-halflings-regular.woff2
norton-refund.com/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
Origin
http://norton-refund.com

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
SymantecSans.woff
norton-refund.com/Request%20refund_files/font/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/font/SymantecSans.woff
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
Origin
http://norton-refund.com

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
dest5.html
fast.symantec.demdex.net/ Frame 531D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://fast.symantec.demdex.net/dest5.html?d_nsid=0
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/Request%20refund_files/Bootstrap.js.download
Protocol
HTTP/1.1
Server
2.16.186.48 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Host
fast.symantec.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://norton-refund.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://norton-refund.com/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238"
Last-Modified
Mon, 03 Feb 2020 17:27:06 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=21600
Date
Mon, 22 Jun 2020 08:26:40 GMT
Content-Length
2785
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
dest5.html
norton-refund.com/Request%20refund_files/ Frame F5A8 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/dest5.html
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash
c8b31e3ca73d2766544774245935464293a1f820d6be6e0bafe9f94c1b88e752

Request headers

Host
norton-refund.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://norton-refund.com/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
at_check=true; mbox=session#a093f009d9c84d248ae576acd46aabcc#1592816261|PC#a093f009d9c84d248ae576acd46aabcc.37_0#1656059201; mboxEdgeCluster=37
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://norton-refund.com/

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Server
Apache
Last-Modified
Mon, 15 Jun 2020 07:23:10 GMT
ETag
"3a00b8-1bb6-5a81a4c85b380-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
2859
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html
collect
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/collect?v=1&_v=j82&a=1713726373&t=pageview&_s=1&dl=http%3A%2F%2Fnorton-refund.com%2F&ul=en-us&de=UTF-8&dt=Request%20refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0...
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1713726373&t=pageview&_s=1&dl=http%3A%2F%2Fnorton-refund.com%2F&ul=en-us&de=UTF-8&dt=Request%20refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=...
35 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1713726373&t=pageview&_s=1&dl=http%3A%2F%2Fnorton-refund.com%2F&ul=en-us&de=UTF-8&dt=Request%20refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=286790095&gjid=1248199026&cid=709026376.1592814401&tid=UA-12436054-34&_gid=514637739.1592814401&_r=1&z=1929809719
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 22 Jun 2020 08:26:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1713726373&t=pageview&_s=1&dl=http%3A%2F%2Fnorton-refund.com%2F&ul=en-us&de=UTF-8&dt=Request%20refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=286790095&gjid=1248199026&cid=709026376.1592814401&tid=UA-12436054-34&_gid=514637739.1592814401&_r=1&z=1929809719
Non-Authoritative-Reason
HSTS
1101df39ed2dc35f30aa57f2fd79d760.js
nexus.ensighten.com/symantec/support/code/ 		673 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
http://nexus.ensighten.com/symantec/support/code/1101df39ed2dc35f30aa57f2fd79d760.js?conditionId0=423130
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/Request%20refund_files/Bootstrap.js.download
Protocol
HTTP/1.1
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c01b3088ac796cf4ba4aa2b14cac96c54961891b48f30781ddcc4562aa534db9

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Last-Modified
Fri, 20 Mar 2020 07:57:03 GMT
Server
nginx
ETag
"5e74774f-2a1"
Content-Type
application/javascript; charset=utf-8
cache-control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
673
e.gif
nexus.ensighten.com/error/ 		0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nexus.ensighten.com/error/e.gif?msg=sp%20is%20not%20defined&lnn=-1&fn=&cid=21&client=symantec&publishPath=support&rid=3266150&did=563648&errorName=ReferenceError
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Cache-Control
no-cache, no-store
Server
nginx
Connection
keep-alive
Expires
Mon, 22 Jun 2020 08:26:39 GMT
e.gif
nexus.ensighten.com/error/ 		0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nexus.ensighten.com/error/e.gif?msg=sp%20is%20not%20defined&lnn=-1&fn=&cid=21&client=symantec&publishPath=support&rid=3149364&did=631639&errorName=ReferenceError
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Cache-Control
no-cache, no-store
Server
nginx
Connection
keep-alive
Expires
Mon, 22 Jun 2020 08:26:39 GMT
glyphicons-halflings-regular.woff
norton-refund.com/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/fonts/glyphicons-halflings-regular.woff
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
Origin
http://norton-refund.com

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
SymantecSans.ttf
norton-refund.com/Request%20refund_files/font/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/Request%20refund_files/font/SymantecSans.ttf
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
Origin
http://norton-refund.com

