us.norton.com Open in urlscan Pro
2a02:26f0:f700:4a1::1015 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://us.norton.com/blog/online-scams/romance-scams
Submission: On February 01 via api (February 1st 2023, 4:07:37 pm UTC) from ZA — Scanned from DE

Summary HTTP 216 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 75 IPs in 8 countries across 56 domains to perform 216 HTTP transactions. The main IP is 2a02:26f0:f700:4a1::1015, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is us.norton.com. The Cisco Umbrella rank of the primary domain is 15424.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 15th 2022. Valid for: 7 months.

This is the only time us.norton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2a02:26f0:f70... 2a02:26f0:f700:4a1::1015	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:f70... 2a02:26f0:f700:481::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	3.124.119.57 3.124.119.57	16509 (AMAZON-02) (AMAZON-02)
2	54.195.228.119 54.195.228.119	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:f70... 2a02:26f0:f700:397::1015	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.21.184.120 2.21.184.120	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:206... 2600:9000:206f:7200:1:996f:a9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:34fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.49.9.98 52.49.9.98	16509 (AMAZON-02) (AMAZON-02)
1 1	18.201.4.185 18.201.4.185	16509 (AMAZON-02) (AMAZON-02)
1	13.37.25.97 13.37.25.97	16509 (AMAZON-02) (AMAZON-02)
1	34.251.173.23 34.251.173.23	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f18:e8a... 2600:1f18:e8a:cd06:e361:a2ce:b047:17c	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1 7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 7	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2 9	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:4e:1... 2620:1ec:4e:1::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
1	23.203.125.62 23.203.125.62	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:f70... 2a02:26f0:f700:6::216:5929	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1)
4	88.221.92.25 88.221.92.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a04:4e42:41::84 2a04:4e42:41::84	54113 (FASTLY) (FASTLY)
2	44.236.243.137 44.236.243.137	16509 (AMAZON-02) (AMAZON-02)
1	18.66.15.102 18.66.15.102	16509 (AMAZON-02) (AMAZON-02)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1 1	216.200.122.11 216.200.122.11	6461 (ZAYO-6461) (ZAYO-6461)
4 4	172.217.19.102 172.217.19.102	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 1	67.231.146.66 67.231.146.66	26211 (PROOFPOIN...) (PROOFPOINT-ASN-US-WEST)
1 2	3.230.17.182 3.230.17.182	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
4	23.62.220.203 23.62.220.203	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.174.23.214 54.174.23.214	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:249... 2600:9000:2490:ac00:a:b27c:d040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:10e... 2a02:26f0:10e::6860:5baa	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.90.79.92 34.90.79.92	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:230... 2600:9000:2304:ac00:12:1bcc:1d00:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
3	151.101.65.175 151.101.65.175	54113 (FASTLY) (FASTLY)
1	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.193.140 151.101.193.140	54113 (FASTLY) (FASTLY)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
2	20.13.96.71 20.13.96.71	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
2	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
5	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:9000:21c... 2600:9000:21c7:bc00:0:cc59:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.69.21.176 54.69.21.176	16509 (AMAZON-02) (AMAZON-02)
1	54.172.102.151 54.172.102.151	14618 (AMAZON-AES) (AMAZON-AES)
1	52.19.8.86 52.19.8.86	16509 (AMAZON-02) (AMAZON-02)
2	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
1	34.95.127.121 34.95.127.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:f... 2600:1901:0:f541::	15169 (GOOGLE) (GOOGLE)
1	34.149.118.76 34.149.118.76	15169 (GOOGLE) (GOOGLE)
1	34.102.242.33 34.102.242.33	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.117.93.237 34.117.93.237	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	35.222.211.90 35.222.211.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.107.191.194 34.107.191.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.193.48 34.102.193.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.245.150.46 54.245.150.46	() ()
2	34.66.3.160 34.66.3.160	() ()
216	75

31 2a02:26f0:f700:4a1::1015 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

us.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
now.symassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:481::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com

ensighten.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.228.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-228-119.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:397::1015 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

www.nortonlifelock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.184.120 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-184-120.deploy.static.akamaitechnologies.com

buy.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:7200:1:996f:a9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

spider.australiarevival.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.9.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-9-98.eu-west-1.compute.amazonaws.com

symantec.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.201.4.185 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-201-4-185.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.37.25.97 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

oms.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.173.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-173-23.eu-west-1.compute.amazonaws.com

symantec.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:e8a:cd06:e361:a2ce:b047:17c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

bite.australiarevival.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80e::2002 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:4e:1::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.125.62 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-62.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f700:6::216:5929 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.221.92.25 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-92-25.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:41::84 (Vienna, Austria)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.236.243.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-243-137.us-west-2.compute.amazonaws.com

app.leadsrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-102.vie50.r.cloudfront.net

tag.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.122.11 (Reno, United States) 1 redirects

ASN6461 (ZAYO-6461, US)
PTR: 216.200.122.11.IPYX-141870-ZYO.zip.zayo.com

gwmtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.19.102 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f102.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.231.146.66 (United States) 1 redirects

ASN26211 (PROOFPOINT-ASN-US-WEST, US)
PTR: urldefense.proofpoint.com

urldefense.proofpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.230.17.182 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-17-182.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.62.220.203 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-203.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.174.23.214 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-23-214.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:ac00:a:b27c:d040:93a1 (United States)

ASN16509 (AMAZON-02, US)

ext.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10e::6860:5baa (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.90.79.92 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 92.79.90.34.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:ac00:12:1bcc:1d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.knotch-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21c7:bc00:0:cc59:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

web.chtbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.21.176 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-21-176.us-west-2.compute.amazonaws.com

event.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.172.102.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-102-151.compute-1.amazonaws.com

aq-swa-api.knotch.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.8.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-8-86.eu-west-1.compute.amazonaws.com

norton.ow5a.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:f541:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

image.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.118.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.118.149.34.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.242.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.242.102.34.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.93.237 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 237.93.117.34.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.222.211.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.211.222.35.bc.googleusercontent.com

norton-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.191.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.191.107.34.bc.googleusercontent.com

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.bouncex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.245.150.46 (None, )

ASN- ()

cookie.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.66.3.160 (None, )

ASN- ()

rl.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	norton.com us.norton.com — Cisco Umbrella Rank: 15424 ensighten.norton.com — Cisco Umbrella Rank: 146165 buy.norton.com — Cisco Umbrella Rank: 158410 oms.norton.com — Cisco Umbrella Rank: 77970	606 KB
26	symassets.com now.symassets.com — Cisco Umbrella Rank: 150836	1 MB
14	doubleclick.net 6 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 ad.doubleclick.net — Cisco Umbrella Rank: 184	8 KB
13	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4470 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	3 KB
10	google.de www.google.de — Cisco Umbrella Rank: 5986	1 KB
10	quantummetric.com cdn.quantummetric.com — Cisco Umbrella Rank: 2490 norton-app.quantummetric.com — Cisco Umbrella Rank: 109839 rl.quantummetric.com	89 KB
9	australiarevival.com spider.australiarevival.com — Cisco Umbrella Rank: 56500 bite.australiarevival.com — Cisco Umbrella Rank: 47027	34 KB
7	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 1881 api.bounceexchange.com — Cisco Umbrella Rank: 2159	147 KB
7	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 351 c.bing.com — Cisco Umbrella Rank: 241	26 KB
6	bouncex.net events.bouncex.net — Cisco Umbrella Rank: 1784	698 B
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	360 KB
5	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4140 udc-neb.kampyle.com — Cisco Umbrella Rank: 2002	104 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	21 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1200 c.clarity.ms — Cisco Umbrella Rank: 1691 k.clarity.ms — Cisco Umbrella Rank: 8424	21 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	296 B
4	cdnbasket.net image.cdnbasket.net — Cisco Umbrella Rank: 12455 data.cdnbasket.net — Cisco Umbrella Rank: 4163 page.cdnbasket.net — Cisco Umbrella Rank: 4166 view.cdnbasket.net — Cisco Umbrella Rank: 4165	1 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353 www.linkedin.com — Cisco Umbrella Rank: 575 px4.ads.linkedin.com — Cisco Umbrella Rank: 6074	3 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 779	2 KB
4	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 776	100 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	264 KB
3	chtbl.com ext.chtbl.com — Cisco Umbrella Rank: 17150 web.chtbl.com — Cisco Umbrella Rank: 16545	5 KB
3	havasedge.com tag.havasedge.com — Cisco Umbrella Rank: 26385 event.havasedge.com — Cisco Umbrella Rank: 20693 cookie.havasedge.com	25 KB
3	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 2507 tr.outbrain.com — Cisco Umbrella Rank: 2418	7 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 197 symantec.demdex.net — Cisco Umbrella Rank: 114260	5 KB
2	cdnwidget.com ids.cdnwidget.com — Cisco Umbrella Rank: 3222 e.cdnwidget.com — Cisco Umbrella Rank: 10385	298 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 623	612 B
2	t.co t.co — Cisco Umbrella Rank: 531	580 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2567
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2156	1 KB
2	leadsrx.com app.leadsrx.com — Cisco Umbrella Rank: 8620	19 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 724	20 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 471	7 KB
2	paypal.com www.paypal.com — Cisco Umbrella Rank: 2392 t.paypal.com — Cisco Umbrella Rank: 3176	7 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 167	3 KB
1	ojrq.net www.ojrq.net — Cisco Umbrella Rank: 5359	448 B
1	ow5a.net norton.ow5a.net — Cisco Umbrella Rank: 292002	980 B
1	knotch.it aq-swa-api.knotch.it — Cisco Umbrella Rank: 7606	198 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1195	631 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1512	157 B
1	knotch-cdn.com www.knotch-cdn.com — Cisco Umbrella Rank: 8890	9 KB
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4016	781 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 707	5 KB
1	adxcel-ec2.com data.adxcel-ec2.com — Cisco Umbrella Rank: 3666	131 B
1	ispot.tv pt.ispot.tv — Cisco Umbrella Rank: 2135	314 B
1	proofpoint.com 1 redirects urldefense.proofpoint.com — Cisco Umbrella Rank: 9892	187 B
1	gwmtracking.com 1 redirects gwmtracking.com — Cisco Umbrella Rank: 18423	388 B
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 2980	14 KB
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4478	15 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1394	8 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2478	6 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 5048	12 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 625	15 KB
1	omtrdc.net symantec.tt.omtrdc.net — Cisco Umbrella Rank: 124429	3 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1000	517 B
1	nortonlifelock.com www.nortonlifelock.com — Cisco Umbrella Rank: 42376	25 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 475	61 KB
216	56

	Domain	Requested by
26	now.symassets.com	us.norton.com now.symassets.com
22	ensighten.norton.com	us.norton.com ensighten.norton.com
10	www.google.de	us.norton.com
9	www.google.com	2 redirects us.norton.com
8	bite.australiarevival.com	ensighten.norton.com us.norton.com
7	norton-app.quantummetric.com	cdn.quantummetric.com
7	googleads.g.doubleclick.net	2 redirects ensighten.norton.com
6	events.bouncex.net
6	bat.bing.com	us.norton.com bat.bing.com ensighten.norton.com
6	www.googletagmanager.com	ensighten.norton.com
5	assets.bounceexchange.com	ensighten.norton.com
5	www.google-analytics.com	ensighten.norton.com
5	www.facebook.com	us.norton.com
5	us.norton.com	us.norton.com ensighten.norton.com
4	ct.pinterest.com	ensighten.norton.com
4	ad.doubleclick.net	4 redirects
4	analytics.tiktok.com	ensighten.norton.com
4	connect.facebook.net	ensighten.norton.com
3	nebula-cdn.kampyle.com	ensighten.norton.com
3	stats.g.doubleclick.net	ensighten.norton.com
2	rl.quantummetric.com	cdn.quantummetric.com
2	api.bounceexchange.com	ensighten.norton.com
2	udc-neb.kampyle.com	ensighten.norton.com
2	px.ads.linkedin.com	2 redirects
2	web.chtbl.com	ensighten.norton.com
2	analytics.twitter.com
2	t.co
2	us-central1-adaptive-growth.cloudfunctions.net	ensighten.norton.com
2	tr.outbrain.com	ensighten.norton.com
2	trkn.us	1 redirects
2	adservice.google.com
2	app.leadsrx.com	ensighten.norton.com
2	s.pinimg.com	ensighten.norton.com
2	s.yimg.com	ensighten.norton.com
2	c.clarity.ms	1 redirects us.norton.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.googleadservices.com	ensighten.norton.com
2	region1.analytics.google.com	ensighten.norton.com
2	buy.norton.com	ensighten.norton.com
2	dpm.demdex.net	assets.adobedtm.com us.norton.com
1	cookie.havasedge.com	ensighten.norton.com
1	e.cdnwidget.com
1	ids.cdnwidget.com	ensighten.norton.com
1	view.cdnbasket.net	ensighten.norton.com
1	page.cdnbasket.net	ensighten.norton.com
1	data.cdnbasket.net	ensighten.norton.com
1	image.cdnbasket.net	ensighten.norton.com
1	www.ojrq.net
1	norton.ow5a.net	ensighten.norton.com
1	aq-swa-api.knotch.it	ensighten.norton.com
1	event.havasedge.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	sp.analytics.yahoo.com
1	t.paypal.com
1	alb.reddit.com
1	k.clarity.ms	www.clarity.ms
1	www.knotch-cdn.com	ensighten.norton.com
1	tag.simpli.fi	ensighten.norton.com
1	snap.licdn.com	ensighten.norton.com
1	ext.chtbl.com	ensighten.norton.com
1	data.adxcel-ec2.com
1	pt.ispot.tv
1	urldefense.proofpoint.com	1 redirects
1	gwmtracking.com	1 redirects
1	d.impactradius-event.com	ensighten.norton.com
1	tag.havasedge.com	ensighten.norton.com
1	tag.wknd.ai	ensighten.norton.com
1	www.redditstatic.com	ensighten.norton.com
1	www.paypal.com	ensighten.norton.com
1	cdn.pdst.fm	ensighten.norton.com
1	websdk.appsflyer.com	ensighten.norton.com
1	amplify.outbrain.com	ensighten.norton.com
1	static.ads-twitter.com	ensighten.norton.com
1	c.bing.com	1 redirects
1	symantec.tt.omtrdc.net	ensighten.norton.com
1	oms.norton.com	us.norton.com
1	cm.everesttech.net	1 redirects
1	symantec.demdex.net	ensighten.norton.com
1	cdn.quantummetric.com	ensighten.norton.com
1	spider.australiarevival.com	ensighten.norton.com
1	www.nortonlifelock.com	assets.adobedtm.com
1	assets.adobedtm.com	us.norton.com
216	83

This site contains links to these domains. Also see Links.

Domain
buy.norton.com
login.norton.com
my.norton.com
www.lifelock.com
support.norton.com
community.norton.com
www.statista.com
www.ic3.gov
www.ftc.gov
reportfraud.ftc.gov
www.bbbmarketplacetrust.org
bbbfoundation.images.worldnow.com
www.nortonlifelock.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
updatecenter.norton.com
status.norton.com

Subject Issuer	Validity	Valid
www.norton.com DigiCert SHA2 Extended Validation Server CA	`2022-09-15` - `2023-04-19`	7 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
ensighten.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-12` - `2023-07-28`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.australiarevival.com Amazon	`2022-12-11` - `2024-01-10`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-10` - `2023-02-08`	3 months	crt.sh
oms.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-01` - `2023-10-02`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-12-01` - `2023-12-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-22` - `2023-09-24`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2023-01-28` - `2023-04-28`	3 months	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-19` - `2023-03-08`	2 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2022-12-15` - `2024-01-15`	a year	crt.sh
tag.wknd.ai R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.leadsrx.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-05` - `2023-05-06`	a year	crt.sh
*.havasedge.com Go Daddy Secure Certificate Authority - G2	`2022-08-08` - `2023-09-09`	a year	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2024-01-06`	a year	crt.sh
*.ispot.tv R3	`2023-01-14` - `2023-04-14`	3 months	crt.sh
adxcel-ec2.com Amazon	`2022-10-18` - `2023-11-16`	a year	crt.sh
ext.chtbl.com Amazon	`2022-11-24` - `2023-12-22`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
www.knotch-cdn.com Amazon	`2022-08-16` - `2023-09-14`	a year	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-26` - `2023-12-28`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
misc.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2023-01-25` - `2023-04-25`	3 months	crt.sh
web.chtbl.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
*.knotch.it Amazon	`2022-07-25` - `2023-08-23`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
pkof.net Amazon RSA 2048 M01	`2023-01-24` - `2024-02-22`	a year	crt.sh
*.ojrq.net Sectigo RSA Domain Validation Secure Server CA	`2022-12-09` - `2024-01-07`	a year	crt.sh
image.cdnbasket.net GTS CA 1D4	`2023-01-22` - `2023-04-22`	3 months	crt.sh
data.cdnbasket.net GTS CA 1D4	`2023-01-23` - `2023-04-24`	3 months	crt.sh
page.cdnbasket.net GTS CA 1D4	`2023-01-22` - `2023-04-22`	3 months	crt.sh
view.cdnbasket.net GTS CA 1D4	`2023-01-22` - `2023-04-22`	3 months	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-18` - `2024-02-13`	a year	crt.sh
ids.cdnwidget.com R3	`2023-02-01` - `2023-05-02`	3 months	crt.sh
e.cdnwidget.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
*.wunderkind.co R3	`2022-12-11` - `2023-03-11`	3 months	crt.sh
rl.quantummetric.com R3	`2023-01-25` - `2023-04-25`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://us.norton.com/blog/online-scams/romance-scams
Frame ID: D782C8265016BD340C899C7FE44A0850
Requests: 194 HTTP requests in this frame

Frame: https://symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: AA045B3343831483010C9E0DDC757C05
Requests: 1 HTTP requests in this frame

Frame: https://bat.bing.com/bat.js
Frame ID: CA6B5A9D534812876E6D00B7FE97DC46
Requests: 7 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: EE1FB30745608F496C75E6EACD77C29C
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: FE1EFA6E1171BD45C77DA985DC67103C
Requests: 1 HTTP requests in this frame

Frame: https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&t=1675267646152&v=1675267646328&z=1&S=0&N=0&P=0
Frame ID: 728623781E0ABA9371E0960151A09602
Requests: 8 HTTP requests in this frame

Frame: https://cookie.havasedge.com/bsync?guid=0d24d362-9133-4cf0-8e7e-be8762f0510a
Frame ID: 36648F832BA58DFAED9EDA022AF824E4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Romance scams in 2023 + online dating statistics - Norton

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc/designs/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

216
Requests

96 %
HTTPS

37 %
IPv6

56
Domains

83
Subdomains

75
IPs

8
Countries

3238 kB
Transfer

8658 kB
Size

102
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://buy.norton.com/estore/landingPage
Title: 1 Shopping Cart

Search URL Search Domain Scan URL

URL: https://login.norton.com/
Title: Sign In

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home
Title: Account

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/billinginformation
Title: Billing Info

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/orders
Title: Order History

Search URL Search Domain Scan URL

URL: https://my.norton.com/onboard/home/setup
Title: Enter your Product Key

Search URL Search Domain Scan URL

URL: https://www.lifelock.com/lp/sh/llo-chart/
Title: LifeLock Identity Protection

Search URL Search Domain Scan URL

URL: https://support.norton.com/
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://community.norton.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://my.norton.com/onboard/home/download
Title: Go to Account

Search URL Search Domain Scan URL

URL: https://www.statista.com/outlook/dmo/eservices/dating-services/online-dating/united-states#analyst-opinion
Title: more than 57 million people

Search URL Search Domain Scan URL

URL: https://www.ic3.gov/Media/PDF/AnnualReport/2021_IC3Report.pdf
Title: FBI

Search URL Search Domain Scan URL

URL: https://www.ftc.gov/news-events/data-visualizations/data-spotlight/2022/02/reports-romance-scams-hit-record-highs-2021
Title: $547 million

Search URL Search Domain Scan URL

URL: https://reportfraud.ftc.gov/#/
Title: FTC

Search URL Search Domain Scan URL

URL: https://www.ic3.gov/
Title: FBI

Search URL Search Domain Scan URL

URL: https://www.ftc.gov/news-events/data-visualizations/data-spotlight/2022/01/social-media-gold-mine-scammers-2021
Title: FTC, January 2022

Search URL Search Domain Scan URL

URL: https://www.bbbmarketplacetrust.org/riskreport
Title: BBB 2020 Scam Tracker Risk Report

Search URL Search Domain Scan URL

URL: https://www.ftc.gov/system/files/documents/reports/protecting-older-consumers-2020-2021-report-federal-trade-commission/protecting-older-consumers-report-508.pdf
Title: FTC 2020-2021 Protecting Older Consumers Report

Search URL Search Domain Scan URL

URL: https://bbbfoundation.images.worldnow.com/library/259c7333-0fb3-4bc0-a059-4b116594c473.pdf
Title: BBB 2021 Scam Tracker Risk Report

Search URL Search Domain Scan URL

URL: https://www.ic3.gov/Media/PDF/AnnualReport/2021State/StateReport.aspx#?s=6
Title: FBI, 2021 State Report

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/blogs/norton-labs/stalkerware-rise?_gl=1*456srs*_ga4_ga*LU5BeXRXa1ZFcGtPRUVOMDhMNTI.*_ga4_ga_FG3M2ET3ED*LU5FNmxoQ2t0YW55M05GM0lHbE0uODAuMS4xNjY1NTA2ODI1LjE0LjAuMA..
Title: 2021 Norton Cyber Safety Insights Report

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Norton

Search URL Search Domain Scan URL

URL: https://twitter.com/norton

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/norton

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nortonsecurity/

Search URL Search Domain Scan URL

URL: http://updatecenter.norton.com/
Title: Norton Update Center

Search URL Search Domain Scan URL

URL: https://community.norton.com/en
Title: Community

Search URL Search Domain Scan URL

URL: https://www.lifelock.com/
Title: LifeLock by Norton

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/
Title: NortonLifeLock

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/about/legal
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/about/legal/terms-of-use
Title: Website Terms of Use

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/about/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/accessibility-policy/
Title: Accessibility Policy

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/sitemap
Title: Site Map

Search URL Search Domain Scan URL

URL: https://status.norton.com/
Title: System Status

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/us/en/privacy/cookies-and-analytics/
Title: Learn more

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://cm.everesttech.net/cm/dd?d_uuid=25239769532810703113708529254822305178 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9qOOgAAADjinAN-

Request Chain 69

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=2003366446&cv=11&fst=1675267643085&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&gtm_ee=1&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=O47aY4ruCOismLAP1Pql-A8&sscte=1&crd=&pscrd=Ek5DaEVJZ0xqb25nWVFuUHEyZzg2NjRmalVBUklsQUVPUldnTzRWWWxSbDNGOUdDVTkxLTd0X0E4NHhLTEN1c2xsRFphZWpGUXpPRzFMNEEaV0NoQUlnTGpvbmdZUW90R1ZtYUtoa3NwREVpMEFRQlNZZDVJNjZRTlNQNGZtdU1CaS1xN285d0RPRDZKY0JsREVGelBWVHhsZjhUVzNhZDdZZzVNWTJ2RQ HTTP 302
https://www.google.com/pagead/1p-conversion/1043330685/?random=2003366446&cv=11&fst=1675267643085&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&gtm_ee=1&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0xqb25nWVFuUHEyZzg2NjRmalVBUklsQUVPUldnTzRWWWxSbDNGOUdDVTkxLTd0X0E4NHhLTEN1c2xsRFphZWpGUXpPRzFMNEEaV0NoQUlnTGpvbmdZUW90R1ZtYUtoa3NwREVpMEFRQlNZZDVJNjZRTlNQNGZtdU1CaS1xN285d0RPRDZKY0JsREVGelBWVHhsZjhUVzNhZDdZZzVNWTJ2RQ&is_vtc=1&ocp_id=O47aY4ruCOismLAP1Pql-A8&random=1845689484 HTTP 302
https://www.google.de/pagead/1p-conversion/1043330685/?random=2003366446&cv=11&fst=1675267643085&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&gtm_ee=1&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0xqb25nWVFuUHEyZzg2NjRmalVBUklsQUVPUldnTzRWWWxSbDNGOUdDVTkxLTd0X0E4NHhLTEN1c2xsRFphZWpGUXpPRzFMNEEaV0NoQUlnTGpvbmdZUW90R1ZtYUtoa3NwREVpMEFRQlNZZDVJNjZRTlNQNGZtdU1CaS1xN285d0RPRDZKY0JsREVGelBWVHhsZjhUVzNhZDdZZzVNWTJ2RQ&is_vtc=1&ocp_id=O47aY4ruCOismLAP1Pql-A8&random=1845689484&ipr=y&prhg=0

Request Chain 74

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=E2706D4B049445DD891803F69DC3DA89&RedC=c.clarity.ms&MXFR=08B3323D7D5D6F3E16512096795D61BE HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=E2706D4B049445DD891803F69DC3DA89&MUID=23F55E8A65676AB612214C2164EC6B8D

Request Chain 100

https://gwmtracking.com/p/v/1/59bc0993f8708105b27e9bf1/format/img HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9309239;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9309239;dc_pre=CIeusqfa9PwCFT9LkQUd-JQJsg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CIeusqfa9PwCFT9LkQUd-JQJsg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 101

https://urldefense.proofpoint.com/v2/url?u=https-3A__trkn.us_pixel_conv_ppt-3D5476-3Bg-3Dsitewide-3Bgid-3D21516-3Bord-3D-5Buniqueid-5D&d=DwIGAg&c=GC0NZZhaEw6GOQSjMHI2g15k_drElRoPmOYiK2k0eZ8&r=Ee60g2IVWH4ilx5qVtN5SWhZ_dp83IhavcKtQdRHVR0&m=6acsyUwmRa9pAPbejHWFamACbRxd9ZuTHzjRaskDlck&s=Cg0u3-75AdqpvrktwMVS9VI00PPkNNPjHSunAIvUfUY&e= HTTP 302
https://trkn.us/pixel/conv/ppt=5476;g=sitewide;gid=21516;ord=[uniqueid] HTTP 302
https://trkn.us/pixel/conv/ppt=5476;g=sitewide;gid=21516;ord=[uniqueid];ip=138.199.38.132;cuidchk=1

Request Chain 122

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=717367639&cv=11&fst=1675267644133&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=sale&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&gtm_ee=1&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dromance-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=PI7aY-3pCYPTmwfCrY6oBQ&sscte=1&crd=&pscrd=Ek5DaEVJZ0xqb25nWVFuUHEyZzg2NjRmalVBUklsQUVPUldnTzRWWWxSbDNGOUdDVTkxLTd0X0E4NHhLTEN1c2xsRFphZWpGUXpPRzFMNEEaV0NoQUlnTGpvbmdZUW90R1ZtYUtoa3NwREVpMEFRQlNZZDl5Um4xeXFYMVlZd09YSlJGZDBhb2d1TG0wQlRFWjBLZjZya3J0TkNVSkJyX00zSGpWWENqOA HTTP 302
https://www.google.com/pagead/1p-conversion/1043330685/?random=717367639&cv=11&fst=1675267644133&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=sale&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&gtm_ee=1&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dromance-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0xqb25nWVFuUHEyZzg2NjRmalVBUklsQUVPUldnTzRWWWxSbDNGOUdDVTkxLTd0X0E4NHhLTEN1c2xsRFphZWpGUXpPRzFMNEEaV0NoQUlnTGpvbmdZUW90R1ZtYUtoa3NwREVpMEFRQlNZZDl5Um4xeXFYMVlZd09YSlJGZDBhb2d1TG0wQlRFWjBLZjZya3J0TkNVSkJyX00zSGpWWENqOA&is_vtc=1&ocp_id=PI7aY-3pCYPTmwfCrY6oBQ&cid=CAQSKQDUE5ymn2CY7EXNpyljOQUewH26OK5GI1Wlyzjst6WYzylOi3hG7NUF&random=254280674 HTTP 302
https://www.google.de/pagead/1p-conversion/1043330685/?random=717367639&cv=11&fst=1675267644133&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=sale&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&gtm_ee=1&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dromance-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0xqb25nWVFuUHEyZzg2NjRmalVBUklsQUVPUldnTzRWWWxSbDNGOUdDVTkxLTd0X0E4NHhLTEN1c2xsRFphZWpGUXpPRzFMNEEaV0NoQUlnTGpvbmdZUW90R1ZtYUtoa3NwREVpMEFRQlNZZDl5Um4xeXFYMVlZd09YSlJGZDBhb2d1TG0wQlRFWjBLZjZya3J0TkNVSkJyX00zSGpWWENqOA&is_vtc=1&ocp_id=PI7aY-3pCYPTmwfCrY6oBQ&cid=CAQSKQDUE5ymn2CY7EXNpyljOQUewH26OK5GI1Wlyzjst6WYzylOi3hG7NUF&random=254280674&ipr=y&prhg=0

Request Chain 135

https://ad.doubleclick.net/activity;src=8136487;type=;cat=;gtm=2od1u0;auiddc=750452346.1675267643;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams;u2=internetsecurity;u3=romance-scams;u4=missing;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CPDRqafa9PwCFdJKkQUdUQAIvg;src=8136487;type=;cat=;gtm=2od1u0;auiddc=750452346.1675267643;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams;u2=internetsecurity;u3=romance-scams;u4=missing;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CPDRqafa9PwCFdJKkQUdUQAIvg;src=8136487;type=;cat=;gtm=2od1u0;auiddc=*;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams;u2=internetsecurity;u3=romance-scams;u4=missing;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams

Request Chain 143

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1675267644837&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2504060%26time%3D1675267644837%26url%3Dhttps%253A%252F%252Fus.norton.com%252Fblog%252Fonline-scams%252Fromance-scams%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1675267644837&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1675267644837&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&liSync=true&e_ipv6=AQKcd8x9xZCwZgAAAYYNu6JKzh36oloi9HNu5MC22g-KwNKv4RLbYo4z8scDRc0pXOfzi0EUyIZnRhyvFfZkz9s5BO0s

216 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request romance-scams Show response
us.norton.com/blog/online-scams/ 109 KB
22 KB 275ms
92ms Document
text/html 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

fe3f62f6ed85a3a4e9ea4d1c831911f5c6e46ac5a4ba0f2ef98e2edc24aab415

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 21997
content-type: text/html; charset=UTF-8
date: Wed, 01 Feb 2023 16:07:20 GMT
etag: "1b4cc-5f393fe626fe1-gzip"
last-modified: Tue, 31 Jan 2023 19:03:57 GMT
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 SSV-Latin.woff2
us.norton.com/etc/designs/global/libs-global/head/styles/fonts/source-sans-variable/ 61 KB
61 KB 100ms
74ms Font
application/octet-stream 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc/designs/global/libs-global/head/styles/fonts/source-sans-variable/SSV-Latin.woff2

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

da23a7c47865d7cf47ef0d8d1931c45d02a56bdcfaf2549fed8aeb7924458990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.norton.com/blog/online-scams/romance-scams
Origin: https://us.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 16:07:20 GMT
last-modified: Thu, 07 Oct 2021 05:17:42 GMT
server: Apache
etag: "f2c0-5cdbc61dc4c00"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: https://us.norton.com
cache-control: max-age=31458891
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 18:42:11 GMT

GET
H2 200 head.min.iMaaCnF_KffjMK_H6ziMvQ==.css
now.symassets.com/etc/designs/norton/libs-rover/ 344 KB
53 KB 224ms
49ms Stylesheet
text/css 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://now.symassets.com/etc/designs/norton/libs-rover/head.min.iMaaCnF_KffjMK_H6ziMvQ==.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

0d920ace95c6801258c49c7e07a8eefc5d5a311b42bfda164085c946a3db7890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 16:07:20 GMT
last-modified: Tue, 06 Dec 2022 12:29:52 GMT
server: Apache
etag: "55f84-5ef27f5f6f9ef-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=362573
accept-ranges: bytes
content-length: 54091
x-xss-protection: 1; mode=block
expires: Sun, 05 Feb 2023 20:50:13 GMT

GET
H2 200 launch-EN1cc7556280444b10a3c687a73ed01baa.min.js Show response
assets.adobedtm.com/ 184 KB
61 KB 189ms
28ms Script
application/x-javascript 2a02:26f0:f700:481::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:481::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: eb75e41d34de9f75ccb1fcb34df8ed1c6cb131309942518a30d0a228341078d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
content-encoding: gzip
last-modified: Mon, 09 Jan 2023 18:09:36 GMT
server: AkamaiNetStorage
etag: "f7c3e5d36a96fbe703ed1e82ec606f95:1673287776.82374"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://us.norton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 61968
expires: Wed, 01 Feb 2023 17:07:21 GMT

GET
H2 200 Bootstrap.js Show response
ensighten.norton.com/symantec/aemprod/ 605 KB
104 KB 172ms
15ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 48c6d8dc5116fb7f5a1e5441084b8744d8a06be4bccba4abd0dd06bed731fed2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
x-amz-version-id: P2bIRRzejj3TSss8Q9y6HqPD8Q.azvZO
content-encoding: br
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 59938
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 31 Jan 2023 23:27:54 GMT
server: nginx
etag: W/"1267cad25b6e71092fe44856f3c1338c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: c0xBUzzFdrj8Z-SGa2k13fTiHO5eGWIiAxrGWzzCUIgqyg3Az3F10w==

GET
H2 200 icon_myaccount.svg
now.symassets.com/content/dam/cb/icons/ 2 KB
1 KB 75ms
72ms Image
image/svg+xml 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://now.symassets.com/content/dam/cb/icons/icon_myaccount.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

9cae17c82ee21eebeb7713ea50198ae11522924f892e3ea70d0e38ae84a70f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Wed, 28 Sep 2022 11:51:16 GMT
server: Apache
etag: "929-5e9bb60d7c601"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=30430465
accept-ranges: bytes
content-length: 974
x-xss-protection: 1; mode=block
expires: Fri, 19 Jan 2024 21:01:46 GMT

GET
H2 200 icon_download.svg
now.symassets.com/content/dam/cb/icons/ 2 KB
1 KB 74ms
69ms Image
image/svg+xml 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://now.symassets.com/content/dam/cb/icons/icon_download.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

0e4a963fe1cee39c93b6825081d3d05f94b3155efcd9eebb92e833ee899fc8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Fri, 30 Sep 2022 17:47:11 GMT
server: Apache
etag: "857-5e9e89569258a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=29931020
accept-ranges: bytes
content-length: 898
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 02:17:41 GMT

GET
H2 200 romance-scams-hero.jpg
now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/ 53 KB
53 KB 127ms
123ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/romance-scams-hero.jpg
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 115cb63056e2b500e9f3530a9cb69a58120b5882b1f4a0aa33498b43f1e1ae76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 19:42:06 GMT
server: Akamai Image Manager
etag: W/"2262a-5ecaa44d64f17"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31536000
expires: Thu, 01 Feb 2024 16:07:21 GMT

GET
H2 200 how-a-romance-scam-works-1.png
now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/ 35 KB
35 KB 188ms
184ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/how-a-romance-scam-works-1.png
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 53df60d58ca3faca1d93bb137bbdbc81938ae47e7f1c74be115337d2583a34b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 19:42:11 GMT
x-serial: 796
server: Akamai Image Manager
x-check-cacheable: YES
etag: W/"14767-5ecaa451e5853"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31536000
expires: Thu, 01 Feb 2024 16:07:21 GMT

