safeweb.norton.com Open in urlscan Pro
52.224.14.113 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
Submission: On April 09 via api (April 9th 2022, 7:48:16 am UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 9 domains to perform 44 HTTP transactions. The main IP is 52.224.14.113, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is safeweb.norton.com. The Cisco Umbrella rank of the primary domain is 223028.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 7th 2021. Valid for: a year.

This is the only time safeweb.norton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	52.224.14.113 52.224.14.113	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a02:26f0:df:... 2a02:26f0:df:3a5::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02)
1	13.93.137.227 13.93.137.227	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	54.155.94.243 54.155.94.243	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:88e::1015	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	18.203.152.154 18.203.152.154	16509 (AMAZON-02) (AMAZON-02)
1 1	52.213.125.155 52.213.125.155	16509 (AMAZON-02) (AMAZON-02)
1	63.35.137.213 63.35.137.213	16509 (AMAZON-02) (AMAZON-02)
1	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
2	151.101.129.175 151.101.129.175	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:34fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
44	12

22 52.224.14.113 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

safeweb.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:df:3a5::1e80 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.93.137.227 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.155.94.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-94-243.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:88e::1015 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.nortonlifelock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.152.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-152-154.eu-west-1.compute.amazonaws.com

symantec.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.125.155 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-125-155.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.137.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-137-213.eu-west-1.compute.amazonaws.com

symantec.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

oms.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:34fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	norton.com safeweb.norton.com — Cisco Umbrella Rank: 223028 login.norton.com — Cisco Umbrella Rank: 33780 oms.norton.com — Cisco Umbrella Rank: 65413	516 KB
5	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 216 symantec.demdex.net — Cisco Umbrella Rank: 107074	10 KB
4	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2747	43 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 491	124 KB
2	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 3888 udc-neb.kampyle.com Failed	99 KB
1	quantummetric.com cdn.quantummetric.com — Cisco Umbrella Rank: 2750	80 KB
1	omtrdc.net symantec.tt.omtrdc.net — Cisco Umbrella Rank: 102809	1 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1009	517 B
1	nortonlifelock.com www.nortonlifelock.com — Cisco Umbrella Rank: 39879	21 KB
44	9

	Domain	Requested by
22	safeweb.norton.com	safeweb.norton.com
4	nexus.ensighten.com	safeweb.norton.com nexus.ensighten.com login.norton.com
4	assets.adobedtm.com	safeweb.norton.com login.norton.com assets.adobedtm.com
3	dpm.demdex.net	assets.adobedtm.com safeweb.norton.com
2	nebula-cdn.kampyle.com	assets.adobedtm.com nebula-cdn.kampyle.com
2	symantec.demdex.net	assets.adobedtm.com
1	cdn.quantummetric.com	safeweb.norton.com
1	oms.norton.com	safeweb.norton.com
1	symantec.tt.omtrdc.net	assets.adobedtm.com
1	cm.everesttech.net	1 redirects
1	www.nortonlifelock.com	assets.adobedtm.com
1	login.norton.com	safeweb.norton.com
0	udc-neb.kampyle.com Failed	cdn.quantummetric.com
44	13

This site contains links to these domains. Also see Links.

Domain
community.norton.com
sitedirector.norton.com
www.facebook.com
twitter.com
www.nortonlifelock.com
nortonsafe.search.ask.com

Subject Issuer	Validity	Valid
safeweb.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-07` - `2022-10-29`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
login.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-21` - `2023-04-06`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
www.norton.com DigiCert SHA2 Extended Validation Server CA	`2022-03-08` - `2023-04-08`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
oms.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-30` - `2022-09-30`	a year	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-22` - `2023-03-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
Frame ID: ED1EB0FE5351FDD89C1E2770095F49F9
Requests: 30 HTTP requests in this frame

Frame: https://safeweb.norton.com/saml/login
Frame ID: A8BED30E2359A95265CFD9F7E7A5573C
Requests: 12 HTTP requests in this frame

Frame: https://symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: 20ED78F884B76BD737B9034702AC2276
Requests: 1 HTTP requests in this frame

Frame: https://symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: 994B8CE04C82FE93364490C5F455F362
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Report for oniamcurrent.work | Norton Safe Web

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Page Statistics

44
Requests

93 %
HTTPS

25 %
IPv6

9
Domains

13
Subdomains

12
IPs

5
Countries

895 kB
Transfer

2304 kB
Size

23
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: http://community.norton.com/forums?inid=safeweb-report_nortoncommunity-forums_userforums
Title: User Forums

