![](/screenshots/1881da8c-abba-4615-822c-12d0a52706fc.png)
my.norton.com
Open in
urlscan Pro
137.116.38.14
Public Scan
Effective URL: https://my.norton.com/onboard/extspa/download
Submission Tags: falconsandbox
Submission: On August 03 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 20th 2020. Valid for: a year.
This is the only time my.norton.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 137.116.33.115 137.116.33.115 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 137.116.38.14 137.116.38.14 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
6 | 18.195.42.228 18.195.42.228 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 2.18.233.77 2.18.233.77 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 3 | 52.208.28.104 52.208.28.104 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.211.113.33 52.211.113.33 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 15.188.95.229 15.188.95.229 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 34.249.249.121 34.249.249.121 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 52.212.193.208 52.212.193.208 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2620:1ec:c11:... 2620:1ec:c11::200 | 8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
22 | 8 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
manage.norton.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-77.deploy.static.akamaitechnologies.com
static.nortoncdn.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-28-104.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-113-33.eu-west-1.compute.amazonaws.com
symantec.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-249-121.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-193-208.eu-west-1.compute.amazonaws.com
symantec.tt.omtrdc.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
nortoncdn.com
static.nortoncdn.com |
212 KB |
6 |
ensighten.com
nexus.ensighten.com |
91 KB |
4 |
demdex.net
1 redirects
dpm.demdex.net symantec.demdex.net |
6 KB |
4 |
norton.com
1 redirects
manage.norton.com my.norton.com oms.norton.com |
6 KB |
3 |
bing.com
bat.bing.com |
9 KB |
1 |
omtrdc.net
symantec.tt.omtrdc.net |
3 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
517 B |
22 | 7 |
Domain | Requested by | |
---|---|---|
6 | static.nortoncdn.com |
my.norton.com
static.nortoncdn.com |
6 | nexus.ensighten.com |
my.norton.com
nexus.ensighten.com |
3 | bat.bing.com |
static.nortoncdn.com
bat.bing.com |
3 | dpm.demdex.net |
1 redirects
my.norton.com
|
2 | oms.norton.com |
nexus.ensighten.com
my.norton.com |
1 | symantec.tt.omtrdc.net |
nexus.ensighten.com
|
1 | cm.everesttech.net | 1 redirects |
1 | symantec.demdex.net |
nexus.ensighten.com
|
1 | my.norton.com | |
1 | manage.norton.com | 1 redirects |
22 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
sitedirector.norton.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
my.norton.com DigiCert SHA2 Extended Validation Server CA |
2020-09-20 - 2021-09-24 |
a year | crt.sh |
nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2020-09-09 - 2021-10-11 |
a year | crt.sh |
store.norton.com DigiCert SHA2 Extended Validation Server CA |
2021-03-05 - 2022-03-10 |
a year | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
oms.norton.com DigiCert SHA2 High Assurance Server CA |
2020-08-28 - 2021-09-29 |
a year | crt.sh |
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA |
2020-11-02 - 2021-11-09 |
a year | crt.sh |
www.bing.com Microsoft RSA TLS CA 02 |
2021-07-06 - 2022-01-06 |
6 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://my.norton.com/onboard/extspa/download
Frame ID: 0E9DA305F280F8665E28EC570AC5294B
Requests: 21 HTTP requests in this frame
Frame:
https://symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: 58C1FE2A6F2CE2DCD2E85F24A0483A9A
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/1881da8c-abba-4615-822c-12d0a52706fc.png)
Page URL History Show full URLs
-
https://manage.norton.com/?target=%2Frewards%2Fdownload%3Fom_em_cid%3Dhho_email_storeorderdetails_login
HTTP 301
https://my.norton.com/onboard/extspa/download Page URL
Detected technologies
![](/vendor/wappa/icons/WindowsServer.png)
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
![](/vendor/wappa/icons/IIS.png)
Detected patterns
- headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Legal
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://manage.norton.com/?target=%2Frewards%2Fdownload%3Fom_em_cid%3Dhho_email_storeorderdetails_login
HTTP 301
https://my.norton.com/onboard/extspa/download Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1628033976586 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1628033976586
- https://cm.everesttech.net/cm/dd?d_uuid=84634122784330400072502728521287273358 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQnTuQAAAB5rVwP7
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
download
my.norton.com/onboard/extspa/ Redirect Chain
|
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Bootstrap.js
nexus.ensighten.com/symantec/cp1/ |
204 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ngmp_style_bundle.min.css
static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/css/ |
25 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s_code_norton_min.js
nexus.ensighten.com/symantec/scode/ |
70 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ngmp_script_bundle.min.js
static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/scripts/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
367 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/symantec/cp1/ |
357 B 499 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nlok-white.svg
static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/images/global/ |
5 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user-default-md.svg
static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/images/global/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SourceSansPro-Regular.woff
static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/fonts/SourceSansPro-Regular/ |
196 KB 197 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
663687745e8b82875c31e7bdb4d675de.js
nexus.ensighten.com/symantec/cp1/code/ |
247 B 429 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5a511eff6ece75f86134f0b7c2baed9b.js
nexus.ensighten.com/symantec/cp1/code/ |
