urlscan.io logo urlscan.io
SecurityTrails logo

my.norton.com Open in urlscan Pro
137.116.38.14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://manage.norton.com/?target=%2Frewards%2Fdownload%3Fom_em_cid%3Dhho_email_storeorderdetails_login
Effective URL: https://my.norton.com/onboard/extspa/download
Submission Tags: falconsandbox
Submission: On August 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 22 HTTP transactions. The main IP is 137.116.38.14, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is my.norton.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 20th 2020. Valid for: a year.
This is the only time my.norton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 137.116.33.115 8075 (MICROSOFT...)
1 137.116.38.14 8075 (MICROSOFT...)
6 18.195.42.228 16509 (AMAZON-02)
6 2.18.233.77 16625 (AKAMAI-AS)
1 3 52.208.28.104 16509 (AMAZON-02)
1 52.211.113.33 16509 (AMAZON-02)
2 15.188.95.229 16509 (AMAZON-02)
1 1 34.249.249.121 16509 (AMAZON-02)
1 52.212.193.208 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
22 8
1    137.116.33.115 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
manage.norton.com
1    137.116.38.14 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
my.norton.com
6    18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
6    2.18.233.77 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-77.deploy.static.akamaitechnologies.com
static.nortoncdn.com
3    52.208.28.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-28-104.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.211.113.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-113-33.eu-west-1.compute.amazonaws.com
symantec.demdex.net
2    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
oms.norton.com
1    34.249.249.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-249-121.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    52.212.193.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-193-208.eu-west-1.compute.amazonaws.com
symantec.tt.omtrdc.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
Domain Requested by
6 static.nortoncdn.com my.norton.com
static.nortoncdn.com
6 nexus.ensighten.com my.norton.com
nexus.ensighten.com
3 bat.bing.com static.nortoncdn.com
bat.bing.com
3 dpm.demdex.net 1 redirects my.norton.com
2 oms.norton.com nexus.ensighten.com
my.norton.com
1 symantec.tt.omtrdc.net nexus.ensighten.com
1 cm.everesttech.net 1 redirects
1 symantec.demdex.net nexus.ensighten.com
1 my.norton.com
1 manage.norton.com 1 redirects
22 10

This site contains links to these domains. Also see Links.

Domain
sitedirector.norton.com
Subject Issuer Validity Valid
my.norton.com
DigiCert SHA2 Extended Validation Server CA		 2020-09-20 -
2021-09-24		 a year crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2020-09-09 -
2021-10-11		 a year crt.sh
store.norton.com
DigiCert SHA2 Extended Validation Server CA		 2021-03-05 -
2022-03-10		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
oms.norton.com
DigiCert SHA2 High Assurance Server CA		 2020-08-28 -
2021-09-29		 a year crt.sh
*.tt.omtrdc.net
DigiCert SHA2 Secure Server CA		 2020-11-02 -
2021-11-09		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://my.norton.com/onboard/extspa/download
Frame ID: 0E9DA305F280F8665E28EC570AC5294B
Requests: 21 HTTP requests in this frame

Frame: https://symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: 58C1FE2A6F2CE2DCD2E85F24A0483A9A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://manage.norton.com/?target=%2Frewards%2Fdownload%3Fom_em_cid%3Dhho_email_storeorderdetails_login HTTP 301
    https://my.norton.com/onboard/extspa/download Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

10 %
IPv6

7
Domains

10
Subdomains

8
IPs

4
Countries

327 kB
Transfer

583 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://manage.norton.com/?target=%2Frewards%2Fdownload%3Fom_em_cid%3Dhho_email_storeorderdetails_login HTTP 301
    https://my.norton.com/onboard/extspa/download Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1628033976586 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1628033976586
Request Chain 14
  • https://cm.everesttech.net/cm/dd?d_uuid=84634122784330400072502728521287273358 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQnTuQAAAB5rVwP7