Search URL Search Domain Scan URL

URL: http://sitedirector.norton.com/932743328?displocale=iso3:usa&displang=iso3:eng&ssdcat=267&origin=safew&env=prod&version=1.0&inid=safeweb-report_nortonfeedback-form_nortonfeedbackform
Title: Leave Feedback

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&inid=safeweb-report_facebook-sharer_facebookshare

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=http%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Fname%3Dhttp%3A%2F%2Foniamcurrent.work%2F&text=Norton%20Safe%20Web%2C%20from%20Symantec%20-%20report%20for%20http%3A%2F%2Foniamcurrent.work%2F&inid=safeweb-report_twitter-share_twittershare

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/legal?inid=safeweb-report_nortonlifelock-legal_applicableproductterms
Title: applicable product terms

Search URL Search Domain Scan URL

URL: http://nortonsafe.search.ask.com/docs/privacy?geo=&prt=cr&o=APN11908&chn=&ver=&inid=safeweb-report_nortonsafesearch-privacy_safesearchprivacypolicy
Title: privacy

Search URL Search Domain Scan URL

URL: http://sitedirector.norton.com/932743328?displocale=iso3:USA&displang=iso3:eng&ssdcat=264&origin=safew&env=prod&version=1.0&inid=safeweb-report_nortonaccount-subscriptions_nortonaccountsubscriptions
Title: Norton Account

Search URL Search Domain Scan URL

URL: http://sitedirector.norton.com/932743328?displocale=iso3:usa&displang=iso3:eng&ssdcat=261&origin=safew&env=prod&version=1.0&inid=safeweb-report_nortonfamily-web_nortonfamilyweb
Title: Norton Family

Search URL Search Domain Scan URL

URL: http://sitedirector.norton.com/932743328?displocale=iso3:usa&displang=iso3:eng&ssdcat=262&origin=safew&env=prod&version=1.0&inid=safeweb-report_nortonaccount-theimportanceofdatabackup_nortononlinebackupimportance
Title: Norton Online Backup

Search URL Search Domain Scan URL

URL: http://sitedirector.norton.com/932743328?displocale=iso3:usa&displang=iso3:eng&ssdcat=285&origin=safew&env=prod&version=1.0&inid=safeweb-report_nortonaccount-passwordmanager_nortonpasswordmanager
Title: Norton Password Manager

Search URL Search Domain Scan URL

URL: http://sitedirector.norton.com/932743328?displocale=iso3:usa&displang=iso3:eng&ssdcat=281&origin=safew&env=prod&version=1.0&inid=safeweb-report_nortonaccount-homepage_nortonmanagementhome
Title: Norton Management

Search URL Search Domain Scan URL

URL: http://sitedirector.norton.com/932743328?displocale=iso3:usa&displang=iso3:eng&ssdcat=290&origin=safew&env=prod&version=1.0&inid=safeweb-report_nortonaccount-homepage_nortonmobilesecurityhome
Title: Norton Mobile Security

Search URL Search Domain Scan URL

URL: http://sitedirector.norton.com/932743328?displocale=iso3:usa&displang=iso3:eng&ssdcat=265&origin=safew&env=prod&version=1.0&inid=safeweb-report_nortonupdatecenter-homepage_nortonupdatecenterhome
Title: Norton Update Center

Search URL Search Domain Scan URL

URL: http://sitedirector.norton.com/932743328?displocale=iso3:usa&displang=iso3:eng&ssdcat=266&origin=safew&env=prod&version=1.0&inid=safeweb-report_nortonproducts-homepage_nortonproductshome
Title: Norton.com

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/?inid=safeweb-report_nortonlifelock-homepage_nortonlifelocklogohome

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/about/legal?inid=safeweb-report_nortonlifelock-legal_termsofservice
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/privacy?inid=safeweb-report_nortonlifelock-privacy_privacypolicy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/about/legal
Title: NortonLifeLock Terms of Service

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://cm.everesttech.net/cm/dd?d_uuid=80316981567262723342179526028444045197 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlE6PAAAAEQk1wQf

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request show Show response
safeweb.norton.com/report/ 46 KB
47 KB 930ms
632ms Document
text/html 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

00e62e15a57f751639ddc025ea46a0da97e19223b9a370e333a0f3a1d3b26c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Sat, 09 Apr 2022 07:48:10 GMT
ETag: "8933c42921d381a7756bb4f997b270e3"
Pragma: no-cache
Server: Apache
Status: 200 OK
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: da6df86d-9e1c-415a-9d68-8b80f1e00b25
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK application-6c74b3b32c0f476ccbcb51bfce9ce528.css
safeweb.norton.com/assets/ 152 KB
152 KB 377ms
101ms Stylesheet
text/css 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://safeweb.norton.com/assets/application-6c74b3b32c0f476ccbcb51bfce9ce528.css