1 KB 860 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
symantec.demdex.net/ Frame 58C1 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
oms.norton.com/ |
48 B 506 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YQnTuQAAAB5rVwP7
dpm.demdex.net/ Redirect Chain
|
42 B 958 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s35577748274783
oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/ |
43 B 329 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
symantec.tt.omtrdc.net/m2/symantec/mbox/ |
17 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
publisherpixel.min.js
static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/scripts/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bat.js
bat.bing.com/ |
30 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5441611.js
bat.bing.com/p/action/ |
0 128 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0
bat.bing.com/action/ |
0 150 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
122 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| nortonAnalytics object| ensBootstraps object| Bootstrapper function| targetPageParams object| ruleMETA object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor function| _log object| ___target_traces object| v function| mboxCreate function| mboxDefine function| mboxUpdate object| _enslog object| val undefined| data undefined| osMode string| appBaseUrl object| browserInfo object| nortonAnalyticsVars boolean| SignInFlag number| SessionTimeoutSecs number| countDownSecs string| windowlocation string| messageIconClickName function| initMedalia function| NotifyKeepAlive function| receiveMessage function| s_getLoadTime function| s_doPlugins function| removeTrailingComma function| isEmpty function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq boolean| enableAdobeAnalytics string| s_account object| s number| s_loadT object| _numeric_ object| expiration_date function| trackCustomDownload function| trackPageView number| s_objectID number| s_giq function| onDocumentReady function| initSessionStorage function| getAllSessionUnreadMessages function| getAllSessionUnreadAlerts function| insertNewSessionMessages function| insertNewSessionAlerts function| _createData function| setUrl function| createCORSRequest function| listen function| getNewRevision function| constructNewRegistrationObject function| updateNotificationIcon function| ListenForMobileEvents function| ToggleFeedBackLinkVisibility function| staySignIn function| signOutClick function| triggerPostMessageForAction object| keepAliveEngine object| _storage undefined| _url undefined| _revisionIdMap object| request_body object| NgpMain object| Medallia object| OmnitureAnalyticsWrapper object| Modal object| SessionTimeout object| Transition object| MathTag object| user string| crossDomains string| s_tnt string| tmp object| s_i_symanteccom undefined| devicesContainer undefined| devicesConfig undefined| devicesCallback undefined| devicesObserver undefined| mbox object| testversionEvent string| testversion string| tntVal string| ipGeoLocation object| ttMETA function| debugttMETA function| onReady number| google_conversion_id undefined| google_custom_params boolean| google_remarketing_only string| googlePixelScript object| googlePublisherPixelContainerElement string| microsoftPixelScript object| microsoftPublisherPixelContainerElement string| mathPixelScript object| mathPublisherPixelContainerElement object| uetq function| UET function| UET_init function| UET_push12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: demdex Value: 84634122784330400072502728521287273358 |
|
.norton.com/ | Name: s_cc Value: true |
|
.norton.com/ | Name: AMCVS_67C716D751E567F70A490D4C%40AdobeOrg Value: 1 |
|
.norton.com/ | Name: event69 Value: event69 |
|
.norton.com/ | Name: AMCV_67C716D751E567F70A490D4C%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18843%7CMCMID%7C84484865588815324702517621282476164927%7CMCAAMLH-1628638776%7C6%7CMCAAMB-1628638776%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1628041177s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18850%7CvVersion%7C4.4.0 |
|
.norton.com/ | Name: s_gpv_custom Value: mynorton%3Aerror%20404%20page%20not%20found |
|
.norton.com/ | Name: s_nr Value: 1628033977112-New |
|
.norton.com/ | Name: mbox Value: session#a80792ebce754d28a2d037afa074f39b#1628035837 |
|
.norton.com/ | Name: s_ecid Value: MCMID%7C84484865588815324702517621282476164927 |
|
.norton.com/ | Name: s_gpv Value: mynorton%3Aus%3Aerror%20404%20page%20not%20found |
|
.norton.com/ | Name: at_check Value: true |
|
.norton.com/ | Name: channelStack Value: s_eVar72~mynorton |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | * |
Strict-Transport-Security | max-age=31536000; includeSubdomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bat.bing.com
cm.everesttech.net
dpm.demdex.net
manage.norton.com
my.norton.com
nexus.ensighten.com
oms.norton.com
static.nortoncdn.com
symantec.demdex.net
symantec.tt.omtrdc.net
137.116.33.115
137.116.38.14
15.188.95.229
18.195.42.228
2.18.233.77
2620:1ec:c11::200
34.249.249.121
52.208.28.104
52.211.113.33
52.212.193.208
037aee8b899729d810f4d25b755a1f59062c841462ff650ffdde54fd1f9c5f93
0b63b6a6cf30c6ad0b2db4437758d3c3e83fd58301dd246f45035b019259daf3
11c1480ed0268e9e27f02c1fb5d6d24d44e2281854f69567bde50b5cc6dedff5
120a28a59e0e210a887beb8526d31fcc4ad1a595592a41169bfb8d4ba0139476
2755f15facb90448c69b44dd1fb0ab3810100a0b7caf6f59eb4ab4c62a599140
2a80a6c4b7353743a41b5465e52af1679d60f9c2b0e129e91b85ed5abb7ae1ba
44d01a0cbf33dcb8f401ac55dd85ba9f8445d9a95ee5ec2a5f77a24d85aeefc8
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
62640ddb772b3ccbb0998e3d1c281140db81321003860e3c04880b0911581d80
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
845f64f24178c46d25fd7ad0aca8da4bfa8337de78d7b5e4ab6a8ae27ab0513a
89e2536f63e24e339b8e83ea201af16a264323ee5fc9a8860c39c3f2bc3f99c6
94ce17290e999a4dc58544b22a847501466786ef577fd7e0833ef1e9be0b4976
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a389202daccc9bc5357d63ac3c0be22fce3dbb1f875528e5affe7daddcd68b79
c05048d8a2a9dec06d7af3c97af1c410c3e16616598bf423df6c8fe74151ec76
c312ca69d6e551fd9f8acf1e88d6c1f21f9ae7c9da484cc836833df17f1be04d
daff136c6006152090cba254110b4c51ec7f2e9144c971b34d4df9d24b28ab78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629