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request download
my.norton.com/onboard/extspa/
Redirect Chain
  • https://manage.norton.com/?target=%2Frewards%2Fdownload%3Fom_em_cid%3Dhho_email_storeorderdetails_login
  • https://my.norton.com/onboard/extspa/download
11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.norton.com/onboard/extspa/download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.116.38.14 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c312ca69d6e551fd9f8acf1e88d6c1f21f9ae7c9da484cc836833df17f1be04d
Security Headers
Name Value
Content-Security-Policy *
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:method
GET
:authority
my.norton.com
:scheme
https
:path
/onboard/extspa/download
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
content-length
4116
cache-control
private
content-encoding
gzip
vary
Accept-Encoding
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubdomains
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1
set-cookie
ASP.NET_SessionId=zbunlifaxtgl1epc0uxmvomx; path=/; secure; HttpOnly; SameSite=Lax ASP.NET_SessionId=zbunlifaxtgl1epc0uxmvomx; path=/; secure; HttpOnly; SameSite=Lax __RequestVerificationToken=Vxu9azAMmmcIYOy-GzLW4KcIJk_cqTtcF_mFwnGMJ1aeGLpqHVxnYzrktS9-f9YxC917iqe3t4zqseHWJ7USEcUaTYM1; path=/; secure; HttpOnly HQTFWTYE=0254f74980-0a67-47oomvOoDlqEDCgRNtPZDbw4UvPk1Ehdjkq-yCq9b17hAPlSWIW9aruplXLsdIZKRiS0s; path=/
x-frame-options
SAMEORIGIN
referrer-policy
no-referrer-when-downgrade
content-security-policy
*
date
Tue, 03 Aug 2021 23:39:36 GMT

Redirect headers

Content-Type
text/html
Content-Length
185
Connection
keep-alive
Location
https://my.norton.com/onboard/extspa/download
Strict-Transport-Security
max-age=31536000; includeSubDomains
Bootstrap.js
nexus.ensighten.com/symantec/cp1/ 		204 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Requested by
Host: my.norton.com
URL: https://my.norton.com/onboard/extspa/download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44d01a0cbf33dcb8f401ac55dd85ba9f8445d9a95ee5ec2a5f77a24d85aeefc8

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:36 GMT
content-encoding
gzip
last-modified
Fri, 19 Mar 2021 19:48:54 GMT
server
nginx
etag
W/"60550026-32e0b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
ngmp_style_bundle.min.css
static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/css/ 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/css/ngmp_style_bundle.min.css
Requested by
Host: my.norton.com
URL: https://my.norton.com/onboard/extspa/download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
62640ddb772b3ccbb0998e3d1c281140db81321003860e3c04880b0911581d80

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:36 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 06:09:55 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
1kt0DAUPKCg5SPiBcxUQuQ==
etag
"0x8D9468E00489526"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f48baae6-001e-0001-0b9d-78e835000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
5693
s_code_norton_min.js
nexus.ensighten.com/symantec/scode/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/scode/s_code_norton_min.js
Requested by
Host: my.norton.com
URL: https://my.norton.com/onboard/extspa/download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2a80a6c4b7353743a41b5465e52af1679d60f9c2b0e129e91b85ed5abb7ae1ba

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:36 GMT
content-encoding
gzip
last-modified
Wed, 07 Jul 2021 19:11:18 GMT
server
nginx
etag
W/"60e5fc56-1197c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
ngmp_script_bundle.min.js
static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/scripts/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/scripts/ngmp_script_bundle.min.js
Requested by
Host: my.norton.com
URL: https://my.norton.com/onboard/extspa/download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
11c1480ed0268e9e27f02c1fb5d6d24d44e2281854f69567bde50b5cc6dedff5