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

a06fcb877cdc15a297967e986a3352afab55f5c24409e4258ae6105abccc0ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:11 GMT
Last-Modified: Tue, 04 Jan 2022 10:06:50 GMT
Server: Apache
ETag: "2604d-5d4becbb40280"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155725

GET
H/1.1 200
OK application-43a366a0cfccb0e5d9161c5f25c70c4a.js Show response
safeweb.norton.com/assets/ 202 KB
203 KB 396ms
100ms Script
application/javascript 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://safeweb.norton.com/assets/application-43a366a0cfccb0e5d9161c5f25c70c4a.js

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

0437af9cf59bc195ea5eb28cac4ef2243b93e06e14a840d7f2f2998d834d5966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:11 GMT
Last-Modified: Fri, 11 Mar 2022 10:49:12 GMT
Server: Apache
ETag: "32928-5d9ef14be9a00"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 207144

GET
H2 200 launch-EN1cc7556280444b10a3c687a73ed01baa.min.js Show response
assets.adobedtm.com/ 183 KB
61 KB 157ms
39ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
Requested by: Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5dab510f2cd0771500da16c040d18f0675d620b3ccc789a6765b6d88e3d58e3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:48:12 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 21:01:33 GMT
server: AkamaiNetStorage
etag: "421a422dec9ae3e01e66fc6c769281b3:1634245293.428407"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://safeweb.norton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 61870
expires: Sat, 09 Apr 2022 08:48:12 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/symantec/cp1/ 67 KB
20 KB 57ms
15ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Requested by: Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5af2ce5d5ada96dfe8a0304f3c021d1ceac25d3e59a42f8f5e9a099826d5d578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:48:11 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 18:27:29 GMT
server: nginx
etag: W/"61b0f911-10af8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H/1.1 200
OK logo-master-norton.gif
safeweb.norton.com/images/ 3 KB
3 KB 99ms
99ms Image
image/gif 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/logo-master-norton.gif

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

905d6cc1a25f01a3b390f04719becc11d4138be61c2ca16735a1cede4e196dbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "b1a-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2842

GET
H/1.1 200
OK nav-user.png
safeweb.norton.com/images/global/ 1 KB
2 KB 101ms
100ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/global/nav-user.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

dff718e065a28a394895cbb1c2ee9377fb76bbaad0d1eab3dce7873487e4d339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "4f4-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1268

GET
H/1.1 200
OK norton-rating-big.png
safeweb.norton.com/images/responsive/icons/ 13 KB
13 KB 102ms
100ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/responsive/icons/norton-rating-big.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

4ee8ccbea31ec406a8474770e0581bb4b5b701849e43d3c172e14785c830c77c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "3297-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12951

GET
H/1.1 200
OK share_button.png
safeweb.norton.com/images/global/ 2 KB
2 KB 396ms
99ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/global/share_button.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

ccca6725f155d521b1355c52c9a0580e6100e2b0ddc956cba8fdae1d9decea9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "840-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2112

GET
H/1.1 200
OK facebook_icon.png
safeweb.norton.com/images/global/ 3 KB
3 KB 397ms
99ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/global/facebook_icon.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

c1bc1f82220a36edccd79d6b82b0f9ad10e3f823a2857e954acba964691cb557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "c46-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3142

GET
H/1.1 200
OK twitter.png
safeweb.norton.com/images/global/ 3 KB
4 KB 404ms
99ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/global/twitter.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

ecbb13209d61d82fd3deab8106f70f07fa56bbb8e094b4c3e7714f355d12bf54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "dad-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3501

GET
H/1.1 200
OK email_icon.png
safeweb.norton.com/images/global/ 3 KB
3 KB 100ms
100ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/global/email_icon.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

e33f16e8796e7e860ef73675b0acbf6a6e2b7f75b547ebddc3938cf2dfa41fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "c8e-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3214

GET
H/1.1 200
OK com-rating-big.png
safeweb.norton.com/images/responsive/icons/ 2 KB
2 KB 100ms
100ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/responsive/icons/com-rating-big.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

bcbeb9db1b39b246d67b16a1ff6d4189520bbdc6445d74a693152816c12cbb5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "835-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2101

GET
H/1.1 200
OK new_user.png
safeweb.norton.com/images/ 2 KB
2 KB 213ms
101ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/new_user.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

c13591b8816e91c5797dfa08bf177ab38c239c695df149d4fa6f9e92cca99d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "719-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1817

GET
H/1.1 200
OK new_logo_popup.png
safeweb.norton.com/images/global/ 5 KB
6 KB 99ms
98ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/global/new_logo_popup.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