GET
H2 200 romance-scams-warning-signs.png
now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/ 63 KB
62 KB 195ms
190ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/romance-scams-warning-signs.png
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 38e2b19b3e07d192b056babfd7fc4b9238eb64c66f66622188306eb5ea462454

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 19:41:45 GMT
x-serial: 678
server: Akamai Image Manager
x-check-cacheable: YES
etag: "20ac7-5ecaa4277f929"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31536000
expires: Thu, 01 Feb 2024 16:07:21 GMT

GET
H2 200 dos-and-donts-of-online-dating.png
now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/ 108 KB
103 KB 236ms
232ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/dos-and-donts-of-online-dating.png
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 57f2146f4941cd623c75deec4575d2b9586f2ccea83a20b315e9d88135a14d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 19:41:34 GMT
server: Akamai Image Manager
etag: W/"304c4-5ecaa42779781"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31535980
expires: Thu, 01 Feb 2024 16:07:01 GMT

GET
H2 200 heartbreaking-statistics2.png
now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/ 60 KB
58 KB 198ms
197ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/heartbreaking-statistics2.png
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 080d96309447233e41d65a301aae0469edd76d69a9821b2c64937c28b18f81cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 19:41:30 GMT
x-serial: 1151
server: Akamai Image Manager
x-check-cacheable: YES
etag: W/"22c5a-5ecaa42796470"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31535961
expires: Thu, 01 Feb 2024 16:06:42 GMT

GET
H2 200 romance-scams-infographic.jpg
now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/ 659 KB
648 KB 157ms
155ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/romance-scams-infographic.jpg
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: d2ea3eece2e62ee245610c1cab7ecece6b09b0728c3765fa855ffda653720cba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 13:11:23 GMT
x-serial: 1042
server: Akamai Image Manager
x-check-cacheable: YES
etag: W/"baff5-5edbe70cb1816"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31535987
expires: Thu, 01 Feb 2024 16:07:08 GMT

GET
H2 200 img_divider_lines_980x4.png
now.symassets.com/content/dam/norton/global/images/non-product/misc/ 104 B
312 B 97ms
95ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/misc/img_divider_lines_980x4.png
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 258f47a5d9d710952c524bf509a8f3be602e29878880c6816ad7cb3407521578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Thu, 03 Feb 2022 08:09:35 GMT
server: Akamai Image Manager
etag: "ab0-5d3e769721543"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=21618854
content-length: 104
expires: Mon, 09 Oct 2023 21:21:35 GMT

GET
H2 200 icon_fb_k_12x25.png
now.symassets.com/content/dam/norton/global/images/non-product/icons/ 202 B
416 B 109ms
107ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/icons/icon_fb_k_12x25.png
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: a96b2d19756b066a008c96fd3cfc8ab69e8a7015331b3cc5b3b7acfa28b6f227

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Thu, 03 Feb 2022 08:07:15 GMT
x-serial: 1509
server: Akamai Image Manager
x-check-cacheable: YES
etag: "11a0-5d015d6a6f784"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, max-age=30500710
content-length: 202
expires: Sat, 20 Jan 2024 16:32:31 GMT

GET
H2 200 icon_twitter_k_25x20.png
now.symassets.com/content/dam/norton/global/images/non-product/icons/ 284 B
508 B 69ms
58ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/icons/icon_twitter_k_25x20.png
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 14ef5143660fa6b1ebb2b27617ccc2dc597a247acd06a60e3b32b9b94d570418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Thu, 03 Feb 2022 08:09:36 GMT
x-serial: 1701
server: Akamai Image Manager
x-check-cacheable: YES
etag: "ade-5d24171fd2d3f"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=21619055
content-length: 284
expires: Mon, 09 Oct 2023 21:24:56 GMT

GET
H2 200 icon_youtube_34x24.png
now.symassets.com/content/dam/norton/global/images/non-product/icons/ 282 B
490 B 74ms
72ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/icons/icon_youtube_34x24.png
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 269cd5c2588a394a706a524aa4bb51f1a164c396c62c4f965d2797dcb2aefe50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Sat, 04 Sep 2021 09:56:09 GMT
server: Akamai Image Manager
etag: "ae9-5bf701b667695"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=30473401
content-length: 282
expires: Sat, 20 Jan 2024 08:57:22 GMT

GET
H2 200 icon_instagram_22x22.png
now.symassets.com/content/dam/norton/global/images/non-product/icons/dark/ 218 B
424 B 66ms
65ms Image
image/png 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/icons/dark/icon_instagram_22x22.png
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 8748aa0d1fd826859ddd421011cff51ea5798a116494ec6f39a3f2a76cbffbba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Thu, 03 Feb 2022 08:06:38 GMT
server: Akamai Image Manager
etag: "da-5d355b4182ea7"
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=21618895
content-length: 218
expires: Mon, 09 Oct 2023 21:22:16 GMT

GET
H2 200 logo_NLOK_132x26.svg
now.symassets.com/content/dam/norton/global/images/non-product/logos/dark/ 10 KB
3 KB 87ms
44ms Image
image/svg+xml 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://now.symassets.com/content/dam/norton/global/images/non-product/logos/dark/logo_NLOK_132x26.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

9c28255a4751f9bb7447d173b7c974f1dd50e9ce458ff10d3a6bbbb9be35f8c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Thu, 29 Sep 2022 00:22:30 GMT
server: Apache
etag: "2979-5e9c5df716afa"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=21053761
accept-ranges: bytes
content-length: 2652
x-xss-protection: 1; mode=block
expires: Tue, 03 Oct 2023 08:23:22 GMT

GET
H2 200 footer.min.VAlFLF57WCHbBG4ZovYivA==.js Show response
now.symassets.com/etc/designs/norton/libs-rover/ 299 KB
85 KB 80ms
40ms Script
application/javascript 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://now.symassets.com/etc/designs/norton/libs-rover/footer.min.VAlFLF57WCHbBG4ZovYivA==.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

7231dfcae4ab02ea1432b07c2bbcd62d148f47acb7c09d3cc8ba112ca0e5bc99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Tue, 06 Dec 2022 12:31:15 GMT
server: Apache
etag: "4ad0b-5ef27fae22be3-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=750165
accept-ranges: bytes
content-length: 86127
x-xss-protection: 1; mode=block
expires: Fri, 10 Feb 2023 08:30:06 GMT

GET
H2 200 head Show response
us.norton.com/service/norton/ 0
461 B 195ms
194ms XHR
text/plain 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/service/norton/head?ct=us&lg=en&ref=&

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache / Jetty(9.2.9.v20150224)

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/online-scams/romance-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 16:07:21 GMT
x-content-type-options: nosniff, nosniff
server: Apache
x-powered-by: Jetty(9.2.9.v20150224)
x-frame-options: SAMEORIGIN
content-type: text/plain
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 367 B
1 KB 675ms
124ms XHR
application/json 54.195.228.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1675267641324

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.228.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-228-119.eu-west-1.compute.amazonaws.com

Software

Resource Hash

9fb8a2e4be37d960631988e2a77be6874c7984612a1e311e542b2116e57891a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v045-02b96ccc8.edge-irl1.demdex.com 8 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: eSdT+fmWSbI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://us.norton.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 310
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 s_code_norton_min.js Show response
www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/ 75 KB
25 KB 285ms
34ms Script
application/javascript 2a02:26f0:f700:397::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/s_code_norton_min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:397::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

7ee5e26983efba2872eee6675eb03891d9250fcf6f24e40747f9540424d4c10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Wed, 01 Feb 2023 16:07:21 GMT
content-disposition: attachment
content-length: 24692
x-xss-protection: 1; mode=block
last-modified: Mon, 28 Nov 2022 16:53:21 GMT
server: Apache
etag: "12a45-5ee8ab5782240-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=18232
accept-ranges: bytes
expires: Wed, 01 Feb 2023 21:11:13 GMT

GET
H2 200 logo_norton_d.svg
now.symassets.com/content/dam/cc/norton/norton-mainsite/logos/ 7 KB
3 KB 69ms
68ms Image
image/svg+xml 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://now.symassets.com/content/dam/cc/norton/norton-mainsite/logos/logo_norton_d.svg

Requested by

Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rover/head.min.iMaaCnF_KffjMK_H6ziMvQ==.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

d92510e1217668642bc5364d01f23adc6a2462587993f16a0eb3e58678902165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now.symassets.com/etc/designs/norton/libs-rover/head.min.iMaaCnF_KffjMK_H6ziMvQ==.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Fri, 13 May 2022 20:34:14 GMT
server: Apache
etag: "1dfd-5deea9901fe49"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=20566656
accept-ranges: bytes
content-length: 2817
x-xss-protection: 1; mode=block
expires: Wed, 27 Sep 2023 17:04:57 GMT

GET
H2 200 icon_ui_search_m_2x.png
now.symassets.com/content/dam/cc/norton/tests/icons-logos/ 700 B
923 B 106ms
105ms Image
image/png 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/cc/norton/tests/icons-logos/icon_ui_search_m_2x.png
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rover/head.min.iMaaCnF_KffjMK_H6ziMvQ==.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 963adb4be5eee8f53bd330e7a6b03749ffb2de194b69705b25c0be94b86aa1b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now.symassets.com/etc/designs/norton/libs-rover/head.min.iMaaCnF_KffjMK_H6ziMvQ==.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Mon, 16 May 2022 07:00:15 GMT
x-serial: 1490
server: Akamai Image Manager
x-check-cacheable: YES
etag: "58d-5c626ae717bd8"
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=30427187
content-length: 700
expires: Fri, 19 Jan 2024 20:07:08 GMT

GET
H2 200 Inter-VariableFont_slnt,wght.ttf
us.norton.com/etc/designs/norton/libs-franky/head/fonts/ 731 KB
384 KB 232ms
231ms Font
application/x-font-ttf 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc/designs/norton/libs-franky/head/fonts/Inter-VariableFont_slnt,wght.ttf

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2bc548145fb72b0ed4a918a222978e279bee02fb9a1f7dee50de242e9b6e2497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.norton.com/blog/online-scams/romance-scams
Origin: https://us.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Wed, 10 Nov 2021 09:00:25 GMT
server: Apache
etag: "b6a24-5d06b74f74cf1"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: https://us.norton.com
cache-control: max-age=31458968
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Wed, 31 Jan 2024 18:43:29 GMT

GET
H2 200 img-online-scams-hero-image-1800x500.jpg
now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/Scams/ 37 KB
37 KB 67ms
66ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/Scams/img-online-scams-hero-image-1800x500.jpg
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: c89c9988bd1f0d7a15153d7c5f94eb1df5936bd8b1182607a264f7f0ac965e30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
content-encoding: gzip
last-modified: Thu, 03 Feb 2022 08:16:36 GMT
server: Akamai Image Manager
etag: "1625b-5d0ac8f33cdb1"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=20357753
expires: Mon, 25 Sep 2023 07:03:14 GMT

GET
H2 200 digital-nomads-190x190.png
now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/ 8 KB
8 KB 145ms
105ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/digital-nomads-190x190.png
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 62f8da46b254ae0f9c5b862e0a57d640ac8b375661dc1c30b32bdd85f0caf5ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 01 Feb 2023 16:07:21 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 22:54:49 GMT
server: Akamai Image Manager
etag: "12a57-5c54846b25ad7"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=22470041
content-length: 8409
expires: Thu, 19 Oct 2023 17:48:02 GMT

GET
H2 200 smiling-woman-lying-on-a-bed-sm.png
now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/ 8 KB
8 KB 76ms
49ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/smiling-woman-lying-on-a-bed-sm.png
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 7c6136c021184fc319d998959cab7dd3c769ea7bfbd49bd2ec3f6fe5f03b47d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
content-encoding: gzip
last-modified: Wed, 09 Mar 2022 05:34:59 GMT
x-serial: 1456
server: Akamai Image Manager
x-check-cacheable: YES
etag: "11fee-5d1b47231ae98"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31108443
content-length: 8025
expires: Sat, 27 Jan 2024 17:21:24 GMT

GET
H2 200 gift-card-scams-190x190.png
now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/ 7 KB
7 KB 100ms
74ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/gift-card-scams-190x190.png
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 82f964f9e58ef0c8c77d8bccb479dde9907adb378a41308365d1c29538baed18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 01 Feb 2023 16:07:21 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 03:28:30 GMT
server: Akamai Image Manager
etag: "116fe-5c5f2150a860d"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=27702530
content-length: 7143
expires: Tue, 19 Dec 2023 07:16:11 GMT

GET
H2 200 social-media-scams-thumbnail.png
now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/ 6 KB
7 KB 75ms
73ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/misc/tlc/social-media-scams-thumbnail.png
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 3cad1b8c75e5500f8fb518f98ea990ae274261fe55db9ad2ae034a46fe9f4d9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 01 Feb 2023 16:07:21 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 09:02:58 GMT
x-serial: 201
server: Akamai Image Manager
x-check-cacheable: YES
etag: W/"1087e-5d6f12aca0c9d"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=30039375
content-length: 6659
expires: Mon, 15 Jan 2024 08:23:36 GMT

GET
H2 200 icon_circle_line_left_127x8.png
now.symassets.com/content/dam/cb/icons/ 160 B
382 B 85ms
83ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/cb/icons/icon_circle_line_left_127x8.png
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rover/head.min.iMaaCnF_KffjMK_H6ziMvQ==.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: ae81b86911781d244b7c2fc962308b0c3384951a887a6f999fe60576b0d6ae20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now.symassets.com/etc/designs/norton/libs-rover/head.min.iMaaCnF_KffjMK_H6ziMvQ==.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Wed, 13 Apr 2022 06:10:36 GMT
x-serial: 448
server: Akamai Image Manager
x-check-cacheable: YES
etag: "a6-5c2ba9126bd47"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=22052194
content-length: 160
expires: Sat, 14 Oct 2023 21:43:55 GMT

GET
H2 200 icon_circle_line_right_127x8.png
now.symassets.com/content/dam/cb/icons/ 164 B
388 B 63ms
63ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/cb/icons/icon_circle_line_right_127x8.png
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rover/head.min.iMaaCnF_KffjMK_H6ziMvQ==.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: b7407e9a223b4d2cab1014db21ca425bbc547211b1ac340077e05406e76ee1a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now.symassets.com/etc/designs/norton/libs-rover/head.min.iMaaCnF_KffjMK_H6ziMvQ==.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Wed, 13 Apr 2022 06:06:01 GMT
x-serial: 1122
server: Akamai Image Manager
x-check-cacheable: YES
etag: "a6-5c2db8839ff6c"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=21908369
content-length: 164
expires: Fri, 13 Oct 2023 05:46:50 GMT

GET
H2 200 icon_world_map_gray_52x31.png
now.symassets.com/content/dam/cb/icons/ 746 B
943 B 38ms
37ms Image
image/webp 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/cb/icons/icon_world_map_gray_52x31.png
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rover/head.min.iMaaCnF_KffjMK_H6ziMvQ==.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 583ec79ba694a882662f117f6e4d0a2ae5e274ba5e86d5acc661c14154e5b43d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://now.symassets.com/etc/designs/norton/libs-rover/head.min.iMaaCnF_KffjMK_H6ziMvQ==.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
last-modified: Wed, 19 May 2021 00:17:05 GMT
server: Akamai Image Manager
etag: W/"3bf-5c2a3bf0bd325"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=30350708
content-length: 746
expires: Thu, 18 Jan 2024 22:52:29 GMT

GET
H2 200 serverComponent.php Show response
ensighten.norton.com/symantec/aemprod/ 1 KB
772 B 58ms
56ms Script
text/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=/symantec/aemprod/code/&publishedOn=Tue%20Jan%2031%2023:27:51%20GMT%202023&ClientID=21&PageID=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams%3F_COUNTRY%3Dus%26_LANGUAGE%3Den%26_TRAFFIC_SOURCE%3Ddirect%26_PGM_ID%3Dmissing%26_PGM_TYPE%3Dunknown%26_IPF%3Dmissing%26_IPD%3Dmissing%26_PSN%3Dmissing%26_SUBCHANNEL%3Dmissing%26_ORIG_SUB%3Dmissing%26_PIFCAM%3Dmissing%26_I_SKU%3Dmissing%26_DEX%3Dmissing%26_INID%3Dmissing%26_IPV%3Dmissing%26_IPC%3Dmissing%26_IUC%3Dmissing%26_IPL%3Dmissing%26_ENP%3Dmissing%26_SKT%3Dmissing%26_ITD%3Dmissing%26now_site_country%3Dus%26now_site_language%3Den%26now_site_content_title%3Dromance-scams%26now_site_sub_section%3Dinternetsecurity%26now_site_section%3Dnorton.com%26now_trafficsource_cookie_name%3Ddirect%26now_program_type%3Dunknown%26now_current_subchannel%3Dmissing%26now_original_subchannel%3Dmissing%26product_name%3Dromance-scams%26vendor_type%3Dnone%26isMobile%3Dfalse%26viewCampaigns%3Dmissing%26path%3D%2Fblog%2Fonline-scams%2Fromance-scams%26siteCode%3Dnortoncom&custDomain=ensighten.norton.com
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6505a0df31a18d134c7be3fd6984132e016cc52f4c53a2a86080a4969908975b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
content-encoding: gzip
via: 1.1 a811170f30183becd909b501e545e756.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
x-amz-cf-id: P-dKag11nxVDLcP1FWT9L5yEDsYD3r8tb0w-TrMZGvF47Uh29KpBLQ==
expires: Wed, 01 Feb 2023 16:07:20 GMT

GET
H2 200 token.json Show response
us.norton.com/libs/granite/csrf/ 2 B
262 B 53ms
53ms XHR
application/json 2a02:26f0:f700:4a1::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/libs/granite/csrf/token.json

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f700:4a1::1015 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache / Jetty(9.2.9.v20150224)

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/online-scams/romance-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 16:07:21 GMT
x-content-type-options: nosniff, nosniff
server: Apache
x-powered-by: Jetty(9.2.9.v20150224)
x-frame-options: SAMEORIGIN
content-type: application/json; charset=ISO-8859-1
cache-control: no-cache
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 seo Show response
buy.norton.com/redirector/ 63 B
654 B 427ms
88ms Script
text/javascript 2.21.184.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.norton.com/redirector/seo?callback=jQuery3110869563058393231_1675267641783&_=1675267641784

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.184.120 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-184-120.deploy.static.akamaitechnologies.com

Software

Resource Hash

854e05290d2504e36ee449b1680c274c7d29a1455ed60517eadd39513eae8a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 16:07:22 GMT
requestid: edabc38caacb0000
content-type: text/javascript;charset=utf-8
x-oneagent-js-injection: true
cache-control: max-age=0, no-cache, no-store
server-timing: dtRpid;desc="-560622025", dtSInfo;desc="0"
content-length: 63
expires: Wed, 01 Feb 2023 16:07:22 GMT

GET
H2 200 6e7ce74f05fba634bde6320377f728f0.js Show response
ensighten.norton.com/symantec/aemprod/code/ 66 KB
18 KB 33ms
32ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/6e7ce74f05fba634bde6320377f728f0.js?conditionId0=423130
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: db431510c701c7ca2ff197b6a2e45bba3b9f66fb1c690a8f29681bb84453442f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
x-amz-version-id: S25TUdUfMuJxh97ISIL04X_9iezGlT03
content-encoding: br
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2354394
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 Aug 2022 19:58:23 GMT
server: nginx
etag: W/"9c609b85ebcc720cc0f9a8dc97a829dc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: ThanGggDArCWeKF3yp82DXGnQFqyAkPRkixnEaTqXDCxurbCAt_LLg==

GET
H2 200 9beaf61b24aa947cd8ab213ab003c61f.js Show response
ensighten.norton.com/symantec/aemprod/code/ 313 B
758 B 29ms
28ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/9beaf61b24aa947cd8ab213ab003c61f.js?conditionId0=4937810
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 600afc538fb911c606f046d5ce513b92921c9244ca334532a910ba7de00dd8f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
x-amz-version-id: HXHHoo9wdwE88UtLjFh3DaW.LBScHeYL
via: 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 8594140
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 313
last-modified: Mon, 24 Oct 2022 23:07:03 GMT
server: nginx
etag: "71e16cc8772bd99bfea33e6920bfb4b2"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: RzQwglDp2KSy4bGTRnIZYAIE23NuAGtGYbK6ghDK2N4ncM0c7FYZPA==

GET
H2 200 93bbbdfcc2749d2f5fd22f4d34b38b61.js Show response
ensighten.norton.com/symantec/aemprod/code/ 13 KB
5 KB 35ms
34ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/93bbbdfcc2749d2f5fd22f4d34b38b61.js?conditionId0=473910
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4a9dd5099eb62db1c664ef4781cd90b8f85aa0c84a9fcf2cbe3172771e1f9ba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
x-amz-version-id: YCAOEn0XQKERjOKu7scFeGoP5V14HjJZ
content-encoding: br
via: 1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 60411
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 31 Jan 2023 23:19:03 GMT
server: nginx
etag: W/"27644ff04704888b87426b8b532120c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: xsG5Kt7bdZSE4RIqRSxNxasAbeCWuFvqoXgR06Zl8GD3dBacRq9J-g==

GET
H2 200 bcabe23688c64a7f29fe7b304ee1f7a9.js Show response
ensighten.norton.com/symantec/aemprod/code/ 5 KB
2 KB 34ms
32ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/bcabe23688c64a7f29fe7b304ee1f7a9.js?conditionId0=649166
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e1457c20cd10a8060fc6f9af449e4da4749ee1e64761dbb35f868bb0157667cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
x-amz-version-id: Fm0G0NFUd6o7Xe8p0DE5PgK_rU.aCPPD
content-encoding: br
via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 9744690
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Tue, 11 Oct 2022 21:15:44 GMT
server: nginx
etag: W/"a726b7b6301014156e5b423115977fe9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: oIIlOW87XepPGcVGfvowplwTWqrqD-PELKa_Oqqi84LUn0xYPEBrIQ==

GET
H2 200 3b7015e9e0506e49db199b928755cb65.js Show response
ensighten.norton.com/symantec/aemprod/code/ 409 B
854 B 31ms
29ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/3b7015e9e0506e49db199b928755cb65.js?conditionId0=1790211
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 35df6a93e6c7fb484cd983a9ffc83387862f49ba52f3e981ece185e4d1fcce26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
x-amz-version-id: OfSYR8OqOpGc9JucqiljDPOUgf6W5FZf
via: 1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 14380452
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 409
last-modified: Fri, 11 Feb 2022 23:30:27 GMT
server: nginx
etag: "f2fa1f10ded855dd7a0c4bcd7223e104"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 328n-1C6yv7UPei8BzAbAcvLKlRJ6T1eNcTYiXrV0pT-58yWQpk2wA==

GET
H2 200 0c9a4adbfc54196c2f19857d48d72b9c.js Show response
ensighten.norton.com/symantec/aemprod/code/ 453 B
899 B 31ms
30ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/0c9a4adbfc54196c2f19857d48d72b9c.js?conditionId0=4916844
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9851dbb6ed6a8990d26243d00311f2e137646ae371be03beaf351a54cdb18737

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
x-amz-version-id: H52AN.yq2cJoMiUNQv.avaa1HXl5oR.G
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 12739373
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 453
last-modified: Thu, 16 Dec 2021 19:20:19 GMT
server: nginx
etag: "84ffa991c30afde9559e6a72d8abbec0"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: CnUkY5jjVqlTg_5Tl9GmHwkr22ya08ZMAttlJacKKfiaqPmvTcUFwA==

GET
H2 200 4f632ed5686c9fa44fb7329021f15383.js Show response
ensighten.norton.com/symantec/aemprod/code/ 11 KB
2 KB 26ms
25ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/4f632ed5686c9fa44fb7329021f15383.js?conditionId0=4940767
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8b31d42a6b709c6bd0a7c444d1b83634740f8f00ad06cb0ca40cb031a7c5720a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:21 GMT
x-amz-version-id: K3BkmvlaPECrOyBAy8BpK9at_OtGkpwp
content-encoding: br
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 8616676
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 24 Oct 2022 22:34:00 GMT
server: nginx
etag: W/"d66c30e0adea774b761b4fd429ea7dfc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: xuYBq8esVxW37_vAqWhyVWDKfQMa_R9pypaZwRvezxHysCBOH8bFJw==

GET
H2 200 8d08b1cf12b6dedd46c680b7d1eca911.js Show response
spider.australiarevival.com/i/ 86 KB
32 KB 235ms
16ms Script
text/javascript 2600:9000:206f:7200:1:996f:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spider.australiarevival.com/i/8d08b1cf12b6dedd46c680b7d1eca911.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7200:1:996f:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 8463e6fcd2714889889fcc31ccecbcf91f55dbfdb5684ca11d4174220851c570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 15:02:20 GMT
content-encoding: gzip
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-C1
age: 4514
etag: "15748-uxv6uNXjIEIjh3/uWQnf7qktKgQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 31912
x-amz-cf-id: nA8_Xm87KzwNHx1hmviFWE2orS8w2mYb0WCdNYDNCozNT2w93e1itw==
expires: Thu, 02 Feb 2023 02:52:08 GMT

GET
H2 200 quantum-norton.js Show response
cdn.quantummetric.com/qscripts/ 306 KB
84 KB 242ms
28ms Script
text/javascript 2606:4700:10::6816:34fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-norton.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb7062d61bdf7c6a3f364713bd5ba69c50ce743b4f0fbfa85200d3d935c87ff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 159
etag: W/"167520766788916748396320691675242003174"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
cf-ray: 792bf08b5bda914c-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
77 KB 173ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FG3M2ET3ED

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c06b7ab63a6bf6b0cfcb613b7c9824cef3c58e840efb36180f09bcdc7436958

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78542
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 01 Feb 2023 16:07:22 GMT

GET
H2 204 sst
ensighten.norton.com/pc/symantec/ 0
319 B 114ms
114ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/pc/symantec/sst?sstVersion=1.0.0&sstData=%7B%22virtualBrowser%22%3A%7B%22page%22%3A%22https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams%22%2C%22language%22%3A%22en-US%2Cen%22%2C%22screenDepth%22%3A24%2C%22height%22%3A1200%2C%22width%22%3A1600%2C%22title%22%3A%22Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton%22%2C%22timezone%22%3A%22Etc%2FUnknown%22%2C%22screenHeight%22%3A1200%2C%22screenWidth%22%3A1600%7D%2C%22events%22%3A%5B%7B%22name%22%3A%22facebook_conversions_api_integration%22%2C%22data%22%3A%7B%22pixel_id%22%3A%222010787619164716%22%2C%22event_data%22%3A%7B%22event_name%22%3A%22PageView%22%2C%22event_id%22%3A%225ba8f01b-708a-40ff-83c0-e9958024fccb%22%2C%22user_data%22%3A%7B%7D%7D%7D%7D%5D%7D
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:22 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx
x-ens-event-id: c4fc0076-7db0-4725-9b3e-29da5738af8e
x-offsite-uuid: b788365e-1dcd-46d5-91a5-ad3f5a92cde9
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 141ms
15ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 Feb 2023 16:07:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: VDfy6D2t1aUz7lITvr0a43Jh5XIjBYCehYtpEa4H4NhMMU/2TSh9q5ucC/0wKhjQs3rwc1iVxaUo2Zb1x5Oxfg==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
symantec.demdex.net/ Frame AA04 7 KB
3 KB 657ms
161ms Document
text/html 52.49.9.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://symantec.demdex.net/dest5.html?d_nsid=0

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.49.9.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-9-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v045-0eab94181.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: DrjvMT98Qt0=
content-encoding: gzip
date: Wed, 1 Feb 2023 16:07:22 GMT
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y9qOOgAAADjinAN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=25239769532810703113708529254822305178
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9qOOgAAADjinAN-

42 B
942 B

129ms
123ms

Image
image/gif

54.195.228.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9qOOgAAADjinAN-

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

HTTP/1.1

Server

54.195.228.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-228-119.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-0e1730cee.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: GBU1hnPNQnQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9qOOgAAADjinAN-
Date: Wed, 01 Feb 2023 16:07:22 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s71000450664568
oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/ 43 B
373 B 525ms
154ms Image
image/gif 13.37.25.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/s71000450664568?AQB=1&ndh=1&pf=1&t=1%2F1%2F2023%2016%3A7%3A22%203%200&sdid=77312C3783BD6A7E-70AE4D722CD2636F&mid=25439519146426225503691912476719730987&aamlh=6&ce=UTF-8&pageName=norton.com%3Aus%3Ainternetsecurity%3Aonline-scams%3Aromance-scams&g=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&server=norton&events=event79%3D12%2Cevent69&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=us&c3=en&v5=none&c14=D%3Dv16&v16=norton%3Adirect&v18=D%3DpageName&v21=D%3Dc21&v27=D%3Dc2&v28=D%3Dc3&c35=D%3DpageName&c41=norton.com&v41=D%3Dc41&c46=html&c47=page&v47=s_code_norton%202022-11-10&c48=romance-scams&v48=D%3Dc49&c49=internetsecurity&v49=D%3Dc48&v57=25439519146426225503691912476719730987&v58=online-scams&c59=norton.com%3Ainternetsecurity%3Aonline-scams%3Aromance-scams&v59=D%3Dc59&v66=unknown&v72=norton.com&c75=D%3Dv57&v90=existing_customer%3A%20No&v96=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.37.25.97 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-37-25-97.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Thu, 02 Feb 2023 16:07:22 GMT
server: jag
etag: 3597609868647694336-4619865564714637656
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 31 Jan 2023 16:07:22 GMT

GET
H2 200 json Show response
symantec.tt.omtrdc.net/m2/symantec/mbox/ 11 KB
3 KB 241ms
49ms XHR
application/json 34.251.173.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://symantec.tt.omtrdc.net/m2/symantec/mbox/json?mbox=sym_global_mbox&mboxSession=5c0bc73490bd4062a0d60ae2c358ab50&mboxPC=&mboxPage=99f92b3c04d04557b16ccfdb22199fc9&mboxRid=416e1e3c28104c7ea85b076c519018bb&mboxVersion=1.8.3&mboxCount=1&mboxTime=1675267641344&mboxHost=us.norton.com&mboxURL=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&profile.TCG=9&vendor_type=none&program_type=unknown&site_country=us&site_section=norton.com&content_title=romance-scams&site_language=en&traffic_source=direct&ExistingCustomer=existing_customer%3A%20No&site_sub_section=internetsecurity&current_subchannel=&site_content_title=romance-scams&original_subchannel=&profile.vendor_type=none&profile.program_type=unknown&profile.site_country=us&site_sub_sub_section=online-scams&%20profile.site_section=norton.com&profile.site_language=en&profile.%20traffic_source=direct&profile.ExistingCustomer=existing_customer%3A%20No&profile.%20site_sub_section=internetsecurity&profile.current_subchannel=&profile.site_content_title=romance-scams&profile.original_subchannel=&mboxMCSDID=77312C3783BD6A7E-70AE4D722CD2636F&mboxMCGVID=25439519146426225503691912476719730987&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.173.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-173-23.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d03b0b611d597cbe8fcc80abf90919c8d1a937ca5f126fadd0f35781a2f6c443

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:22 GMT
content-encoding: gzip
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://us.norton.com
content-type: application/json;charset=UTF-8
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: 416e1e3c28104c7ea85b076c519018bb

GET
H2 200 ct Show response
bite.australiarevival.com/ 3 KB
2 KB 374ms
123ms Script
text/javascript 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/ct?id=34870&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&sf=0&tpi=&ch=&uvid=&tsf=0&tsfmi=&tsfu=&cb=1675267642459&hl=2&op=0&ag=2774517318&rand=037211002280182719010256871055899320524279525623011555725162038729260001960&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDk0NTZdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjIyLFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MzY5ODUxODcxMCxcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9XSJdLFsiY2IiLCIwLDAsMSwwLDAsMCwwLDAsMCwzLDAsMSwyOSwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMyw1LDAsMCwxLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDEzIl0sWy0xLCItIl0sWy0yLCI1MyxlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJd0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wia2V5d29yZHNcIixcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCItIl0sWy0xNSwiLSJdLFstMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCwwLDAsXCItXCIsXCItXCJdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltcInNlbmRCZWFjb25cIixmYWxzZSx0cnVlLHRydWUsdHJ1ZV0iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjE1MjAwMDAwLFwidWpoc1wiOjEyNzAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjc1MjY3NjQyMzkxLDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDAsMCwyLDAsOTcsODUsMTE3LC0xLDAsMTAxMS43LCwxOTc3LDE5NzgiXSxbLTM5LCJbXCIyMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiNjIwLDY3NywwLDAsMCw1NjIsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWy01MCwiLSJdLFstNTEsIi0iXSxbLTUyLCItIl0sWy01MywiMTAwIl0sWy01NCwie1wiaFwiOltcIl8xXCIsXCIyODQ1OTUzMzIwXCIsXCJfM1wiLFwiMjg3Mjg5OTMyMFwiXSxcImRcIjpbXSxcImJcIjpbXCJfMVwiLFwiMzczNzU1OTk4NlwiXSxcInNcIjoxfSJdLFstNTUsIjIiXSxbImRkYiIsIjAsNTQsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMSwwLDAsMCwwLDMsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMSwzLDEsMCwwLDAsMSwyLDQsNTEsMCwwLDAsMSwwLDAsMCwwLDEsMCJdLFsiYm5jaCIsMTg2XSxbImFibmNoIiwxODddXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=sbK4gFRAO9&pto=2043&ver=50&gac=-&mei=&ap=&duid=1.1675267642.8zGXkkvkdaQVyVFM&suid=1.1675267642.D9sVYG4rLpdff35z&tuid=1.1675267642.KvYHAM96cfwRhMkA&fbc=-&gtm=WyJwYWdlX3ZpZXciXQ%3D%3D&it=42%2C1502%2C247&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4dbd4edf6ab4beed2ee1c5d3d9f30a42305625c3a2d0adcd4d0d381028096658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Wed, 01 Feb 2023 16:07:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1378
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.95

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 Feb 2023 16:07:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: KSwFbhiQ1tLEz3gW7vpgKSc0KNMLBRUuhH/ewsSCO9BofZeFVeIjyJRaKsrwxPsfZsJpQxwqs/Lzvc2XPPbbTw==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2010787619164716 Show response
connect.facebook.net/signals/config/ 378 KB
108 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2010787619164716?v=2.9.95&r=stable