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
glyphicons-halflings-regular.ttf
norton-refund.com/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://norton-refund.com/fonts/glyphicons-halflings-regular.ttf
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
166.62.28.124 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-166-62-28-124.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://norton-refund.com/Request%20refund_files/support-v2-min.css
Origin
http://norton-refund.com

Response headers

Date
Mon, 22 Jun 2020 08:26:40 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
livechat2.aspx
s2.mylivechat.com/livechat2/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.mylivechat.com/livechat2/livechat2.aspx?hccid=36825054&apimode=chatinline
Requested by
Host: mylivechat.com
URL: https://mylivechat.com/chatinline.aspx?hccid=36825054
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.117.22.25 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
19.16.7534.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
dcbf8f0d5c159967266a290ccf0d3953739c7f49f75cac3e880fe2e7648b6073

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jun 2020 08:26:46 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Content-Length
2485
Expires
-1
s24622716736690
om.norton.com/b/ss/symanteccom,symantecconsumersupport/1/JS-2.17.0/ 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://om.norton.com/b/ss/symanteccom,symantecconsumersupport/1/JS-2.17.0/s24622716736690?AQB=1&ndh=1&pf=1&t=22%2F5%2F2020%2010%3A26%3A41%201%20-120&sdid=7AA8E587B27CE480-2091107E746CCCBB&mid=72089503596451431602027068821788928531&aamlh=6&ce=UTF-8&pageName=cons_supp%3A%20sp%3A%20hho%3A%20help-solutions&g=http%3A%2F%2Fnorton-refund.com%2F&server=norton-refund.com&events=event69%2Cevent79%3D24&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=us&c3=en&c11=cons_supp%3A%20false&v12=cons_supp%3A%20sp%3A%20direct&v13=cons_supp%3A%20kb20100111150039en&v14=cons_supp%3A%20retail&v18=cons_supp%3A%20sp%3A%20hho%3A%20help-solutions&v27=us&v28=en&v29=signed%20out&c35=cons_supp%3A%20sp%3A%20hho%3A%20help-solutions&c41=support&v41=support&v47=s_code&c48=request%20refund&v48=help-solutions&c49=help-solutions&v49=request%20refund&v57=72089503596451431602027068821788928531&v71=cons_supp%3A%20home_current&c75=D%3Dv57&v96=http%3A%2F%2Fnorton-refund.com%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-9-100.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 22 Jun 2020 08:26:41 GMT
x-content-type-options
nosniff
x-c
master-1308.I3d0a82.M0-421
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 23 Jun 2020 08:26:41 GMT
server
jag
xserver
anedge-6f7565dc8b-j87j9
etag
3420542880531709952-4614335888417751887
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 21 Jun 2020 08:26:41 GMT
chatinline.css
s2.mylivechat.com/livechat2/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s2.mylivechat.com/livechat2/chatinline.css
Requested by
Host: s2.mylivechat.com
URL: https://s2.mylivechat.com/livechat2/livechat2.aspx?hccid=36825054&apimode=chatinline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.117.22.25 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
19.16.7534.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
28f2985c4fa7ab576d6278186d22db973202c61b41f5d5a6e1e58eaa3a87369e

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:46 GMT
Content-Encoding
gzip
ETag
"802b858c786cd41:0"
Last-Modified
Thu, 25 Oct 2018 15:36:51 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=2160000
Accept-Ranges
bytes
Content-Length
1234
resources2.aspx
s2.mylivechat.com/livechat2/ 		155 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.mylivechat.com/livechat2/resources2.aspx?HCCID=36825054&culture=en-US&mlcv=3007&template=5
Requested by
Host: s2.mylivechat.com
URL: https://s2.mylivechat.com/livechat2/livechat2.aspx?hccid=36825054&apimode=chatinline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.117.22.25 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
19.16.7534.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
82e20898186f690514ac5e02f6e135c852ff48eba8c77c8f6ba983b205ae0afa