426dd1439353abbb47662b80e1a88112f4a13ed86848d72187cc1fdeeafd65b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "15b5-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5557

GET
H/1.1 200
OK img-default-search.png
safeweb.norton.com/images/responsive/home/ 19 KB
19 KB 293ms
99ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/responsive/home/img-default-search.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

1b7b3c975a7be05b44f21ccb63d5bf741ae1df59527a753ee49a7c0a4d71838b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "4c97-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19607

GET
H/1.1 200
OK img-homepage.png
safeweb.norton.com/images/responsive/home/ 10 KB
11 KB 283ms
100ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/responsive/home/img-homepage.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

28e30eb66a8994e820cbfe96c688d192355855f064a8432fe91c304d2b325fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "28d9-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10457

GET
H/1.1 200
OK NortonLifeLock-Horizontal-Greyscale-Light.png
safeweb.norton.com/images/global/ 14 KB
14 KB 100ms
99ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/global/NortonLifeLock-Horizontal-Greyscale-Light.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

ec22080d138768a606790d95f2d6e3cbe5e5249d99a91f6fc442f822501d5cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "3621-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13857

GET
H/1.1 200 SAML2 Show response
login.norton.com/sso/idp/ Frame A8BE 9 KB
5 KB 572ms
175ms Document
text/html 13.93.137.227
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

13.93.137.227 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

sso /

Resource Hash

796940318a56cc104cc4d32a3de53ba0657be98b3f482acc88a8d4657d562700

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-inline' 'unsafe-eval'; img-src 'self' appleid.cdn-apple.com ssl.google-analytics.com stage.nortoncdn.com static.nortoncdn.com dpm.demdex.net nebula-cdn.kampyle.com oms.norton.com udc-neb.kampyle.com cm.everesttech.net data: blob: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' stage.nortoncdn.com static.nortoncdn.com ssl.google-analytics.com www.google.com www.gstatic.com symantec.tt.omtrdc.net cdn.tt.omtrdc.net nexus.ensighten.com nebula-cdn.kampyle.com cm.everesttech.net udc-neb.kampyle.com oms.norton.com appleid.cdn-apple.com assets.adobedtm.com cdn.quantummetric.com www.nortonlifelock.com; frame-src * 'unsafe-inline'; worker-src blob:; child-src blob:;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://safeweb.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store
Connection: Keep-Alive
Content-Encoding: gzip
Content-Security-Policy: default-src * 'unsafe-inline' 'unsafe-eval'; img-src 'self' appleid.cdn-apple.com ssl.google-analytics.com stage.nortoncdn.com static.nortoncdn.com dpm.demdex.net nebula-cdn.kampyle.com oms.norton.com udc-neb.kampyle.com cm.everesttech.net data: blob: 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval' stage.nortoncdn.com static.nortoncdn.com ssl.google-analytics.com www.google.com www.gstatic.com symantec.tt.omtrdc.net cdn.tt.omtrdc.net nexus.ensighten.com nebula-cdn.kampyle.com cm.everesttech.net udc-neb.kampyle.com oms.norton.com appleid.cdn-apple.com assets.adobedtm.com cdn.quantummetric.com www.nortonlifelock.com; frame-src * 'unsafe-inline'; worker-src blob:; child-src blob:;
Content-Type: text/html;charset=UTF-8
Date: Sat, 09 Apr 2022 07:48:12 GMT
Keep-Alive: timeout=60, max=500
P3P: CP="IDC DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Referrer-Policy: unsafe-url
Request-Context: appId=cid-v1:6ea52e03-0757-4fc0-b13a-638afc461255
Server: sso
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
vary: accept-encoding

GET
H/1.1 200
OK arrows.png
safeweb.norton.com/images/global/ 2 KB
2 KB 180ms
100ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/global/arrows.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/assets/application-6c74b3b32c0f476ccbcb51bfce9ce528.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

48e2459cd5160ab33f258bcd86d78661909d6a9c0f974d8b5a37ec97031d33ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/assets/application-6c74b3b32c0f476ccbcb51bfce9ce528.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "6b0-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1712

GET
H/1.1 200
OK header-bg1.png
safeweb.norton.com/images/global/ 947 B
1 KB 162ms
100ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/global/header-bg1.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/assets/application-6c74b3b32c0f476ccbcb51bfce9ce528.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

7fa7ba7691e054afed137d1d56a288f2e35917531a8ae1cb8ff07d402b9cf318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/assets/application-6c74b3b32c0f476ccbcb51bfce9ce528.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "3b3-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 947