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f50d92950113643e3910967f3975eaac72b2e32e8789a948fb0366932d2834c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 16:07:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110361
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: qW3CAuV/sBL+CS7ZDTOHb3w/X37kebGJOynbBHEdQDtv64TX1ceMkj9MTlp9dOtLd+FVOYvP4DYjtPwhDScAdA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 42ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FG3M2ET3ED&gtm=2oe1u0&_p=333012135&_gaz=1&ul=en-us&sr=1600x1200&cid=-NNCit8pBLLUoOBBTijU&ir=1&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&dt=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&sid=-NNCit8pBLLUoOBBTijU&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&ep.page_encoding=utf-8&ep.page_path=%2Fblog%2Fonline-scams%2Fromance-scams&epn.session_num=1&ep.hitID=-NNCit8pBLLUoOBBTijU&epn.hitNum=1&ep.client_TagType=direct&ep.hasOrder=false&ep.skusEnabled=&ep.skusNotEnabled=&ep.urlDomain=us.norton.com&ep.urlRootDomain=norton.com&ep.urlDomainPath=us.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&ep.urlRootDomainPath=norton.com%2Fblog%2Fonline-scams%2Fromance-scams&ep.urlPath=%2Fblog%2Fonline-scams%2Fromance-scams&ep.urlTagType=direct&up.client_id=-NNCit8pBLLUoOBBTijU&up.session_id=-NNCit8pBLLUoOBBTijU&upn.session_num=1&up.hitID=-NNCit8pBLLUoOBBTijU&upn.hitNum=1&up.client_TagType=direct&up.hasOrder=false
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 61ms
17ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FG3M2ET3ED&cid=-NNCit8pBLLUoOBBTijU&gtm=2oe1u0&aip=1
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 161ms
68ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FG3M2ET3ED&cid=-NNCit8pBLLUoOBBTijU&gtm=2oe1u0&aip=1&z=301470696

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
66 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1043330685

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d237d14ff141950f14e93c5f2fac5a7b44994b068df512808e00df7a082389cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67571
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Feb 2023 16:07:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
66 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1043330685&l=dataLayer&cx=c

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

630784463685e1d72a3d431f53f7a09579d006b893a5dcfa678996e4d80e08b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67582
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Feb 2023 16:07:22 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame CA6B 38 KB
12 KB 82ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 01 Feb 2023 16:07:22 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 11CADD815FE44348AB0BD79041D36B9E Ref B: FRA31EDGE0619 Ref C: 2023-02-01T16:07:22Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 tc_imp.gif
bite.australiarevival.com/tracker/ 43 B
79 B 106ms
93ms Image
image/gif 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bite.australiarevival.com/tracker/tc_imp.gif?e=37dfbd8ee84e00136debc533ed418e9f9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d15856a2717071a10acf9f29f674d8a8189012f3d49ad7e7604853ad964c552320620c551530a33000b94b6631a77be26bb25cb43e2916af05065aa587c7a1b8954ed14f497d7df3dbb2907fe7ccaac043e8b0e304b274393d60531f160b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a59d8677a0d8da5bef489d593772aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7dfc931663eddffb27de03a94fe18c109647c8997bcd3f61979820d137c4d0bba69df3f1477fe425b2b9fb2f4d26f9913f82be50eb0102419457459a959284cdf19526c5269c9fb88735ee727631c975279a9f9d4968c1e970a410aa83409974a37c450445cd35b01c9c89ee79bfc7609452a79fdbd87683550435ac0f4f1d3e483e9fec4593059a8c8764fdcd2bbd872f9adabfb03d9fb7e358766e8ff91e1c9bf7471a03feacba74b62688b40da9b979e338f96ecb41de0689ba20d54d7697f2cb33617b195738014e0ab8fd9e3a8071eb1c1b1d6d81e05dd58a051ee2aa9de6ae66a9eef8ff84feb3f2484620e64186b7457385436107ca605b7570eb78a97605dfedc161e77cc571cef278dfb21f98650e2727077e159bc6e0d922731fed701ece9582efe1ab354cf8c6c06f8add303e818600367bf88fd85026b2258358991ee121ef1b98ae7a8fbe709edbdc84ce4467a5f22771c633ffd9a2a1049d72351002916a4557b7a75d919752a3e1eab55dcbd4d1746c6f3ae54cb919b817f2d77b9c592e3d53783926f3508e9d210cfa1680d5a96a8a9414d22361a5472d70dcbd9c&cri=sbK4gFRAO9&ts=470&cb=1675267642929
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Wed, 01 Feb 2023 16:07:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 200 2053905694837980 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 446ms
437ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2053905694837980?v=2.9.95&r=stable

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

78dffd283e2c4469afdbe98fb511df6edbfd11b17b23a6f9f71110a2c53f1ecd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 01 Feb 2023 16:07:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: /Ro0LG75VPXvtlgiytQkpVjt6Pf9XqOl0MRJnnmPC7rgmURl4h0mRSjteJALw+Oa9r/+1EAHrJQCPXO+nsOUKA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 75ms
10ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2010787619164716&ev=PageView&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&rl=&if=false&ts=1675267642978&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmensighten&ec=0&o=29&cs_est=true&fbp=fb.1.1675267642976.2093821107&it=1675267642516&coo=false&eid=5ba8f01b-708a-40ff-83c0-e9958024fccb&tm=1&rqm=GET

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 16:07:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 75ms
10ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2010787619164716&ev=CHEQ&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&rl=&if=false&ts=1675267642982&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmensighten&ec=1&o=29&fbp=fb.1.1675267642976.2093821107&it=1675267642516&coo=false&rqm=GET

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 16:07:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/ 2 KB
1 KB 142ms
58ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1675267643029&cv=11&fst=1675267643029&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6209e18374c0d906f53f43780c90c35c310773e987fe4c35b6deeead56eb186a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 921
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1043330685/ 2 KB
2 KB 67ms
20ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1043330685/?random=1675267643085&cv=11&fst=1675267643085&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&gtm_ee=1&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

acf5d772db34cbf54e20f67ddaf06946478b3e332f6a2990d9b49e5ec662e288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1241
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 187010577.js Show response
bat.bing.com/p/action/ Frame CA6B 4 KB
2 KB 109ms
108ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187010577.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

286b78a4ea089195faba308081e92c6d90a8ca02663f5c32fbdc9dc9db2a745e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 01 Feb 2023 16:07:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 313A1906067A4404BA1459781C3DAEEC Ref B: FRA31EDGE0619 Ref C: 2023-02-01T16:07:23Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60
content-length: 1498

GET
H2 204 0
bat.bing.com/action/ Frame CA6B 0
286 B 33ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187010577&Ver=2&mid=8a39fe90-e099-47b2-934e-fc6ada6df11d&sid=8339a930a24a11ed9601c3ba6b715115&vid=833a18a0a24a11edb77f9127fa2c46c9&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&r=&lt=10&evt=pageLoad&ifm=1&sv=1&rn=990555

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 Feb 2023 16:07:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7BF0DE71F8934F1A939B600EBCBA040C Ref B: FRA31EDGE0619 Ref C: 2023-02-01T16:07:23Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1043330685/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=2003366446&cv=11&fst=1675267643085&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=23KzCJj-jYMYEP3sv...
https://www.google.com/pagead/1p-conversion/1043330685/?random=2003366446&cv=11&fst=1675267643085&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadse...
https://www.google.de/pagead/1p-conversion/1043330685/?random=2003366446&cv=11&fst=1675267643085&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadser...

42 B
64 B

56ms
55ms

Image
image/gif

2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1043330685/?random=2003366446&cv=11&fst=1675267643085&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&gtm_ee=1&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0xqb25nWVFuUHEyZzg2NjRmalVBUklsQUVPUldnTzRWWWxSbDNGOUdDVTkxLTd0X0E4NHhLTEN1c2xsRFphZWpGUXpPRzFMNEEaV0NoQUlnTGpvbmdZUW90R1ZtYUtoa3NwREVpMEFRQlNZZDVJNjZRTlNQNGZtdU1CaS1xN285d0RPRDZKY0JsREVGelBWVHhsZjhUVzNhZDdZZzVNWTJ2RQ&is_vtc=1&ocp_id=O47aY4ruCOismLAP1Pql-A8&random=1845689484&ipr=y&prhg=0

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1043330685/?random=2003366446&cv=11&fst=1675267643085&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&gtm_ee=1&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0xqb25nWVFuUHEyZzg2NjRmalVBUklsQUVPUldnTzRWWWxSbDNGOUdDVTkxLTd0X0E4NHhLTEN1c2xsRFphZWpGUXpPRzFMNEEaV0NoQUlnTGpvbmdZUW90R1ZtYUtoa3NwREVpMEFRQlNZZDVJNjZRTlNQNGZtdU1CaS1xN285d0RPRDZKY0JsREVGelBWVHhsZjhUVzNhZDdZZzVNWTJ2RQ&is_vtc=1&ocp_id=O47aY4ruCOismLAP1Pql-A8&random=1845689484&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 187010577 Show response
www.clarity.ms/tag/uet/ Frame CA6B 854 B
1 KB 139ms
96ms Script
application/x-javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/187010577
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/187010577.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c775a9025fd5d606553edb2ad342d7b97f6075c087d7165043e0f5e352e02609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: application/x-javascript
date: Wed, 01 Feb 2023 16:07:22 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0O47aYwAAAADMaVOXRD1gQZLN6jGQnXmFRlJBMzFFREdFMDkxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 /
www.google.com/pagead/1p-user-list/1043330685/ 42 B
455 B 61ms
26ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043330685/?random=1675267643029&cv=11&fst=1675267200000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=663461062&rmt_tld=0&ipr=y

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1043330685/ 42 B
154 B 55ms
53ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043330685/?random=1675267643029&cv=11&fst=1675267200000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=663461062&rmt_tld=1&ipr=y

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-e/s/0.7.1/ Frame CA6B 55 KB
19 KB 11ms
10ms Script
application/javascript 2620:1ec:4e:1::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-e/s/0.7.1/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/187010577
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:22 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
server: Microsoft-IIS/10.0
x-azure-ref-originshield: 09gnaYwAAAABluOj+m3AER524X5ZJTH5/RlJBMjMxMDUwNDE4MDMxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "1d928dd7500799e"
x-azure-ref: 0O47aYwAAAABaONt9Sfz0QLy7MhFCabvxRlJBMzFFREdFMDkxMwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2

200

c.gif
c.clarity.ms/ Frame CA6B
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=E2706D4B049445DD891803F69DC3DA89&RedC=c.clarity.ms&MXFR=08B3323D7D5D6F3E16512096795D61BE
https://c.clarity.ms/c.gif?CtsSyncId=E2706D4B049445DD891803F69DC3DA89&MUID=23F55E8A65676AB612214C2164EC6B8D

42 B
369 B

44ms
44ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=E2706D4B049445DD891803F69DC3DA89&MUID=23F55E8A65676AB612214C2164EC6B8D
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:23 GMT
last-modified: Tue, 17 Jan 2023 20:36:49 GMT
server: Microsoft-IIS/10.0
etag: "b1c8df6cb32ad91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 93FC2F3445484B4E9BF145FE90EC13E6 Ref B: FRA31EDGE0619 Ref C: 2023-02-01T16:07:24Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=E2706D4B049445DD891803F69DC3DA89&MUID=23F55E8A65676AB612214C2164EC6B8D
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 11ms
10ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2010787619164716&ev=CHEQ&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&rl=&if=false&ts=1675267643474&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmensighten&ec=2&o=29&fbp=fb.1.1675267642976.2093821107&it=1675267642516&coo=false&rqm=GET

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 16:07:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 12ms
11ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2053905694837980&ev=CHEQ&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&rl=&if=false&ts=1675267643475&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmensighten&ec=0&o=30&fbp=fb.1.1675267642976.2093821107&it=1675267642516&coo=false&rqm=GET

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 16:07:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
145 B 94ms
93ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Wed, 01 Feb 2023 16:07:23 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
16 B 96ms
96ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Wed, 01 Feb 2023 16:07:23 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2053905694837980&ev=Microdata&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&rl=&if=false&ts=1675267643977&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton%22%2C%22meta%3Akeywords%22%3A%22Social%20Media%2C%20Android%2C%20Cyberbullying%2C%20Windows%2C%20Online%20Scams%2C%20Mac%20OS%2C%20Internet%20Security%2C%20Seniors%2C%20iOS%22%2C%22meta%3Adescription%22%3A%22Romance%20scams%20are%20continually%20evolving.%20To%20learn%20more%20about%20them%2C%20pore%20over%20these%20online%20dating%20scam%20statistics%2C%20plus%20tips%20to%20help%20you%20stay%20safe%20in%202023.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton%22%2C%22og%3Adescription%22%3A%22Romance%20scams%20are%20continually%20evolving.%20To%20learn%20more%20about%20them%2C%20pore%20over%20these%20online%20dating%20scam%20statistics%2C%20plus%20tips%20to%20help%20you%20stay%20safe%20in%202023.%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fnow.symassets.com%2Fcontent%2Fdam%2Fnorton%2Fglobal%2Fimages%2Fnon-product%2Fmisc%2Ftlc%2Fromance-scams-hero.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmensighten&ec=1&o=30&fbp=fb.1.1675267642976.2093821107&it=1675267642516&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/online-scams/romance-scams

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 16:07:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 172ms
28ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6362-VIE

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 177 KB
65 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1069927954

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ea1fbac971c4ab396d093fd210310a4e1ff57acc39d3bc71cee3ac575eb1243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66083
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Feb 2023 16:07:24 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 17 KB
6 KB 105ms
25ms Script
application/x-javascript 23.203.125.62
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.125.62 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: daf842fc24f3934560a1f8338e8e4efcbc7ec7e4393a3360cad7c0bdd43e2aad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 16:07:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 22 Jan 2023 12:08:14 GMT
Server: AkamaiNetStorage
ETag: "9f0b052ec22f789c3cc95c26dd0da7f4:1674389451.57807"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5884
Expires: Wed, 01 Feb 2023 16:27:24 GMT

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 271ms
33ms Script
application/javascript 2a02:26f0:f700:6::216:5929
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:6::216:5929 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2dcc31514ac522e9afa01055f8a5da512739c809ad6fafe45cabaff1021a21e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 16:07:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Jan 2023 08:01:29 GMT
Server: AmazonS3
x-amz-request-id: 7RSSF7CN1F3R7HWK
ETag: "b0e78687523f348c2240034a51df837d"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1977
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11777
x-amz-id-2: ya/hkp9KhAMOUZvSHhk4FeXTuXjl7KEzDEQSJ1AW9JQRscg8pphWIryvJddPMNCrXI/mKpgv1qA=
Expires: Wed, 01 Feb 2023 16:40:21 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 107ms
7ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 15:12:57 GMT
content-encoding: gzip
age: 3267
x-guploader-uploadid: ADPycdsvOG439lfggawhQS4cnMC0-n5LNPFqVvzYb46L9Q_FSpjB2OT6KMjMrkuzYy1KtV-158DKzkWDtuGGfuMwLdPW
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-generation: 1622234043862937
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Wed, 01 Feb 2023 16:12:57 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1043330685/ 2 KB
1 KB 21ms
19ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1043330685/?random=1675267644133&cv=11&fst=1675267644133&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=sale&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&gtm_ee=1&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dromance-scams%3Becomm_traffic_source%3Ddirect&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

48767b4774c4e0ea40cc837457a77562560275f1bafe4da88d851d44c14c8d44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1261
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 15 KB
6 KB 96ms
18ms Script
application/x-javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?t=xo&id=norton.com

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f24323f2cc9cf99ca6fb1980451a2c68ee54458c1477ccf636fd909272eb0cb8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-k3vtSMleVM18N1pcpTpyywJsWG/n1121Q7yb/3hqf4A0SWIt' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-k3vtSMleVM18N1pcpTpyywJsWG/n1121Q7yb/3hqf4A0SWIt' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 16:07:24 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 51346
x-cache: HIT
paypal-debug-id: f47521140523c
server-timing: "traceparent;desc="00-0000000000000000000f47521140523c-03da8574b0a5b075-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 5078
x-xss-protection: 1; mode=block
x-served-by: cache-hhn-etou8220030-HHN
traceparent: 00-0000000000000000000f47521140523c-fa89bf916df55a24-01
x-timer: S1675267644.232723,VS0,VE4
etag: W/"3c96-5ZBl/9VH4j5FGwgXHTg1r26CMkY"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 87ms
11ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 102ms
32ms Script
application/javascript 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 15:59:39 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: R1884EP33TKMJ7P9
age: 466
x-amz-server-side-encryption: AES256
x-amz-id-2: LAoMu9XhHdB3W3DBkF8lLDYJH6Mc50fSM1aDqOxYuh99xqLBP6KnAx8chLxCmagaPNquKzvwh/I=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 3 KB
2 KB 292ms
140ms Script
application/javascript 88.221.92.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4JSARJR2Q3OG0JAETF0&lib=ttq
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.25 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f7bde5946e4ae681b3ed247cbbcd7f100faec7667b9c843e10785f1bfa890ff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-akamai-request-id: 85539fc1.43d773c8
date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-18-41-25.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time: 110,2.18.41.25
server-timing: cdn-cache; desc=MISS, edge; dur=104, origin; dur=6, inner; dur=3
content-length: 1148
pragma: no-cache
server: nginx
x-tt-logid: 202302011607247F732A25BFD2B1029F6B
x-cache-remote: TCP_MISS from a23-220-105-144.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.105.144
x-tt-trace-host: 01071338e576d3120912a2d25762897a4ed6a45d5987a46d6f27f33c786aeb0d5a46dfd7025a34a6c7256c428dffae486cf85d83c4af8e3e9f263d7f059aa1059450dc45fb12d4988132b8de7f11f6164e261f0fc8574934fff49d23489046e23915eb21c24fe5416c6a5439d5873e8c6a
expires: Wed, 01 Feb 2023 16:07:24 GMT

GET
H2 200 i.js Show response
tag.wknd.ai/2004/ 64 KB
15 KB 155ms
20ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/2004/i.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 41069810642f4e5ed8aada1d71c3a7effe3001d6f5da33b3c3d4d0c770561a77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 15:59:16 GMT
content-encoding: gzip
via: 1.1 google
age: 488
x-envoy-upstream-service-time: 6
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14908
server: istio-envoy
etag: 12f12d58ef316d
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 366ms
30ms Script
application/javascript 2a04:4e42:41::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:41::84 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aacfea800a59766fdd3672fad8e5eba13abae2dab105014fc9214cb0c1409925

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
x-cdn: fastly
etag: "91c4ea42bc7f1df938d8cd8de8d598db"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
fastly-restarts: 1
content-length: 1146

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1304930-26&l=dataLayer&cx=c

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35c19ac0efc4d6e5e8cf2f115584a5a4c3d24258cb97e329eebbd5b5f42fa94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43929
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Feb 2023 16:07:24 GMT

GET
H2 200 visitor.js Show response
app.leadsrx.com/ 18 KB
19 KB 659ms
187ms Script
application/javascript 44.236.243.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadsrx.com/visitor.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.243.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-243-137.us-west-2.compute.amazonaws.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 /
Resource Hash: 6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
last-modified: Wed, 01 Feb 2023 15:20:55 GMT
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
accept-ranges: bytes
etag: "492f-5f3a4fea3ae22"
content-length: 18735
content-type: application/javascript

GET
H2 200 evt.js Show response
tag.havasedge.com/js/ 24 KB
25 KB 344ms
23ms Script
application/javascript 18.66.15.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.havasedge.com/js/evt.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-102.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 585a5ffa8c3c01d26bfa9e61e12aecfac2b9440051ce482de6919393f76dcdf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 15:55:22 GMT
via: 1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
last-modified: Wed, 18 Jan 2023 22:25:13 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 723
x-amz-server-side-encryption: AES256
etag: "9e337224b5d07d91b201b650ce02ea4f"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 24737
x-amz-cf-id: VwHJ7UsxRfsu2OIg0QrE1h7d-Pmqr4NdHDvncBVThDeC3DjxZShNqA==

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
11 KB 38ms
37ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 01 Feb 2023 16:07:24 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1FF6599DB13C4DF6969DF46B3E779197 Ref B: FRA31EDGE0619 Ref C: 2023-02-01T16:07:24Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 39ms
28ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8136487

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f151c0ed92c022334b7c5bd89968f30d9908bb940530ba2e934d06f9d86c3172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44146
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Feb 2023 16:07:24 GMT

GET
H2 200 A247452-16ea-46a1-bf3e-0d9e4518ff9c1.js Show response
d.impactradius-event.com/ 43 KB
14 KB 672ms
195ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A247452-16ea-46a1-bf3e-0d9e4518ff9c1.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7900ff64e7494502673e3789e1946ef613c427312c57497693a81d24a52c2a4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:03:21 GMT
content-encoding: gzip
age: 243
x-guploader-uploadid: ADPycdtC_q1prmheAwcosHGNh6xvxHxBKuUl2OtNeraXLsGfQdBGKPHJi2UmLEG5GqYRv-g91NEWjEdbftwTlH_IuoLZyzVz2gph
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13986
last-modified: Tue, 31 Jan 2023 19:31:47 GMT
server: UploadServer
etag: "43d9f3757a9430f8a4ce032ba556f8b7"
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-hash: crc32c=IqDymw==, md5=Q9nzdXqUMPikzgMrpVb4tw==
x-goog-generation: 1675193507489886
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13986
accept-ranges: bytes
expires: Wed, 01 Feb 2023 16:08:21 GMT

GET
H2 204 e.gif
ensighten.norton.com/error/ 0
236 B 33ms
21ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/error/e.gif?msg=Cannot%20read%20properties%20of%20null%20(reading%20%27appendChild%27)&lnn=-1&fn=&cid=21&client=symantec&publishPath=aemprod&rid=3833176&did=689637&errorName=TypeError
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 52915
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: 6N2-NdwAWAQa8mNbThxGzF4OIOZNuRDt-76ZJPhC9lPiMu5r592kHQ==

GET
H2 204 e.gif
ensighten.norton.com/error/ 0
235 B 31ms
20ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/error/e.gif?msg=Cannot%20read%20properties%20of%20null%20(reading%20%27prepend%27)&lnn=-1&fn=&cid=21&client=symantec&publishPath=aemprod&rid=3837571&did=712884&errorName=TypeError
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P7
age: 52915
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: CdeMgu9BxSP1y2e4eMrhDEtIWcNDgXJqzY-VAbSkBV6gi4xmpNmhQQ==

GET
H2

200

src=9309239;dc_pre=CIeusqfa9PwCFT9LkQUd-JQJsg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://gwmtracking.com/p/v/1/59bc0993f8708105b27e9bf1/format/img
https://ad.doubleclick.net/ddm/activity/src=9309239;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=9309239;dc_pre=CIeusqfa9PwCFT9LkQUd-JQJsg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CIeusqfa9PwCFT9LkQUd-JQJsg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
107 B

48ms
45ms

Image
image/gif

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CIeusqfa9PwCFT9LkQUd-JQJsg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CIeusqfa9PwCFT9LkQUd-JQJsg;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ppt=5476;g=sitewide;gid=21516;ord=[uniqueid];ip=138.199.38.132;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://urldefense.proofpoint.com/v2/url?u=https-3A__trkn.us_pixel_conv_ppt-3D5476-3Bg-3Dsitewide-3Bgid-3D21516-3Bord-3D-5Buniqueid-5D&d=DwIGAg&c=GC0NZZhaEw6GOQSjMHI2g15k_drElRoPmOYiK2k0eZ8&r=Ee60g...
https://trkn.us/pixel/conv/ppt=5476;g=sitewide;gid=21516;ord=[uniqueid]
https://trkn.us/pixel/conv/ppt=5476;g=sitewide;gid=21516;ord=[uniqueid];ip=138.199.38.132;cuidchk=1

42 B
780 B

1284ms
1284ms

Image
image/gif

3.230.17.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=5476;g=sitewide;gid=21516;ord=[uniqueid];ip=138.199.38.132;cuidchk=1

Protocol

HTTP/1.1

Server

3.230.17.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-230-17-182.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Feb 2023 16:07:26 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Wed, 01 Feb 2023 16:07:26 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=5476;g=sitewide;gid=21516;ord=[uniqueid];ip=138.199.38.132;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H2 200 TC-3086-2.gif
pt.ispot.tv/v2/ 43 B
314 B 77ms
7ms Image
image/gif 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3086-2.gif?app=web&type=visit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 01 Feb 2023 16:07:24 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
580 B 298ms
93ms Image
image/gif 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613158642812&event=pageVisit&productName=romance-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:24 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.5c17655f.1675267644.df17d76d
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1585036437165348
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 460ms
105ms Image
image/gif 54.174.23.214
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=lead&content_id=us&pixid=39d22f07-d8d0-45a7-a066-108db0a14293
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.23.214 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-23-214.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 15ms
12ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=0&c=21&i=7u2yze&p=aemprod&s=330&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3UyeXplIiwicGFja2V0IjowLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8BkiLCJ0eXBlIjoiYmlsbGluZyIsInN0YXJ0IjoxNjc1MjY3NjQ0MTg4XwDAZCI6LTEsInNvdXJjMgACKwBhdHVzIjoiZgBAYXNvbmUA1F0sImRhdGFQYXR0ZXISAMJsaXN0IjpbXSwiaWRdAMAyNjc2NDQxODh9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 01 Feb 2023 16:07:23 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/c/ 0
106 B 19ms
17ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/c/r.rnc?n=0&c=21&i=83gkbg&p=aemprod&s=428&d=9CV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxDgDwHk5hbWUiOiJzeW1hbnRlYyIsInB1Ymxpc2hQYXRoIjoiYWVtcHJvZCIsIm1vZCoAkHdoaXRlbGlzdFEA8CNvb2tpZXMiOnsiU1lNQU5URUNfRU5TSUdIVEVOX1BSSVZBQ1lfQkFOTkVSX0xPQURFRKMA8Q8ifSwiZHQiOjE2NzUyNjc2NDQyMzEsInNldHRpbmdPAPEnbW9kYWwiOiJlbnRlcnByaXNlIiwiZW52aXJvbm1lbnQiOiJVUyBOb3J0b24iLCJkZWZhdWx0OwDxH1NvY2lhbCBNZWRpYSI6MSwiUGVyZm9ybWFuY2UgYW5kIEZ1bmN0aW9uYWxpdHkiALJBZHZlcnRpc2luZxAA8ARuYWx5dGljcyI6MX19LCJldmVuXQAiW3sLAEEiOiJj-wBgQ2hhbmdlHgEP0AAABfgAwEFERUQiOiIxIn1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 01 Feb 2023 16:07:23 GMT

GET
H2 200 seo Show response
buy.norton.com/redirector/ 63 B
331 B 65ms
64ms Script
text/javascript 2.21.184.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.norton.com/redirector/seo?callback=jQuery3110869563058393231_1675267641783&ptype=cartpopover&trf_id=symcom&scsguid=0&COUNTRY=US&LANGUAGE=en&_=1675267641785

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.184.120 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-184-120.deploy.static.akamaitechnologies.com

Software

Resource Hash

854e05290d2504e36ee449b1680c274c7d29a1455ed60517eadd39513eae8a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 01 Feb 2023 16:07:24 GMT
requestid: edabc3ad4ecb0000
content-type: text/javascript;charset=utf-8
x-oneagent-js-injection: true
cache-control: max-age=0, no-cache, no-store
server-timing: dtRpid;desc="-1691196974", dtSInfo;desc="0"
content-length: 63
expires: Wed, 01 Feb 2023 16:07:24 GMT

GET
H2 200 trackable.js Show response
ext.chtbl.com/ 4 KB
4 KB 118ms
17ms Script
application/javascript 2600:9000:2490:ac00:a:b27c:d040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ext.chtbl.com/trackable.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:ac00:a:b27c:d040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 15:34:21 GMT
via: 1.1 6c2674fb15c38f5458794dd680986b8e.cloudfront.net (CloudFront)
last-modified: Fri, 12 Feb 2021 20:28:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 1984
etag: "4a494dbb82444463b6fd8bff0e5593d6"
x-cache: Hit from cloudfront
content-type: application/javascript;charset=UTF-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 4092
x-amz-cf-id: rFfZa9g5fZYbwUSHiSZDSBfouelA5fMqckF1St1oHHCwF197u6Jsrw==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 98ms
19ms Script
application/x-javascript 2a02:26f0:10e::6860:5baa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::6860:5baa Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=19536
accept-ranges: bytes
content-length: 4777

GET
H2 200 ae8f1a90-7a0c-0139-4083-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ 0
781 B 128ms
30ms Script
application/javascript 34.90.79.92
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/ae8f1a90-7a0c-0139-4083-06abc14c0bc6

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.90.79.92 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

92.79.90.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Wed, 01 Feb 2023 16:07:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
x-request-id: Fz-_C_47nXj9AGXo6eFB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ktag.min.js Show response
www.knotch-cdn.com/ktag/latest/ 27 KB
9 KB 204ms
31ms Script
application/javascript 2600:9000:2304:ac00:12:1bcc:1d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.knotch-cdn.com/ktag/latest/ktag.min.js?accountId=68c7d46d-4f53-496f-99ba-ec17ab2c1f6c
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:ac00:12:1bcc:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2e1beae0fc9c6ec5127d8578095ee3df61d7015ec71fa620a2b45b270115626

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 19:43:23 GMT
content-encoding: gzip
via: 1.1 8fc54d3acff9539327f4d7a6bf40a31e.cloudfront.net (CloudFront)
last-modified: Mon, 12 Dec 2022 20:09:22 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 73449
etag: W/"6b67eb209185c343e7bd3cc74b070d66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 8Swx_Bp3XEjMnsxvt9LV3OFTcQR03Zez6kacoqmovRonX5NUP-JlYA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 177ms
27ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 01 Feb 2023 14:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 6340
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 01 Feb 2023 16:21:44 GMT

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/wu/458056/onsite/ 1 KB
971 B 128ms
16ms Script
application/javascript 151.101.65.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/wu/458056/onsite/embed.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bc31e0138e9e6970dfd95e758bfe21f9c8b18aeef048d84024e9186e1cf67d6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: gkeorlognqs9jisQ6kBPZeybmT7JNPLN
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Feb 2023 16:07:24 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: H0G1MSYFHSVE6VP5
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 519
x-amz-id-2: eX/kxl+bUKCnJ0TtE7o/wOGRAV1AJoHoVBQjOCH3PaaX9jR8hZ0SRsdV+FuMs0uWE1vla7ML+10=
x-served-by: cache-hhn-etou8220050-HHN
last-modified: Fri, 27 Jan 2023 11:53:14 GMT
server: AmazonS3
x-timer: S1675267645.708021,VS0,VE0
etag: "3fd037e250f75643b222345cef71e6c5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 3221