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:46 GMT
Content-Encoding
gzip
ETag
"fweo0wAuD9TraEVeD9ncjNEvXueKDfD9nFyrmWvMSXY="
Last-Modified
Mon, 22 Jun 2020 05:00:00 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Content-Length
46886
Expires
Tue, 22 Jun 2021 08:26:47 GMT
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/Request%20refund_files/generic1591994803878.js.download
Protocol
HTTP/1.1
Server
151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:41 GMT
Via
1.1 varnish, 1.1 varnish
Age
0
X-Cache
MISS, HIT
Connection
keep-alive
Content-Encoding
gzip
x-amz-request-id
9951A5F978E3F1C8
x-amz-id-2
XqVaKHOURU7MwBcpCCMUctvOEFoT/DWescBxrAjf4sZMYSxmxYYg9yZGPXef3JTIqggebmjHsaM=
X-Served-By
cache-iad2139-IAD, cache-hhn4064-HHN
Accept-Ranges
bytes
Last-Modified
Tue, 17 Mar 2020 11:10:17 GMT
Server
AmazonS3
X-Timer
S1592814402.808120,VS0,VE0
ETag
"80dd5e3be5152c5c72d552c6a26ef6ff"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Content-Length
5197
X-Cache-Hits
0, 650554
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjEuMTUiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTU5MjgxNDQwMjAxOSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDIsInVzZXJfaWQiOiAiMTcyZGIyMmY5ZTExMTItMDdmYzA5N2ZkMzE4ODUtMWIzOTYyNTYtMWQ0YzAwLTE3MmRiMjJmOWUyMzdmIiwiZW52aXJvbWVudCI6ICJwcm9kVXNPcmVnb24iLCJhY2NvdW50SWQiOiA0NTgwNTQsInVybCI6ICJodHRwOi8vbm9ydG9uLXJlZnVuZC5jb20vIiwid2Vic2l0ZUlkIjogNDU4MDU2LCJmZWVkYmFja191dWlkIjogbnVsbCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZDA4Ni03MThmLWJhZWMtMmRjNS1kNGNjLWM0OTYtZTRjMS02NTk5Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE1OTI4MTQ0MDE3OTciLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogOTM1LCJrYW1weWxlX3ZlcnNpb24iOiAiMi4zMi4yLjAiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE1OTI4MTQ0MDE3OTksInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/
Protocol
HTTP/1.1
Server
35.241.45.82 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ME
prod-instance-gatewayservice-green-x61z
Date
Mon, 22 Jun 2020 08:26:42 GMT
Via
1.1 google
Server
Jetty(9.2.11.v20150529)
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Content-Type
image/gif; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Origin, Content-Type, Accept
Content-Length
0
X-Application-Context
application:9090
livechatinit2.js
s2.mylivechat.com/livechat2/script/ 		86 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.mylivechat.com/livechat2/script/livechatinit2.js
Requested by
Host: s2.mylivechat.com
URL: https://s2.mylivechat.com/livechat2/livechat2.aspx?hccid=36825054&apimode=chatinline
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.117.22.25 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
19.16.7534.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ff7032077d0e1cbe277d22d726435e51e4b2c56ee91ca812efebea41234926e6

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:47 GMT
Content-Encoding
gzip
ETag
"0355c36df35d61:0"
Last-Modified
Fri, 29 May 2020 17:33:06 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2160000
Accept-Ranges
bytes
Content-Length
18165
sprite.png
s2.mylivechat.com/livechat2/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s2.mylivechat.com/livechat2/images/sprite.png
Requested by
Host: s2.mylivechat.com
URL: https://s2.mylivechat.com/livechat2/resources2.aspx?HCCID=36825054&culture=en-US&mlcv=3007&template=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.117.22.25 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
19.16.7534.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
62ede3551644609cb48bab8702858adff28c59eada656c390e729342986a34f9

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:47 GMT
Last-Modified
Tue, 05 Dec 2017 23:01:50 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"9a419881d6ed31:0"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=2160000
Accept-Ranges
bytes
Content-Length
2468
generic1591994803878.js
nebula-cdn.kampyle.com/wu/458056/onsite/ 		368 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nebula-cdn.kampyle.com/wu/458056/onsite/generic1591994803878.js
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/Request%20refund_files/embed.js.download
Protocol
HTTP/1.1
Server
151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd39d091510ad73a5d9dce96a48bacc4bb5ccfa93b686b473d211869ada2d9e2