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/symantec/cp1/ 398 B
540 B 19ms
19ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/symantec/cp1/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/symantec/cp1/code/&publishedOn=Wed%20Dec%2008%2018:27:29%20GMT%202021&ClientID=21&PageID=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1a7fbd9218bd8a0ff4177292612202b3a8cce281832db1b2bdb06029f72ae800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:48:12 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 398
expires: Sat, 09 Apr 2022 07:48:11 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 367 B
1 KB 153ms
40ms XHR
application/json 54.155.94.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1649490492261

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.155.94.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-155-94-243.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4b230a648b1d389974a0d72eb3b54e3371c65ab93995856d3b521461a64e69fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://safeweb.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v030-00aacbce8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: GXQof/+9RYY=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://safeweb.norton.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 309
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 s_code_norton_min.js Show response
www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/ 65 KB
21 KB 181ms
17ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/s_code_norton_min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

47d98c780369571153ad43132c36af2244142d1c95c6f3af54425acd292de432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-disposition: attachment
content-length: 21429
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Jan 2022 21:05:33 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Sat, 09 Apr 2022 07:48:12 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=32503
etag: "103b2-5d65a5448a140-gzip"
accept-ranges: bytes
expires: Sat, 09 Apr 2022 16:49:55 GMT

GET
H/1.1 200
OK glyphicons-halflings.png
safeweb.norton.com/images/ 12 KB
13 KB 194ms
100ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/glyphicons-halflings.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/assets/application-6c74b3b32c0f476ccbcb51bfce9ce528.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/assets/application-6c74b3b32c0f476ccbcb51bfce9ce528.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "31ff-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12799

GET
H/1.1 200
OK icon_20.png
safeweb.norton.com/images/responsive/icons/ 4 KB
4 KB 113ms
100ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/responsive/icons/icon_20.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/assets/application-6c74b3b32c0f476ccbcb51bfce9ce528.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

03eca4194a60a16ee2bb38e5fb5cc59ca6dbbff4ff3f814af30236bf42069fe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/assets/application-6c74b3b32c0f476ccbcb51bfce9ce528.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "1081-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4225

GET
H/1.1 200
OK bg-shadow.png
safeweb.norton.com/images/responsive/home/ 3 KB
3 KB 202ms
100ms Image
image/png 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://safeweb.norton.com/images/responsive/home/bg-shadow.png

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/assets/application-6c74b3b32c0f476ccbcb51bfce9ce528.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

864becd1ad5f7dd116ac1a7627d530c08912407e6f00575e3de15340b19af513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/assets/application-6c74b3b32c0f476ccbcb51bfce9ce528.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sat, 09 Apr 2022 07:48:12 GMT
Last-Modified: Fri, 04 Mar 2022 06:19:59 GMT
Server: Apache
ETag: "bc0-5d95e810fc1c0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3008

GET
H2 200 55ed090a14f40e6b7b02a1bbfc72a1a9.js Show response
nexus.ensighten.com/symantec/cp1/code/ 11 KB
1 KB 15ms
15ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/symantec/cp1/code/55ed090a14f40e6b7b02a1bbfc72a1a9.js?conditionId0=423130
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6fc5c3f9269c3777ec783af059224740282fafb4f415b61fa45ca940ee7eb529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:48:12 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 20:29:23 GMT
server: nginx
etag: W/"615cb5a3-2b94"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H/1.1 200
OK dest5.html Show response
symantec.demdex.net/ Frame 20ED 7 KB
3 KB 171ms
39ms Document
text/html 18.203.152.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://symantec.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.203.152.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-152-154.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://safeweb.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v030-0ddf0d821.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Ep9c106zQ1w=
content-encoding: gzip
date: Sat, 9 Apr 2022 07:48:12 GMT
last-modified: Tue, 15 Mar 2022 12:08:41 GMT
vary: accept-encoding

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YlE6PAAAAEQk1wQf
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=80316981567262723342179526028444045197
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlE6PAAAAEQk1wQf