POST
H2 204 collect Show response
k.clarity.ms/ Frame CA6B 0
163 B 337ms
101ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-e/s/0.7.1/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://us.norton.com
date: Wed, 01 Feb 2023 16:07:24 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
vary: Origin
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 9ms
7ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=1&c=21&i=7u2yze&p=aemprod&s=15559&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3UyeXplIiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYAwWh0dHBzOi8vdXMubi8A8RAuY29tL2xpYnMvZ3Jhbml0ZS9jc3JmL3Rva2VuLmpzUADwAnR5cGUiOiJ4aHIiLCJzdGFynwDANjc1MjY3NjQxNzk0jQBKZCI6MRQAUHNvdXJjOQCyWEhSX01BTkFHRVJBADB0dXMKAWFsbG93ZWSxAEBhc29usADUXSwiZGF0YVBhdHRlchIAs2xpc3QiOltdLCJpZgC_NTY2MDAzODYxfSziAFIfNeIAAD81LCLiAFAfMuIAB5hlbnNpZ2h0ZW7LAaJzeW1hbnRlYy9haALwJS9zZXJ2ZXJDb21wb25lbnQucGhwP25hbWVzcGFjZT1Cb290c3RyYXBwZXImc3RhdGljSnOqAi09L0oAY2NvZGUvJs4C8A5lZE9uPVR1ZSUyMEphbiUyMDMxJTIwMjM6Mjc6NQsAMEdNVBEAUjAyMyZDDwPBRD0yMSZQYWdlSUQ9iAKZJTNBJTJGJTJGjgL0ECUyRmJsb2clMkZvbmxpbmUtc2NhbXMlMkZyb21hbmMQAPARM0ZfQ09VTlRSWSUzRHVzJTI2X0xBTkdVQUdFJTNEZW4RANBUUkFGRklDX1NPVVJDFwBgZGlyZWN0GwD0AVBHTV9JRCUzRG1pc3NpbmcUADBUWVApAGF1bmtub3dFADpJUEYnACxJUDgAKlNOIgCqU1VCQ0hBTk5FTBgAik9SSUdfU1VCFgBqUElGQ0FNFABaSV9TS1UTADpERVgRACxJTsEAO0lQViMAK1BDEQAcVREAG1CkADpFTlAzADpTS1QRACpJVAAB9AFub3dfc2l0ZV9jb3VudHJ5kAEFGACEbGFuZ3VhZ2WYAQUZAMBjb250ZW50X3RpdGweAAriASUyNikAcHN1Yl9zZWPFBFAlM0Rpbh0EuGV0c2VjdXJpdHklKgAFJgAG4AQDIABydHJhZmZpY7UDIV9jTAUQXwsDNSUzRBkCAHMAgHByb2dyYW1f-AQAzQAFDAIAHQBAY3VycrQAqXN1YmNoYW5uZWweAQAjAJ9vcmlnaW5hbF8kAAQAAAY0dWN0fAAM9gBkdmVuZG9yfgDRbm9uZSUyNmlzTW9iaSYBQGZhbHMTANl2aWV3Q2FtcGFpZ25zhQB_cGF0aCUzREoDFCAyNr4BMENvZIMBAjYB_wBjb20mY3VzdERvbWFpbj1qBAEwIiwiIAGSIjoic2NyaXB02gULGwYeMDkFNzg4MDkFwmluc2VydEJlZm9yZUIAAhwGP2xvYRkGIa80MDQxNzIyODc4NwX_____ri0xM3AKCjcFIG11qwlDb25PYt8JH0w9BTgvODY9BS0BKgrwGjliZWFmNjFiMjRhYTk0N2NkOGFiMjEzYWIwMDNjNjFmLmpzP2NvbmRp1gegSWQwPTQ5Mzc4MVQND1kGDj04NjgiAT85MTlZBkevNTQwNDk0MjMwORwBjwBhByNlbioNAqQNChwBDz4CQgQiAR8ylA0ID0gIAQ9oDAT-ETkzYmJiZGZjYzI3NDlkMmY1ZmQyMmY0ZDM0YjM4YjYxPgI_NzM5PQIoLzIyPQJHrzQ4ODgxOTE0NDU9AjMPGwFIDzwCAQkbAQ88AkIEIQEvNTchATL-ETRmNjMyZWQ1Njg2YzlmYTQ0ZmI3MzI5MDIxZjE1MzgzPAJvOTQwNzY30woRPjg3OXoELzIzPQJHrzUxMTYyODczMTMcAY8PPgICCBwBDz4CQgUiAR80IgEy_REzYjcwMTVlOWUwNTA2ZTQ5ZGIxOTliOTI4NzU1Y2I2NT4CIDE3WwIA-BMPuAYPHze4BgAvMjQ-AkefMzYzOTA4NDAxlgUzDxwBSg8-AgIIHAEPPgJCBSIBD2ADM_0RMGM5YTRhZGJmYzU0MTk2YzJmMTk4NTdkNDhkNzJiOWM-An80OTE2ODQ0fAQnCIgUD08PPJ8zMTMzOTk1NDGGFC4BEgoPHAFKDz4CAggcAQ8-AkMEIgEPPgIz_RFiY2FiZTIzNjg4YzY0YTdmMjlmZTdiMzA0ZWUxZjdhOT4CEDY_Ah82PQISHza5BgEfN3sER580OTk3ODIxOTB7BDMPGwFJDzwCAggbAQ88AkIEIQEPXgM0_RE2ZTdjZTc0ZjA1ZmJhNjM0YmRlNjMyMDM3N2Y3MjhmMDwCXzQyMzEzbw0UHjf1CC85MTwCR58zNDk0MDk5NTcyCzMPGwFJDzwCAQkbAQ88AkIEIQEfOOkUCATBGfYCLnR0Lm9tdHJkYy5uZXQvbTJzDVBtYm94L-YbED8KAMA9c3ltX2dsb2JhbF8QABAmBQAwU2Vz8hzxEj01YzBiYzczNDkwYmQ0MDYyYTBkNjBhZTJjMzU4YWI1MC0AMlBDPQgA8RVhZ2U9OTlmOTJiM2MwNGQwNDU1N2IxNmNjZmRiMjIxOTlmYzkqAPAOUmlkPTQxNmUxZTNjMjgxMDRjN2VhODViMDc2YzU9BDE4YmIpABJWeh1hPTEuOC4zEgAQQ28YIT0xDABWVGltZT2AHDEzNDQXAFlIb3N0PV4aARcAP1VSTIIaLwFKAIJSZWZlcnJlcvcAFVgwF_AAYWJsZWQmYnJvd3NlckhlqBtUPTEyMDATAIZXaWR0aD0xNhIAAMIA-ABPZmZzZXQ9MCZzY3JlZW44AAISAAc3APALY29sb3JEZXB0aD0yNCZkZXZpY2VQaXhlbFLsHSM9MUQAIE9yix4AEwDwB249bGFuZHNjYXBlJndlYkdMUmVuZGW8APceSW50ZWwlMjBJcmlzJTIwT3BlbkdMJTIwRW5naW5lJnByb2ZpbGUuVENHPTkmnhgQPZwYAB8ABS4ZEz04GxAmUhgEEBoyPXVzEAADwhkSPWQYAHoeGSYCGhk9ChkCNAAEPBpDPWVuJsEZEl_CGRI9tBlAJkV4aeIes2dDdXN0b21lcj1lEQAQX8IYABIAAWgcMjBOb1IAB0waHD1KGh4m3hkSPTYAD6kACQ_wGQAQPRcBATYBDzABAQEZAAhmGgU4AQRsAQ9AAQMABhsABAAC5BoYPSAdSSYlMjA9AA9tAQAJIAAIWQEEGQA_JTIwZAEDBCEAD2wBGAQzADElMjDNAA93AQoELQAPfwEBBBwAAUYAD4cBCQQpAA-PAQIAywTxGU1DU0RJRD03NzMxMkMzNzgzQkQ2QTdFLTcwQUU0RDcyMkNEMjYzNkbaA9BNQ0dWSUQ9MjU0Mzk1vhHxDTY0MjYyMjU1MDM2OTE5MTI0NzY3MTk3MzA5ODcyAPEqQUFNQj02RzF5blljTFB1aVF4WVpyc3pfcGtxZkxHOXlNWEJwYjJ6WDVkdkpkWVFKelBYSW1kajB5PgBnTUNHTEg9ywkPbyEDTDIwNzKMBwIUAAIWAz8iOiJvIT6fNDI3MzE5NDU2jgcID20G_______KDYocODIwN9IVD20GRw-GHAiQc3BpZGVyLmF1uyagbGlhcmV2aXZhbFIK8BMvaS84ZDA4YjFjZjEyYjZkZWRkNDZjNjgwYjdkMWVjYTkxOxoPMRERPTkyMGkHKDQ5FhAPbhM9fzc1MzkyNDPWKAkP-gBUDmMICvoAD9QOQwQAAQ9MEwjxAWNvbm5lY3QuZmFjZWJvb2vSDv8CZW5fVVMvZmJldmVudHMuanPfARBNMjAxMd8BPzUxONQQSI8zOTM1Njg3Nt8AVA7EAQrfAA_EAUME5QAPjBkI8QJjZG4ucXVhbnR1bW1ldHJpY7gDEnFHJiNzLxsAEy0mDg_OARI9MTkyaiY4Mjc3_xUPrQM9jzIzOTQ4NjI4ESAID-kAQw2LEwvpAA_YAUMD7wAfOc0VCPEFd3d3Lmdvb2dsZXRhZ21hbmFnZXLbAf8IZ3RhZy9qcz9pZD1HLUZHM00yRVQzRUSmAxA9MTk4thY4Mjc4hQUAuyxgbmRDaGlsMSgAwywBXS4PQSglETHVAR83ih4JD-gAQgAzFAq1ITgyNziOBA_XAUIUNO8AD8YCCPMCcmVnaW9uMS5hbmFseXRpY3PlAQLbAesvY29sbGVjdD92PTImdOIB8BcmZ3RtPTJvZTF1MCZfcD0zMzMwMTIxMzUmX2dhej0xJnVsPWVuLR8SEXIMExF4IxPwDGNpZD0tTk5DaXQ4cEJMTFVvT0JCVGlqVSZpcjQAIWFXBgBgYT0mdWFiBQAwZnZsBwCAbWI9MCZ1YW0MABFwBQAQdgYA_wN3PTAmX2V1PUVBJl9zPTEmZGz7EzBCZHQ9Uo4uAN8QAqAuIDBpBy8ABC-SJTIwJTJCJTIwoRFhJTIwZGF0ZC4QMKACAK8SEGNpE0ItJTIwtTEvJnP0AAUwc2N0zBPQZWc9MCZlbj1wYWdlX_krkCZfZnY9MSZfc9QA8BxfZWU9MSZlcC51c2VyX2FnZW50PU1vemlsbGElMkY1LjAlMjAoV2luZG93eAAQTpovYDEwLjAlM6YAUldpbjY0CwDwA3g2NCklMjBBcHBsZVdlYktpdEAAUDM3LjM2QwDgS0hUTUwlMkMlMjBsaWv8L1BHZWNrbzMA9RFDaHJvbWUlMkYxMDkuMC41NDE0LjExOSUyMFNhZmFyaUgAAKcAAcYA5WVuY29kaW5nPXV0Zi04FwAAvCwfPbosE2ImZXBuLnOgFkJfbnVtBAFfaGl0SURBAgMAMABEaGl0TisAAqgzhF9UYWdUeXBlURTBZXAuaGFzT3JkZXI9bC0AnABhc2t1c0Vu1xUUPRAAOE5vdBMAM3VybAAWCnIWAJgBVHJsUm9vTy0D2gYAZS0CHAACNwABdzEJOwAPBwEWKC51YQABSQAGZQAPRgAaATwADzIAGgs-ATN1cC5XAQ_TAgUldXC1AQ8jAAcM2QE_dXAu2QEIMHVwbh8AAtkBBoIADpsACtkBB4IGcWVuZEJlYWPwNAzjNB8y9SMAGjKRKa9TRU5EQkVBQ09O6jQ7nzM5NjA3MzkyNzUKCABUBOJzLmcuZG91YmxlY2xpYxcLH2ecBQsPZwUGB7UFSGFpcD3ZIg8mAQsOCxsPJgFUnzQ0Mzg3NDU1MqggCDhidXkoNSJyZT8Y9htvci9zZW8_Y2FsbGJhY2s9alF1ZXJ5MzExMDg2OTU2MzA1ODM5MzIzMV9eGlc3ODMmX24aLzc4vyETHjByDCg4OQ4xD8wIPH85NTczODkzYB4JDxYBcQ5jEAoWAQ_6CEMEHQEPqQwIBdQWYWRlbWRleGwOAE85oDUuaHRtbD9kX263By8wI802CAZiBFNpZnJhbeQyCSYzPjIwM6sNKDg5zSwPGAI7jzM4MTEwNzY1zCwJD_sAVR43ZBEK-wAP_QFCBAIBHzRwKggPahAC8AlzaWduYWxzL3BsdWdpbnMvaWRlbnRpdHlcIYZ2PTIuOS45NfMBAtIOApovCvMBPTUxNn0QPzkwNn0QSMA1OTA5ODI0NDB9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 01 Feb 2023 16:07:23 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 10ms
9ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=2&c=21&i=7u2yze&p=aemprod&s=13663&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3UyeXplIiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA-F5odHRwczovL2Nvbm5lY3QuZmFjZWJvb2submV0L3NpZ25hbHMvcGx1Z2lucy9pZGVudGl0eS5qcz92PTIuOS45NSIsInR5cGUiOiJzY3JpcHQiLCJzdGFydCI6MTY3NTI2NzY0MjUxOCwiZW5kFACgOTA2LCJzb3VyYzwAMW11dJIAok9ic2VydmVyQ0xIAKF0dXMiOiJsb2FkxwBAYXNvbsYA1F0sImRhdGFQYXR0ZXISAMFsaXN0IjpbXSwiaWRqAM8zNTkwOTgyNDQyfSz4AAXxG2JpdGUuYXVzdHJhbGlhcmV2aXZhbC5jb20vY3Q_aWQ9MzQ4NzAmdXJsPSoB0SUzQSUyRiUyRnVzLm5fAQAsAPMQJTJGYmxvZyUyRm9ubGluZS1zY2FtcyUyRnJvbWFuYxAA8gcmc2Y9MCZ0cGk9JmNoPSZ1dmlkPSZ0FQBBc2ZtaQ0AZnU9JmNiPTsB9240NTkmaGw9MiZvcD0wJmFnPTI3NzQ1MTczMTgmcmFuZD0wMzcyMTEwMDIyODAxODI3MTkwMTAyNTY4NzEwNTU4OTkzMjA1MjQyNzk1MjU2MjMwMTE1NTU3MjUxNjIwMzg3MjkyNjAwMDE5NjAmZnM9MTYwMHgxMjAwJmZzdA4A-BJucD13aW4zMiZudj1nb29nbGUlMjBpbmMuJnJlZj0mc3MsABBjqwDxQnQ9JmRpPVcxc2laV1lpTERrME5UWmRMRnN4TWl3aWUxd2lZM1I0WENJNlhDSjNaV0puYkZ3aUxGd2lkbHdpT2x3aWFXNTBaV3dnYVc1akxsdxwAHGMcAPAlWEpwY3lCdmNHVnVaMndnWlc1bmFXNWxYQ0lzWENKemJIWmNJanBjSW5kbFltZHNJR2RzYygAplhNZ01TNHdJQ2g8APMQWE1nWjJ4emJDQmxjeUF4TGpBZ1kyaHliMjFwZFcwcFQAWW5kbVZ5uAASQywAQEtHOXeAAANAAB95QAAIF3VAAOByYVhSY0lpeGNJbUpsYuAAMWpJeQgBMDJkcygAIE1THABXZHlaVzXMAFl0cGRDQjgBQWMyVm0wAPIGelk1T0RVeE9EY3hNQ3hjSW5ObFkxVAH5MlhDSjlJbDBzV3pNM0xDSmJNek14TmpJeU5EQTBPU3htZFc1amRHbHZiaWh1WlhkV1lXeDFaU2tnZTF4dUlDQWdJBAD7GkJoWkdSRGIyNTBaVzUwVjJsdVpHOTNVSEp2ZUhrb2RHaHBjeWxjYmlBOADwAkFnTHk4Z1VtVnpaWFFnY0hKhAHwFnlkSGtzSUhSb1pTQm9iMjlySUdseklHOXViSGtnYm1WbFpHVmsQAD9ZMlZUAAL_KFQySnFaV04wTG1SbFptbHVaVkJ5YjNCbGNuUjVLR2xtY21GdFpTd2dKM055WTJSdll5Y3NJSHRMAAL_D0lDQmpiMjVtYVdkMWNtRmliR1U2SUdaaGJITmxMRgwBAf8KQWdJSGR5YVhSaFlteGxPaUJtWVd4elpTeGAABREyXAFEVG9nWJAAD2QBAz85S1ZwAAHEQmZhV1p5WVcxbExu0ACAQTlJRzVsZDGoAFtWbFhHNHgBUEI5WFNKhAPyAWlZMklpTENJd0xEQXNNU3cIABVDCAATehgALnlPHAAELAAReCQABjQABBgADwgAAD9Fc00oAAUzeXcxSAAPUAAADzgACAFQAAQgACFFetQCc3kweExDSXQMAPN-eUxDSTFNeXhsV1VjNVdERXZXREYwV214VE1qSmtOVEY0T0ZsT1dUbE5lRXBSUlUxRFpGVkNTRXBNT0RaTU1qTkJRMGRWYUVKSmQwbFRVMFZGUVdOSlNtWlNaVUZuVVVsRlJtOUpibVJEZUhkUldHcG9iekkzTVRrMmJVMXFUM1l2Y2pnM01IVjRjVVo0lAAQenQD8QtYQ0pwYm5SbGNtNWhiQzF3WkdZdGRtbGxkMlgEALgE8hx0YUdwbVltMWtaMk5tYW1KaWNHRmxiMnB2Wm05b2IyVm1aMmxsYUdwaGFWNAUQYSwFsFhKdVlXd3RibUZqWAAwYkhWDAX0AGNJbDBpWFN4YkxUUXNJaQwAF1UMABdZDAAXYwwAF2cMAFNrc0lpc0gAJ0V3aAEyeE1T0AUkZEZkBAF8BRB0jATzAFcxd2lhMlY1ZDI5eVpITugE0FJsYzJOeWFYQjBhVzkMBQD0AKN2WnpwMGFYUnNa1ADyBGIyYzZaR1Z6WTNKcGNIUnBiMjVAAP0DblIzYVhSMFpYSTZkR2wwYkdWGAANOAAibDH4BCF5MIAGYWJuVnNiQwwDR3RNVE3oAChFMNwAUk5Td2lMNAOEdE1UWXNJakEEAVMzTENJMNgBg3hPQ3dpV3pB6AIlRmQYABhTGAAEIABRRXNNalEEADBYQ0koAfADc01UWXdNQ3d4TWpBd0xERTJNmAMhVEkUABJOFAASeRQACCgABFAAEEEoBgFIAAJQABRKgAA3eU1DwAAnakXoACNJeYwCBIABN3VYQzgAU3l3aUt5IAFhalFzSWx0SAZwYm1SQ1pXRhwFAHQBBOQE9AQwY25WbExIUnlkV1VzZEhKMVpWaAInSTFQASN5TvwHUGRHcG9jlAYwakUx9ABBTURBd_QGFVcYAFR5TnpBdxgAQGFtaHogCEBPak0zEAEAGAA0TURC1AEzeU55aAEQVBQBYHhjSWpSbrAHAegBFUaMAPQANExDSmxiaTFWVXl4bGJp4AAA3AIEJAAjTXcYARAyQAAVTTwAU014TENK8AADOAAneklQASdNeugAKHpOeAH0C3pVc0lsc3hOamMxTWpZM05qUXlNemt4TERCqAEQehgBACwDQE5DOHp4AHdYQ0kwTHpOvAMAsAf1AUl0TVRRMExUWTJMVEU0TUO0AADYADBwTEMABRQwSAUQeVgFwU9UY3NPRFVzTVRFMyAAAVgC8wZBeE1TNDNMQ3d4T1RjM0xERTVOemfYAiJNNQABEElwAsB6TURFd04xd2lMRFGkA2BIWldOcmIQAMRGd2lUbVYwYzJOaGOAA6BrMXZlbWxzYkdGHALCdWRXeHNMRzUxYkd3FAJEU3c0TEQHAxgAJE0xxAAQUVQEI3pNdAIoTkSsAhBRzAXEeE56STBNamszTmpV8AVSME15d2kMAgAsAkBFd01UCAASQQgAUFRFeE1EBAAEtAMQUdwDBKAGEzGkAxAw5AOlTmpJd0xEWTNOeQQHQzFOaknQAzFZME9wBgBcAgUgAARIAAA4AC80TiAACgA4AAI0AihOREQEEFGECfAARmRHTXZWVzVyYm05M2JpmAIBoAJwc1lYUnVMR_gJU2R2Y25roAEjUTS4BwQQABc1eAIYMfADKE5URAEQVUQBBBwHETE4ATNUQXcEARAxsAIAlAsRYcQFY3RjSWw4eIgC0nlPRFExT1RVek16SXcUADNKZk0EAvAATWpnM01qZzVPVE15TUZ3lABAY0ltUqgKIWJYuAoSSgwAQ0NKZk3YBeNNemN6TnpVMU9UazRObDQAg25OY0lqb3hmbAVwTlRVc0lqSVAAgGJJbVJrWWlJfAVDc05UUZQBAFQBBYwBBPQCApQBCbQIG00wAAQ0CAlAAAQ4ADd6TEQgADBTd3n4AgBIAQXACAlcAAAsAAHYAdBpWW01amFDSXNNVGcybAcQSTQK8AdtTm9JaXd4T0RkZFhRJTNEJTNEJmRlyQ32WnByZT0wJnNkZD0lN0IlN0QmY3JpPXNiSzRnRlJBTzkmcHRvPTIwNDMmdmVyPTUwJmdhYz0tJm1laT0mYXA9JmR1aWQ9MS4xNjc1MjY3NjQyLjh6R1hra3ZrZGFRVnlWRk0mc3VpZD0xLkoO_QQuRDlzVllHNHJMcGRmZjM1eiZ0IwDwBEt2WUhBTTk2Y2Z3UmhNa0EmZmJ4APUFZ3RtPVd5SndZV2RsWDNacFpYY2nRALBpdD00MiUyQzE1MAcAMDI0NzYAMGw9LbUAAwcAgHNkPS0mcnRpTQAgYmcGALBzcGE9MSZ1cmlkPTURH3RDEA0wNDk24hAC2Q8D9QA3OTMwQxCgYXBwZW5kQ2hpbCwQP3N0YTwQKq83MzA4ODk4NTQ5PBD____________________AHzc8EAwPfyBCBEMQLzUwQxAHD3chCvUIY29uZmlnLzIwMTA3ODc2MTkxNjQ3MTZ7IZ8mcj1zdGFibGWEISYnODRBEQ8FAUKvNTE0NjY4ODI5MQUBB0J3d3cuVCCwdGFnbWFuYWdlci6DIXBndGFnL2pziCHfQVctMTA0MzMzMDY4NfAAETw5MDn1AUczMDEz8AAPMRI7rzYzODA3Nzg5MDPpAF0fMukADQ_ZAUIE8AAfMvAAOTAmbD3YI69MYXllciZjeD1j6gESLjEw6gEnOTfqAbBpbnNlcnRCZWZvciwDDxwULY81OTYyNTcxMxwUCQ_UAh4P-wAjD_wBAQn7AA_8AUIEAQEvNjjsAhEgYWTUJUFpY2Vz1QNgcGFnZWFkcSYDPCcWL9kDIC8_1CQmb20BJaMzMDg1JmN2PTExkSQDVCYBGABBYmc9ZgEAICZnyxawT04mYXN5bmM9MSayFqEyb2ExdTAmdV93nCRRJnVfaD3aJPYPbGFiZWw9MjNLekNKai1qWU1ZRVAzc3ZfRUQmaG49ugEKuQBfJmZybT0LJjVidGliYT1SHiYzJTIwMCbyBDBpbiUyMDIwMjMlMjAlMkIlMjBRJpAlMjBkYXRpbmcsAAAqJ8JzdGljcyUyMC0lMjDnJwDzAHBfZWU9MSZhDAGWNzUwNDUyMzQ2JRhgMyZ1YW1iwwBQYXc9MCZpA8M9ZXZlbnQlM0Rjb26OAYAmcmZtdD0zJgYAHzR_AxBNMzA5MX8DNzE2MX8DD2kFO581MjQ5NDg5NDZXBwgPxAEFHy99Av_AHzN9AgwPAQVDBIQCD1oqCALSCPIBYWRzLmcuZG91YmxlY2xpY1krA4cCtnZpZXd0aHJvdWdogQMPDwUMLzI5DwUDPzI5Jg8FJA_0BKgP6wQhAFUKEi5bCw_sBB8AMQsZZcksPzMyM-wER482NTUyNDYxNkMMCQ9oAv_DHjnXBDcyMzJUBw_XBEIFbwIP9R4ID7IOE-81MzkwNTY5NDgzNzk4MLIOIy45OAUBLzQ32AtInzQ2ODAzNTg2M1oICA__AFkdNNsGCv8ADwQCQgUFAQ-xDwgPNTEHEW1wMgPOITJ4aHLGMQkOMh8zmg8BARQABQ4yslhIUl9NQU5BR0VSQQACyyFgYWxsb3dl3iEvcmUKMhufNjcxMDk0Njgz2QIID9UA_wIeMdsLEDkUAA-qAUjANzEwOTQ2ODQxfV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 01 Feb 2023 16:07:23 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 192ms
105ms Image
image/gif 151.101.193.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1675267644358&id=t2_cxz0s4qa&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=82c8ffc5-0863-4626-ac5a-7a56c410b0ae&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 ts
t.paypal.com/ 42 B
740 B 257ms
155ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ADC854CZKCW2SE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ADC854CZKCW2SE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3acffdcb-c025-475c-ba85-3218f5e08f49&fltp=analytics&mrid=DC854CZKCW2SE&code=MUSE_ADMIN_TOOL&partner_name=MUSE_ADMIN_TOOL&flag_consume=yes&pt=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1675267644379&g=0&completeurl=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8B) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4C8B)
traceparent: 00-0000000000000000000d584a315119ed-e663819334b29d08-01
content-type: image/gif
paypal-debug-id: d584a315119ed
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Wed, 01 Feb 2023 16:07:24 GMT

GET
H2 200 11548.json Show response
s.yimg.com/wi/config/ 43 B
677 B 77ms
22ms XHR
application/json 2a00:1288:f03d:1fa::4000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/11548.json

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

b0d59e6793fe0753b08ca807791faf4b84909d00eb0ea9eee991bfd961065402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 01:05:19 GMT
x-amz-version-id: l29Z3T5PcvH24RoS2EPqWm7MHKI.YnqT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: H7HRHQVSBRBGJG4D
age: 54127
x-amz-server-side-encryption: AES256
content-length: 43
x-amz-id-2: 0Ja/1gZmZh2sMseKvshpWWLZONtCJNk3o2tCQP7ZZIJyBnwMUPxLU49xwKRGdEwVDNlv9oMZBnk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Mon, 08 Jan 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Sat, 03 Dec 2022 09:55:45 GMT
server: ATS
etag: "ee67895e23e55fb16238fcc20064cdd0"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
194 B 201ms
46ms Script
application/javascript 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=undefined
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 16:07:24 GMT
X-TraceId: 59194126425decf6e6bdbd04e906bdcd
Content-Length: 35
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
225 B 170ms
29ms Image
image/gif 20.13.96.71
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=001f961bd9b051a2818b4058353fda92bf&obApiVersion=1.1&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&optOut=false&bust=09335498377910281&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Wed, 01 Feb 2023 16:07:24 GMT
Cache-Control: no-cache
X-TraceId: 14b33048dc8c50b4e3549a7a4fe0aa26
Content-Length: 53
Content-Type: image/gif;

GET
H3

200

/
www.google.de/pagead/1p-conversion/1043330685/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=717367639&cv=11&fst=1675267644133&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=sale&hn=www.google...
https://www.google.com/pagead/1p-conversion/1043330685/?random=717367639&cv=11&fst=1675267644133&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=sale&hn=www.googleadservices.com&frm=0&...
https://www.google.de/pagead/1p-conversion/1043330685/?random=717367639&cv=11&fst=1675267644133&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=sale&hn=www.googleadservices.com&frm=0&u...

42 B
64 B

54ms
53ms

Image
image/gif

2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1043330685/?random=717367639&cv=11&fst=1675267644133&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=sale&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&gtm_ee=1&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dromance-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0xqb25nWVFuUHEyZzg2NjRmalVBUklsQUVPUldnTzRWWWxSbDNGOUdDVTkxLTd0X0E4NHhLTEN1c2xsRFphZWpGUXpPRzFMNEEaV0NoQUlnTGpvbmdZUW90R1ZtYUtoa3NwREVpMEFRQlNZZDl5Um4xeXFYMVlZd09YSlJGZDBhb2d1TG0wQlRFWjBLZjZya3J0TkNVSkJyX00zSGpWWENqOA&is_vtc=1&ocp_id=PI7aY-3pCYPTmwfCrY6oBQ&cid=CAQSKQDUE5ymn2CY7EXNpyljOQUewH26OK5GI1Wlyzjst6WYzylOi3hG7NUF&random=254280674&ipr=y&prhg=0

Protocol

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1043330685/?random=717367639&cv=11&fst=1675267644133&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&label=sale&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&gtm_ee=1&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dromance-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJZ0xqb25nWVFuUHEyZzg2NjRmalVBUklsQUVPUldnTzRWWWxSbDNGOUdDVTkxLTd0X0E4NHhLTEN1c2xsRFphZWpGUXpPRzFMNEEaV0NoQUlnTGpvbmdZUW90R1ZtYUtoa3NwREVpMEFRQlNZZDl5Um4xeXFYMVlZd09YSlJGZDBhb2d1TG0wQlRFWjBLZjZya3J0TkNVSkJyX00zSGpWWENqOA&is_vtc=1&ocp_id=PI7aY-3pCYPTmwfCrY6oBQ&cid=CAQSKQDUE5ymn2CY7EXNpyljOQUewH26OK5GI1Wlyzjst6WYzylOi3hG7NUF&random=254280674&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5441611.js Show response
bat.bing.com/p/action/ 0
118 B 34ms
32ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5441611.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 01 Feb 2023 16:07:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5EE92451AABB4CF19859251B04A2CE92 Ref B: FRA31EDGE0619 Ref C: 2023-02-01T16:07:24Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
121 B 53ms
49ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5441611&Ver=2&mid=312934b5-9905-4dae-91a1-a407d1f6119e&sid=8339a930a24a11ed9601c3ba6b715115&vid=833a18a0a24a11edb77f9127fa2c46c9&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&kw=Social%20Media,%20Android,%20Cyberbullying,%20Windows,%20Online%20Scams,%20Mac%20OS,%20Internet%20Security,%20Seniors,%20iOS&p=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&r=&lt=3821&evt=pageLoad&sv=1&rn=696257

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 01 Feb 2023 16:07:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2375D7F4573C456280B9F5D8D4247E6B Ref B: FRA31EDGE0619 Ref C: 2023-02-01T16:07:24Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 157ms
145ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
server: Google Frontend
x-powered-by: Express
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 5062f85fb2c0a23486bb00f7226f800a
function-execution-id: u4xq2v6ts9af
access-control-allow-headers: Content-Type, Accept
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 225ms
134ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://us.norton.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Wed, 01 Feb 2023 16:07:24 GMT
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
server: Google Frontend
x-cloud-trace-context: 9711f9d98ba50813581de38daefb20fb
x-powered-by: Express

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/ 2 KB
945 B 187ms
169ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1675267644463&cv=11&fst=1675267644463&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ce88edeee6056c3c0270da7879230a9033d043733349fd871ba384a3475d1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 919
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 167ms
125ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6d925a83-6bd9-4686-945c-c9026c8561bf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7372b378-44fa-48d3-bc37-4689107aa469&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5fum&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 01 Feb 2023 16:07:24 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 92a9eb69a5de3bcb
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6a08b2e00a8cf092c80eef9a1278a2a7f0ed3e96c745dd380fab7e9a9f8a4547
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 246ms
117ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6d925a83-6bd9-4686-945c-c9026c8561bf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7372b378-44fa-48d3-bc37-4689107aa469&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5fum&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 106
date: Wed, 01 Feb 2023 16:07:24 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 08567816b8046103
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7a6ed03c43d3b17433db0bd396595ad7da6e7afb488d88168655a87f566ab93f
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
204 B 119ms
118ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=9dae9422-9911-4379-89fb-82b6c0d8eb68&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7372b378-44fa-48d3-bc37-4689107aa469&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuzip&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 106
date: Wed, 01 Feb 2023 16:07:24 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 1e33d8c4d245a571
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 6a08b2e00a8cf092c80eef9a1278a2a7f0ed3e96c745dd380fab7e9a9f8a4547
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
216 B 165ms
118ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=9dae9422-9911-4379-89fb-82b6c0d8eb68&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7372b378-44fa-48d3-bc37-4689107aa469&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuzip&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 107
date: Wed, 01 Feb 2023 16:07:24 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 80e558d49f6b511c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7a6ed03c43d3b17433db0bd396595ad7da6e7afb488d88168655a87f566ab93f
content-length: 43

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/ 2 KB
946 B 154ms
120ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/?random=1675267644580&cv=11&fst=1675267644580&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b186bdfdaa0c5d3348d783dc504df921382d54f3e13ce20e46099574364e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 922
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/ 2 KB
978 B 110ms
104ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1675267644688&cv=11&fst=1675267644688&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams%3Bu2%3Dinternetsecurity%3Bu3%3Dromance-scams%3Bu4%3Dmissing&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68c4e250aa8b9c191dc0bb4c3727bfa9382382ea6c1c550bb7c91e44f6e0e66b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 954
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/ 2 KB
978 B 92ms
91ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/?random=1675267644711&cv=11&fst=1675267644711&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&auid=750452346.1675267643&uamb=0&uaw=0&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams%3Bu2%3Dinternetsecurity%3Bu3%3Dromance-scams%3Bu4%3Dmissing&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7970172838797f5ad3413aa6ab13a03a1496b9eb9ef3b766f8972257ab2d527d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 954
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dc_pre=CPDRqafa9PwCFdJKkQUdUQAIvg;src=8136487;type=;cat=;gtm=2od1u0;auiddc=*;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams;u2=internetsecurity;u3=romance-scams;u4=missing;~or...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/activity;src=8136487;type=;cat=;gtm=2od1u0;auiddc=750452346.1675267643;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams;u2=internetsecurity;u3=romance...
https://ad.doubleclick.net/activity;dc_pre=CPDRqafa9PwCFdJKkQUdUQAIvg;src=8136487;type=;cat=;gtm=2od1u0;auiddc=750452346.1675267643;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-sc...
https://adservice.google.com/ddm/fls/z/dc_pre=CPDRqafa9PwCFdJKkQUdUQAIvg;src=8136487;type=;cat=;gtm=2od1u0;auiddc=*;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams;u2=internets...

42 B
401 B

87ms
52ms

Image
image/gif

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPDRqafa9PwCFdJKkQUdUQAIvg;src=8136487;type=;cat=;gtm=2od1u0;auiddc=*;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams;u2=internetsecurity;u3=romance-scams;u4=missing;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CPDRqafa9PwCFdJKkQUdUQAIvg;src=8136487;type=;cat=;gtm=2od1u0;auiddc=*;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams;u2=internetsecurity;u3=romance-scams;u4=missing;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
631 B 619ms
53ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2001%20Feb%202023%2016%3A07%3A24%20GMT&n=0&b=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&.yp=11548&f=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Cadobe%2Censighten

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 01 Feb 2023 16:07:25 GMT

GET
H2 200 main_455e9525d2adc0d956170d79ba48c844.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 382 KB
74 KB 581ms
14ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_455e9525d2adc0d956170d79ba48c844.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8a70f54525e4d8011586725d5f7d1be4526a55250307c0b97be8bd4059f4d33d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 15:03:55 GMT
content-encoding: br
age: 90210
x-guploader-uploadid: ADPycdvEWNE3Bt_JFi9eyM7zgKZepRoL8QKJokuGj6BW8oi-gxdTayXT7RniEoGmVN16Jutn0mYIP5SCJiL4JOM5TGm-bVRJLEXz
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75575
last-modified: Tue, 31 Jan 2023 15:03:43 GMT
server: UploadServer
etag: "6f0cd8b7ced11f2160c7ce0e46c48353"
vary: X-Goog-Allowed-Resources
x-goog-hash: crc32c=D1Aj5A==, md5=bwzYt87RHyFgx84ORsSDUw==
x-goog-generation: 1675177423058803
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 75575
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 31 Jan 2024 15:03:55 GMT

GET
H2 200 cjs_min_49801052853ad1235b09865bb69bab38.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 46 KB
15 KB 580ms
27ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_49801052853ad1235b09865bb69bab38.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 142dbca8a2feffa53e0ef3c28709f1b373db78da8620506161eba84448fc31b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 05:57:35 GMT
content-encoding: gzip
age: 1159790
x-guploader-uploadid: ADPycdt1V8u1wAn5gu2hT2BKpDYt2inkKJ11B4rFN7DG2NawhIDjbCHlPrmmfmzHYTW7OSZAMZmwY7a2F1I2VdV7xW_wcg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15029
last-modified: Tue, 10 Jan 2023 17:07:47 GMT
server: UploadServer
etag: "5ca7ce197294d4641e9b4dc1ced77d14"
x-goog-generation: 1673370467237945
x-goog-hash: crc32c=Jkwxvg==, md5=XKfOGXKU1GQem03Bztd9FA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 15029
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Fri, 19 Jan 2024 05:57:35 GMT

GET
H2 200 main.MWE2YWY2YTgzMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 238 KB
67 KB 26ms
25ms Script
application/javascript 88.221.92.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2YWY2YTgzMA.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.25 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 922e8229cf571f325c0d39bc9fb00c36baa75bdb3599c65ac93fa733b815daf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-akamai-request-id: 43d776fc
date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202301121758183194181027239D1652CA
vary: Accept-Encoding
x-cache: TCP_HIT from a2-18-41-25.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01afb4f37cde99d124c9ec90ead86ed4289ad98a0aa6f996eac0e1576ab226ec6bd02b3334f21892859bc6db6cbaba80ccc33fea34edb648c1ebd8bc6835c13df47f6ddd5ad68315cf4b2342644bfbe6034772db9eff82aa9a8203fb8e7d985dbe
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=16
content-length: 68222

POST
H2 200 track Show response
web.chtbl.com/ 49 B
380 B 179ms
178ms XHR
application/json 2600:9000:21c7:bc00:0:cc59:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:bc00:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: uvicorn /
Resource Hash: bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/json;charset=UTF-8

Response headers

date: Wed, 01 Feb 2023 16:07:25 GMT
via: 1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
server: uvicorn
x-amz-cf-pop: AMS54-C1
vary: Origin
access-control-allow-methods: OPTIONS,POST
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
access-control-allow-headers: *
content-length: 49
x-amz-cf-id: m12JBhqY-_LERoWRIihJkrK_ibyzD4z9kJU6jaaW9Snuvvk9Xf7_0w==

OPTIONS
H2 200 track
web.chtbl.com/ Frame 0
0 251ms
183ms Preflight
application/json 2600:9000:21c7:bc00:0:cc59:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://web.chtbl.com/track
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21c7:bc00:0:cc59:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://us.norton.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
content-length: 49
content-type: application/json
date: Wed, 01 Feb 2023 16:07:25 GMT
server: uvicorn
vary: Origin
via: 1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-amz-cf-id: J2ZdrDBD0eMypX8LGgCLbxRbO4bCo3KrfglMuM72zba532CXcuiilw==
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront

GET
H2 200 main.f6304d83.js Show response
s.pinimg.com/ct/lib/ 55 KB
19 KB 29ms
28ms Script
application/javascript 2a04:4e42:41::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.f6304d83.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:41::84 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7baf4ac1cb2adf82ed9e88c9fa1b22f8ea22e14cf2aa24e9936c6578515e70ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:24 GMT
content-encoding: gzip
x-cdn: fastly
etag: "fe9b810e040cd8cd5323a13c712440ca"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
fastly-restarts: 1
content-length: 19456

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1675267644837&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2504060%26time%3D1675267644837%26url%3Dhttps%253A%252F%252Fus.norton.com%252Fblog...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1675267644837&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1675267644837&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&liSync=true&e_ipv6=AQKcd8x9xZCwZgAAAYYNu6JKzh36o...