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Le35xlZg6mI2oAcqWo35dTwlhV3NAq1i
Content-Encoding
gzip
ETag
"2a49fb687cdcb1235966a35caf158d74"
Age
0
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
Connection
keep-alive
x-amz-request-id
CC7CBABC3A1FD93F
x-amz-id-2
TLVrKssvbM9th+IbL/Y6rUMsVAwQ6yZ3JEK89rarOlrdzrGoReXKe3bxFfRtZ9Vp7vONh4Vo2yI=
X-Served-By
cache-dca17769-DCA, cache-hhn4064-HHN
Accept-Ranges
bytes
Last-Modified
Fri, 12 Jun 2020 20:46:45 GMT
Server
AmazonS3
X-Timer
S1592814402.320567,VS0,VE1
Date
Mon, 22 Jun 2020 08:26:42 GMT
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Content-Length
64623
X-Cache-Hits
1, 1
lifestyle-img@1x.jpg
support.norton.com/sp/static/external/assets/images/exitsurvey/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.norton.com/sp/static/external/assets/images/exitsurvey/lifestyle-img@1x.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.172.7 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-172-7.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
953b072156790e377ca344e96eb38d5f5664083741c88bdcead3e9ca4cd08e9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 27 Jun 2018 19:41:57 GMT
server
nginx
etag
"5b33e885-63ef"
content-type
image/jpeg
status
200
date
Mon, 22 Jun 2020 08:26:42 GMT
accept-ranges
bytes
content-length
25583
NortonLifeLock-Horizontal-Light.png
support.norton.com/sp/static/external/dark_web_monitoring/img/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://support.norton.com/sp/static/external/dark_web_monitoring/img/NortonLifeLock-Horizontal-Light.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.172.7 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-172-7.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
315e14dcb98db7379ef0995fbe4d5b8d73de7ba0c23c83ea4cff7d2e7d6ab62d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 18 Feb 2020 00:29:47 GMT
server
nginx
etag
"5e4b2ffb-35e5"
content-type
image/png
status
200
date
Mon, 22 Jun 2020 08:26:42 GMT
accept-ranges
bytes
content-length
13797
e.gif
nexus.ensighten.com/error/ 		0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nexus.ensighten.com/error/e.gif?msg=Cannot%20read%20property%20%27checkForCookie%27%20of%20undefined&lnn=-1&fn=&cid=21&client=symantec&publishPath=support&rid=3269528&did=550856&errorName=TypeError
Protocol
HTTP/1.1
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 22 Jun 2020 08:26:42 GMT
Cache-Control
no-cache, no-store
Server
nginx
Connection
keep-alive
Expires
Mon, 22 Jun 2020 08:26:41 GMT
embed.js
nebula-cdn.kampyle.com/wu/458056/onsite/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://nebula-cdn.kampyle.com/wu/458056/onsite/embed.js
Requested by
Host: norton-refund.com
URL: http://norton-refund.com/Request%20refund_files/Bootstrap.js.download
Protocol
HTTP/1.1
Server
151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a3b7a6deb1a1425c1b34fce5f3254a2971b6be038912177128a56fc5db8ee180

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
huNfc_.0oigDuDYITrMqt6dv2LgPhd7d
Content-Encoding
gzip
ETag
"7c01b9d657aed86c625167bad1c81cff"
Age
240149
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
663
x-amz-id-2
7Uvnk6cjIsZih1cfNOA7R6LTDsJ04elm5DC2Iz/XuanVnGvXN0EmZqmAYE1D8UBo6p06iar1Wg4=
X-Served-By
cache-dca17727-DCA, cache-hhn4077-HHN
Last-Modified
Fri, 19 Jun 2020 13:44:13 GMT
Server
AmazonS3
X-Timer
S1592814402.338264,VS0,VE0
Date
Mon, 22 Jun 2020 08:26:42 GMT
Vary
Accept-Encoding
x-amz-request-id
6A08F4B4A3A75901
Access-Control-Allow-Origin
*
Cache-Control
max-age=0,must-revalidate
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
1, 10631
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjEuMTUiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTU5MjgxNDQwMjM2MSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDIsInVzZXJfaWQiOiAiMTcyZGIyMmY5ZTExMTItMDdmYzA5N2ZkMzE4ODUtMWIzOTYyNTYtMWQ0YzAwLTE3MmRiMjJmOWUyMzdmIiwiZW52aXJvbWVudCI6ICJwcm9kVXNPcmVnb24iLCJhY2NvdW50SWQiOiA0NTgwNTQsInVybCI6ICJodHRwOi8vbm9ydG9uLXJlZnVuZC5jb20vIiwid2Vic2l0ZUlkIjogNDU4MDU2LCJmZWVkYmFja191dWlkIjogbnVsbCwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiZDA4Ni03MThmLWJhZWMtMmRjNS1kNGNjLWM0OTYtZTRjMS02NTk5Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE1OTI4MTQ0MDIzNTkiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogMTAxNCwia2FtcHlsZV92ZXJzaW9uIjogIjIuMzIuMi4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNTkyODE0NDAyMzYxLCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZX0KXX0=
Protocol
HTTP/1.1
Server
35.241.45.82 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-ME
prod-instance-gatewayservice-green-7s3c
Date
Mon, 22 Jun 2020 08:26:42 GMT
Via
1.1 google
Server
Jetty(9.2.11.v20150529)
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Content-Type
image/gif; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Origin, Content-Type, Accept
Content-Length
0
X-Application-Context
application:9090
livechat2.aspx
s2.mylivechat.com/livechat2/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.mylivechat.com/livechat2/livechat2.aspx?apimode=sync&HCCID=36825054&CCCustomerId=0ba2ced3-7d28-efb9-cf18-0c185c16d808&Type=VISIT&Url=http%3A%2F%2Fnorton-refund.com%2F&ContextData=3%3A9%7C0%7C&ScreenSize=1600,1200&PageTitle=Request%20refund&uats=9&culture=en-US&mlcv=3007&template=5
Requested by
Host: s2.mylivechat.com
URL: https://s2.mylivechat.com/livechat2/script/livechatinit2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.117.22.25 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
19.16.7534.ip4.static.sl-reverse.com
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4e2efdecd605e9e1844ec50b78125350be1f85aa1e62f7aae9f2ce3b5c01463d