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:36 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 06:09:55 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
NZsJy2eerCuFqv5pvzQIZQ==
etag
"0x8D9468E0056EF9B"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
98c595d6-a01e-002e-7b9d-78690f000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
3501
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1628033976586
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1628033976586
367 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1628033976586
Requested by
Host: my.norton.com
URL: https://my.norton.com/onboard/extspa/download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.28.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-28-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
94ce17290e999a4dc58544b22a847501466786ef577fd7e0833ef1e9be0b4976
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-0eecf40e0.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
jbI4sf50Scs=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://my.norton.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
305
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v012-0183b7191.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://my.norton.com
X-TID
5AE+VbRQQx8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1628033976586
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
serverComponent.php
nexus.ensighten.com/symantec/cp1/ 		357 B
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/serverComponent.php?r=1048610404.5504164&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/symantec/cp1/code/&publishedOn=Fri%20Mar%2019%2019:48:54%20GMT%202021&ClientID=21&PageID=https%3A%2F%2Fmy.norton.com%2Fonboard%2Fextspa%2Fdownload
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
120a28a59e0e210a887beb8526d31fcc4ad1a595592a41169bfb8d4ba0139476

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:36 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
357
expires
Tue, 03 Aug 2021 23:39:35 GMT
nlok-white.svg
static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/images/global/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/images/global/nlok-white.svg
Requested by
Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/css/ngmp_style_bundle.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0b63b6a6cf30c6ad0b2db4437758d3c3e83fd58301dd246f45035b019259daf3

Request headers

Referer
https://static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/css/ngmp_style_bundle.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:36 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 06:09:56 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
1dRuw97wSYSv1L1/i4fsyQ==
etag
"0x8D9468E01074CBC"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
2e7234dd-001e-0067-259d-785a6f000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
2280
user-default-md.svg
static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/images/global/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/images/global/user-default-md.svg
Requested by
Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/css/ngmp_style_bundle.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
daff136c6006152090cba254110b4c51ec7f2e9144c971b34d4df9d24b28ab78

Request headers

Referer
https://static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/css/ngmp_style_bundle.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:36 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 06:09:57 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
a6Or7Y38ek+gG1LLR6Jr1Q==
etag
"0x8D9468E014DD866"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
59d4c9d3-901e-002d-189d-786a08000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
1436
SourceSansPro-Regular.woff
static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/fonts/SourceSansPro-Regular/ 		196 KB
197 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/fonts/SourceSansPro-Regular/SourceSansPro-Regular.woff
Requested by
Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/css/ngmp_style_bundle.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c05048d8a2a9dec06d7af3c97af1c410c3e16616598bf423df6c8fe74151ec76

Request headers

Origin
https://my.norton.com
Referer
https://static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/css/ngmp_style_bundle.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:36 GMT
last-modified
Wed, 14 Jul 2021 06:09:55 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
TBiMU/oMR+laKpwzx8Ic3w==
etag
"0x8D9468E0095B1AA"
access-control-allow-methods
GET,POST
content-type
application/font-woff
access-control-allow-origin
*
x-ms-request-id
59d4e920-901e-002d-569d-786a08000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
200568
663687745e8b82875c31e7bdb4d675de.js
nexus.ensighten.com/symantec/cp1/code/ 		247 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/code/663687745e8b82875c31e7bdb4d675de.js?conditionId0=423130
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
89e2536f63e24e339b8e83ea201af16a264323ee5fc9a8860c39c3f2bc3f99c6

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:36 GMT
last-modified
Mon, 04 Nov 2019 18:35:26 GMT
server
nginx
etag
"5dc06f6e-f7"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
content-length
247
5a511eff6ece75f86134f0b7c2baed9b.js
nexus.ensighten.com/symantec/cp1/code/ 		1 KB
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/code/5a511eff6ece75f86134f0b7c2baed9b.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
037aee8b899729d810f4d25b755a1f59062c841462ff650ffdde54fd1f9c5f93

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:36 GMT
content-encoding
gzip
last-modified
Mon, 04 Nov 2019 18:35:26 GMT
server
nginx
etag
W/"5dc06f6e-5b3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
e.gif
nexus.ensighten.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=mboxFactoryDefault%20is%20not%20defined&lnn=-1&fn=&cid=21&client=symantec&publishPath=cp1&rid=300053&did=167100&errorName=ReferenceError
Requested by
Host: my.norton.com
URL: https://my.norton.com/onboard/extspa/download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:36 GMT
cache-control
no-cache, no-store
server
nginx
expires
Tue, 03 Aug 2021 23:39:35 GMT
dest5.html
symantec.demdex.net/ Frame 58C1 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://symantec.demdex.net/dest5.html?d_nsid=0
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.211.113.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-211-113-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
symantec.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://my.norton.com/onboard/extspa/download
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=84634122784330400072502728521287273358
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://my.norton.com/onboard/extspa/download