0
265 B

188ms
151ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1675267644837&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&liSync=true&e_ipv6=AQKcd8x9xZCwZgAAAYYNu6JKzh36oloi9HNu5MC22g-KwNKv4RLbYo4z8scDRc0pXOfzi0EUyIZnRhyvFfZkz9s5BO0s
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:25 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F1D1F412FBE44DF78813CBDB17D40EA2 Ref B: FRAEDGE1217 Ref C: 2023-02-01T16:07:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzpaT1MSnkoXxHn91GYg==

Redirect headers

date: Wed, 01 Feb 2023 16:07:25 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 55562E2576814761AAD27FF466533226 Ref B: FRAEDGE1822 Ref C: 2023-02-01T16:07:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1675267644837&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&liSync=true&e_ipv6=AQKcd8x9xZCwZgAAAYYNu6JKzh36oloi9HNu5MC22g-KwNKv4RLbYo4z8scDRc0pXOfzi0EUyIZnRhyvFfZkz9s5BO0s
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzpaTx227CdR6E0Pn0vw==

GET
H2 200 track-event
event.havasedge.com/ 0
38 B 746ms
199ms Image
text/plain 54.69.21.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.havasedge.com/track-event?emeta=eyJwIjoiaHR0cHM6Ly91cy5ub3J0b24uY29tL2Jsb2cvb25saW5lLXNjYW1zL3JvbWFuY2Utc2NhbXMiLCJvIjoiaHR0cHM6Ly91cy5ub3J0b24uY29tIiwiYW8iOltdLCJwYXJtcyI6e30sInByIjoiIiwiaW5mIjpmYWxzZSwibGNraWQiOiIxYmRjMDNhZC05NWFlLTZiNDEtYjE0Ny0xZmY0YmNiMWMxMTZfMTY3NTI2NzY0NCIsInNvdXJjZSI6IkhhdmFzRWRnZS5FdmVudFRhZyIsImJ0IjoxNjc1MjY3NjQ0ODQ1LCJieiI6MCwicGxnIjpbIkNocm9tZSBQREYgUGx1Z2luIiwiQ2hyb21lIFBERiBWaWV3ZXIiLCJOYXRpdmUgQ2xpZW50Il0sInBsdCI6IldpbjMyIiwiY2siOnRydWUsInRyIjpmYWxzZSwiaCI6MTIwMCwidyI6MTYwMCwiY2QiOjI0fQ%3D%3D&trkGuid=0d24d362-9133-4cf0-8e7e-be8762f0510a&evtGuid=5cf27ba5-9ea8-4014-99ea-ec775d2a8e7e&data-product_list=missing&data-order_id=missing&data-subtotal=missing&data-country=US
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.69.21.176 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-69-21-176.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:25 GMT
content-length: 0

GET
H2 200 generic1674820392106.js Show response
nebula-cdn.kampyle.com/us/wu/458056/onsite/ 1 MB
98 KB 7ms
6ms Script
application/javascript 151.101.65.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/458056/onsite/generic1674820392106.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a9d4b9498b32b911974be1fe23b585bb7562aa50b3f9826f7e628d79f55035dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: f.vcfulagR0.rwvXFvfTOoIGTHZulG9m
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Feb 2023 16:07:24 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: H0G2SX80JF6QT6DV
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 99928
x-amz-id-2: zHHG/7oz8zWDCMX3ahEG08CYyTsr1vV170cW3gWAJHh2llCx6SNm+Xwtylz9W4fKD74jdyZu0I0=
x-served-by: cache-hhn-etou8220050-HHN
last-modified: Fri, 27 Jan 2023 11:53:13 GMT
server: AmazonS3
x-timer: S1675267645.857656,VS0,VE0
etag: "2ff56599631a07dd00ddf9a3673bb615"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 210

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 48ms
46ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 15:12:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 Feb 2023 16:12:54 GMT

POST
H2 200 /
aq-swa-api.knotch.it/ 43 B
198 B 663ms
218ms Ping
image/gif 54.172.102.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aq-swa-api.knotch.it/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.102.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-102-151.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 01 Feb 2023 16:07:25 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H3 200 /
www.google.com/pagead/1p-user-list/1043330685/ 42 B
64 B 25ms
22ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043330685/?random=1675267644463&cv=11&fst=1675267200000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2004957251&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1043330685/ 42 B
64 B 51ms
50ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043330685/?random=1675267644463&cv=11&fst=1675267200000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2004957251&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1043330685/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043330685/?random=1675267644688&cv=11&fst=1675267200000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams%3Bu2%3Dinternetsecurity%3Bu3%3Dromance-scams%3Bu4%3Dmissing&fmt=3&is_vtc=1&random=1870505373&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1043330685/ 42 B
64 B 69ms
68ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043330685/?random=1675267644688&cv=11&fst=1675267200000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams%3Bu2%3Dinternetsecurity%3Bu3%3Dromance-scams%3Bu4%3Dmissing&fmt=3&is_vtc=1&random=1870505373&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
39 B 99ms
93ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Wed, 01 Feb 2023 16:07:25 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3 200 /
www.google.com/pagead/1p-user-list/1069927954/ 42 B
64 B 25ms
21ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069927954/?random=1675267644711&cv=11&fst=1675267200000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams%3Bu2%3Dinternetsecurity%3Bu3%3Dromance-scams%3Bu4%3Dmissing&fmt=3&is_vtc=1&random=4277699298&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1069927954/ 42 B
64 B 65ms
61ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069927954/?random=1675267644711&cv=11&fst=1675267200000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams%3Bu2%3Dinternetsecurity%3Bu3%3Dromance-scams%3Bu4%3Dmissing&fmt=3&is_vtc=1&random=4277699298&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1069927954/ 42 B
64 B 27ms
24ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069927954/?random=1675267644580&cv=11&fst=1675267200000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1978123382&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1069927954/ 42 B
64 B 65ms
61ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069927954/?random=1675267644580&cv=11&fst=1675267200000&bg=ffffff&guid=ON&async=1&gtm=2oa1u0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&tiba=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1978123382&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_c4832.js Show response
analytics.tiktok.com/i18n/pixel/static/ 114 KB
31 KB 37ms
36ms Script
application/javascript 88.221.92.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c4832.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.25 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-akamai-request-id: 43d77bea
date: Wed, 01 Feb 2023 16:07:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230112175819198C6F6AF7657385C40A
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-18-41-25.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01afb4f37cde99d124c9ec90ead86ed4289ad98a0aa6f996eac0e1576ab226ec6b02711425ce47eed03898009029c324067b5c418b9c3236a691db92036cd0f2f4d04bef5f1729a0f9ad1bfec577bcd40d5532f3920d3c008105dda8580c923d9e
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 30757

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
547 B 147ms
147ms Ping
text/plain 88.221.92.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.92.25 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a88-221-92-25.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
x-akamai-request-id: 43d77c7d
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20230201160725E8AF2A1DDEE9C7487B43
x-cache: TCP_MISS from a2-18-41-25.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 115,2.18.41.25
x-tt-trace-host: 01071338e576d3120912a2d25762897a4eeb079411efa42e917d18ef8abbd61b3d6d5b9b0859043cb155daab28cf000e69ff9ef63c19ac23edb19648d075230b4b559618b231e2249312be518e13b1f9acce27d036021194376c27becd9d483f0e
server-timing: inner; dur=16, cdn-cache; desc=MISS, edge; dur=6, origin; dur=115
content-length: 0
expires: Wed, 01 Feb 2023 16:07:25 GMT

POST
H2 200 4405 Show response
norton.ow5a.net/xur/ 113 B
980 B 120ms
34ms XHR
application/json 52.19.8.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://norton.ow5a.net/xur/4405
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.8.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-8-86.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a69bcc7d7dd2b4a0457d4fa24f3994f177d00ab88466f19588f7058a7ce8bf18

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin: https://us.norton.com
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
expires: Wed, 01 Feb 2023 16:07:25 GMT

GET
BLOB 200
OK 26bb36ce-b35e-4bee-8b02-2052089e57ec
https://us.norton.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://us.norton.com/26bb36ce-b35e-4bee-8b02-2052089e57ec
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dfe447993416e6a72f93e1c76e4b41d7411f15daf0b0835dedb287c5e513010

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length: 17224
Content-Type: application/javascript

GET
H2 200 visitor.php Show response
app.leadsrx.com/ 97 B
512 B 199ms
198ms XHR
text/html 44.236.243.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadsrx.com/visitor.php?acctTag=csiyrk42502&tz=0&ref=&u=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&t=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&lc=null&anon=0&vin=null
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.243.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-243-137.us-west-2.compute.amazonaws.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 / PHP/5.6.40
Resource Hash: 7dea55eea7f4396097abf6e2a56fb0b41110200d41d59316f982e078c0c75260

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://us.norton.com
date: Wed, 01 Feb 2023 16:07:25 GMT
access-control-allow-credentials: true
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
x-powered-by: PHP/5.6.40
content-length: 97
content-type: text/html; charset=utf-8

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
855 B 74ms
74ms XHR
application/json 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613158642812&pd=%7B%22np%22%3A%22ensighten%22%7D&cb=1675267645697&dep=2%2CPAGE_LOAD

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.5c17655f.1675267645.df17f595
x-envoy-upstream-service-time: 1
content-length: 375
x-pinterest-rid: 9474004282893449
pin-unauth: dWlkPU0yRTVZalJqT0RrdE5XVm1OUzAwWWpGakxUazFZall0T0dVM09HUXhPV1F5WmpNeA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://us.norton.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 44ms
44ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=333012135&t=pageview&_s=1&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&ul=en-us&de=UTF-8&dt=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAUIJAAAAACAMI~&jid=1044411412&gjid=227883046&cid=1786439598.1675267645&tid=UA-1304930-26&_gid=1897955838.1675267645&_r=1&_slc=1&gtm=2ou1u0&did=dNjIxNT&z=103717326

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 61ms
59ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=333012135&t=pageview&_s=1&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&ul=en-us&de=UTF-8&dt=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAUIJAAAAACAMI~&jid=83220162&gjid=470630414&cid=1786439598.1675267645&tid=UA-1304930-1&_gid=1897955838.1675267645&_r=1&_slc=1&did=dNjIxNT&z=1477668754

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 28ms
24ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=333012135&t=event&_s=2&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&ul=en-us&de=UTF-8&dt=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=conversion&_u=aHDAAUIJAAAAACAMI~&jid=&gjid=&cid=1786439598.1675267645&tid=UA-1304930-26&_gid=1897955838.1675267645&gtm=2ou1u0&did=dNjIxNT&z=1211233836

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 20:23:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71050
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 formData1665661897425_en.json Show response
nebula-cdn.kampyle.com/us/wu/458056/forms/43819/ 38 KB
5 KB 27ms
7ms XHR
application/json 151.101.65.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/us/wu/458056/forms/43819/formData1665661897425_en.json

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb54a6ee7b16fd9d88468b31f756b9208eba59312503609a26b45044f2150f86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: YKsfr6m1uB6K40fKV3hrcVRmLyvNhVXG
content-encoding: gzip
via: 1.1 varnish
date: Wed, 01 Feb 2023 16:07:25 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: SYNPQTJHHGY0475B
x-cache: HIT
content-length: 4879
x-amz-id-2: oQBXjMzRWUpXGHgBaG5Gr7dlMbGCyZ5DYDtjc//AyVhMbsZ9DURQkeTf77dXH4mIb8GK5/5XFuo=
x-served-by: cache-hhn-etou8220066-HHN
last-modified: Thu, 13 Oct 2022 11:51:38 GMT
server: AmazonS3
x-timer: S1675267646.820137,VS0,VE0
etag: "b44c00379da41a268691cb1979a196bd"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 23

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 166ms
113ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwOS4wLjU0MTQuMTE5IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJSb21hbmNlIHNjYW1zIGluIDIwMjMgKyBvbmxpbmUgZGF0aW5nIHN0YXRpc3RpY3MgLSBOb3J0b24iLCJwYWdlX3VybCI6ICJodHRwczovL3VzLm5vcnRvbi5jb20vYmxvZy9vbmxpbmUtc2NhbXMvcm9tYW5jZS1zY2FtcyIsInRyYWNrZXJfdHlwZSI6ICJqYXZhc2NyaXB0IiwidHJhY2tlcl92ZXJzaW9uIjogIjIuMi4yMyIsImV2ZW50X25hbWUiOiAibmVidWxhX3BhZ2VfdmlldyIsImV2ZW50X3RpbWVzdGFtcF9lcG9jaCI6ICIxNjc1MjY3NjQ1Nzc1IiwiZXZlbnRfdGltZXpvbmVfb2Zmc2V0IjogMCwidXNlcl9pZCI6ICIxODYwZGJiYTEzMmEwZC0wMzI1NTNiM2FjZmE5My02MDMyNWQ1Ny0xZDRjMDAtMTg2MGRiYmExMzM4ZDMiLCJlbnZpcm9tZW50IjogImRpZ2l0YWwtY2xvdWQtdXMtbWFpbiIsImFjY291bnRJZCI6IDQ1ODA1NCwidXJsIjogImh0dHBzOi8vdXMubm9ydG9uLmNvbS9ibG9nL29ubGluZS1zY2Ftcy9yb21hbmNlLXNjYW1zIiwid2Vic2l0ZUlkIjogNDU4MDU2LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7Im1kX2lzU3VydmV5U3VibWl0dGVkSW5TZXNzaW9uIjogIiIsIkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICJmMzNhLTllMjgtYjI3Ny1lNDU5LTBhYjEtZjJjMi1iYThmLTE1YmQiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTY3NTI2NzY0NTc2MCIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAyODUyLCJrYW1weWxlX3ZlcnNpb24iOiAiMi40OC4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40OC4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjc1MjY3NjQ1Nzc0LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwiZmVlZGJhY2tfY29ycmVsYXRpb25fdXVpZCI6IG51bGx9Cl19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-qp83
date: Wed, 01 Feb 2023 16:07:25 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 62ms
61ms Image
image/gif 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613158642812&pd=%7B%22np%22%3A%22ensighten%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22f6304d83%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1675267645823

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.5c17655f.1675267645.df17f8df
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1073067354706973
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
17ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1304930-26&cid=1786439598.1675267645&jid=1044411412&gjid=227883046&_gid=1897955838.1675267645&_u=aHDAAUIIAAAAACAMI~&z=2049282451

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Feb 2023 16:07:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame EE1F 565 B
591 B 64ms
57ms Document
text/html 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.5c17655f.1675267645.df17f9aa
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Wed, 01 Feb 2023 16:07:25 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1805703199892087

GET
H2 200 /
www.ojrq.net/p/ 50 B
448 B 97ms
32ms Image
image/gif 34.95.127.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ojrq.net/p/?return=&cid=4405&tpsync=no
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.127.121 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.127.95.34.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:25 GMT
via: 1.1 google
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
expires: Wed, 01 Feb 2023 16:07:25 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1304930-1&cid=1786439598.1675267645&jid=83220162&gjid=470630414&_gid=1897955838.1675267645&_u=aHDAAUIJAAAAACAMI~&z=1506554242

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 01 Feb 2023 16:07:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inbox_6424cb18bd68fadd3f1395637e663bb8.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 73 KB
19 KB 30ms
28ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox_6424cb18bd68fadd3f1395637e663bb8.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 78d566d84342550fc2075fb4016094a423cb9b717d481ee34fc634c079ceff0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 16:25:19 GMT
content-encoding: br
age: 1381326
x-guploader-uploadid: ADPycdsjcXg9mqBlrrCdENyhkUvclQ_uKme2_QtkQyQhYKZk3jhVgXAgNmD8Sqx3ZOdiyhzvZqYp_4Ywt5N6uWun7WipZuY_Ef4U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19183
last-modified: Tue, 10 Jan 2023 17:18:34 GMT
server: UploadServer
etag: "28a270a5e8e0b25e86a05cb43a8e0359"
x-goog-generation: 1673371113979807
x-goog-hash: crc32c=FvXyjQ==, md5=KKJwpejgsl6GoFy0Oo4DWQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19183
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 16 Jan 2024 16:25:19 GMT

GET
H2 200 onsite_4d0277aa0c520578d117528df8e902db.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 162 KB
35 KB 28ms
26ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_4d0277aa0c520578d117528df8e902db.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e1816c058d2ab84b1cb1962de47772e47d5182b58309e43ddab5b5aebbde3f82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:58:08 GMT
content-encoding: br
age: 781757
x-guploader-uploadid: ADPycdtShZS5F7O5KWV3JllAQU6kwk9l3Zg3GhXBK39XorlL_oJECSvtETW_TE6THGFrO4gbkFFfRotk8aXrawIMT7aG_PDYosZ_
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35105
last-modified: Mon, 23 Jan 2023 14:58:02 GMT
server: UploadServer
etag: "6449ad73754f9d4f33188189003b9ec1"
x-goog-generation: 1674485882728981
x-goog-hash: crc32c=n6iWdA==, md5=ZEmtc3VPnU8zGIGJADuewQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 35105
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 23 Jan 2024 14:58:08 GMT

GET
H/1.1 200
OK id Show response
image.cdnbasket.net/ 2 B
326 B 327ms
119ms XHR
application/json 2600:1901:0:f541::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://image.cdnbasket.net/id?wsid=2004&vid=undefined&did=undefined&pvid=undefined&agent=mozilla/5.0%20(windows%20nt%2010.0;%20win64;%20x64)%20applewebkit/537.36%20(khtml,%20like%20gecko)%20chrome/109.0.5414.119%20safari/537.36
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:f541:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Feb 2023 16:07:26 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 323ms
117ms XHR
application/json 34.149.118.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.118.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.118.149.34.bc.googleusercontent.com
Software: /
Resource Hash: d72f9c903649c61403074b89f5a3e131c7c8cec04792e7407d30b0a2f4ae72bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Feb 2023 16:07:26 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 330ms
131ms XHR
application/json 34.102.242.33
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.242.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 33.242.102.34.bc.googleusercontent.com
Software: /
Resource Hash: b6ff5e36be6ad1ddfea9c93f269d81ea5cc1136b88cc712212c17fa47d704076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Feb 2023 16:07:26 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 463ms
248ms XHR
application/json 34.117.93.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.93.237 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 237.93.117.34.bc.googleusercontent.com
Software: /
Resource Hash: 33f9d826ec75c6446aa7da4c19c2cf446003c5d5e30e5927eec1aded7b413e9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Feb 2023 16:07:26 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
39 B 106ms
103ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Wed, 01 Feb 2023 16:07:26 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 track Show response
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 59 B
166 B 103ms
102ms XHR
text/plain 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

x-me: prod-instance-gatewayservice-green-qp83
date: Wed, 01 Feb 2023 16:07:26 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: text/plain;charset=ISO-8859-1
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 59
x-application-context: application:9090

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1304930-26&cid=1786439598.1675267645&jid=1044411412&_u=aHDAAUIIAAAAACAMI~&z=534144721

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 64ms
64ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1304930-26&cid=1786439598.1675267645&jid=1044411412&_u=aHDAAUIIAAAAACAMI~&z=534144721

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 37ms
35ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1304930-1&cid=1786439598.1675267645&jid=83220162&_u=aHDAAUIJAAAAACAMI~&z=1641536839

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 64ms
61ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1304930-1&cid=1786439598.1675267645&jid=83220162&_u=aHDAAUIJAAAAACAMI~&z=1641536839

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 local_storage_frame17.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame FE1E 2 KB
1 KB 18ms
17ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 115535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 1073
content-type: text/html; charset=UTF-8
date: Tue, 31 Jan 2023 08:01:51 GMT
etag: "6205c86657c68b18f50f3709c578bb06"
expires: Wed, 31 Jan 2024 08:01:51 GMT
last-modified: Mon, 30 Jan 2023 15:45:40 GMT
server: UploadServer
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1675093540240647
x-goog-hash: crc32c=fKyWPg== md5=YgXIZlfGixj1DzcJxXi7Bg==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1073
x-guploader-uploadid: ADPycdsntMcYuQ4IZ39mPcqwyfHAUpZISZd5xbe9NPRoI5eeDVGHDdW0hEmlAsYCMgkvlt-juOsJzSQ4RIl_NdoJ2lveXr1bL1wK

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame 7286 90 B
907 B 430ms
137ms XHR
application/json 35.222.211.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&t=1675267646152&v=1675267646328&z=1&S=0&N=0&P=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

3ee54d1254788d712d1adf3a391b12e0c818ba353f42a26f6efb21ab70c1457b

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Feb 2023 16:07:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex

GET
H2 200 c Show response
ids.cdnwidget.com/ 31 B
198 B 208ms
135ms XHR
application/json 34.107.191.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=204244242&GCS2=ZGM5MzRmMzQtOGM0YS00YTU2LWExNDgtZGVhZDg0ZDc5ZDZkLmxvY2FsLDhiN2FmZjczLWFhN2MtNDBhYy1iZjU2LWRiODE1OTM4MTQwYS5sb2NhbA==&pe=false&wsid=2004&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A2004%2C%22loadID%22%3A%22uvfqXxStUu6ztdU%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A39%2C%22IDStageStart%22%3A40%2C%22netComplete%22%3A360%2C%22obsReqdata%22%3A378%2C%22obsReqpage%22%3A386%2C%22obsReqview%22%3A509%2C%22IDStagePrefire%22%3A510%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.191.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.191.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://us.norton.com
date: Wed, 01 Feb 2023 16:07:26 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame 7286 0
644 B 650ms
409ms XHR
application/json 35.222.211.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&t=1675267646152&v=1675267646342&z=1&Q=1&Y=1&X=b81bd6fd472042d15113182862443911

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Feb 2023 16:07:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 180ms
134ms Image
image/png 34.102.193.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Country%2520not%2520allowed&cookieID=&deviceID=&BXWID=2004&warpspeed=2%5EHIykD&loadID=uvfqXxStUu6ztdU&version=1.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 2 KB
2 KB 221ms
64ms Script
text/javascript 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=2474&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYB2AVgCYTCAWQwgBnM2AC8Qp7MB3AUwCMcqYDwD6qACZRy9etUwAnHjhAAbOGgwEG9AB75pnRTB7zF8qNgCGKlagQBzEXHkqoAC2DAADjgCkAZgBBX3IAMRDQuBwAOgQQeVAEaKQQAFsIvhUQewiMWwQeAFocJEtUvzD5NMtkIpKynEwAN1RBYBEUkABrVB4oX2IAIRDyFS8RgODycg9vCtIgkIpw8mWo2PjE5LSlsMzs3dC8uzrS8sOq1JqkU4aJ8gBhEfkJxemJ4gARbBBu3v6hiNxBJXlNyPhqJQAJz4fz4WSESiQkgADnw9ye0xa4lBRDIlGINER9BR0ihIUx5CaoIGw2mwJKIEQ7TKTIQwFB9ApI2UzhuImAAE8vDxQTBrDhRY8gZZBTgBSARDwdF5UPJLBoEGKJVLKXYUqk7I4vFVxCIcHA+CIVDwHMA3NqVJLudMhDxymIEB1LAlOS7yKVfe8guKnbqgTw1DpRAyUsy-dLpjA1Th2oH2m70sHAqHnYnyMn5KnvQkxMJUiJkzpHXnKTwmiZrdl7DwzXYa+HpiaQOI4CgRIoDalbeINegtdmufnLDBk7YNaIhSKO-6Z3PUAuBcLRC2CuqVCv8yk+OqEMCHCIvD7gHvD5S16h58IlQ32XeRg+n6Ir+qPWAau+0yfhuz7AOqSA9A4gGjM2raemI4i2mgyattBwGbj+DQdCAJ41OeOTZrmnbkOhz6YR6x6nvhTheKOwjQeml5qPuQiCjSrrlhiIyFqIpGiBgNwMde5o8ByhE6v6jEAI5CgmlKMU01hwFK5CTFOlJwF49jqohZogLOjaWIpj6WJkKmTERq58HhGDDuyl6WC20EIEZIiIS0-L6teK5fP64j2KEKbAAAMiAlg4tmYHKQM3yKUWADapRnoKA6WBBIgtIIZkALqwDqzQ+jgiVuDwEFMhm5Y4LlREFQlSAlWV6jmsIXjVflcVFbGbIsqk3W5ZwHXFRqIh8CAOiXookrsm1Ya1UVko4IIGAiL1o4qBNShITNkpzfFy2KC0PBcCI8SIfIzU8K1eWzYNim2GacZeBg208LtSBICICBwKkfCNkhJiti9u2SkgzisdhiFKuyAPiEDg0gxgZomu6qDfR0tgQYD107fDTLyPyS48HDhXxaOcoKkqKpqmOz3Y69g36mkRoTT25qWtatr2PaxMJZm8p2CWwD9btWT2C2bYIDzRXvSIljqPpj42rDdNvdeUuk5GcDRm5rRxtNHDA6ViPNXhPoPRjXRYzV8NG2ebma9rSAW1b7Uk4WxaMZm6vu2mwmZpWqA6Or9aNqL4ueur3a9v2g5pHZdHjsLg18VuIrqynhMiLuJjWOrlF4czP43iY6vqo+sviHpXrI1NQsq8ns6PiBogh-r1skyn5Hyv+kv1yT1mCB9JqoDcuXA8ApvyEj8gj0TFiDYhUbfjPo-zyTyOGmjw+r7tA8j04Li5bMPiTAA9Kf6xxAkGDbKkiCIcmBTiOPk9ms4KhH54J9BOfl+bDfBp748Efq2Xai8taiHfp-OYZ8L4xCvlsQBZ5gEnGfoNDeqMKxQPcF-PwP84EbGvkkJBD9UG7VQHwcaV4Wypznu3XmlCHI0JULKcqY8GaMIFqmEAEFcr4F2sqVoaALyg24cOeQ6dG5fgFOBSC9g84YGUDac0eNV7AkHMAEWsEJYISQqgFCyt6FFTuhINy1Q7C5SivTDuUjm4OV-PKfOZ4jSSPXBhH0WEnHUU0nROhrs6rCS8MxawrFcqZl2jxWWtjNwCT8TdEmjFJR1yMYlYSMlBRJwScJO6ylMkJSjhNWekdTSfTKHEnGCS3AalWtYWWKBUANmDlccu3DFCGP8UVUaiAbjjVQKkGuS1e4pO7NpMoCEmmWBaaANpGVyB52ElkcKLt4kJSiMzVsNCTwgC4JKCRfdVlaR0nBfSxhzpGUmSwnK+yipRz7O0Fyw45nXPiqZGyCA7LtGoeU6xCU4iKXRr0dkEh2Ekz+ZYEQbghDArXr8kA-yogmGhbtcKOFRCpCQIaZWb1fg9DRT2WpNctpQCsbtFyTR7YeVEF5BI6syUUtnpeK61sH6k11t1WWvVmRJxZWTeUoBKaqnVJqOGLLGaGgvAUi0VobR2jcCK4B8U+bwXTNyhV4DtZdS5QbJoLKfaCzLO6AOQd64stuTHI2qR44017gNFlGdtzypgC86JoFtxZ1tDnD+JqFVeMLtePcjrnVuOfK3ZJ7U7Uuu-B4v8NRA0Z1kS471Tqw5wQFhIPRBi42RvsZ4nCVFE3MoVZ3aNji80FwvD4hcgbIkp1iYGzSozdInQMmc4ylybRxusmeWySEmHfJ+H8RcvxrQ+hbCrPgXgDaiUnfFAARIxeIHQGpdHKrOgANPOhc9h4iCnXbOtwaQeB7rNcAPdkofT1VndlTAXhgB4B+P0+ctRKwsPsPPKpUAgA
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 5aeba1008ef8c1f5bf176a13300375062aa9ff2c3bf5604fe6cb3dd083076116

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:26 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 01 Feb 2023 16:07:26 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 27
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 / Show response
norton-app.quantummetric.com/ Frame 7286 28 B
730 B 270ms
270ms XHR
application/json 35.222.211.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?s=5eee9bcf3db243e1fa0901403695265e&H=e032fca4aa439052d5b38f27&Q=3