Request headers

Referer
http://norton-refund.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jun 2020 08:26:56 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Content-Length
728
Expires
-1

Verdicts & Comments Add Verdict or Comment

266 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| KAMPYLE_EMBED string| GoogleAnalyticsObject function| ga function| targetPageParams object| ensBootstraps object| Bootstrapper object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor function| s_getLoadTime function| removeTxt function| internalSearchLinkClick_Natural function| s_doPlugins function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq string| s_account object| s number| s_loadT object| _numeric_ string| PageN function| trackCustomDownload object| uStudio number| s_objectID number| s_giq object| val undefined| testWin string| twisteesOpened function| switchToAltContact function| openButtonWin function| showLangLightBox function| hideLangLightBox function| showPage undefined| videoPlayer string| existingPageName string| openedPopup function| showLightBox function| hideLightBox function| pvSelectDisplayed function| oo_launch_prompt_clicked undefined| omniture function| write_scode undefined| lgMetaElement undefined| ctMetaElement undefined| spABHelpers undefined| CSPUpgradeBannerTest undefined| CSPUpgradeBannerTestV2 undefined| contactSelfHelpExperience undefined| accFormAmendments undefined| downloadBotExperience undefined| telusDwmDisclaimer undefined| renewalBotExperience undefined| techIssueBotFixProblems undefined| spTestKbSurvey undefined| spNavRedesign undefined| multimediaSlideshow undefined| spTestContentLength undefined| searchEngagementTest undefined| spTestContentMicroSite undefined| breakRefundLoop undefined| refundWinBack undefined| spTestVideoContentInContactFlow undefined| quickHelpSideBar undefined| spDownloadPageVideo undefined| spTestRenameRenewalCategory undefined| spTestPromotedSignIn undefined| spCookieData undefined| SELECTED_NAV function| setHotTopicCategoryMetaTag function| updateCookie function| getSelectedHotTopic function| getSelectedHotTopicFromCookie function| getDefaultSelectedHotTopic function| selectTab function| changeSelTab undefined| currDateTime undefined| optionState function| init_automationVars function| trimString function| updateFormActionWithChangedProductVersion function| validateContactForm function| trim function| changeProductVersions function| updateIssueDescriptionCharacters function| updateStepsTakenCharacters function| ismaxlength function| getCase function| openPromoteForumsCommunity function| openKbDocument function| showPhoneNumbers function| chatDuringClosedHours function| UAParser undefined| returnExports function| $ function| jQuery object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| _ string| appContextPath string| isOEM string| isSOS string| isBeta string| s_tnt string| tntVal string| ipGeoLocation object| ttMETA function| debugttMETA function| add_chatinline object| uaParser undefined| currentContactUrl string| currentContactText object| NREUM object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| geoAIOUberBannerHelpers object| lifeLockUberBannerHelpers undefined| s_code object| expiration_date string| prefixVal object| omniVarsArr object| s_i_symanteccom_symantecconsumersupport string| mlcp function| MyLiveChat_AddScript function| MyLiveChat_GetLastScriptTag function| MyLiveChat_ImportCss function| MyLiveChat_DocWrite object| MyLiveChat string| KAMPYLE_REVISION object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_OnPrem object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata object| MyLiveChat_Lib object| MyLiveChat_WrapperBase function| MyLiveChat_WrapperBaseConstructor function| MyLiveChat_CreateWrapper function| MyLiveChat_BuildWrapper function| MyLiveChat_SetBaseCss function| MyLiveChat_DefineStyle function| MyLiveChat_RunStyle function| MyLiveChat_ApplyStyle object| MyLiveChat_InitCss2Handlers function| MyLiveChat_InitCss2 function| MLCUI_FireOAuthStart function| MLCUI_GetOAuthUrlBase function| MLCUI_TryLogoutOAuth function| MLCUI_TryGetOAuth function| MLCUI_ShowOAuth function| MLCUI_ImplOAuth function| MLCUI_CreateCustomFields function| MyLiveChat_SetupButtonMode function| MLCUI_InlineHelper function| MyLiveChat_CreateDialogPanel function| MyLiveChat_SupportHtml5Upload function| MyLiveChat_CreateMainPanel function| MyLiveChat_CreateInlinePanel function| MyLiveChat_InitOnce function| MyLiveChat_CalcImagePath function| MyLiveChat_CalcCustomUrl function| MyLiveChat_InitOnceInline function| MyLiveChat_InitOnceFinal function| MyLiveChat_IsDuringOperatingHours function| MyLiveChat_InitStorate function| MyLiveChat_LoadUserDataBehavior function| MyLiveChat_SupportLocalData function| MyLiveChat_GetCookie function| MyLiveChat_SetCookie function| MyLiveChat_GetLocalData function| MyLiveChat_SetLocalData function| MyLiveChat_InitID function| MyLiveChat_SyncToCPR function| MyLiveChat_PatternMatch function| MyLiveChat_HtmlEncode function| MyLiveChat_InvokeEvent function| MyLiveChat_PlaySound function| MyLiveChat_DelayRequest function| MyLiveChat_SetNextReqTimeout function| MyLiveChat_NextRequest function| MyLiveChat_SyncFromCPR function| MyLiveChat_CPRDecode function| MyLiveChat_CPREncode function| MyLiveChat_GetSourceUrl function| MyLiveChat_GetReferrer function| MyLiveChat_AppendToUrl function| MyLiveChat_ChangeUrl function| MyLiveChat_GetDialogUrl function| MyLiveChat_IsUseInlineChat function| MyLiveChat_OpenDialog function| MyLiveChat_UpdateWidgetInline function| MyLiveChat_ShowChatWidget function| MyLiveChat_ForEachElement function| MyLiveChat_WriteOrSetHTML function| MyLiveChat_Initialize function| MyLiveChat_RunLoadingHandler function| MyLiveChat_AddCustomData function| MergeCustomData function| ConvertToJson function| MyLiveChat_InlineTriggerMatch function| MyLiveChat_FilterStringMatch function| MyLiveChat_InlineTriggerNewMatch function| MyLiveChat_MatchNewTriggers function| MyLiveChat_MatchServerTriggers function| MyLiveChat_TryServerInvitation function| MyLiveChat_OnServerInvitation function| MyLiveChat_RestoreServerInvite function| MyLiveChat_StartServerInvitation function| MyLiveChat_InlineChatInit function| mlcwidget_findelements function| mlcwidget_calcpoint function| mlcwidget_calcbodypoint function| mlcwidget_nextposition function| MyLiveChat_CalcBodyPoint function| MyLiveChat_CalcPoint function| MyLiveChat_MovePoint function| MyLiveChat_SetUserName function| MyLiveChat_SetEmail function| MyLiveChat_SetDepartment function| MyLiveChat_SetSubject function| MyLiveChat_SetQuestion function| MyLiveChat_SetCustomData function| MyLiveChat_SetContextData function| MyLiveChat_SetProductName function| MyLiveChat_SetProductKey function| MyLiveChat_OnUserIsOnline function| MyLiveChat_PrepairInlineChat function| MyLiveChat_ShowInPageChat function| MyLiveChat_ShowInlineChat function| MyLiveChat_ShowChatBox function| MyLiveChat_ShowInvite function| MyLiveChat_HideInvite function| MyLiveChat_AcceptInvite function| MyLiveChat_OnInviteAccepted function| MyLiveChat_RejectInvite function| MyLiveChat_ShowInviteTemplate function| MyLiveChat_HideInviteTemplate boolean| isnewid object| _mlctemp_ object| MlcBuidinWidget