42 B
943 B

40ms
40ms

Image
image/gif

54.155.94.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlE6PAAAAEQk1wQf

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

HTTP/1.1

Server

54.155.94.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-155-94-243.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-0da722906.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: tvmPGWgURtU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlE6PAAAAEQk1wQf
Date: Sat, 09 Apr 2022 07:48:12 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 json Show response
symantec.tt.omtrdc.net/m2/symantec/mbox/ 1 KB
1 KB 171ms
48ms XHR
application/json 63.35.137.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://symantec.tt.omtrdc.net/m2/symantec/mbox/json?mbox=sym_global_mbox&mboxSession=f45bbb0e83c041e9ab73e1e858194051&mboxPC=&mboxPage=032754d073634e80b969508e04b5f96e&mboxRid=fdb59cd6add440a5aebf14465f346dda&mboxVersion=1.8.2&mboxCount=1&mboxTime=1649490492272&mboxHost=safeweb.norton.com&mboxURL=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&profile.TCG=&vendor_type=&program_type=&site_country=us&site_section=safeweb&content_title=Report%20for%20oniamcurrent.work%20%7C%20Norton%20Safe%20Web&site_language=en&traffic_source=&ExistingCustomer=&site_sub_section=report&current_subchannel=&site_content_title=Report%20for%20oniamcurrent.work%20%7C%20Norton%20Safe%20Web&original_subchannel=&profile.vendor_type=&profile.program_type=&profile.site_country=us&site_sub_sub_section=&%20profile.site_section=safeweb&profile.site_language=en&profile.%20traffic_source=&profile.ExistingCustomer=&profile.%20site_sub_section=report&profile.current_subchannel=&profile.site_content_title=Report%20for%20oniamcurrent.work%20%7C%20Norton%20Safe%20Web&profile.original_subchannel=&mboxMCSDID=7FF663C1ED7958EB-60FF502E383331BE&mboxMCGVID=80156459607985884152194416315727708988&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.137.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-137-213.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 943ef094a34cecf93d2fe6ec6866f140c209561c660fe4a1aa452b348736e337

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Apr 2022 07:48:12 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://safeweb.norton.com
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
x-request-id: fdb59cd6add440a5aebf14465f346dda

GET
H2 200 s01541832076336
oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/ 43 B
422 B 107ms
26ms Image
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/s01541832076336?AQB=1&ndh=1&pf=1&t=9%2F3%2F2022%207%3A48%3A12%206%200&sdid=7FF663C1ED7958EB-60FF502E383331BE&mid=80156459607985884152194416315727708988&aamlh=6&ce=UTF-8&pageName=safeweb%3Aus%3Areport%3Ashow&g=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&server=norton&events=event79%3D17%2Cevent69&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=us&c3=en&c14=D%3Dv16&v18=D%3DpageName&v21=D%3Dc21&v27=D%3Dc2&v28=D%3Dc3&v29=signed%20out&c35=D%3DpageName&c41=safeweb&v41=D%3Dc41&c46=html&c47=page&v47=s_code_norton&c48=Report%20for%20oniamcurrent.work%20%7C%20Norton%20Safe%20Web&v48=D%3Dc49&c49=report&v49=D%3Dc48&v57=80156459607985884152194416315727708988&c59=safeweb%3Areport%3Ashow&v59=D%3Dc59&v72=safeweb&c75=D%3Dv57&v96=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://safeweb.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:48:12 GMT
x-content-type-options: nosniff
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 10 Apr 2022 07:48:12 GMT
server: jag
xserver: anedge-7b6f4bb9f7-c27bh
etag: 3542253860402757632-4619777007529964765
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Fri, 08 Apr 2022 07:48:12 GMT

GET
H2 200 launch-ec64249dfc51.min.js Show response
assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/ Frame A8BE 187 KB
63 KB 42ms
41ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/launch-ec64249dfc51.min.js
Requested by: Host: login.norton.com
URL: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3d424d7dea221af76e1eee86f8ed74f81ff4b0450b33138002096242d31dc1a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:48:12 GMT
content-encoding: gzip
last-modified: Mon, 28 Mar 2022 22:05:58 GMT
server: AkamaiNetStorage
etag: "ebf43dc8cfc1adc633d0544d1783d809:1648505158.326682"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login.norton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 63584
expires: Sat, 09 Apr 2022 08:48:12 GMT

GET
H2 200 s_code_norton_min.js Show response
nexus.ensighten.com/symantec/scode/ Frame A8BE 65 KB
21 KB 16ms
16ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/symantec/scode/s_code_norton_min.js
Requested by: Host: login.norton.com
URL: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 47d98c780369571153ad43132c36af2244142d1c95c6f3af54425acd292de432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:48:12 GMT
content-encoding: gzip
last-modified: Mon, 24 Jan 2022 23:36:47 GMT
server: nginx
etag: W/"61ef380f-103b2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=300

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ Frame A8BE 367 B
1 KB 40ms
40ms XHR
application/json 54.155.94.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&d_mid=80156459607985884152194416315727708988&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1649490492868

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/launch-ec64249dfc51.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.155.94.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-155-94-243.eu-west-1.compute.amazonaws.com