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 9ms
7ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=3&c=21&i=7u2yze&p=aemprod&s=15783&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3UyeXplIiwicGFja2V0IjozLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8RRodHRwczovL2JpdGUuYXVzdHJhbGlhcmV2aXZhbC5jb20vbUMA8BJ0eXBlIjoieGhyIiwic3RhcnQiOjE2NzUyNjc2NDM5MTGAAB1kFABQc291cmM5ALJYSFJfTUFOQUdFUkEAMHR1c_0AYWxsb3dlZKQAQGFzb26jANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlmAM82NzEwOTQ2ODQxfSzVAAXzC2Nkbi5wZHN0LmZtL3BpbmcubWluLmpzIiwizwBic2NyaXB0kQAJ0gBMNDEzMtIAZTQzMzQsItIAwmluc2VydEJlZm9yZUIAAtMAP2xvYdAAIp80MTEwMDUxMjbQAEMvODbQAAwxbXV0FQKvT2JzZXJ2ZXJDTNYAOC84MNYAB7B3d3cucmVkZGl0c4IAEWN2Ap9hZHMvcGl4ZWywARUfNeAAAC82MLABR681ODc2OTU0NDU02gBND7oBAQnaAA-6AUIE4AAfOOAADNFwYXlwYWxvYmplY3RzuwFQbXVzZS8FAA-7ARQ-MzczmwInNzi7AaBhcHBlbmRDaGlsWgMAJgIBPQRbYmxvY2s9BGEiV2hpdGUuBA9IBAkKJwADUwSvNDYwMTExODIzONMBCw_zADAuODDzAC84MvMAZy80NfMAEQHfAfENdGFnbWFuYWdlci9wcHRtLmpzP3Q9eG8maWQ9bnEGACYAHyJjBREvNTQFAQAXMwUBD2MFPK80Nzg4Nzc5ODEz7QBgD8YDARg47QAPxgNCBPMAD-ABCWBzLnlpbWe2Af8EL3dpL2NvbmZpZy8xMTU0OC5qc_0HD080Mzg1yAEAFzXIAQ_9Bz-PODA5OTg3MjgtBwgP1wDSP3l0Y2YFFB8xIQcBAJUCD9EIRp8wMjMzNTA5MTJuAwcKpAEPzQAYALkAImVuCgoChAogNDMUAAXNAA9OA0ITNtMAHzTTAAjxAWFtcGxpZnkub3V0YnJhaW5YA39jcC9vYnRwqwEVLjI4UQMYOREHDxkFPJ82MjAyMzg2NzAGBggP2AAxAKIBDLYBCdgAD7YBQwPeAB829wUMgGdvb2dsZWFk_woyaWNlzQhgcGFnZWFkFgUD6g31BS8xMDQzMzMwNjg1Lz9yYW5kb209CQ3rNDEzMyZjdj0xMSZmc3QYAEFiZz1mAQDwFCZndWlkPU9OJmFzeW5jPTEmZ3RtPTJvYTF1MCZ1X3c9MTYwCQDwBmg9MTIwMCZsYWJlbD1zYWxlJmhuPS0LD6kAAbEmZnJtPTAmdXJsPdMNxiUzQSUyRiUyRnVzLpcH8xAlMkZibG9nJTJGb25saW5lLXNjYW1zJTJGcm9tYW5jEAByJnRpYmE9UhMAMyUyMCUAYDBpbiUyME0BkiUyMCUyQiUyMEYAkCUyMGRhdGluZywAAMMLwnN0aWNzJTIwLSUyMIUOAOMAcF9lZT0xJmH8AKU3NTA0NTIzNDYuOwFgMyZ1YW1iwwBQYXc9MCYCDsM9ZXZlbnQlM0Rjb25-AUAlM0JhMw6CX2N1c3RvbV_BDfACcyUzRHRydWUlM0JlY29tbV-2AXluYW1lJTNE2gAFIQCCdHJhZmZpY18wBPACJTNEZGlyZWN0JnJmbXQ9MyYGAB80xAgTD7wKACc5OfwGD7wKBA8mDiSfMzc0MzczODYw-QYIDyMCBRAvFgEPzAL__wsPnwUCCMwCD58FQgTTAi8zOSgIB1BiYXQuYsERAJESIGFjvBLwjC8wP3RpPTU0NDE2MTEmVmVyPTImbWlkPTMxMjkzNGI1LTk5MDUtNGRhZS05MWExLWE0MDdkMWY2MTE5ZSZzaWQ9ODMzOWE5MzBhMjRhMTFlZDk2MDFjM2JhNmI3MTUxMTUmdmlkPTgzM2ExOGEwYTI0YTExZWRiNzdmOTEyN2ZhMmM0NmM5JnZpZHM9MCZtc2Nsa2lkPU4mcGk9twXzAjEwMTUyNSZsZz1lbi1VUyZz1wUTc9YFj3NjPTI0JnRsZwU88A1rdz1Tb2NpYWwlMjBNZWRpYSwlMjBBbmRyb2lkCwDQQ3liZXJidWxseWluZxEAcFdpbmRvd3MLABFPEwZAJTIwUxUGABIAgE1hYyUyME9TDAAgSW6OEyBldCAAcGVjdXJpdHkXAGFTZW5pb3JAAF9pT1MmcH4GMPAAcj0mbHQ9MzgyMSZldnQ9tgT2BExvYWQmc3Y9MSZybj02OTYyNTeeBTJpbWeqEgrCEy40MsITARQAAvQF8goiOiJIVE1MSW1hZ2VfU0VUQVRUUklCVVRFTAACzBMBbAYLYhAPVxAJBp8UnzQ3Mjc4NDYxMHUICAnWAgANAA-bFBQdOG0VODQ0MksODx8KPJ81MTE0Mjg3MjTMAEEOtxMKzAAPdARCBdIAD-oRCGB1cy1jZW4QF_ELMS1hZGFwdGl2ZS1ncm93dGguY2xvdWRmdW6KBGBzLm5ldC9oFhEtsQggcy3QF1Ytc2lua6UCUmZldGNoWwIMpwIdN-0LNzQyN0IIX0ZFVENIPRc7nzM2NzgxNTQ1OT0XCAZHCAbyEQHNDPcFZ3RhZy9qcz9pZD1EQy04MTM2NDiPAwKTCQ_rAAEuMTjxES81MFQXSJ81NTMwMTY4MTVbBggP5wBBDtIBCucAD9QCQwPtAB82nQ4ID-0AEfABVUEtMTMwNDkzMC0yNiZsPYoLpkxheWVyJmN4PWPSAg_oAQgeN94UEDVQGQV6BQ-hBD2fOTAzMzc3MDQ3QwgHD_sAVA9ECQAK-wAP_AFDAwEBD-MOCTdidXkKDjIvcmXzDPUbb3Ivc2VvP2NhbGxiYWNrPWpRdWVyeTMxMTA4Njk1NjMwNTgzOTMyMzFfqw1gMTc4MyZwQxvxDz1jYXJ0cG9wb3ZlciZ0cmZfaWQ9c3ltY29tJnNjc-cO9gswJkNPVU5UUlk9VVMmTEFOR1VBR0U9ZW4mXx8PTzE3ODVZAhEvMjNaAwAJlRsPbg07nzUzNTM4NTYwOQQZCA9XAbIOcBIZNVcBD7UCQwReAQ92EggA7BmgaWMuYWRzLXR3aREeAYMGP3V3dEwTFg90BgAAeRgPjARFnzM2NTI4NzQxMDQCCA_WAC8PZwQBCdYAD7IBQgTcAB82fhASDzcIB89BVy0xMDY5OTI3OTVnERMeMicKLzcy3h1InzY3NzI1NTA5OZwCCA9SBhEP6gAfD9oBAArqAA_aAUIC8AA_MTA18AAI_wN0YWcud2tuZC5haS8yMDA0L2mEAxUeNoQDHzfuHBEPJRMknzU0NTc5MDU0M7AMCA_NACcPoQEBCc0AD6EBQgTUAA-hAQkAQw4FJhEjcC8oEQMjEQ-sARQQNJALC6QXGTeoHA9jBzufNjI5OTU5NTc5owsID9gAMg8OEAAK2AAPtwFCA98ALzgxmgoICd8AA7UBD90S__8jEDeaBAXXCA_PAgtAZXJyb8onL3JldicbD9cSHg_QAv__GA5IGw_QAgsSQWISAqgVD88CLg-tCwjxAXdlYnNkay5hcHBzZmx5ZXKBDM8_c3Q9YmFubmVycya6DhE9MTI55hMoNznmEw8TETyfNjgyMTI5NzU3DhIJD9oAMgB2BAwxCAnaAA-KBAsP5AkkA-AALzYyOAgIAOQJIHNpkCGALmZpL3NpZmm6FP8VYWU4ZjFhOTAtN2EwYy0wMTM5LTQwODMtMDZhYmMxNGMwYmM20wERLjI0jRAoODCUDA_5AEJ_NDU3NDI2OFIICvEBYW5hbHl0aWNzLnRpa3Rva7MCQmkxOG5TKxIvpxYAuif_E3Nka2lkPUM0SlNBUkpSMlEzT0cwSkFFVEYwJmxpYj10dHELAREuMTa-Ayg4MAImD94CPCA1MQcBPzYwM1cJCA8FAV4PCQMACgUBDxACQgQLAR82Yi0JcmViLmNodGLRL0d0cmFjmhgfeNMvAj40ODCyBAEUAAViCA_WJz6PNTEyMTI1MzUyJgkfd8sAIR4xkBYQOBQAD8sAUA-DDgg8ZXh0lgFPYWJsZakNFC8yNHQDAACHMQXVAA9vAkKPMzM3NDI3OTfRLwlUcy5waW5TKm9jdC9jb3LWABUuMTbpES84M9wcSY85NzYxMDE3OdMSCA_QACkPFQQBCdAAD6YBQhI11gAvODHWAAgAHTP5GmxpbmtlZGluLm9yaWJpLmlvL3BhcnRuZXIvMjUwNDA2MC9kb21haW4vRiZQL3Rva2VYNAADGB8iFTQFLzQ4rhcAARQABaICD0IEBA_YLz6PNDA0NTM2MTMMCQhwc25hcC5saRUBAGQidWxpLmxtcy1EBo8vaW5zaWdodEI0GC4yNPYSLzgzxilInzQ2NjY2MDg5M9UdCA_nAEEPsgMBCOcAD-ICQgXtAA9hBQgAAAqRaGF2YXNlZGdlBAlfanMvZXY7GBYfN8EBABg14QkPCxM7AGA2Xzk1Mjg10wBID48EAQnTAA-tAUMwMzM02gAfNl4WCHBuZWJ1bGEtgQNia2FtcHlssgH_B3d1LzQ1ODA1Ni9vbnNpdGUvZW1iZWQkBxUA2wALnAwvODWcAk-PNzAwNzU1NDhwBAgGPRgGZQQBowIFcwQP5AAVHjS9Gyg5NKYCD3wLPFE2NTYyOQQID20fEQ_eAC0PwgEACt4AD7ECQgXkAA9eDggPwgE2HzXvLwAQOT0GBSgHD8IBQj8zMDc-DQgP3gA3HjOuJgreAA_CAUPANTYyOTQzMDgwfV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:26 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 01 Feb 2023 16:07:25 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 9ms
8ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=4&c=21&i=7u2yze&p=aemprod&s=15302&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3UyeXplIiwicGFja2V0IjozLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8SBodHRwczovL2FxLXN3YS1hcGkua25vdGNoLml0LyIsInR5cGUiOiJzZW5kQmVhY08A8AVzdGFydCI6MTY3NTI2NzY0NDk2NH8AHWQUAFBzb3VyY0AA8AxTRU5EQkVBQ09OX01BTkFHRVIiLCJzdGF0dXMDAWFsbG93ZWSqAEBhc29uqQDUXSwiZGF0YVBhdHRlchIAs2xpc3QiOltdLCJpbQC_NTI3NjM1MTkzfSzbAAUzd3d31ADxBS1jZG4uY29tL2t0YWcvbGF0ZXN0DADQLm1pbi5qcz9hY2NvdakB9xY9NjhjN2Q0NmQtNGY1My00OTZmLTk5YmEtZWMxN2FiMmMxZjZjHwFSY3JpcHTTAAobAT8yNDcbAQA1NSwiGwHCaW5zZXJ0QmVmb3JlQgACFQE_bG9hEgEhrzQ2NzI2NjcwMTgSAYYfOBIBDDFtdXSfAq9PYnNlcnZlckNMGAE5HzkYAQfzImdvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvdmlld3Rocm91Z2hjb27-A_YFLzEwNDMzMzA2ODUvP3JhbmRvbT0eA9s0NjMmY3Y9MTEmZnN0GABBYmc9ZgEA8BQmZ3VpZD1PTiZhc3luYz0xJmd0bT0yb2ExdTAmdV93PTE2MAkAoGg9MTIwMCZobj3WAgWwAHBlcnZpY2Vz3AKxJmZybT0wJnVybD3cA9ElM0ElMkYlMkZ1cy5uEQQAJgDzECUyRmJsb2clMkZvbmxpbmUtc2NhbXMlMkZyb21hbmMQAHImdGliYT1SEwAzJTIwJQDyBDBpbiUyMDIwMjMlMjAlMkIlMjBGAJAlMjBkYXRpbmcsAADEAcJzdGljcyUyMC0lMjCOBCAmYegApTc1MDQ1MjM0Ni4nAWAzJnVhbWK6AFBhdz0wJvwD8A09ZXZlbnQlM0RndGFnLmNvbmZpZyZyZm10PTMmBgAfNIEDES81MJwEABg3gQMPbwJCrzYzMDczNjc5MTZvAgfxCnQuY28vaS9hZHNjdD9iY2k9MyZlY2k9Mib4APIZX2lkPTZkOTI1YTgzLTZiZDktNDY4Ni05NDVjLWM5MDI2Yzg1NjFiZi4AUHM9JTVCAwAgMjKqAgCnAuAlMjIlMkMlN0IlN0QlNQMAcSZpbnRlZ3JdA9A9YWR2ZXJ0aXNlciZwbAAwVHdpawVwJnBfdXNlchIAQDAmcGwIAPAINzM3MmIzNzgtNDRmYS00OGQzLWJjMzeQAPACOTEwN2FhNDY5JnR3X2RvY3V-Bl9faHJlZn4CMZJ3X2lmcmFtZV8qBiA9MGYA4m9yZGVyX3F1YW50aXR5FABwc2FsZV9hbbwFABEAIHhutwBgbzVmdW0mwQZhPWphdmFzpAUTJrMDED2dByYyOUICMmltZ2YECsAFPDU0Na4EODU0OT8CoGFwcGVuZENoaWyvBQKqAD8iOiK_BSWfMTE5NjI4NTc1OAL_rS81MzgCDA93BEITND8CHzgQCQgPdwQP_xU5ZGFlOTQyMi05OTExLTQzNzktODlmYi04MmI2YzBkOGViNjh3BP8HX251emlwdwQuDz8CDg93BDsgMzKwBk85Njk0dwQpDzgC_3IN7ggLrwYPdwRCBT8CD7YGCB9nXQtCPzY4OF0LAgAYAA9dC_8UBscMjyUzQnUxJTNEOAwuAEkAQDIlM0RvCsBybmV0c2VjdXJpdHkYAEkzJTNEZQwAFQCvNCUzRG1pc3NpbuELHz03MDBqBxA1FAAFYg8PKwU7nzY2MjMyMTgzNewC__9jHzLsAg0P3wVCBPMCD5UMCfAGYml0ZS5hdXN0cmFsaWFyZXZpdmFsaxAhL201FACIDW8iOiJ4aHJnDQBPNTUwMsUDABcyJxM_WEhSOxQ7rzY3MTA5NDg0MzLzCAcP1QDCD4kHKI82OTkyNzk1NOYSAD83MTGJBwIAGAAPiQf_1S8xOcQDABczxAMPiQc7nzM5ODM2NDI0MNIVQw_sAv__DQ-JBwII7AIPiQdCBPMCLzEwtAYHD98FQz81ODDfBQIAGAAP3wX_FA_FGCkvNjZbBQEfNFsFR484NzEwMjk4OL4YCA9oAv_CHzfXBAIIaAIP1wRDAm8CPzkzN9cEB1BhbmFseU8ccS50aWt0b2tbDMZhcGkvdjIvcGl4ZWzLGQ-tIAo-NTYz0hkBFAAFMBAPrSBFnzMxMjM0ODM0NFYDCA_nAAJCaTE4buUAEC9gGvcKaWMvbWFpbi5NV0UyWVdZMllUZ3pNQS5qcwMBAe0aD2oNAD40ODCZGDc2MzZLBA-RIDyfMzE3ODA4NTA2kxgID_YAUA_1AQEI9gAP2QJDBPwADywSCIB0ci5vdXRictIBAJwicGNhY2hlZEN5IPEGSWQ_bWFya2V0ZXJJZD11bmRlZmluKCMDTg8C1BwP5wEBLTM5eCJHNTY0OecBD40LO683MTc3OTc4NTgxwwMHD-oARQ1QIgvqAA_bAUIF8QAPPxAIA3AhQW93NWFEIoZ4dXIvNDQwNagDDw8RBD02NTZLDQEUAAWkBA8PET6PMzY1MzYzNzgCGgkP0AC98QBkLmltcGFjdHJhZGl1cy13IQFYBv8VQTI0NzQ1Mi0xNmVhLTQ2YTEtYmYzZS0wZDllNDUxOGZmOWMxcAUULjE4khk3NjU3iQMPcAU8jzQyNjgyNzQyASYJD_kAUw-CBAAJ-QAPmANCBP8AHzKJBAgHbwYC9SIB9QEPiiP_jg8THwAvNjiKI0iPMzgzNTcyMzmVChMPSQL_mg-SBQAJSQIPmQRDBFACD5krCA-ZBCAPdCH_cg9SDQAJUAIPaws7nzM0OTQ2ODM1MEkC_8APmQRiBVACD0gZCEFhcHAuGi8hcngsCbB2aXNpdG9yLnBocDUx8Ad0VGFnPWNzaXlyazQyNTAyJnR6PTAmBiwvJnUJLDEPhC488QNsYz1udWxsJmFub249MCZ2aW4QAA-XDQ8uOTGXDQAUAA-XDUefNTM4MDUyNTY5Zw4ID50B_6MPrhMTLzE3XAYAGDkYIQ8-DjyfNTczNjY1Mzk2DQQgD9MAFB843BAACdMAD38JQgTZAB84SQMIQWN0LnC0JiBlcyUtIG0vCjHwCC8_dGlkPTI2MTMxNTg2NDI4MTImcGQ9WDFAMjJucGYxAGMzoDJlbnNpZ2h0ZW4SAFY3RCZjYuwzkDU2OTcmZGVwPZIxn1BBR0VfTE9BRHAEEA9DDwAA2RMPcARHjzczMTUyMDg3yBMJDycBfw8CFAAnOThjEQ8uEz4FJwEPTgIIEHNNAiBpbbo0gm0vY3QvbGliuBePZjYzMDRkODNCEhQuODL9Gzc3MDHfAA8EBDwgNDn3Di80MkUwCQ_dADYeM_klCt0ADw4EQtA0OTcyMzk0Mjg2fV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:26 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 01 Feb 2023 16:07:25 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 15ms
14ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=5&c=21&i=7u2yze&p=aemprod&s=14587&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3UyeXplIiwicGFja2V0IjozLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8UZodHRwczovL3d3dy5nb29nbGUtYW5hbHl0aWNzLmNvbS9qL2NvbGxlY3Q_dj0xJl92PWo5OSZhPTMzMzAxMjEzNSZ0PXBhZ2V2aWV3Jl9zPTEmZGw9VQDRJTNBJTJGJTJGdXMubooAAFAA8xAlMkZibG9nJTJGb25saW5lLXNjYW1zJTJGcm9tYW5jEADyCCZ1bD1lbi11cyZkZT1VVEYtOCZkdD1SIwAzJTIwNQDyBDBpbiUyMDIwMjMlMjAlMkIlMjBWAJAlMjBkYXRpbmcsAFB0YXRpc9AAciUyMC0lMjAXAfcLJnNkPTI0LWJpdCZzcj0xNjAweDEyMDAmdnANAPACamU9MCZfdT1hSERBQVVJSkEBAPAHQ0FNSX4mamlkPTEwNDQ0MTE0MTImZxAAsDIyNzg4MzA0NiZjHgDwGjc4NjQzOTU5OC4xNjc1MjY3NjQ1JnRpZD1VQS0xMzA0OTMwLTI2Jl9nLQCJODk3OTU1ODMtACBfcnQB9jBzbGM9MSZndG09Mm91MXUwJmRpZD1kTmpJeE5UJno9MTAzNzE3MzI2IiwidHlwZSI6InhociIsInN0YXJ0Ijp9ADA3MTQnAh1kFABQc291cmM5ALJYSFJfTUFOQUdFUkEAMHR1c6QCYWxsb3dlZEsCQGFzb25KAtRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlmAM82NTkwMDAwNjIyfSx8Av___7lzODMyMjAxNvYEnzQ3MDYzMDQxNPYEFx8x9QQVC-oEnzQ3NzY2ODc1NOsEDy4yM-sEABQAD-sER680MjgwNzc2ODU16wT_PQ9vAv9B9gFwbHVnaW5zL3VhL2VjLmpzUANic2NyaXB0_QcJPgg_NDg3UwMBNTQsIlMDwmluc2VydEJlZm9yZUIAAj8IP2xvYTwIIp8wMDk0NzkxNTRRAyAP4gAhPzk0MDUEAAjiACBtdU4Kz29uT2JzZXJ2ZXJDTOgANz8yMjHoAAfwA25lYnVsYS1jZG4ua2FtcHlsZU4L8QovdXMvd3UvNDU4MDU2L2Zvcm1zLzQzODE5DADxCERhdGExNjY1NjYxODk3NDI1X2VuLmpzEwwPKQoMLjk4CQEAFAAF6wEPKQo-nzMzMjkyNDQyNO0BCA8FAf8X_wxvbnNpdGUvZ2VuZXJpYzE2NzQ4MjAzOTIxMDbtAxUtNTYCAjc4MDXtA6BhcHBlbmRDaGls3AM_c3Rh7AMqrzM0Nzc4MjMyODAEAysP-gAxDvwCCvoADwUEQgUBAQ8pDQg2c3AunQ9ReWFob28FBJBzcC5wbD9hPTFqDfYFJmQ9V2VkJTJDJTIwMDElMjBGZWIlD_8JMTYlM0EwNyUzQTI0JTIwR01UJm49MCZiXA88zy55cD0xMTU0OCZmPQ0QLzNlbmMFEPAYeXY9MS4xMy4wJnRhZ21ncj1ndG0lMkNhZG9iZSUyQ2Vuc2lnaHRl9BAD4QQyaW1nogUKzAY-NzMx3wInMTjfAg_lAUKfNTY2MDA1MTMw5gIIAEoD9wRzLmcuZG91YmxlY2xpY2submV0iRGAdD1kYyZhaXAcEFByPTMmdgkAApkRDl4QD4oQBwCyEA_CEAcPlhAJBREREEkQERJBERGwej0yMDQ5MjgyNDXzEgOAAQ-KEAQ-ODM5gAEAFAAPYQZHnzQwMzM0MzExN58LCA98Af-2HzGLDggA9wIPUgwFD_UCEggGFMZ6PTE1MDY1NTQyNDJECw_1AgUeNn8TEDgUAA_1AkifOTk1OTk1NDg4VwcHD_UCOQ95Af8b8gVhc3NldHMuYm91bmNlZXhjaGFuZ9cLAhoAsy9zbWFydC10YWcvZxj_HGVkL2Nqc19taW5fNDk4MDEwNTI4NTNhZDEyMzViMDk4NjViYjY5YmFiMzjoCRQuNzjzDBA4FAAFlAIP6Ak7nzUyNjI1NzM3NoYFCAL-AA8YAW0eMqEGCRgBDyEIQwQfAR83sAMHDx8BIiBtYTQC_xM1NWU5NTI1ZDJhZGMwZDk1NjE3MGQ3OWJhNDhjODQ0LmJyNwIVHjfABzc5MTFACQ83AjyPNDg2MjQ0NjnIBAgPGAFyHjg3AgoYAQ83AkMCHwEvNzBCEAgwaW1hXgSBZG5iYXNrZXRUCvELaWQ_d3NpZD0yMDA0JnZpZD11bmRlZmluZWRkGgYOABpwHQDwImFnZW50PW1vemlsbGEvNS4wJTIwKHdpbmRvd3MlMjBudCUyMDEwLjA7JTIwd2luNjQJAPAKeDY0KSUyMGFwcGxld2Via2l0LzUzNy4zNj0A8AZraHRtbCwlMjBsaWtlJTIwZ2Vja28vAPAGY2hyb21lLzEwOS4wLjU0MTQuMTE51xtTYWZhcmlCAA97Bw4uOTLnBAEUAAXnBA_RED6vNDk1MjE5NTY3NssDBw-UAf-CANUcKS5jJwMPXwIQDtoJKDkyORQPXwI-nzUxMTQ2MDc3NUsOCA_LALgecL0ED5YBgn80MTA1NTM2iQUJD8sAuE92aWV3LAMfHTVaCSg5MloUDywDPp82MjQwNzEyNzQ-CAgPywC40GV2ZW50LmhhdmFzZWT0B5FvbS90cmFjay0aAP9MP2VtZXRhPWV5SndJam9pYUhSMGNITTZMeTkxY3k1dWIzSjBiMjR1WTI5dEwySnNiMmN2YjI1c2FXNWxMWE5qWVcxekwzSnZiV0Z1WTJVdGMyTmhiWE1pTENKdlAADfARSWl3aVlXOGlPbHRkTENKd1lYSnRjeUk2ZTMwc0luQnlAAAAkAPj_EmFXNW1JanBtWVd4elpTd2liR05yYVdRaU9pSXhZbVJqTUROaFpDMDVOV0ZsTFRaaU5ERXRZakUwTnkweFptWTBZbU5pTVdNeE1UWmZNVFkzTlRJMk56WTBOQ0lzSW5OdmRYSmpaU0k2SWtoaGRtRnpSV1JuWlM1RmRtVnVkRlJoWnlJc0ltSjBJam94TmpjMU1qWTNOalEwT0RRMUxDSmllaUk2TUN3aWNHeG5JanBiSWtOb2NtOXRaU0JRUkVZZ1VHeDFaMmx1SWl3aVEyaHliMjFsSUZCRVJpQldhV1YzWlhJaUxDSk9ZWFJwZG1VZ1EyeHBaVzUwSWwwc0luQnNkQ0k2SWxkcGJqTXlJaXdpWTJzaU9uUnlkV1VzSW5SeRwB4GFDSTZNVEl3TUN3aWR5DAARWQwA8TJZMlFpT2pJMGZRJTNEJTNEJnRya0d1aWQ9MGQyNGQzNjItOTEzMy00Y2YwLThlN2UtYmU4NzYyZjA1MTBhJmV2dC0A8A01Y2YyN2JhNS05ZWE4LTQwMTQtOTllYS1lYzc3SAwAOgAQJmgGEC3FJkB1Y3RfAySCPW1pc3NpbmcaAIpvcmRlcl9pZBYAinN1YnRvdGFsFgCmY291bnRyeT1VU98FD8QVBC44NKkXAcIbBdQJD2wLC0BlcnJvJyUvcmXTJBufNTk5MTEyODczTgQIAWkDD4MD___TDwcQAABFHw-DAwYSQY4ZAiwcD4IDLh85Ww0H8QZiaXRlLmF1c3RyYWxpYXJldml2YWwvGx9tAR8QLjk5_xwBFAAF2QAPpQg_jzcxMDk0ODkyMA4ID9UALR43egknOTe1EQ_VAEcP0BIIeXVkYy1uZWLYIPIUdjEvcWNldXY4NDQ5ZHpnNThwdHQxYmhkYTlnOHVlMTljN3PTCAYmBg91FwMAcBsM9QACFAAPygFHrzMyNDY5MDEzMDOfAgcP9QDiBr0eYXRpa3Rva48DsGkxOG4vcGl4ZWwvihj_AmljL2lkZW50aWZ5X2M0ODMykhQTPTU1Mt0CIDYw8CwF6AEPkhQ7nzMxODY5NTg0NHMTCA_wAEktNjJqFAvwAA_-CAsPlCUkA_cALzUzpgQIAEwwQW9qcnFjFKFwLz9yZXR1cm49lBvmNDQwNSZ0cHN5bmM9bm--Aw_kCQM9NTg2uBM4NjA1swQP5gBCjzY1MzA1MTU1eiYJwWN0LnBpbnRlcmVzdMkCMGN0LsUUB9QAQ2ZyYW0JJwl_IB81uwoARzYwNzCKBQ-tAjufNDE5MzIxNTk1XSIID9AAKh01GygL0AAPpwFCBdcAD14GCA8WGCL_F2luYm94XzY0MjRjYjE4YmQ2OGZhZGQzZjEzOTU2MzdlNjYzYmI4LxkWPTU5MCgJTzYwODPwAUafNTgxOTcxMTM0IQkIDxkBcx8x4AMACRkBDzkCQgQgAQ89FQkPIAEiAn8m8ANfNGQwMjc3YWEwYzUyMDU3OGR3Ir8yOGRmOGU5MDJkYjoCGA8hAQEnOTI6Ag8hAUKfNzM4MjkwNjQxXhYIDyEBDgLZHvEAL2xvY2FsX3N0b3JhZ2VfFAVhMTcubWluLwUQI3waDzQFED42MTFkBAEUAAXhB_gISFRNTElGUkFNRV9TRVRBVFRSSUJVVEVyDB9hyTQnbzQ4NjMzOLslCg8SAXEYNx0HH2GkKTrQNjQ4NjMzODMwMH1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:26 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 01 Feb 2023 16:07:25 GMT

GET
H2 200 visit
events.bouncex.net/track.gif/ 42 B
106 B 121ms
40ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLppAE4WRnp1SXVGSUl8tgBlFAAzFCQQJ3pXd1UAMlAIGCQEeuR+pBxu8ChoCj4eNFN0BFgkUhw0yEhTYWo24xp6Ol26eEZMAiRIAkxGeOyD2htSAjRbi-DMBABaMHiULM292kyWRQmHiHy+PzAY160H6YAIpFgkBAF10OEkqmYzChE1h8MRyMwAE80TosT0JvF4OcssAmiAUPcEGAcJQXNpqN8+ISAPqoRLc8mMmjUeQ7ajURqkRDCkLC+JpBJJRHcqAIX4yuRiiUoKW5EXUULi+WKgjKsCQBCmDVayXS8Wy8W8cDXWDYbk-U3Ya3C1j2g1ytIoSDcmwEXTc0ywrCQb3i216h3URBgCAXblZAi8HURqNe+2a4XxmX+8Vp-qgBACbmnXjIbnmy2x7W64uG6i08K8bku0wXJtFv1t+LxbmYWBZGx16PIBC8fs6u36tuISnNSA86617nT-pz-M2hcJktJhIXLuRtUgcfd8KJWfzluD4Vwxag7nr0wJgtxw+t4VZwkwHfAht10UwQFQJE+33QtfyfcUeGuLIZhzTN61gGxuUsTA0EgNIH0XRNVV+FVMG7JoYxg8VfSXYUHjQDAux4AijyHEcUERAh6jISw9xFb9m0I49vjOFi-0dBAEV0BBuSdL5PUo-itRoxMVzPetIGBLMkC7eJbyiPjRVgx9aPFNS+FkyTYGkm8QDvQyBIHUyJQg81yLOFULSyMT4JcpA3JE4NiO5bjdB85yEGAOt6MY0jwsTSNM1geJg36JCcj4IMCSbFTjwabjwiDGSPy-A8TMTfKyHpC130JT9uQwN5UFIeLhIIGxUGmHCIwoprWrbVAyHdXguzTC9EDzJTjKEttKsKmrIujfrhTm6qZLmVASIAK2BZbxRsFAIBHSM7NK4tnPNLSmnPZpQSbcTqFrKT1tus6-Wci9kOvE67qo-VnIOo7uUWFq-tWdZhG-WgnCOE4zguK5sldWtuLeQzj0uzKdOBpYm3BjYjP2Q4wGOU5zkuJDkYGHh718p7rJkkG8bWAmoZhkm4fJxGsip1HaY+-ovqyHHQam8V8chsVoeJ0n4YppG+GptGHpAGxwzmDBas-PbqFV9X5iwlBCVNRTCf+oi1dIjSCESJtJAehBdHAJFuspc1smQHXVqK98+QiGYdeuTA4UsetTSQX6xceiCElN48YtnK2QFrbAQG4-mzacxMO2T2TshQZi-sgJBYFYlb6gKtaes2oDrg6rSA7+rO8orqqfY2iFu3azqnW62BTCzC1A4oiMEWaqBCSbYiHu4-p3Vb+aZIuSPM7g5zAvrBBTcctfEw3gBHdccoejeO1L4-fMSm7Tp1q-Rx+N7BLLo1A0gDMs1Id0UpAKKdbVAvP7u13DrUMrpQThhAFkcaqZMC30yGgTaKoHJlRmsKf+Q0gGJ2AObHe5VhIjweCgWsyDprP2oPAFCs5NYdUEIgJAOt+4IKIYnLigwkDulpGQBklg4FJRSvfHIOCUFkIZFpC4GVgwa0fs3NsJxaS2WjMne6vk5EoG5GkKASi-oPVUcDOhWio4PSIe1GSWR4jIRIe9PeBACD+1MZmbM40lpFxLmQzAKBgCWVAG+RCFEdbuM8bWbx60rRN13i4AAItiGA1xbEgAQCyNk-4DFmzKNQVQ+RJByGkOoVQ6T1DpJcAADntr5UAyD0QuD2KoFwGhVBFOYFsMo2dvRJMiYmXgaBaCuUgAEAgRDrTF3PseeowBt7GEqdU2puSKoEGtL6NspBQlRwlrsb8-xbiwzJgjJCtx7iPGeJgV4YJvjqi2HQQEwJQSfFOZsZyh15nZ1MMAa0pS2yWMeg9eh2jfLxDGa8mpUy6mqRSZqd4bzhRoHiN8pSELxTeX3Asui-z9yTMKcC48aR4hAXgJzaCsLWRRPgMgeY2BoA0KEMgHA6RAQIE6MS1AjUYBRX8gSNEzBCgyBKGUCoVR6V0NJTACwQZ6inCyDgFQ-AhBSCxAywV0AgmnRKjgWsYAIjnFMJ0N21JkDQEDPJTALKLS8BwFiDABBoAumwEgQkm4EkRIAKKdHNZahSNq7VyBwI6gAqs6hAFqrXF0JO4nIOA4hICBESP1Fr+hoDZT4J1LrY0EhDQknwTJEDRstRPHAAJgQRHqIsSizAfhsDwAXTAWbeyXVIHanAGJslyCzUHF20Y60Ot9e-BJWIBC2F6AgZOOBSTqGiYOtFNS6kNKaSOxVoIx0FIyVknJeSNCFJKZ0KRFYBBjs6IgfepcQQDpNViPS8TsBIhyJdKBaJAXotyUUuQ1AtXhGjCgcCLKYE4E0mgJts6Em8F3eHUEOBe02E6IKnADKgA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:26 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 pageview
events.bouncex.net/track.gif/ 42 B
106 B 120ms
38ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NyhAdAHYD2qubLTAxmwFt6AI3Rsw9buhgsIAWkK8QAkrVSCQLXvMXLCAMlCRYCRL0ZcBUEKhghREQpmIB2AELUqSlgBMAngD6qCC8ANYBsIQwDp5klFRUAGYg6IQQsVQAwp682BBhbMi4ATC4ECqxFJ7JqekJ1NkJufmhhcWEZcCV8UkpaRmNVD4wioUsxcpjuN2eAAwDOdggxcJsAB4BwKiOEOMzCTX99VmeaYRR3AECbD4pm9tpe-VVB311VA2el9sm8AEcPggqACHQgXWePUO70+CWs0h8AX4yGA3H2vVqCyavACLGQAmEQICuzK2x8aKhmKoaXMtlwgX4gKJ4yBEDJEOqb0p1O4CK25RgeMR0jCrPJnOOg0IhVQ2gCdOA0Je6KOHxOCVufkIcrYRLWwBgwVwMFR7NeGIlnhk-AEMjA9xuIOQwgC6F2YFw2DF5tVg1K5S1MkRNmmpqo8wtCTEYEgCJkXpVMK82JARTYiRg6FdbI+SopEa8wfj0LVQwg6GQawgAWGo2QTxzPXDPtO+R5INwmluqARvGFoVFobzzYS3N81bLFarvZgIuzcQ53sT6dQHSDnBKZSEg-Fw6SBtXSnXfoEAXTayLlOghKjMZKLAv+a2N2QvGK22tAl2tyNJobc0pICJOm0jLFW8qKpCO6JoBwF2GUcp+AqASQLIwToA+u78MIwS+LamzBqhGGJsEGYBCAPgIpcfKPCGf5mgmJYwRmcFVle9bzvRxaDExIHwaAwQqAEABWmhESWwggFE2JbDOEEZLuHSdjYvK2NoaKUoC5aVvcsnqY+2w2oKMlqaGlISVJARoOhoZ4AQJAvHQtCMKwHBcDw1p1oC6ayHOJaKb4ymWRgaK2UQHGOQwzDsJw3B8IInkQN5A67ppk5BdZdFUKF9nxBFznRW5cUCAlSW+YMfKGSeVkhfgYUOfQ+WubFHm+IlMjJYm0QbEYYGIXJnGUl1+GQC6IB+G0em7kNgYdGwYRogAjJeawjEaLB2uYs2fqgYncUBzGgXKwRhLau05NwUquiC0omZlwzvrRiY3qyd4lIC4wwOmHW5lBJZwjACI+BocahrgqDIFxng8Sx+ECVqWE4cM61nQk0OHfxeiImw2GdnhyLfv1yqQ00wabOWaGlH4aLHpSy5Vmj8HcLdHFE5Sh7tBAj0-YuJbswEACOdJok2iZ83CEPC5ST4qbp248+V6gIiwyiE0OotLLg1y3OgZGvjAUCq79gzlCApGzaSKNUKsdbaBsMACNRFz3nLDEK+IAlvZbJtm1wpIRKqmVq7zpNiOR32QfLniMHhrIjdhbDwGkO0u8TVDImAwSApRQGEiA1gZvYrqW9LL7FMrn4ByzQfcRJvjcJ+4zDYbkcJOw1hCnAH1zkqlJtyAATYKUAOTYmfeWUnw+mfm5HY1WAi8Da3c9GzbBsKEcBXDcdzUcSaJgxL+bK1A46wLKVqFinvd5yfsmbOCgdQS4AAihjgNAcBIPwa9wFEABeECYAWrMBaAAOV+xgP5mE0NwGcKQcC1RyvQBqUUmruUECIKMkgWDSFkAoJQFQ1AaC0DofBBhrTADMA7TAsx9DkMQLgXgiRqG0MEBQxgwBmFawATQ+AEBhBRDKADTAYZZgABZ9CRCHj4QBAA2FwABWKgciZGiJkSA2YVB5ELXEYCU+EAhHaKUQATgWqQIBqilGiKUS4EBC1wHvwQAY-QaR+YQ2IU46cxIjSfkUlQhacjFHKNUSA0g8jaHSGJCAfUBsVzGhYJgDsYBSD6F0bJTAPhnE3QAbw4Q+g37jEwIwIEQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:26 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 item
events.bouncex.net/track.gif/ 42 B
104 B 118ms
37ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/item?wklz=JYFwpgtgXMAmC8AnA9hAhgOwMZgLQGcs0J9dgNcAmABkoGYBSOgQVwHcALNEXAT2QCuuDGDCxcIZLgDWGZG1wNKAIVzIMAG3J5Y3cgHMCRCARB78IYFnwAyUJChZkAB17wASqkw4l1QsXxfcl8aeiZmXwB1LhBffgFfETFfSV9ZeV8lZV91LRFfXUsMfV9-CFKzSwsrW3toInB9ZEQ3OURJDDtwaGB0fTABRA14DhAQZ0CWJQAxGYAjAV5TPSwAOjaO1adyymmN9RmJmbQAMxOFjFgNMEDd3rR+2+mNZCbhZo7cDQ1V52KuhyDYajcaTCK7GYCfDrD7qLaoeYvEq7XLaIwBGYodDYPBlWrdGAYCzILDSeAgRACMA2CDIWBgeDUGxsMBzfD2ODwGjUAAsNgAbsB2ZYEABGABsAHYAKyUKXinnigActGlor59MFOE56rlAE5RXRRbzxXKeXLJUrRTZnA8wIKwGwdTZ8GAAI5UnGcyg2LBaMAYMa9G5mCDOeASmUWhXKnlMv3AANmZzAflgRDs9Tkh50GyaqwM2AuwSIHDwFlzGx2wPwKHpoA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:26 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 view%20item
events.bouncex.net/track.gif/ 42 B
104 B 116ms
36ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/view%20item?wklz=JYFwpgtgXMAmC8AnA9hAhgOwMZgLQGcs0J9dgNcAmABkoGYBSOgQVwHcALNEXAT2QCuuDGDCxcIZLgDWGZG1wNKAIVzIMAG3J5Y3cgHMCRCARB78IYFnwAyCMlhh41G2zAAjfKDBx4NagAsNgBuwF6WCACMAGwA7ACslHHRAdEAHLTxkUGOoTi+2UkAnJF0kYHRSQFJsWmRNgAOaPpgoWBsBTb4YACOAmDYPgh0NlhaAyCWEGAWxA3wMQk1KekBLmPAE2gNwMFgiF7q8Gb6I7lWTrBdgog48G7uNs0T8ALdiEA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:26 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 cmp
events.bouncex.net/track.gif/ 42 B
174 B 115ms
35ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/cmp?wklz=MYewdgzgpmAuBcsCWBbKBlWBDFAHAvAIwBsA7AKwBMZxALMYYZQGSiQwIAWWEAwuNDj4wIAKSUADMDzMUIACZR8E5gHcoAIwhJYUJPPySJtZgDck25AZIVqpOsQAcEyuUInF54Huu1qATkIAZkJjYmo-MkdCZlwsAHMocyhVfSJmaABHAFcYbzSTYAAbJA5kNAhsPCIyKhp6R3J-VhKOLFwkUygAJ21wfGx4oOZPJG98eQyQbO7x9Q1mBI58bOhuoA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:26 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 bsync Show response
cookie.havasedge.com/ Frame 3664 60 B
136 B 816ms
177ms Document
text/html 54.245.150.46