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Tue, 3 Aug 2021 23:39:37 GMT
DCS
dcscanary-prod-irl1-1-v018-0d697b020.edge-irl1.demdex.com 6.3.1.20210623115127
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 2 Jul 2021 09:31:47 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
kgkrFK23Q8k=
Content-Length
2791
Connection
keep-alive
id
oms.norton.com/ 		48 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oms.norton.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&mid=84484865588815324702517621282476164927&ts=1628033976920
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
a389202daccc9bc5357d63ac3c0be22fce3dbb1f875528e5affe7daddcd68b79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 03 Aug 2021 23:39:37 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-58944c9887-cwqtk
vary
Origin
x-c
main-1489.I96e1bb.M0-504
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://my.norton.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YQnTuQAAAB5rVwP7
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=84634122784330400072502728521287273358
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQnTuQAAAB5rVwP7
42 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQnTuQAAAB5rVwP7
Requested by
Host: my.norton.com
URL: https://my.norton.com/onboard/extspa/download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.28.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-28-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v012-0d2ac0246.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Axtwvn+BSk0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YQnTuQAAAB5rVwP7
Date
Tue, 03 Aug 2021 23:39:37 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
s35577748274783
oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/ 		43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/s35577748274783?AQB=1&ndh=1&pf=1&t=4%2F7%2F2021%201%3A39%3A37%203%20-120&sdid=5B1442418013E6D8-6FE95AB3DC0EBC5B&mid=84484865588815324702517621282476164927&aamlh=6&ce=UTF-8&pageName=mynorton%3Aus%3Aerror%20404%20page%20not%20found&g=https%3A%2F%2Fmy.norton.com%2Fonboard%2Fextspa%2Fdownload&server=norton&events=event79%3D5%2Cevent69&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=us&c3=en&c14=D%3Dv16&v18=D%3DpageName&v21=D%3Dc21&v27=D%3Dc2&v28=D%3Dc3&v29=signed%20out&c35=D%3DpageName&c41=mynorton&v41=D%3Dc41&c46=html&c47=page&v47=s_code_norton&c48=Norton%20-%20Error-%20Page%20does%20not%20Exist%20-%20404-Error&v48=D%3Dc49&c49=error%20404%20page%20not%20found&v49=D%3Dc48&v57=84484865588815324702517621282476164927&c59=mynorton%3Aerror%20404%20page%20not%20found&v59=D%3Dc59&v72=mynorton&c75=D%3Dv57&v96=https%3A%2F%2Fmy.norton.com%2Fonboard%2Fextspa%2Fdownload&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1
Requested by
Host: my.norton.com
URL: https://my.norton.com/onboard/extspa/download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:37 GMT
x-content-type-options
nosniff
x-c
main-1489.I96e1bb.M0-504
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 04 Aug 2021 23:39:37 GMT
server
jag
xserver
anedge-58944c9887-j24lc
etag
3496176345856409600-4619867784932050429
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 02 Aug 2021 23:39:37 GMT
json
symantec.tt.omtrdc.net/m2/symantec/mbox/ 		17 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://symantec.tt.omtrdc.net/m2/symantec/mbox/json?mbox=sym_global_mbox&mboxSession=a80792ebce754d28a2d037afa074f39b&mboxPC=&mboxPage=518230b95a2f44b1b7503773f29a51fe&mboxRid=1f8049bac04649af9361871a0449f9e4&mboxVersion=1.8.1&mboxCount=1&mboxTime=1628041176625&mboxHost=my.norton.com&mboxURL=https%3A%2F%2Fmy.norton.com%2Fonboard%2Fextspa%2Fdownload&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&page_name=missing&site_country=missing&site_language=missing&site_section=missing&visitor_segment=missing&mboxMCSDID=5B1442418013E6D8-6FE95AB3DC0EBC5B&vst.trk=om.norton.com&vst.trks=oms.norton.com&mboxMCGVID=84484865588815324702517621282476164927&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.193.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-193-208.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
845f64f24178c46d25fd7ad0aca8da4bfa8337de78d7b5e4ab6a8ae27ab0513a