Software

Resource Hash

18d6223ce12b961d4f9f8b19b7767cfe0347a0a7dcbccdfc233880a6b2dde9ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v030-0d2d72a93.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: n/xCbJ+mTxI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://login.norton.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 310
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 RC401e00db6a444f57826a519b49f0bc6a-source.min.js Show response
assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/95fa0265a10c/ Frame A8BE 374 B
504 B 39ms
39ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/95fa0265a10c/RC401e00db6a444f57826a519b49f0bc6a-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/launch-ec64249dfc51.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 484cd3183e7a41c87640836ea5517308f4c859ccf1755a5bc9493390568d15c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:48:12 GMT
content-encoding: gzip
last-modified: Mon, 28 Mar 2022 22:05:59 GMT
server: AkamaiNetStorage
etag: "8315fc3bf5f9127bc940ebc1100d28fc:1648505159.061735"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login.norton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 240
expires: Sat, 09 Apr 2022 08:48:12 GMT

GET
H2 200 RC65220159b9d541bd850968abdaedbd8d-source.min.js Show response
assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/95fa0265a10c/ Frame A8BE 566 B
618 B 40ms
40ms Script
application/x-javascript 2a02:26f0:df:3a5::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/95fa0265a10c/RC65220159b9d541bd850968abdaedbd8d-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/launch-ec64249dfc51.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:df:3a5::1e80 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 90fc7f377f2dec3d52fd65d1d91ab7c61bf0eeb39d0080b644b5b886f8f75260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:48:12 GMT
content-encoding: gzip
last-modified: Mon, 28 Mar 2022 22:05:59 GMT
server: AkamaiNetStorage
etag: "8315fc3bf5f9127bc940ebc1100d28fc:1648505159.061735"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login.norton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 353
expires: Sat, 09 Apr 2022 08:48:12 GMT

GET
H/1.1 200
OK dest5.html Show response
symantec.demdex.net/ Frame 994B 7 KB
3 KB 40ms
39ms Document
text/html 18.203.152.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://symantec.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/launch-ec64249dfc51.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.203.152.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-152-154.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v030-04a5d1ba1.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: UQnHhcPMSW8=
content-encoding: gzip
date: Sat, 9 Apr 2022 07:48:12 GMT
last-modified: Tue, 15 Mar 2022 12:36:14 GMT
vary: accept-encoding

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/wu/458056/onsite/ Frame A8BE 2 KB
1 KB 70ms
17ms Script
application/javascript 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/wu/458056/onsite/embed.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/b29989a14bed/0b3c1a6a837b/launch-ec64249dfc51.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5495422e8b6ccbdb15402e8a24cd7ad5444060b069a875abf7b2c7d3ea26aace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: RKESId0K6HJHa2l0yHz3ttgVHVk0Naii
content-encoding: gzip
etag: "8dc3e5458c51200d093129353c845ac7"
fastly-original-body-size: 1554
age: 66095
via: 1.1 varnish
x-cache: HIT
content-length: 664
x-amz-id-2: VLpa/0xj8MyhNev6IcF1EOpGiW9UdydqoTKyfjiO7StcZqN8Dh4Tr2r9SbzAFRfNPXKDpts0318=
x-served-by: cache-hhn4025-HHN
last-modified: Fri, 08 Apr 2022 13:26:36 GMT
server: AmazonS3
x-timer: S1649490493.003345,VS0,VE0
date: Sat, 09 Apr 2022 07:48:13 GMT
vary: Accept-Encoding
x-amz-request-id: DEQHSHEP4AW1A0TV
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 2391

GET
H2 200 quantum-norton.js Show response
cdn.quantummetric.com/qscripts/ Frame A8BE 283 KB
80 KB 80ms
36ms Script
text/javascript 2606:4700:10::6816:34fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-norton.js

Requested by

Host: safeweb.norton.com
URL: https://safeweb.norton.com/report/show?url=http://oniamcurrent.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7fd9420ffd9bf296a60cf5db7f891fa7ad3be277e58deb43b7729ab378b3d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:48:13 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 49
etag: W/"164824149060316492754823401649404808147"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000
cf-ray: 6f91a39dac199165-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 generic1649424394869.js Show response
nebula-cdn.kampyle.com/us/wu/458056/onsite/ Frame A8BE 896 KB
98 KB 17ms
16ms Script
application/javascript 151.101.129.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/us/wu/458056/onsite/generic1649424394869.js
Requested by: Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/wu/458056/onsite/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545f8d3ac1113ee4cf4d1b97ca49e608dc7a1387e6f06f104853173f03d21c75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: UEamBRAe4nPvvrDgssPNhvD44sCM3III
content-encoding: gzip
etag: "a8601225090938f60d715e8eac047ee4"
fastly-original-body-size: 917011
age: 66097
via: 1.1 varnish
x-cache: HIT
content-length: 99764
x-amz-id-2: oCsZQ7du3YQvThVWLe05/ogwF/8MaENycYox6g9QWMW6Sqtgi0iVDnmLV70dkFbCowXn0ZAOA2s=
x-served-by: cache-hhn4025-HHN
last-modified: Fri, 08 Apr 2022 13:26:36 GMT
server: AmazonS3
x-timer: S1649490493.145579,VS0,VE0
date: Sat, 09 Apr 2022 07:48:13 GMT
vary: Accept-Encoding
x-amz-request-id: ZQHH1TP44XGY37FJ
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 595