General

Check archive.org

Show headers Download Go to

Full URL: https://cookie.havasedge.com/bsync?guid=0d24d362-9133-4cf0-8e7e-be8762f0510a
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.245.150.46 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57a6d2a29141901833f8224cf7dfa92ebc1cd2171cd43d754a9a1472a00d2d62

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 60
content-type: text/html;charset=utf-8
date: Wed, 01 Feb 2023 16:07:27 GMT

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame 7286 0
644 B 141ms
141ms XHR
application/json 35.222.211.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&t=1675267646152&v=1675267647048&H=e032fca4aa439052d5b38f27&s=5eee9bcf3db243e1fa0901403695265e&U=181fe68d881bc0d16a70d98572b1a6ad&z=1&Q=2&S=0&N=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Feb 2023 16:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame 7286 0
644 B 138ms
137ms XHR
application/json 35.222.211.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&t=1675267646152&v=1675267647195&H=e032fca4aa439052d5b38f27&s=5eee9bcf3db243e1fa0901403695265e&z=1&S=7494&N=90&P=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Feb 2023 16:07:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
39 B 97ms
97ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Wed, 01 Feb 2023 16:07:28 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 reloadCampaigns.js Show response
api.bounceexchange.com/bounce/ 3 KB
1 KB 79ms
78ms Script
text/javascript 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=2651&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYB2AVgCYTCAWADnIAYBOTYALxCgcwHcBTAEY5UwPgH1UAEyiMG1TACc+OEABs4aDAUIMGAD3yzFfGHwVKFUbAENVq1AgDmYuAtVQAFsGAAHHAFIAZgBBf3IAMTDwuBwAOgQQBVAEWKQQAFsogVUQRyiMewQ+AFocJGt0gIiFDOtkErKKnEwAN1RhYDE0kABrVD4of2IAITDyVR8xoNDyci9fKtIQsIpI8lWY+MTk1IyViOzc-fCChwbyyuOa9Lqkc6ap8gBhMYUp5dnHl9n2sUcQMQ4ZTCDDvYIwWxAsLfci-Rw+QHA9AIMEQ1RQ4gAEWwIF6-UGIzGkikYLG+GolCY+EC+DkhEoFJItHwXzGbUkYKIZEoxBohFoDHW5OhbNJhNmxLKIEQnQq0oQwFJswYrNmKlcdzEwAAnj4+KjIfrnkTrNqcFqAXw9D5UAprJoUZ8PuQ0VDPsafsgMg5nD4apJAXABGJVHwnMAPEqXYbVbDRJUJAgutYklGVe6YeVU07wTGPeRJHx1HpxJK0jK07GYLacJ0s50RHxMjnXUaYdWFLXk0kJPGxNW9FHW7G+C0zCHco4+AGHAb0W2xn6QJI4CgxEo0ul0mHJPbkZWM2NrDBq-Z7eIdXqh3nyCLZsfT6hz1rdeIp0U7apr-PY2kBHaEGJJwxB8FNgA-b83VvfMH1QM9RDEUcw0VHMxmHQ97xPOCnwQ0C7QTMA6kgo1oJhWD4IvO0kD6JxiNjHJHCnGckykZDUGrac6Iw8hyJw8Q8KaLoQH-OogLyVDZnQ0ijywiiQJTQS-wAsSXB8XdRC46TZnrED1E-ERtSjRtmy0l1bXEXjnwwO5NLvcgdKBFDbxCdDMzAsQAEcdTBdM3J7FpbDgEjpl8sY4B8Rw7ULAMQBPcdrACuDrGyYLnSkuzktEjBtwVeSp1s-MEASsRCzaTUHHrOcMUxOzJEccIa2AAAZEBrA5HNgAUIK7JgFonOmLkKCoahCAykAfLsiYo3mPwVg+VZjk2BIkgwXZm1WQ5xNWU4ilKC5FmqWp6j2h5uOsKpnOCULZhaHwWk5Wqo3a0y3gk6DTKQPrORIIbeRGuzhGe6ZqDsxwkFey6WXzEyQsmr6c0Gnk+TsjwkHNGJluSB6sVaFMcAAbXKQDtXXaxqLENphBSgBdWBDVxztCY8PhqOlBt4xwWnWwZgmkGZ1mNEBUQfC5+mAsZst5VldIpdp7hxd5jx7TEAQQD0EClCBBVRfnHn8aBHAQSTGXd1UDXlGQnWgT1jB11HfoeDERJCwUIW+BFundYV-GAvsANyx8DArb4PWkCQMQEDgdIBHHZCzGnYO9aBJBXAMoTC0QhV48kRPveTjAAz9JtUCjrp7GohPPetvPpQUTVLz4XO8fx3czQtRDrVtPcg6rkPvYq71gKXAMcCDEMw0cCMm8Z4zzQcbtgDlvWGKYxNp958PrA0WK4NDHPe9DsD15bos4BLEr2nLbWuCTlmC6F0SU398uekr7m87vwCStP8+kBft+xbNw7F2HSxlj7ALrO5Yy-ZUB6GPkhV2K9pxrwPt7Yeq5OgbgyDldSyIl7e0sghBux9CEXlfH8MMZhbDHyUqJH08kkgfmPnaOCYg2oxSTEXLWi9UHN1IYhMc19358NknxBhglCIIGPgIc6qBw5+jkY3KwedgCPwUIXBQijaZ60LMWfimi7jaLQUodIJd0gay0co5uMjhDh1cKoWmM0AghAAPQuKWtsVam5ECFmrEUSQSdVGASfi4NwjjvCzVce4uImMvEZB8SYM4ATva6LPuIex4SFjTDcR4laKRvGAUSf4vWRdTGlwyZ4CJzjgg5JiZ4-J8TCl+OnHrVAAh1agSnC+PUx82kdOsF01Qpo2ZGObn0xMQsQDUVpvgPWVp2hoGAinWsGQzAkNEc+TqZMaKOBoRgFQoZAS10MVAYkG5gDL0nMg+erEFTsX6PvYRjNfZSBKrUBwtNOpBT1vwgSCZaGAR9Osx8z4-nmgBSpcK6klFPN5u5HwelbAGVpsZPWHYLIbIQtZGFgDGYOT4Dw2FhN3JeW1Pg5uOlfZBXJYzYeFiTlErpUVbcNClbABNrYNhKBUBjngTcVhKylCPNxQTVWiA7jq1QOkLhRtj5LkihUCQwqvbNybNYAVoAhUU3IDQ9yOQ2oAJVYzGI9DpxdP-CAHgQIFDH3Cgq6KTs4quwSuqoZNNeG0v9BgiOFQ+A6o9QTTKgFsrITyjio1BMEgBTLv0O5+89ZRusGIDwIgpCjMZomlw1q01WMZm1YS4h0hIFMfG723Q+iFuXJyrhlsoBfL7s3IqLRv5lXEBVI+Ab8ZNpbYokCHtublv6BaAEQyFBTgPgIHwN8CVTvxgAIh0okLo-MehsznQAGgXeef4ChtQbrnR4VZ+70EoH3UCFMfM53U0wD4YAeAcTSrPPUfsQzHDKKVjfO6UgCCKFUA3KANi5H0r4Ou2saiNGKPXak8+Ci7jrtKWY4D67AN2LcKBoJu51GhNUFBn+6S0MIfKWhtICADniHVHXEDLyAySHeQgddOkEWuCRTqddma-6xrQJINjIBo0pq4zx6NMQzBSHXfmmOYgi0loY7iCtkmq1mxrQqX9zKBjiyfClIAA
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 90b0b50efe1dff7fc3bfd49fe07857574b6702637be6e82a7153c50cbde31791

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:28 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Wed, 01 Feb 2023 16:07:28 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 43
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 reloadcampaigns
events.bouncex.net/track.gif/ 42 B
104 B 38ms
37ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHhLDACeAfWBQ4AaxEU0ONAxC8erAMwBBZQDMoYHEr68AwsrgALEFIiESItCRCIcytZr469BlTxN9zlyWtbUhBkFw1tXX0XH2UYOThrLFskJJJwtx4ABhjffjMoWzoIAA8RZFB9ZIzIz1zlfRx5CCwRRAgYXXLKkGrDCPcor2NlFrEQWRAAdxEIYBgQYBEQsP7Mj2jDWL4qMDQYEUTCZBaawbqtvLg4ESxCRDpFkV6HUBgzng3h7Z59IhoSKJEgtnslFiB3mtaptvHk-i0DhVHGh7oc9lIIR8vvU+DhrMA4CARIDkMMBp8hjieJ0hDhiRBniVkGhxCQ0KcoecYSM+GgsIlEHyMN0OstCHQRIwsBgSGYsZTLsp7I46XzDtR0pzslTIBgMBC7Fh5RdYaYblAbBAtGgwIxISpydjFX4NcbuT8FmBCCUifEcEc+g7Mjlnb9LAjliQoIJqAc4OjJJitU7Tbjw4IRJ7vUT42gMfbXNDvnlrcBSOrgLZlYg3cXtCzywhK3YHIgRNaSrWqRMnrr9Qc+V3QxUOoQ4LZQALEL1OmyOUHlCHUzwoFprXtCkSSWT1grl6v17QHMShKSRPqsItdEPl4k6OJBELyhrL8AbzyeOIbSJYAcxkiqk1BcuTrPgDxtI8iR7QNCxAqlwI3Y9UHEJwRAAK2jd8fjoKB5BuCo8x3GJl1IaNOnmbpCI+Kksx9SjCWo4dQEFVECIYrUqRwvCREIYAwA+MwSBIZBnAGAAxXgxOIAA6LA5jILBpIFQhBBAa1LwLH5SJjCjeP4rVBOE0S3AkngpJwWT5JaJTyBUhZ1KTZdaKJPSBKEkTYNM8zLMrazlNUhzNLyJEWLbVyDPc4zJMkmS5N8xT-PsvlHI-BQylQfUT1JLC8jS59MrAKAhCCRjlzytVSAgKQPgARm7Eo5DZaVDmIMhpzfZM9w-BDIOJcQpCFHLTBaPFGGWfF2OA6kWUsICPz7A01X2F40GtFLHS6n5dn2TNyHQI0tRIYBCFAlc1wgzdnxQuk7wfeJpSGsDzsQolkKQG6IHvMin2OWciLg0Mm1sZAvXEPZAQ+asqVLIkesulpJtgikTQ-IHlhAOaNpRn40YARwhrUl1RjUZF0E6PiJn4R0RGhEax91guAUUsCQf7kYZ0wChIdpOjAH9xzQCg2ZTD9HHQPnKreR6eGKFTCTKNAUEqZoDqmkWqaZjAULsAt6dOsXv0lg0KG8NXNquEnIFgdbd2xvJiCfCFMvvCApn0Dqzbt5Rji162-zXJ4oCoG16EYaXqbHWwWenU2kfVvJ6DIlpp2SfLhfN5Q5KoNE0BW3XMipLOoBEMx7H2UqPyLnj3fLjjQ1gT6iUQOBBXz4jUYgCBJFztoOi6ACXg+I7ydDFmKEzCZCMNIHpbHifZEJcpVk97l2AAEQAMlAK34CQVBMFwPBo5AZgqBoUOQC38BoF3lB0GwfBt2YLi83ogwjG08iaaonxnLf4wQoojbGxd+L8bjhQ-lGHSBwIF-wgYA1EEDEi4AgGNPEvF2JGG2gcGAe1Bw+DRiDXiuh7BCGMFXXMedyEQGzqXNkkIjBV2IIsWuRgG6PDaC3VhiQu49x5v3HoyQN48xPlkDeUwQB0HkA4fYzBshZAACwb1kNI2RNUABs7AACsPBNHqIUeogAHFkHgWiapKIWAvEAaiFG6IAJw1VUDVRR6jdG2M0YYmqG8MqT2mGoje+hcYnX5NYmAzAtEb0ockNk05SIoGYBo7Ruj2D6MMTwRxkS9gvCgMyIWZZ2RYGYFGDAqgN6WMIswGAASJonwkXQDeUALwkGYMw4AQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:28 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

POST
H2 200 hash-check Show response
rl.quantummetric.com/norton/ Frame 7286 2 B
225 B 428ms
145ms XHR
text/plain 34.66.3.160

General

Check archive.org

Show headers Download Go to

Full URL

https://rl.quantummetric.com/norton/hash-check

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.3.160 -, , ASN (),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 01 Feb 2023 16:07:29 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
content-length: 2

OPTIONS
H2 200 hash-check
rl.quantummetric.com/norton/ Frame 0
0 426ms
135ms Preflight 34.66.3.160

General

Check archive.org

Show headers Download Go to

Full URL

https://rl.quantummetric.com/norton/hash-check

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.66.3.160 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://us.norton.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: *
access-control-allow-origin: https://us.norton.com
content-length: 0
date: Wed, 01 Feb 2023 16:07:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 8ms
8ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=6&c=21&i=7u2yze&p=aemprod&s=12168&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3UyeXplIiwicGFja2V0Ijo2LCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8Q5odHRwczovL2lkcy5jZG53aWRnZXQuY29tL2M_Y14AoElEPSZkZXZpY2UKAOFpdj0mdj0mR0NIMT0mUwYA8JBHQ1MxPTIwNDI0NDI0MiZHQ1MyPVpHTTVNelJtTXpRdE9HTTBZUzAwWVRVMkxXRXhORGd0WkdWaFpEZzBaRGM1WkRaa0xteHZZMkZzTERoaU4yRm1aamN6TFdGaE4yTXROREJoWXkxaVpqVTJMV1JpT0RFMU9UTTRNVFF3WVM1c2IyTmhiQT09JnBlPWZhbHNlJndzaWQ9MjAwNCZ2YXK2APIZdmFyRGF0YT11bmRlZmluZWQmbG9nPSU3QiUyMmNvbmZpZyUyMiUzQRIAQmdtRU4QANl0cnVlJTJDJTIycGl4FQAiN0QYAGJhcGlrZXkuAMAlMjIyJTVFSEl5a0QSAAE5ADNjanMkAgATAKAzQSUyMjEuNS45DgABIQBAd3NpZA0AIDNBsgACVgBRbG9hZElEAAExAPAAdXZmcVh4U3RVdTZ6dGRVLgABOwBZdGltaW67ADBzZXOPAqNTdG9yYWdlTG9hWwAiMzlZAMBJRFN0YWdlU3RhcnRHAEIzQTQwGgCybmV0Q29tcGxldGUZACMzNhoAo29ic1JlcWRhdGEZACI3ODMAAhkANHBhZzIAKDg2GQBCdmlldzIAKjUwfwBjUHJlZmlyNgBENTEwJU4Bcm1hdGNoZXM2AAKNAQKFAgISABBm3gECYwAoTFMTAARAAEJpbmZvGAACPQCDaXNTcG9vZmUGAQdAACJQTSgABxMAPUROVBQAAvkCc1RpbWV6b26xAAMXAVBleHRlbm0BBKkBQm51bGydAAAbAE5ybmFsGgBDYWdlbnkBAqIAAmEAAngAAUEABMsAVmZpcnN0wQEBigLwBzdEJTdEIiwidHlwZSI6InhociIsInPMAfAAIjoxNjc1MjY3NjQ2MzkwDQQdZBQAUHNvdXJjOQCyWEhSX01BTkFHRVJBADB0dXOKBGFsbG93ZWQxBEBhc29uMAQwXSwi-gFkUGF0dGVyEgCybGlzdCI6W10sImlmAM80NDU1MTM1MTExfSxiBP____9r8QNhcGkuYm91bmNlZXhjaGFuZ2XJCAITAPAGL2luaXQxLmpzP3drbHpzPTI0NzQmCwDw____________qz1DNGV3VmdpZ3ZBWmdyZ093TWJBSllnUU1oUVp5Z1JnRFlCMkFWZ0NZVENBV1F3Z0JuTTJBQzhRcDdNQjNBVXdDTWNxWUR3RDZxQUNaUnk5ZXRVd0FuSGpoQUFiT0dnd0VHOUFCNzVwblJUQjd6RjhxTmdDR0tsYWdRQnpFWEhrcW9BQzJEQUFEamdDa0FaZ0JCWDNJQU1SRFF1QndBT2dRUWVWQUVhS1FRQUZzSXZoVVFld2lNV3dRZUFGb2NKRXRVdnpENU5NdGtJcEt5bkV3QU4xUkJZQkVVa0FCclZCNG9YMklBSVJEeUZTOFJnT0R5Y2c5dkN0SWdrSXB3OG1XbzJQakU1TFNsc016czNkQzh1enJTOHNPcTFKcWtVNGFKOGdCaEVma0p4ZW1KNGdBUmJCQnUzdjZoaU54QkpYbE55UGhxSlFBSno0Zno0V1NFU2lRa2dBRG53OXllMHhhNGxCUkRJbEdJTkVSOUJSMGloSVV4NUNhb0lHdzJtd0pLSUVRN1RLVElRd0ZCOUFwSTJVemh1SW1BQUU4dkR4UVRCckRoUlk4Z1paQlRnQlNBUkR3ZEY1VVBKTEJvRUdLSlZMS1hZVXFrN0k0dkZWeENJY0hBK0NJVkR3SE1BM05xVkpMdWRNaER4eW1JRUIxTEFsT1M3eUtWZmU4Z3VLbmJxZ1R3MURwUkF5VXN5LWRMcGpBMVRoMm9IMm03MHNIQXFIbllueU1uNUtudlFreE1KVWlKa3pwSFhuS1R3bWlacmRsN0R3elhZYStIcGlhUU9JNENnUklvRGFsYmVJTmVndGRtdWZuTERCazdZTmFJaFNLTy02WjNQVUF1QmNMUkMyQ3VxVkN2OHlrK09xRU1DSENJdkQ3Z0h2RDVTMTZoNThJbFEzMlhlUmcrbjZJcitxUFdBYXUrMHlmaHV6N0FPcVNBOUE0Z0dqTTJyYWVtSTRpMm1neWF0dEJ3R2JqK0RRZENBSjQxT2VPVFpybW5ia09oejZZUjZ4Nm52aFRoZUtPd2pRZW1sNXFQdVFpQ2pTcnJsaGlJeUZxSXBHaUJnTndNZGU1bzhCeWhFNnY2akVBSTVDZ21sS01VMDFod0ZLNUNURk9sSndGNDlqcW9oWm9nTE9qYVdJcGo2V0prS21URVJxNThIaEdERHV5bDZXQzIwRUlFWklpSVMwLUw2dGVLNWZQNjRqMktFS2JBQUFNaUFsZzR0bVlIS1FNM3lLVVdBRGFwUm5vS0E2V0JCSWd0SUlaa0FMcXdEcXpRK2pnaVZ1RHdFRk1obTVZNExsUkVGUWxTQWxXVjZqbXNJWGpWZmxjVkZiR2JJc3FrM1c1WndIWEZScUloOENBT2lYb29rcnNtMVlhMVVWa280SUlHQWlMMW80cUJOU2hJVE5rcHpmRnkyS0MwUEJjQ0k4U0lmSXpVOEsxZVd6WU5pbTJHYWNaZUJnMjA4THRTQklDSUNCd0trZkNOa2hKaXRpOXUyU2tnemlzZGhpRkt1eUFQaUVEZzBneGdab211NnFEZlIwdGdRWUQxMDdmRFRMeVB5UzQ4SERoWHhhT2NvS2txS3BxbU96M1k2OWczNm1rUm9UVDI1cVd0YXRyMlBheE1KWm04cDJDV3dEOWJ0V1QyQzJiWUlEelJYdlNJbGpxUHBqNDJyRGROdmRlVXVrNUdjRFJtNXJSeHROSERBNlZpUE5YaFBvUFJqWFJZelY4TkcyZWJtYTlyU0FXMWI3VWs0V3hhTVptNnZ1Mm13bVpwV3FBNk9yOWFOcUw0dWV1cjNhOXYyZzVwSFpkSGpzTGcxOFZ1SXJxeW5oTWlMdUpqV09ybEY0Y3pQNDNpWTZ2cW8rc3ZpSHBYckkxTlFzcThuczZQaUJvZ2gtcjFza3luNUh5ditrdjF5VDFtQ0I5SnFvRGN1WEE4QXB2eUVqOGdqMFRGaURZaFViZmpQby16eVR5T0dtancrcjd0QThqMDRMaTViTVBpVEFBOUtmNnh4QWtHRGJLa2lDSWNtQlRpT1BrOW1zNEtoSDU0SjlCT2ZsK2JEZkJwNzQ4RWZxMlhhaTh0YWlIZnAtT1laOEw0eEN2bHNRQlo1Z0VuR2ZvTkRlcU1LeFFQY0YtUHdQODRFYkd2a2tKQkQ5VUc3VlFId2NhVjRXeXB6bnUzWG1sQ0hJMEpVTEtjcVk4R2FNSUZxbUVBRUZjcjRGMnNxVm9hQUx5ZzI0Y09lUTZkRzVmZ0ZPQlNDOWc4NFlHVURhYzBlTlY3QWtITUFFV3NFSllJU1FxZ0ZDeXQ2RkZUdWhJTnkxUTdDNVNpdlREdVVqbTRPVi1QS2ZPWjRqU1NQWEJoSDBXRW5IVVUwblJPaHJzNnJDUzhNeGF3ckZjcVpsMmp4V1d0ak53Q1Q4VGRFbWpGSlIxeU1ZbFlTTWxCUkp3U2NKTzZ5bE1rSlNqaE5XZWtkVFNmVEtIRW5HQ1MzQWFsV3RZV1dLQlVBTm1EbGNjdTNERkNHUDhVVlVhaUFiampWUUtrR3VTMWU0cE83TnBNb0NFbW1XQmFhQU5wR1Z5QjUyRWxrY0tMdDRrSlNpTXpWc05DVHdnQzRKS0NSZmRWbGFSMG5CZlN4aHpwR1VtU3duSyt5aXBSejdPMEZ5dzQ1blhQaXFaR3lDQTdMdEdvZVU2eENVNGlLWFJyMGRrRWgyRWt6K1pZRVFiZ2hEQXJYcjhrQS15b2dtR2hidGNLT0ZSQ3BDUUlhWldiMWZnOURSVDJXcE5jdHBRQ3NidEZ5VFI3WWVWRUY1Qkk2c3lVVXRucGVLNjFzSDZrMTF0MVdXdlZtUkp4WldUZVVvQkthcW5WSnFPR0xMR2FHZ3ZBVWkwVm9iUjJqY0NLNEI4VStid1hUTnloVjREdFpkUzVRYkpvTEtmYUN6TE82QU9RZDY0c3R1VEhJMnFSNDQwMTdnTkZsR2R0enlwZ0M4NkpvRnR4WjF0RG5EK0pxRlZlTUx0ZVBjanJuVnVPZkszWko3VTdVdXUtQjR2OE5SQTBaMWtTNDcxVHF3NXdRRmhJUFJCaTQyUnZzWjRuQ1ZGRTNNb1ZaM2FOamk4MEZ3dkQ0aGNnYklrcDFpWUd6U296ZEluUU1tYzR5bHliUnh1c21lV3lTRW1IZkorSDhSY3Z4clEraGJDclBnWGdEYWlVbmZGQUFSSXhlSUhRR3BkSEtyT2dBTlBPaGM5aDRpQ25YYk90d2FRZUI3ck5jQVBka29mVDFWbmRsVEFYaGdCNEIrUDArY3RSS3dzUHNQUEtwVUFnQSIsInR5cMIOYnNjcmlwdL0OKHJ06g49NjA2_g5VODYxLCL-DjFtdXT-EqJPYnNlcnZlckNMSAACBQ8AexEPAg8grzMzMTQ4Nzg5MzYCDwdRYnV5Lm6UEwGYCvUjcmVkaXJlY3Rvci9zZW8_Y2FsbGJhY2s9alF1ZXJ5MzExMDg2OTU2MzA1ODM5MzIzMV_kD3gxNzgzJl89EAAWNBgQDx0BBi4yOBsQRzc5MTgdAaByZW1vdmVDaGlsCBAyc3RhFgFgdGltZW91cQEvcmUbEByPOTU3MzkwNDAbEAgC5BGELmhhdmFzZWS3C_Yfc3luYz9ndWlkPTBkMjRkMzYyLTkxMzMtNGNmMC04ZTdlLWJlODc2MmYwNTEwYf8AYmlmcmFtZdQBChwCPDg2MhwCRzc5MTn_AG1hcHBlbmT_AA8VAiSvNTYzNjI4NTk2ORUCBw_8AFcfNfwADA8YA0IEAwEvNzIDAQfxBmJpdGUuYXVzdHJhbGlhcmV2aXZhbCMDEW2_Fg_vEgogODDAAiJlbokSAgMTAhQABfEDD-8SPq82NzEwOTUwOTQ41QDcD2IPCyByZSgDl0NhbXBhaWduc2wPPzY1MWwPH_BIQURuSUFZQk9UWUFMeENnY3dIY0JUQUVZNVV3UGdIMVVBRXlpTUcxVEFDYytPRUFCczRhREFVSU1HQUQzeXpGZkdId1ZLRlViQUVOVnExQWdEbVl1QXRWRw-BR0FBSEhBRklvDxBmbw9DVER3dW8PUkJWQUVXbw_gb2dWVVFSeWlNZXdRK0FvD_IBR3QwZ0lpRkRPdGtFcktLbm8PYGhZREUwa28P9f___________3VENG9mMklBSVREeVZSOHhvTkR5Y2k5Zkt0SVFzSXBJOGxXWStNVGsxSXlWaU96Yy1mQ0Nod2J5eXVPYTlMcWtjNmFwOGdCaE1ZVXA1ZG5IbDluMnNVY1FNUTRaVENERHZZSXdXeEFzTGZjaS1SdytRSEE5QUlNRVExUlE0Z0FFV3dJRjYtVUdJekdraWtZTEcrR29sQ1krRUMrRGtoRW9GSkl0SHdYekdiVWtZS0laRW94Qm9oRm9ESFc1T2hiTkpoTm14TEtJRVFuUXEwb1F3Rkpzd1lyTm1LbGNkekV3QUFuajQrS2pJZnJua1RyTnFjRnFBWHc5RDVVQXBySm9VWjhQdVEwVkRQc2Fmc2dNZzVuRDRhcEpBWEFCR0pWSHduTUFQRXFYWWJWYkRSSlVKQWd1dFlrbEdWZTZZZVZVMDd3VEdQZVJKSHgxSHB4SkswakswN0dZTGFjSjBzNTBSSHhNam5YVWFZZFdGTFhrMGtKUEd4Tlc5RkhXN0crQzB6Q0hjbzQrQUdIQWIwVzJ4bjZRSkk0Q2d4RW8wdWwwbUhKUGJrWldNMk5yREJxLVo3ZUlkWHFoM255Q0xac2ZUNmh6MXJkZUlwMFU3YXByLVBZMmtCSGFFR0pKd3hCOEZOZ0EtYjgzVnZmTUgxUU05UkRFVWN3MFZITXhtSFE5N3hQT0Nud1EwQzdRVE1BNmtnbzFvSmhXRDRJdk8wa0Q2SnhpTmpISkhDbkdja3lrWkRVR3JhYzZJdzhoeUp3OFE4S2FMb1FILU9vZ0x5VkRablEwaWp5d2lpUUpUUVMtd0FzU1hCOFhkUkM0NlRabnJFRDFFLUVSdFNqUnRteTBsMWJYRVhqbnd3TzVOTHZjZ2RLQkZEYnhDZERNekFzUUFFY2RUQmRNM0o3RnBiRGdFanBsOHNZNEI4Unc3VUxBTVFCUGNkckFDdURyR3lZTG5Ta3V6a3RFakJ0d1ZlU3Axcy1NRUFTc1JDemFUVUhIck9jTVV4T3pKRWNjSWEyQUFBWkVCckE1SE5nQVVJSzdKZ0Zvbk9tTGtLQ29haENBeWtBZkxzaVlvM21Qd1ZnK1ZaamsyQklrZ3dYWm0xV1E1eE5XVTRpbEtDNUZtcVdwNmoyaDV1T3NLcG5PQ1VMWmhhSHdXazVXcW8zYTB5M2drNkRUS1FQck9SSUliZVJHdXpoR2U2WnFEc3h3a0ZleTZXWHpFeVFzbXI2YzBHbmsrVHNqd2tITkdKbHVTQjZzVmFGTWNBQWJYS1FEdFhYYXhxTEVOcGhCU2dCZFdCRFZ4enRDWThQaHFPbEJ0NHh3V25Xd1pnbWtHWjFtTkVCVVFmQzUrbUFzWnN0NVZsZElwZHA3aHhkNWp4N1RFQVFRRDBFQ2xDQkJWUmZuSG44YUJIQVFTVEdYZDFVRFhsR1FuV2dUMWpCMTFIZm9lREVSSkN3VUlXK0JGdW5kWVYtR0F2c0FOeXg4REFyYjRQV2tDUU1RRURnZElCSEhaQ3pHbllPOWFCSkJYQU1vVEMwUWhWNDhrUlB2ZVRqQUF6OUp0VUNqcnA3R29oUFBldHZQcFFVVFZMejRYTzhmeDNjelF0UkRyVnRQY2c2cmtQdllxNzFnS1hBTWNDREVNdzBjQ01tOFo0enpRY2J0Z0RsdldHS1l4TnA5NThQckEwV0s0TkRIUGU5RHNEMTVib3M0QkxFcjJuTGJXdUNUbG1DNkYwU1UzOTh1ZWtyN204N3Z3Q1N0UDgra0JmdCt4Yk53N0YySFN4bGo3QUxyTzVZeS1aVUI2R1BraFYySzlweHJ3UHQ3WWVxNU9nYmd5RGxkU3lJbDdlMHNnaEJ1eDlDRVhsZkg4TU1aaGJESHlVcUpIMDhra2dmbVBuYU9DWWcyb3hTVEVYTFdpOVVITjFJWWhNYzE5MzU4TmtueEJoZ2xDSUlHUGdJYzZxQnc1K2prWTNLd2VkZ0NQd1VJWEJRaWphWjYwTE1XZmltaTdqYUxRVW9kSUpkMGdheTBjbzV1TWpoRGgxY0tvV21NMEFnaEFBUFF1S1d0c1ZhbTVFQ0ZtckVVU1FTZFZHQVNmaTROd2pqdkN6VmNlNHVJbU12RVpCOFNZTTRBVHZhNkxQdUlleDRTRmpURGNSNGxhS1J2R0FVU2Y0dldSZFRHbHd5WjRDSnpqZ2c1SmlaNC1KOFRDbCtPbkhyVkFBaDFhZ1NuQytQVXg4MmtkT3NGMDFRcG8yWkdPYm4weE1Rc1FEVVZwdmdQV1ZwMmhvR0FpbldzR1F6QWtORWMrVHFaTWFLT0JvUmdGUW9aQVMxME1WQVlrRzVnREwwbk1nK2VyRUZUc1g2UHZZUmpOZlpTQktyVUJ3dE5PcEJUMXZ3Z1NDWmFHQVI5T3N4OHo0LW5tZ0JTcGNLNmtsRlBONXU1SHdlbGJBR1Zwc1pQV0hZTEliSVF0WkdGZ0RHWU9UNER3MkZoTjNKZVcxUGc1dU9sZlpCWEpZelllRmlUbEVycFVWYmNOQ2xiQUJOcllOaEtCVUJqbmdUY1ZoS3lsQ1BOeFFUVldpQTdqcTFRT2tMaFJ0ajVMa2loVUNRd3F2Yk55Yk5ZQVZvQWhVVTNJRFE5eU9RMm9BSlZZekdJOURweGRQLUNBSGdRSUZESDNDZ3E2S1RzNHF1d1N1cW9aTk5lRzB2OUJnaU9GUStBNm85UVRUS2dGc3JJVHlqaW8xQk1FZ0JUTHYwTzUrODlaUnVzR0lEd0lncENqTVpvbWx3MXEwMVdNWm0xWVM0aDBoSUZNZkc3MjNRK2lGdVhKeXJobHNvQmZMN3MzSXFMUnY1bFhFQlZJK0FiOFpOcGJZb2tDSHR1Ymx2NkJhQUVReUZCVGdQZ0lId044Q1ZUdnhnQUloMG9rTG8tTWVoc3puUUFHZ1hlZWY0Q2h0UWJyblI0VlorNzBFb0gzVUNGTWZNNTNVMHdENFlBZUFjVFNyUFBVZnNRekhES0tWamZPNlVnQ0NLRlVBM0tBTmk1SDByNE91MnNhaU5HS1BYYWs4K0NpN2pydEtXWTRENjdBTjJMY0tCb0p1NTFHaE5VRkJuKzZTME1JZktXaHRJQ0FEbmlIVkhYRURMeUF5U0hlUWdkZE9rRVd1Q1JUcWRkbWEtNnhyUUpJTmpJQm8wcHE0eng2Tk1RekJTSFhmbW1PWWdpMGxvWTdpQ3RrbXExbXhyUXFYOXpLQmppeWZDbElBQSIYHw8ADwY9ODIxAQ5PODI5NAEORp82NDAzMDM5MzP9DggPVAv_____________uQ1xGwtUCw9ZGELQNjQwMzAzOTMzNX1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:29 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 01 Feb 2023 16:07:28 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FG3M2ET3ED&gtm=2oe1u0&_p=333012135&ul=en-us&sr=1600x1200&cid=-NNCit8pBLLUoOBBTijU&ir=1&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=2&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&dt=Romance%20scams%20in%202023%20%2B%20online%20dating%20statistics%20-%20Norton&sid=-NNCit8pBLLUoOBBTijU&sct=1&seg=0&en=conversion&_ee=1&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36&ep.page_encoding=utf-8&ep.page_path=%2Fblog%2Fonline-scams%2Fromance-scams&epn.session_num=1&ep.hitID=-NNCit8pBLLUoOBBTijU&epn.hitNum=1&ep.client_TagType=direct&ep.hasOrder=false&ep.skusEnabled=&ep.skusNotEnabled=&ep.urlDomain=us.norton.com&ep.urlRootDomain=norton.com&ep.urlDomainPath=us.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&ep.urlRootDomainPath=norton.com%2Fblog%2Fonline-scams%2Fromance-scams&ep.urlPath=%2Fblog%2Fonline-scams%2Fromance-scams&ep.urlTagType=direct&ep.u1=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&ep.u2=internetsecurity&ep.u3=romance-scams&ep.u4=missing&_et=1795
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Feb 2023 16:07:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame 7286 0
644 B 139ms
138ms XHR
application/json 35.222.211.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&t=1675267646152&v=1675267651329&H=e032fca4aa439052d5b38f27&s=5eee9bcf3db243e1fa0901403695265e&z=1&S=9718&N=110&P=2