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Aug 2021 23:39:37 GMT
content-encoding
gzip
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://my.norton.com
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
1f8049bac04649af9361871a0449f9e4
publisherpixel.min.js
static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/scripts/publisherpixel.min.js
Requested by
Host: my.norton.com
URL: https://my.norton.com/onboard/extspa/download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2755f15facb90448c69b44dd1fb0ab3810100a0b7caf6f59eb4ab4c62a599140

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:46 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 06:09:55 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
/3R+92xJqinAOvv8wnA/cQ==
etag
"0x8D9468E006B65B0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
371a0fe8-a01e-006a-2f9d-78b563000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
894
bat.js
bat.bing.com/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/static/ngpcdn/static/ngp.main.6.1.278/bundles/scripts/publisherpixel.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 23:39:46 GMT
content-encoding
gzip
last-modified
Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref
Ref A: 4242314BA2A84380A1E187890DDAFF61 Ref B: FRAEDGE1413 Ref C: 2021-08-03T23:39:46Z
etag
"80f2963dde83d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9024
5441611.js
bat.bing.com/p/action/ 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5441611.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 03 Aug 2021 23:39:46 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: DEACD17BC044481C9FD0CD217BDD15F0 Ref B: FRAEDGE1413 Ref C: 2021-08-03T23:39:46Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5441611&Ver=2&mid=611e54df-0a48-4afe-9355-2884b290d673&sid=162cac50f4b411eb9dfccb3ae2ae974a&vid=162cb5d0f4b411eb85036da67cc6903e&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Norton%20-%20Error-%20Page%20does%20not%20Exist%20-%20404-Error&p=https%3A%2F%2Fmy.norton.com%2Fonboard%2Fextspa%2Fdownload&r=&lt=2215&evt=pageLoad&msclkid=N&sv=1&rn=93923
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://my.norton.com/onboard/extspa/download
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 03 Aug 2021 23:39:46 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 67A915CAF98C4C3D8150534F4F5CFF90 Ref B: FRAEDGE1413 Ref C: 2021-08-03T23:39:46Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| nortonAnalytics object| ensBootstraps object| Bootstrapper function| targetPageParams object| ruleMETA object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor function| _log object| ___target_traces object| v function| mboxCreate function| mboxDefine function| mboxUpdate object| _enslog object| val undefined| data undefined| osMode string| appBaseUrl object| browserInfo object| nortonAnalyticsVars boolean| SignInFlag number| SessionTimeoutSecs number| countDownSecs string| windowlocation string| messageIconClickName function| initMedalia function| NotifyKeepAlive function| receiveMessage function| s_getLoadTime function| s_doPlugins function| removeTrailingComma function| isEmpty function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq boolean| enableAdobeAnalytics string| s_account object| s number| s_loadT object| _numeric_ object| expiration_date function| trackCustomDownload function| trackPageView number| s_objectID number| s_giq function| onDocumentReady function| initSessionStorage function| getAllSessionUnreadMessages function| getAllSessionUnreadAlerts function| insertNewSessionMessages function| insertNewSessionAlerts function| _createData function| setUrl function| createCORSRequest function| listen function| getNewRevision function| constructNewRegistrationObject function| updateNotificationIcon function| ListenForMobileEvents function| ToggleFeedBackLinkVisibility function| staySignIn function| signOutClick function| triggerPostMessageForAction object| keepAliveEngine object| _storage undefined| _url undefined| _revisionIdMap object| request_body object| NgpMain object| Medallia object| OmnitureAnalyticsWrapper object| Modal object| SessionTimeout object| Transition object| MathTag object| user string| crossDomains string| s_tnt string| tmp object| s_i_symanteccom undefined| devicesContainer undefined| devicesConfig undefined| devicesCallback undefined| devicesObserver undefined| mbox object| testversionEvent string| testversion string| tntVal string| ipGeoLocation object| ttMETA function| debugttMETA function| onReady number| google_conversion_id undefined| google_custom_params boolean| google_remarketing_only string| googlePixelScript object| googlePublisherPixelContainerElement string| microsoftPixelScript object| microsoftPublisherPixelContainerElement string| mathPixelScript object| mathPublisherPixelContainerElement object| uetq function| UET function| UET_init function| UET_push