16 Cookies

Domain/Path Name / Value
norton-refund.com/ Name: kampyleSessionPageCounter
Value: 1
norton-refund.com/ Name: kampyle_userid
Value: d086-718f-baec-2dc5-d4cc-c496-e4c1-6599
.norton-refund.com/ Name: event69
Value: event69
.norton-refund.com/ Name: s_gpv
Value: cons_supp%3A%20sp%3A%20hho%3A%20help-solutions
.norton-refund.com/ Name: s_nr
Value: 1592814401201-New
.norton-refund.com/ Name: cd_user_id
Value: 172db22f9e1112-07fc097fd31885-1b396256-1d4c00-172db22f9e237f
.norton-refund.com/ Name: AMCV_67C716D751E567F70A490D4C%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C18436%7CMCMID%7C72089503596451431602027068821788928531%7CMCAAMLH-1593419198%7C6%7CMCAAMB-1593419198%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1592821598s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18443%7CvVersion%7C4.4.0
.norton-refund.com/ Name: mboxEdgeCluster
Value: 37
.norton-refund.com/ Name: _gat
Value: 1
.norton-refund.com/ Name: at_check
Value: true
norton-refund.com/ Name: kampyleUserSessionsCount
Value: 1
.norton-refund.com/ Name: _ga
Value: GA1.2.709026376.1592814401
.norton-refund.com/ Name: s_cc
Value: true
norton-refund.com/ Name: kampyleUserSession
Value: 1592814401797
.norton-refund.com/ Name: _gid
Value: GA1.2.514637739.1592814401
.norton-refund.com/ Name: mbox
Value: session#a093f009d9c84d248ae576acd46aabcc#1592816261|PC#a093f009d9c84d248ae576acd46aabcc.37_0#1656059201