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Feb 2023 16:07:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame 7286 0
644 B 239ms
238ms XHR
application/json 35.222.211.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Fonline-scams%2Fromance-scams&t=1675267646152&v=1675267651471&H=e032fca4aa439052d5b38f27&s=5eee9bcf3db243e1fa0901403695265e&z=1&Q=2&S=2401&N=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 01 Feb 2023 16:07:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 8ms
7ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=7&c=21&i=7u2yze&p=aemprod&s=2335&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3UyeXplIiwicGFja2V0Ijo3LCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA0Wh0dHBzOi8vYnV5Lm4wAPd6LmNvbS9yZWRpcmVjdG9yL3Nlbz9jYWxsYmFjaz1qUXVlcnkzMTEwODY5NTYzMDU4MzkzMjMxXzE2NzUyNjc2NDE3ODMmcHR5cGU9Y2FydHBvcG92ZXImdHJmX2lkPXN5bWNvbSZzY3NndWlkPTAmQ09VTlRSWT1VUyZMQU5HVUFHRT1lbiZfPTFRAPUMNSIsInR5cGUiOiJzY3JpcHQiLCJzdGFydCI6eABANDUzMwUBF2QUALA5NjYyLCJzb3VyYzwAsnJlbW92ZUNoaWxkQQDAdHVzIjoidGltZW91VABgcmVhc29uKAHUXSwiZGF0YVBhdHRlchIAs2xpc3QiOltdLCJpZgC_MzUzODU2MzkwfSxaAQXxCXJlZ2lvbjEuYW5hbHl0aWNzLmdvb2dsZWgB8GBnL2NvbGxlY3Q_dj0yJnRpZD1HLUZHM00yRVQzRUQmZ3RtPTJvZTF1MCZfcD0zMzMwMTIxMzUmdWw9ZW4tdXMmc3I9MTYwMHgxMjAwJmNpZD0tTk5DaXQ4cEJMTFVvT0JCVGlqVSZpcj0xJnVhVz0GAGBhPSZ1YWIFADBmdmwHAIBtYj0wJnVhbQwAEXAFABB2BgDxBHc9MCZfZXU9RUEmX3M9MiZkbD0tArclM0ElMkYlMkZ1czIC8xAlMkZibG9nJTJGb25saW5lLXNjYW1zJTJGcm9tYW5jEABSJmR0PVIRADMlMjAjAPIEMGluJTIwMjAyMyUyMCUyQiUyMEQAkCUyMGRhdGluZywAUHRhdGlzPwFyJTIwLSUyMN0CPyZzafQABPMDc2N0PTEmc2VnPTAmZW49Y29uqwPwHiZfZWU9MSZlcC51c2VyX2FnZW50PU1vemlsbGElMkY1LjAlMjAoV2luZG93c2kAoFQlMjAxMC4wJTObAFJXaW42NAsA8AN4NjQpJTIwQXBwbGVXZWJLaXRAAFAzNy4zNkMA8AhLSFRNTCUyQyUyMGxpa2UlMjBHZWNrbzMA9RFDaHJvbWUlMkYxMDkuMC41NDE0LjExOSUyMFNhZmFyaUgAAKcA9QRwYWdlX2VuY29kaW5nPXV0Zi04FwBfcGF0aD18ARRwZXBuLnNlc68EQl9udW0EAW9oaXRJRD02AgIAMABEaGl0TisAAsUEUF9UYWdU3QMCIQQAigDgaGFzT3JkZXI9ZmFsc2USAMRza3VzRW5hYmxlZD0QADhOb3QTAKl1cmxEb21haW49SAIALgBzdXJsUm9vdB8ABpYEAxwAAhgAAD4FCjsADwcBFhkuYQABSQAGZQAPRgAaATwADzIAGg4-AS91MVgDMADOAkAyPWlurQShZXRzZWN1cml0eTEBKjM9gwMAKwD4AjQ9bWlzc2luZyZfZXQ9MTc5YQVxZW5kQmVhYzoGDGUFTjk2ODdlBSc4OGUF-ANTRU5EQkVBQ09OX01BTkFHRVJsBWBhbGxvd2V_BQ9sBR6fMDgxMzkyMzQ4bAUHQWN0LnAFATFlc3RgBXZjdC5odG1sPwZiaWZyYW1lkgAJPwZLNjA3NdoAPzUxMT8GS680MTkzMjE2MTc50wBFHzbTAF7AMTkzMjE2MTgwfV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:31 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 01 Feb 2023 16:07:30 GMT

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
39 B 96ms
95ms XHR
application/json 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Wed, 01 Feb 2023 16:07:33 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 8ms
7ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=8&c=21&i=7u2yze&p=aemprod&s=605&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3UyeXplIiwicGFja2V0Ijo4LCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8RRodHRwczovL2JpdGUuYXVzdHJhbGlhcmV2aXZhbC5jb20vbUMA8BJ0eXBlIjoieGhyIiwic3RhcnQiOjE2NzUyNjc2NTMwMjKAAB1kFABQc291cmM5ALJYSFJfTUFOQUdFUkEAMHR1c_0AYWxsb3dlZKQAQGFzb26jANRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlmAM82NzEwOTU1OTUyfSzVAEUfM9UAAD8zLCLVAEjANzEwOTU1OTUzfV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 16:07:34 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 01 Feb 2023 16:07:33 GMT

Verdicts & Comments Add Verdict or Comment

268 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

102 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.norton.com/	1970-01-20 18:06:43	Name: es Value: 4e56533d317c5054523d6e6f6e657c4643443d4665622d30312d323032332030383a30373a32317c4c43443d4665622d30312d323032332030383a30373a3231
.norton.com/	1970-01-20 18:06:43	Name: tp Value: 5452533d73796d636f6d
.norton.com/	1970-01-20 10:47:31	Name: ttControl Value: 5443473d39
.norton.com/	1969-12-31 23:59:59	Name: at_check Value: true
.norton.com/	1970-01-20 09:22:34	Name: promocode Value: DEFAULTWEB
.norton.com/	1970-01-20 18:57:07	Name: nova Value: -NNCit8pBLLUoOBBTijU.-NNCit8pBLLUoOBBTijU.1.-NNCit8pBLLUoOBBTijU.1...-NNCit8rAHtZLUwrfwZ2EzELKU0kVjNQJAZ7%3D.-NNCit8rAHtZLUwrfwZ2EzELKU0kVjNQJAZ7%3D.v1-0
.demdex.net/	1970-01-20 13:40:19	Name: demdex Value: 25239769532810703113708529254822305178
us.norton.com/	1970-01-20 11:30:43	Name: 53038 Value:
.norton.com/	1969-12-31 23:59:59	Name: AMCVS_67C716D751E567F70A490D4C%40AdobeOrg Value: 1
.norton.com/	1970-01-20 15:06:43	Name: s_nr Value: 1675267642061-New
.norton.com/	1970-01-20 15:06:43	Name: event69 Value: event69
.norton.com/	1970-01-20 18:06:43	Name: channelStack Value: s_eVar72~norton.com
.norton.com/	1970-01-20 09:21:09	Name: s_gpv Value: norton.com%3Aus%3Ainternetsecurity%3Aonline-scams%3Aromance-scams
.norton.com/	1970-01-20 09:21:09	Name: s_gpv_custom Value: norton.com%3Ainternetsecurity%3Aonline-scams%3Aromance-scams
.norton.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.norton.com/	1970-01-20 18:57:07	Name: uuid Value: b788365e-1dcd-46d5-91a5-ad3f5a92cde9
.norton.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_6_sn_4515BCBBC69262FBC306EF0B1CCD0F6F_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0
buy.norton.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 378A1F5737C9900F75628D300C6D93AC
.buy.norton.com/	1969-12-31 23:59:59	Name: X-CSRF-TOKEN Value: gvxX69dyKGLDC3fX/ecrZ2Dm8oSo6EDipF6bDkRhfow_
buy.norton.com/	1969-12-31 23:59:59	Name: ESID Value: 02c2c74f54-6981-42woCHGbR9HH47uYzFv1QeYGv81KXN48WFw1hkef2CRxBMSaWlpWF1lqauAnk6zD4640g
.everesttech.net/	1970-01-20 18:06:43	Name: everest_g_v2 Value: g_surferid~Y9qOOgAAADjinAN-
.symantec.tt.omtrdc.net/	1970-01-20 09:21:09	Name: symantec!mboxSession Value: 5c0bc73490bd4062a0d60ae2c358ab50
.symantec.tt.omtrdc.net/	1970-01-20 18:57:07	Name: symantec!mboxPC Value: 5c0bc73490bd4062a0d60ae2c358ab50.37_0
.norton.com/	1970-01-20 11:32:31	Name: _cq_duid Value: 1.1675267642.8zGXkkvkdaQVyVFM
.norton.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1675267642.D9sVYG4rLpdff35z
.norton.com/	1970-01-20 18:57:07	Name: mbox Value: session#5c0bc73490bd4062a0d60ae2c358ab50#1675269503\|PC#5c0bc73490bd4062a0d60ae2c358ab50.37_0#1738512443
.dpm.demdex.net/	1970-01-20 13:40:19	Name: dpm Value: 25239769532810703113708529254822305178
.norton.com/	1970-01-20 18:57:07	Name: _ga4_ga Value: GA1.1.-NNCit8pBLLUoOBBTijU
bite.australiarevival.com/	1970-01-20 17:24:58	Name: cg_uuid Value: 4820632bc61021662f233f3ce64db88e
.norton.com/	1970-01-20 18:57:07	Name: AMCV_67C716D751E567F70A490D4C%40AdobeOrg Value: 179643557%7CMCIDTS%7C19390%7CMCMID%7C25439519146426225503691912476719730987%7CMCAAMLH-1675872442%7C6%7CMCAAMB-1675872442%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1675274842s%7CNONE%7CMCSYNCSOP%7C411-19397%7CvVersion%7C5.5.0
.norton.com/	1970-01-20 11:30:43	Name: _fbp Value: fb.1.1675267642976.2093821107
.norton.com/	1970-01-20 11:30:43	Name: _gcl_au Value: 1.1.750452346.1675267643
.bing.com/	1970-01-20 18:42:43	Name: MUID Value: 23F55E8A65676AB612214C2164EC6B8D
www.clarity.ms/	1970-01-20 18:06:43	Name: CLID Value: 96324ad539234b5dbc865596157d3c30.20230201.20240201
.norton.com/	1970-01-20 18:06:43	Name: _clck Value: 18oqcym\|1\|f8r\|0
.c.bing.com/	1970-01-20 18:42:43	Name: SRM_B Value: 23F55E8A65676AB612214C2164EC6B8D
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 18:42:43	Name: MUID Value: 23F55E8A65676AB612214C2164EC6B8D
.c.clarity.ms/	1970-01-20 09:21:08	Name: ANONCHK Value: 0
.norton.com/	1970-01-20 18:06:43	Name: SYMANTEC_ENSIGHTEN_PRIVACY_BANNER_LOADED Value: 1
us.norton.com/	1970-01-20 18:06:43	Name: __pdst Value: 3b789a65134640fbb29c209aaef4e8cf
.norton.com/	1970-01-20 11:30:43	Name: _rdt_uuid Value: 1675267644356.82c8ffc5-0863-4626-ac5a-7a56c410b0ae
.ispot.tv/	1970-01-20 18:57:07	Name: pt Value: v2:5b1ca81116658a619855b69fe3c76cbd2396f9cb72627128f3356f3aeed5baa7\|2ebc151d3b96387417719a3c17fa10f4ef518900036dfe5fb475cf311dc5700f
.norton.com/	1970-01-20 09:22:34	Name: _uetsid Value: 8339a930a24a11ed9601c3ba6b715115
.norton.com/	1970-01-20 18:42:43	Name: _uetvid Value: 833a18a0a24a11edb77f9127fa2c46c9
.tiktok.com/	1970-01-20 18:42:43	Name: _ttp Value: 2L8zl2iJt7a87b8olBw7nAuABZK
.ct.pinterest.com/	1970-01-20 18:06:43	Name: _pinterest_ct_ua Value: "TWc9PSZzTWsyY3l5eGVBbHRhRmorOVNNUlpOVUJTcjJvRVVla011cHJPK09IWVpUSlltcm5sSUdWYzZXQzFxZ24wNHJuSzdBbEN6dDc4eEpnQlBUbnBETGRzZzNVTTBmaEFwY09TWE9lZ0ZESkp6UT0mMGk5eGhMZ2hBTy9HUHRZcVB3VkQ5YzhHQURRPQ=="
.simpli.fi/	1970-01-20 18:08:10	Name: suid Value: 99D1EADD6F794812A40FCE170D879B17
.norton.com/	1970-01-20 18:57:07	Name: _ga4_ga_FG3M2ET3ED Value: GS1.1.-NNCit8pBLLUoOBBTijU.1.0.1675267644.58.0.0
.doubleclick.net/	1970-01-20 18:42:43	Name: IDE Value: AHWqTUkJDWPJnt9PXgD4zvLeTyB_3ZPNie9q_RB71iHqb374ejEWLHY_vpf8vMa-
.norton.com/	1970-01-20 09:22:34	Name: _clsk Value: s6bfbu\|1675267644767\|1\|1\|k.clarity.ms/collect
us.norton.com/	1970-01-20 18:06:43	Name: _wchtbl_uid Value: 162dbaae-91c3-4479-93ec-716be60c099d
us.norton.com/	1969-12-31 23:59:59	Name: _wchtbl_sid Value: 9905e58c-0ef8-4cb4-b926-ec1a99e4ee40
us.norton.com/	1970-01-20 18:57:07	Name: __helocckid Value: 1bdc03ad-95ae-6b41-b147-1ff4bcb1c116_1675267644
.t.co/	1970-01-20 18:57:07	Name: muc_ads Value: 4739b6fc-77c1-4dbf-b034-0ed519988acc
.norton.com/	1970-01-20 18:57:07	Name: _ga Value: GA1.2.1786439598.1675267645
.norton.com/	1970-01-20 09:22:34	Name: _gid Value: GA1.2.1897955838.1675267645
.paypal.com/	1970-01-20 18:57:07	Name: ts Value: vreXpYrS%3D1769962044%26vteXpYrS%3D1675269444%26vr%3D0dbb9dc71860aa5c617790dbffffffff%26vt%3D0dbb9dc71860aa5c617790dbfffffffe
.paypal.com/	1970-01-20 18:57:07	Name: ts_c Value: vr%3D0dbb9dc71860aa5c617790dbffffffff%26vt%3D0dbb9dc71860aa5c617790dbfffffffe
us.norton.com/	1970-01-20 18:06:43	Name: kn_cs_visitor_id Value: a6c50082-b875-41a2-9b4b-40c22ab2d23d
.twitter.com/	1970-01-20 18:57:07	Name: personalization_id Value: "v1_Eo3sSYXyEBnPfQLWKMwgSw=="
gwmtracking.com/	1970-01-20 18:57:07	Name: kwsu Value: 63da8e3d9b88040159d8db65
.yahoo.com/	1970-01-20 18:07:05	Name: A3 Value: d=AQABBD2O2mMCEDwwsDIzbfji1FZ5Zn6sR5sFEgEBAQHf22PkYwAAAAAA_eMAAA&S=AQAAAh_MAow3cz5Js-OgNkHiMUo
.norton.com/	1970-01-20 18:42:43	Name: _tt_enable_cookie Value: 1
.norton.com/	1970-01-20 18:42:43	Name: _ttp Value: 9JmyWSlJkVqo7RoXvVcziAEM7dn
us.norton.com/	1970-01-20 09:21:11	Name: _wchtbl_do_not_process Value: 1
us.norton.com/	1970-01-20 09:21:11	Name: _wchtbl_pixel_sync Value: 0
us.norton.com/	1970-01-20 09:21:07	Name: outbrain_cid_fetch Value: true
.norton.com/	1969-12-31 23:59:59	Name: IR_gbd Value: norton.com
.norton.com/	1969-12-31 23:59:59	Name: IR_4405 Value: 1675267645651%7C0%7C1675267645651%7C%7C
.linkedin.com/	1970-01-20 10:04:19	Name: UserMatchHistory Value: AQLJeT72F1Ie2AAAAYYNu6CR1H9QApkt-dUFTO72uUEti1u4W09p_cMy6rQ_-Am0Gm2xIwE6Tcn8cw
.linkedin.com/	1970-01-20 10:04:19	Name: AnalyticsSyncHistory Value: AQK__3kdGBiqDAAAAYYNu6CRcS8glh_IlgOj76Zb63EGAHhD8a-En6kU7u2wkAR28v1In8jomAKPDsb2Ut16TA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:06:43	Name: bcookie Value: "v=2&d7b43ac3-13c7-427b-8b4f-e743b945d724"
.linkedin.com/	1970-01-20 09:22:34	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2874:u=1:x=1:i=1675267645:t=1675354045:v=2:sig=AQFYiopFeNVkg8aq0k0G72rScc9RhcWM"
.norton.com/	1970-01-20 09:21:07	Name: _gat_gtag_UA_1304930_26 Value: 1
.norton.com/	1970-01-20 09:21:07	Name: _gat Value: 1
.knotch.it/	1970-01-20 18:06:43	Name: optout Value: 1
us.norton.com/	1970-01-20 18:06:43	Name: mdLogger Value: false
us.norton.com/	1970-01-20 18:06:43	Name: kampyle_userid Value: f33a-9e28-b277-e459-0ab1-f2c2-ba8f-15bd
us.norton.com/	1970-01-20 18:06:43	Name: kampyleUserSession Value: 1675267645760
us.norton.com/	1970-01-20 18:06:43	Name: kampyleUserSessionsCount Value: 1
norton.ow5a.net/	1970-01-20 09:31:12	Name: AWSALBCORS Value: P9Vr+m6rzRbDbxQ41jXS5wNdh9ewrgSta/AE/PCe4koiMmFwMfqQXkJTn1xczf8w/O2X+I0ETwCI0ud/4CeOXPOIpGs/CYB3SKiO5gdZ0oA6SaOIo385XCTlEpja
.ow5a.net/	1970-01-20 18:57:07	Name: brwsr Value: 84cc1425-a24a-11ed-99bc-3718575fb4af
.ow5a.net/	1970-01-20 09:22:34	Name: irtps Value: 1
us.norton.com/	1970-01-20 18:06:43	Name: kampyleSessionPageCounter Value: 1
.us.norton.com/	1970-01-20 18:06:43	Name: _pin_unauth Value: dWlkPU0yRTVZalJqT0RrdE5XVm1OUzAwWWpGakxUazFZall0T0dVM09HUXhPV1F5WmpNeA
.norton.com/	1970-01-20 18:57:07	Name: IR_PI Value: 84cc1425-a24a-11ed-99bc-3718575fb4af%7C1675354045651
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:06:43	Name: bscookie Value: "v=1&202302011607253400bc77-5ec6-4ab3-8ddb-bb02ee2964d5AQG_e9vrh9CuMuUDctAVKIlo-wHAwKlo"
.linkedin.com/	1970-01-20 13:40:19	Name: li_gc Value: MTswOzE2NzUyNjc2NDU7MjswMjFm0YruqiMBFGx5C1kIg2DTExJl+R4PkZZKb/WBNkzLEQ==
.leadsrx.com/	1970-01-20 18:06:43	Name: _lab Value: 1308261799
.leadsrx.com/	1970-01-20 18:06:43	Name: _lab_lastTouch Value: direct
.ojrq.net/	1970-01-20 18:57:07	Name: brwsr Value: 84e73d80-a24a-11ed-bb0d-871a9535f993
.norton.com/	1970-01-20 18:06:43	Name: _lab Value: 1308261799
.trkn.us/	1970-01-20 18:06:43	Name: barometric[cuid] Value: cuid_95ac51cd-0c56-41df-8827-9288e15f1263
norton-app.quantummetric.com/	1969-12-31 23:59:59	Name: s Value: 5eee9bcf3db243e1fa0901403695265e
norton-app.quantummetric.com/	1970-01-20 18:06:43	Name: U Value: 181fe68d881bc0d16a70d98572b1a6ad
.norton.com/	1970-01-20 09:21:09	Name: QuantumMetricSessionID Value: 5eee9bcf3db243e1fa0901403695265e
.norton.com/	1970-01-20 18:06:43	Name: QuantumMetricUserID Value: 181fe68d881bc0d16a70d98572b1a6ad
.bounceexchange.com/	1970-01-20 09:21:09	Name: bounceClientVisit2004c Value: %7B%22vid%22%3A1675267646802514%2C%22did%22%3A%221426913104626426781%22%7D
.norton.com/	1970-01-20 09:21:09	Name: bounceClientVisit2004v Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgK4oB0AdgPYBOCVFZAxlQLZEBGYVA5kQ2ACWFAKYBaFEwCGrdARpspFJuMkyUIADQgaMEFpCCUAfR5VjKEShSCGMAGZSwl7UdMQLVm3eiPnIgF8gA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
alb.reddit.com
amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
api.bounceexchange.com
app.leadsrx.com
aq-swa-api.knotch.it
assets.adobedtm.com
assets.bounceexchange.com
bat.bing.com
bite.australiarevival.com
buy.norton.com
c.bing.com
c.clarity.ms
cdn.pdst.fm
cdn.quantummetric.com
cm.everesttech.net
connect.facebook.net
cookie.havasedge.com
ct.pinterest.com
d.impactradius-event.com
data.adxcel-ec2.com
data.cdnbasket.net
dpm.demdex.net
e.cdnwidget.com
ensighten.norton.com
event.havasedge.com
events.bouncex.net
ext.chtbl.com
googleads.g.doubleclick.net
gwmtracking.com
ids.cdnwidget.com
image.cdnbasket.net
k.clarity.ms
nebula-cdn.kampyle.com
norton-app.quantummetric.com
norton.ow5a.net
now.symassets.com
oms.norton.com
page.cdnbasket.net
pt.ispot.tv
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
rl.quantummetric.com
s.pinimg.com
s.yimg.com
snap.licdn.com
sp.analytics.yahoo.com
spider.australiarevival.com
static.ads-twitter.com
stats.g.doubleclick.net
symantec.demdex.net
symantec.tt.omtrdc.net
t.co
t.paypal.com
tag.havasedge.com
tag.simpli.fi
tag.wknd.ai
tr.outbrain.com
trkn.us
udc-neb.kampyle.com
urldefense.proofpoint.com
us-central1-adaptive-growth.cloudfunctions.net
us.norton.com
view.cdnbasket.net
web.chtbl.com
websdk.appsflyer.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.knotch-cdn.com
www.linkedin.com
www.nortonlifelock.com
www.ojrq.net
www.paypal.com
www.redditstatic.com
104.244.42.67
104.244.42.69
13.107.42.14
13.37.25.97
142.250.184.226
151.101.129.21
151.101.193.140
151.101.2.132
151.101.65.175
172.217.19.102
18.201.4.185
18.66.15.102
192.229.221.25
199.232.16.157
2.21.184.120
20.13.96.71
20.234.93.27
20.96.88.162
2001:4860:4802:34::36
2001:4860:4802:36::36
212.82.100.181
216.200.122.11
23.203.125.62
23.62.220.203
2600:1901:0:f541::
2600:1f18:e8a:cd06:e361:a2ce:b047:17c
2600:9000:206f:7200:1:996f:a9c0:93a1
2600:9000:21c7:bc00:0:cc59:3900:93a1
2600:9000:2304:ac00:12:1bcc:1d00:93a1
2600:9000:2490:ac00:a:b27c:d040:93a1
2606:4700:10::6816:34fc
2620:1ec:21::14
2620:1ec:4e:1::44
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:806::2004
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:400c:c06::9a
2a00:1450:400d:806::2003
2a00:1450:400d:806::200e
2a00:1450:400d:80e::2002
2a02:26f0:10e::6860:5baa
2a02:26f0:f700:397::1015
2a02:26f0:f700:481::1e80
2a02:26f0:f700:4a1::1015
2a02:26f0:f700:6::216:5929
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::396
2a04:4e42:41::84
3.124.119.57
3.230.17.182
34.102.193.48
34.102.242.33
34.107.191.194
34.111.8.32
34.117.93.237
34.120.253.250
34.149.118.76
34.251.173.23
34.66.3.160
34.90.79.92
34.95.127.121
34.98.72.95
35.186.249.72
35.222.211.90
35.241.45.82
35.244.142.80
44.236.243.137
52.19.8.86
52.49.9.98
54.172.102.151
54.174.23.214
54.195.228.119
54.245.150.46
54.69.21.176
67.231.146.66
88.221.92.25
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
080d96309447233e41d65a301aae0469edd76d69a9821b2c64937c28b18f81cc
0d920ace95c6801258c49c7e07a8eefc5d5a311b42bfda164085c946a3db7890
0e4a963fe1cee39c93b6825081d3d05f94b3155efcd9eebb92e833ee899fc8c9
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
115cb63056e2b500e9f3530a9cb69a58120b5882b1f4a0aa33498b43f1e1ae76
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
142dbca8a2feffa53e0ef3c28709f1b373db78da8620506161eba84448fc31b6
14ef5143660fa6b1ebb2b27617ccc2dc597a247acd06a60e3b32b9b94d570418
1b186bdfdaa0c5d3348d783dc504df921382d54f3e13ce20e46099574364e1e1
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
258f47a5d9d710952c524bf509a8f3be602e29878880c6816ad7cb3407521578
269cd5c2588a394a706a524aa4bb51f1a164c396c62c4f965d2797dcb2aefe50
27dc4f62298834987d3d8e5608c1af94c82ee3d18ee31858d39e0202697b5308
286b78a4ea089195faba308081e92c6d90a8ca02663f5c32fbdc9dc9db2a745e
2bc548145fb72b0ed4a918a222978e279bee02fb9a1f7dee50de242e9b6e2497
2c06b7ab63a6bf6b0cfcb613b7c9824cef3c58e840efb36180f09bcdc7436958
2ce88edeee6056c3c0270da7879230a9033d043733349fd871ba384a3475d1c5
33f9d826ec75c6446aa7da4c19c2cf446003c5d5e30e5927eec1aded7b413e9d
35c19ac0efc4d6e5e8cf2f115584a5a4c3d24258cb97e329eebbd5b5f42fa94e
35df6a93e6c7fb484cd983a9ffc83387862f49ba52f3e981ece185e4d1fcce26
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38e2b19b3e07d192b056babfd7fc4b9238eb64c66f66622188306eb5ea462454
3cad1b8c75e5500f8fb518f98ea990ae274261fe55db9ad2ae034a46fe9f4d9b
3ee54d1254788d712d1adf3a391b12e0c818ba353f42a26f6efb21ab70c1457b
41069810642f4e5ed8aada1d71c3a7effe3001d6f5da33b3c3d4d0c770561a77
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48767b4774c4e0ea40cc837457a77562560275f1bafe4da88d851d44c14c8d44
48c6d8dc5116fb7f5a1e5441084b8744d8a06be4bccba4abd0dd06bed731fed2
4a9dd5099eb62db1c664ef4781cd90b8f85aa0c84a9fcf2cbe3172771e1f9ba0
4dbd4edf6ab4beed2ee1c5d3d9f30a42305625c3a2d0adcd4d0d381028096658
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
53df60d58ca3faca1d93bb137bbdbc81938ae47e7f1c74be115337d2583a34b7
57a6d2a29141901833f8224cf7dfa92ebc1cd2171cd43d754a9a1472a00d2d62
57f2146f4941cd623c75deec4575d2b9586f2ccea83a20b315e9d88135a14d7b
583ec79ba694a882662f117f6e4d0a2ae5e274ba5e86d5acc661c14154e5b43d
585a5ffa8c3c01d26bfa9e61e12aecfac2b9440051ce482de6919393f76dcdf3
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aeba1008ef8c1f5bf176a13300375062aa9ff2c3bf5604fe6cb3dd083076116
600afc538fb911c606f046d5ce513b92921c9244ca334532a910ba7de00dd8f8
6209e18374c0d906f53f43780c90c35c310773e987fe4c35b6deeead56eb186a
62f8da46b254ae0f9c5b862e0a57d640ac8b375661dc1c30b32bdd85f0caf5ea
630784463685e1d72a3d431f53f7a09579d006b893a5dcfa678996e4d80e08b9
6505a0df31a18d134c7be3fd6984132e016cc52f4c53a2a86080a4969908975b
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
68c4e250aa8b9c191dc0bb4c3727bfa9382382ea6c1c550bb7c91e44f6e0e66b
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
7231dfcae4ab02ea1432b07c2bbcd62d148f47acb7c09d3cc8ba112ca0e5bc99
730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97
78d566d84342550fc2075fb4016094a423cb9b717d481ee34fc634c079ceff0a
78dffd283e2c4469afdbe98fb511df6edbfd11b17b23a6f9f71110a2c53f1ecd
7900ff64e7494502673e3789e1946ef613c427312c57497693a81d24a52c2a4b
7970172838797f5ad3413aa6ab13a03a1496b9eb9ef3b766f8972257ab2d527d
7baf4ac1cb2adf82ed9e88c9fa1b22f8ea22e14cf2aa24e9936c6578515e70ae
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c6136c021184fc319d998959cab7dd3c769ea7bfbd49bd2ec3f6fe5f03b47d0
7dea55eea7f4396097abf6e2a56fb0b41110200d41d59316f982e078c0c75260
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7ea1fbac971c4ab396d093fd210310a4e1ff57acc39d3bc71cee3ac575eb1243
7ee5e26983efba2872eee6675eb03891d9250fcf6f24e40747f9540424d4c10a
82f964f9e58ef0c8c77d8bccb479dde9907adb378a41308365d1c29538baed18
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8463e6fcd2714889889fcc31ccecbcf91f55dbfdb5684ca11d4174220851c570
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854e05290d2504e36ee449b1680c274c7d29a1455ed60517eadd39513eae8a4c
8748aa0d1fd826859ddd421011cff51ea5798a116494ec6f39a3f2a76cbffbba
8a70f54525e4d8011586725d5f7d1be4526a55250307c0b97be8bd4059f4d33d
8b31d42a6b709c6bd0a7c444d1b83634740f8f00ad06cb0ca40cb031a7c5720a
8dfe447993416e6a72f93e1c76e4b41d7411f15daf0b0835dedb287c5e513010
90b0b50efe1dff7fc3bfd49fe07857574b6702637be6e82a7153c50cbde31791
922e8229cf571f325c0d39bc9fb00c36baa75bdb3599c65ac93fa733b815daf5
963adb4be5eee8f53bd330e7a6b03749ffb2de194b69705b25c0be94b86aa1b7
9851dbb6ed6a8990d26243d00311f2e137646ae371be03beaf351a54cdb18737
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c28255a4751f9bb7447d173b7c974f1dd50e9ce458ff10d3a6bbbb9be35f8c6
9cae17c82ee21eebeb7713ea50198ae11522924f892e3ea70d0e38ae84a70f1a
9fb8a2e4be37d960631988e2a77be6874c7984612a1e311e542b2116e57891a0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a69bcc7d7dd2b4a0457d4fa24f3994f177d00ab88466f19588f7058a7ce8bf18
a96b2d19756b066a008c96fd3cfc8ab69e8a7015331b3cc5b3b7acfa28b6f227
a9d4b9498b32b911974be1fe23b585bb7562aa50b3f9826f7e628d79f55035dd
aacfea800a59766fdd3672fad8e5eba13abae2dab105014fc9214cb0c1409925
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf5d772db34cbf54e20f67ddaf06946478b3e332f6a2990d9b49e5ec662e288
ae81b86911781d244b7c2fc962308b0c3384951a887a6f999fe60576b0d6ae20
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0d59e6793fe0753b08ca807791faf4b84909d00eb0ea9eee991bfd961065402
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b6ff5e36be6ad1ddfea9c93f269d81ea5cc1136b88cc712212c17fa47d704076
b7407e9a223b4d2cab1014db21ca425bbc547211b1ac340077e05406e76ee1a0
bb30148d9df7671c14f2cd5be91e6b7a1488932efb740a80b66f39052744c168
bc31e0138e9e6970dfd95e758bfe21f9c8b18aeef048d84024e9186e1cf67d6b
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c775a9025fd5d606553edb2ad342d7b97f6075c087d7165043e0f5e352e02609
c89c9988bd1f0d7a15153d7c5f94eb1df5936bd8b1182607a264f7f0ac965e30
cb54a6ee7b16fd9d88468b31f756b9208eba59312503609a26b45044f2150f86
cb7062d61bdf7c6a3f364713bd5ba69c50ce743b4f0fbfa85200d3d935c87ff9
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d03b0b611d597cbe8fcc80abf90919c8d1a937ca5f126fadd0f35781a2f6c443
d237d14ff141950f14e93c5f2fac5a7b44994b068df512808e00df7a082389cc
d2ea3eece2e62ee245610c1cab7ecece6b09b0728c3765fa855ffda653720cba
d72f9c903649c61403074b89f5a3e131c7c8cec04792e7407d30b0a2f4ae72bd
d92510e1217668642bc5364d01f23adc6a2462587993f16a0eb3e58678902165
da23a7c47865d7cf47ef0d8d1931c45d02a56bdcfaf2549fed8aeb7924458990
da5186fe0bb5dd59e7ece6ee7efac70c31755611e385fa423585572cb9628fcf
daf842fc24f3934560a1f8338e8e4efcbc7ec7e4393a3360cad7c0bdd43e2aad
db431510c701c7ca2ff197b6a2e45bba3b9f66fb1c690a8f29681bb84453442f
e1457c20cd10a8060fc6f9af449e4da4749ee1e64761dbb35f868bb0157667cf
e1816c058d2ab84b1cb1962de47772e47d5182b58309e43ddab5b5aebbde3f82
e2dcc31514ac522e9afa01055f8a5da512739c809ad6fafe45cabaff1021a21e
e2e1beae0fc9c6ec5127d8578095ee3df61d7015ec71fa620a2b45b270115626
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb75e41d34de9f75ccb1fcb34df8ed1c6cb131309942518a30d0a228341078d1
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f151c0ed92c022334b7c5bd89968f30d9908bb940530ba2e934d06f9d86c3172
f24323f2cc9cf99ca6fb1980451a2c68ee54458c1477ccf636fd909272eb0cb8
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f50d92950113643e3910967f3975eaac72b2e32e8789a948fb0366932d2834c0
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f7bde5946e4ae681b3ed247cbbcd7f100faec7667b9c843e10785f1bfa890ff8
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fe3f62f6ed85a3a4e9ea4d1c831911f5c6e46ac5a4ba0f2ef98e2edc24aab415

us.norton.com Open in urlscan Pro 2a02:26f0:f700:4a1::1015 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

216 Requests

96 %HTTPS

37 %IPv6

56 Domains

83 Subdomains

75 IPs

8 Countries

3238 kBTransfer

8658 kBSize

102 Cookies

37 Outgoing links

Redirected requests

216 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

us.norton.com Open in urlscan Pro
2a02:26f0:f700:4a1::1015 Public Scan

Screenshot
Live screenshot

Full Image

216
Requests

96 %
HTTPS

37 %
IPv6

56
Domains

83
Subdomains

75
IPs

8
Countries

3238 kB
Transfer

8658 kB
Size

102
Cookies

216 HTTP transactions
0 data transactions