12 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 84634122784330400072502728521287273358
.norton.com/ Name: s_cc
Value: true
.norton.com/ Name: AMCVS_67C716D751E567F70A490D4C%40AdobeOrg
Value: 1
.norton.com/ Name: event69
Value: event69
.norton.com/ Name: AMCV_67C716D751E567F70A490D4C%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C18843%7CMCMID%7C84484865588815324702517621282476164927%7CMCAAMLH-1628638776%7C6%7CMCAAMB-1628638776%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1628041177s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18850%7CvVersion%7C4.4.0
.norton.com/ Name: s_gpv_custom
Value: mynorton%3Aerror%20404%20page%20not%20found
.norton.com/ Name: s_nr
Value: 1628033977112-New
.norton.com/ Name: mbox
Value: session#a80792ebce754d28a2d037afa074f39b#1628035837
.norton.com/ Name: s_ecid
Value: MCMID%7C84484865588815324702517621282476164927
.norton.com/ Name: s_gpv
Value: mynorton%3Aus%3Aerror%20404%20page%20not%20found
.norton.com/ Name: at_check
Value: true
.norton.com/ Name: channelStack
Value: s_eVar72~mynorton

1 Console Messages

Source Level URL
Text
console-api log URL: https://my.norton.com/onboard/extspa/download(Line 135)
Message:
page is fully loaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy *
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bat.bing.com
cm.everesttech.net
dpm.demdex.net
manage.norton.com
my.norton.com
nexus.ensighten.com
oms.norton.com
static.nortoncdn.com
symantec.demdex.net
symantec.tt.omtrdc.net
137.116.33.115
137.116.38.14
15.188.95.229
18.195.42.228
2.18.233.77
2620:1ec:c11::200
34.249.249.121
52.208.28.104
52.211.113.33
52.212.193.208
037aee8b899729d810f4d25b755a1f59062c841462ff650ffdde54fd1f9c5f93
0b63b6a6cf30c6ad0b2db4437758d3c3e83fd58301dd246f45035b019259daf3
11c1480ed0268e9e27f02c1fb5d6d24d44e2281854f69567bde50b5cc6dedff5
120a28a59e0e210a887beb8526d31fcc4ad1a595592a41169bfb8d4ba0139476
2755f15facb90448c69b44dd1fb0ab3810100a0b7caf6f59eb4ab4c62a599140
2a80a6c4b7353743a41b5465e52af1679d60f9c2b0e129e91b85ed5abb7ae1ba
44d01a0cbf33dcb8f401ac55dd85ba9f8445d9a95ee5ec2a5f77a24d85aeefc8
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
62640ddb772b3ccbb0998e3d1c281140db81321003860e3c04880b0911581d80
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
845f64f24178c46d25fd7ad0aca8da4bfa8337de78d7b5e4ab6a8ae27ab0513a
89e2536f63e24e339b8e83ea201af16a264323ee5fc9a8860c39c3f2bc3f99c6
94ce17290e999a4dc58544b22a847501466786ef577fd7e0833ef1e9be0b4976
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a389202daccc9bc5357d63ac3c0be22fce3dbb1f875528e5affe7daddcd68b79
c05048d8a2a9dec06d7af3c97af1c410c3e16616598bf423df6c8fe74151ec76
c312ca69d6e551fd9f8acf1e88d6c1f21f9ae7c9da484cc836833df17f1be04d
daff136c6006152090cba254110b4c51ec7f2e9144c971b34d4df9d24b28ab78
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629