4 Console Messages

Source Level URL
Text
console-api error URL: http://norton-refund.com/Request%20refund_files/cool-2.1.15.min.js.download(Line 13)
Message:
Cooladata error: 'cooladata' object not initialized. Ensure you are using the latest version of the Cooladata JS Library along with the snippet we provide.
console-api log URL: https://mylivechat.com/chatinline.aspx?hccid=36825054(Line 1)
Message:
[object HTMLScriptElement]
console-api log URL: https://s2.mylivechat.com/livechat2/script/livechatinit2.js(Line 1)
Message:
mlc v20191119a
console-api log URL: http://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js(Line 13)
Message:
You must name your new library: init(token, config, name)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.everesttech.net
dpm.demdex.net
fast.symantec.demdex.net
fonts.googleapis.com
mylivechat.com
nebula-cdn.kampyle.com
nexus.ensighten.com
norton-refund.com
now.symassets.com
om.norton.com
s2.mylivechat.com
support.norton.com
symantec.tt.omtrdc.net
udc-neb.kampyle.com
www.google-analytics.com
15.236.9.100
151.101.113.175
166.62.28.124
18.195.42.228
2.16.186.48
23.37.172.7
2a00:1450:4001:808::200a
2a00:1450:4001:817::200e
35.241.45.82
52.117.22.25
52.117.22.28
54.171.46.29
54.76.99.142
66.117.28.86
05d91117cb9546fe605e74a60e1ffe63dd2317e70a5429ca9cfdf22a80961e4f
0a22b874af2e8637851b7f7dc55192602a5ee3af1d8729497eb06e36733a96af
0a6e06c1af5bc256b78db3817faa0b6c503db7685c94d8a74f8bafe947f0047e
148f6ddd1795c842934bbe18e5812ab8f0f95f52c483a7ce86c24b84f2ade78a
2517489f477000913576ee175c9c1e21133ef5adbac0d2eec4a7fd922a52b500
28f2985c4fa7ab576d6278186d22db973202c61b41f5d5a6e1e58eaa3a87369e
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
315e14dcb98db7379ef0995fbe4d5b8d73de7ba0c23c83ea4cff7d2e7d6ab62d
37072a42526245f257b725698d7e70dfab281bfd00d38f1112dafd36a6e04176
3c9751201e8fa8141c02ddb56114d6c88aa1c6b6330411ee97e45772105f0b0b
3ccfb459c69fd68bf9a996043537f1a1a264ab6d89528fa722c697dbac8a2515
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
4944474737058eb6b23b6abcfb6af6c944e81e84990221389667d42abc639e79
4e2efdecd605e9e1844ec50b78125350be1f85aa1e62f7aae9f2ce3b5c01463d
4fd64fd469f1820b093856db25c5fd7a1b9d5510fc124ca173101eed121afbbe
56cdd79129dc2218446af392bb4aaf7f5bc6ff19989d7deb276adb2067deb6ed
5a2f7f723887eeffecb84c6e48cefe13d411f8c36ae2fd1a211686c29a49f6c3
5f47fba41730f297c88a6a1bcd30176565f8ca798c53447fdcd09366aa3c0d92
5fbf2b6280f08f2fdef91f81d2be55851540981ac802453b4aaa03e7c3c0c3ff
605526d5b8bab71c673019227b0fa55411de0d6b99a48b66623816c18a65e833
6205d3d751b72d38c7be1dddba99dd142c10f4a170b001ba853677a4e447d481
62ede3551644609cb48bab8702858adff28c59eada656c390e729342986a34f9
674d6953836f65882f91b490ed45024104d8a472627a690802aab4db0565bc48
78a71306ad77b7baa986bb63ca3aad8609b843d7adbaa7bd9d9a0bdc24d451ce
7d4b937783d3b4713bbbbb2381a057e7112807f257a7abe5ab4a140bd2f25c36
82e20898186f690514ac5e02f6e135c852ff48eba8c77c8f6ba983b205ae0afa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c43541fc4023f6be914e8603d2d2a4b7b69879172dcf5603d5525593139785
8587c91cae0e80976b294671e4a93fde0fc839d944a1f536263076829cbbc2d8
8b21959ac034bc5348c1a725fd220458d765d95e27daeb80478d8b0ecc640d93
94d1e6cf783de73325a1ac2826cdadbeebbe5cf7de78f50de736e9ec29a1f05f
953b072156790e377ca344e96eb38d5f5664083741c88bdcead3e9ca4cd08e9e
9c28255a4751f9bb7447d173b7c974f1dd50e9ce458ff10d3a6bbbb9be35f8c6
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3b7a6deb1a1425c1b34fce5f3254a2971b6be038912177128a56fc5db8ee180
a4bc4400fae1325f022e299d6eae2a752e24a2e585e90c7e290e60228f9ae2cb
a6c503a980841fa555a9bd8ca7d4e847bd69c42349fa1838fe2a5ad3b2d83275
a8f6fc6a37890580c0c5a2a8cccd532f9d91471d97e5d187ffa765d503625ce0
af59e3631d3abed0dae58a92731ce802d3ae775043fa3e031c9655677eda5662
b548b3f0d74461816ff49f23a4d1de0278cdcb17b77fdb58419a24bc4e029698
bb62cf8aac62f04731182c224d2e453e8af456fbeda189a9ac010bf929c3cbf8
bcfd955b8c4f9d34379c0a381bc70c866ae8cc3e0a729d8a0b9c1e493bff7cdc
c01b3088ac796cf4ba4aa2b14cac96c54961891b48f30781ddcc4562aa534db9
c3c64e6af6dc757501e020a9b4fb28aeb87417d661cd6d8b6f757dfc9406c3e7
c64f9d71df2dcfbc855781ce87ba1312ae0884e974488af33f6d919b8cd75b90
c7f87fd7417ff2e6b29df132bb4bd054fa5858e3071a24913e76b1da0a9cd5e7
c8b31e3ca73d2766544774245935464293a1f820d6be6e0bafe9f94c1b88e752
cd1f77da52f15bee084ad8b4daa1a279452c914d3c9f56c2e04e054d8a5a9712
d08e9088d1e91daf4e736d0ae8798fdb528c85b9d369caa0c623303563093d2c
d1bff1c2544bfa155fc5146a5eaa4a576570f2e3aa9a40a427719450131fe7ab
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dcbf8f0d5c159967266a290ccf0d3953739c7f49f75cac3e880fe2e7648b6073
e02c3469343c99e93b6005d80a0da177967ca0108364a0c154948c18b90df278
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5a17243e9ea6042ca6a2fe7cb9c62b6560a77040afa490cf0aa70d00622dfef
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fa9f0f9c7ce21153295f4afe392d90ffdc3d1c1708e8f4e024c8a3f03b6f1637
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fd39d091510ad73a5d9dce96a48bacc4bb5ccfa93b686b473d211869ada2d9e2
ff7032077d0e1cbe277d22d726435e51e4b2c56ee91ca812efebea41234926e6