POST
H/1.1 200
OK login Show response
safeweb.norton.com/saml/ Frame A8BE 1 B
724 B 123ms
122ms Document
text/plain 52.224.14.113
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://safeweb.norton.com/saml/login

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

52.224.14.113 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Apache /

Resource Hash

36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://login.norton.com
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Date: Sat, 09 Apr 2022 07:48:13 GMT
ETag: "7215ee9c7d9dc229d2921a40e899ec5f"
Pragma: no-cache
Server: Apache
Status: 200 OK
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: fbc0ad7e-69db-4f05-9aa4-3257ff1c3eea
X-XSS-Protection: 1; mode=block

GET
BLOB 200
OK a5582cfc-0a6e-436a-8de4-7f28482c732e
https://login.norton.com/ Frame A8BE 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://login.norton.com/a5582cfc-0a6e-436a-8de4-7f28482c732e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d569ad1880e36cfd1b6afe0ed422f166a8cba821fc9fdf07087250d49c6d4578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.norton.com/sso/idp/SAML2?SAMLRequest=nVNBbsIwEPxKbj6FOAktYJFIFFQViUoIaA%2B9VCZZwFKypl4HeH6dQAuVWlRx9c7MzuzIfSQuBpXd4Aw%2BKiDrDYjAWKVxqJGqEswczE5l8DKbJGxj7ZZEEJBcwR6WLdTGamxlunRPZREUeq2QeSMnpFDWKmdOM%2FvBIB2ofBvMB8%2BTiHmP2mTQWEnYShYEzBuPEvZ%2BF6%2Fa3U6b%2Bz3JOz4PY%2BmHUX7vc87zWPYgjuKeg9JUEqkdJMyaquYSVTBGshJtwiIeRT5v%2B7y34B3R7oowfGPe1GirM108KMwVrhNWGRRakiKBsgQSNhO1OxG1uFgeQSSeFoupP4NcGcgs817BUBPUgZh3KAt0bOLXxbanzSztI4WiMWu%2ByeF1svyqiKX%2FKqQfnHfU%2B7g4lQ15c2%2FXtIWDvdH7pcSwcN5msLohyVVYJrJa2T3XLe%2B1yevq3PkhXxiJtHWxjyl%2Fc5PWoz9Cn2aXXyD9BA%3D%3D&RelayState=https%3A%2F%2Fsafeweb.norton.com%2Freport%2Fshow%3Furl%3Dhttp%3A%2F%2Foniamcurrent.work%2F&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=mzoqH9NzUcUOvwBsSXrLwIFo%2FqjK9J7KkQB28oTyQ8qM3JFb0D%2FuHoIylo%2FTw1DhV%2BGqlozgxBMtYJxV4kXawCTu2YCDS6Amgq%2FZ0bLP32BbOcrvIcM3pK450e5ZhZirTViY5UGBHuxwRz%2BLaWMJaTenw%2Fe6kqjfWUo%2B2vkiGt595uvoggoonpVLKZt5Q4scetve0hlZLUz71zrkr1LeAvJmyiOBjZKRAvUvMZm1MAPLh3wTG%2BLbNBw3Mh5SOrxZbNf2VCNoh4DWjDYad18%2FT%2Fi4uH2hkJhu9I9kBmSh8AWmFmVPKFoM4HR7JmKy3juAYLe1qbgqRPWCC9het%2FyNNA%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Length: 17224
Content-Type: application/javascript

POST track
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ Frame A8BE 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: udc-neb.kampyle.com
URL: https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.norton.com/sso	1969-12-31 23:59:59	Name: JSESSIONID Value: 874E2D33106D6E2565CACE109FA528EA.jvmroute8081
safeweb.norton.com/	1970-01-20 04:22:32	Name: user_pref_lang Value: ENG
safeweb.norton.com/	1970-01-20 02:11:32	Name: _shasta_website_session Value: 2c7fec40dd0746156476e7a0c33bcec4
.norton.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 06:30:42	Name: demdex Value: 80316981567262723342179526028444045197
.norton.com/	1969-12-31 23:59:59	Name: AMCVS_67C716D751E567F70A490D4C%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 10:57:06	Name: everest_g_v2 Value: g_surferid~YlE6PAAAAEQk1wQf
.norton.com/	1970-01-20 07:57:06	Name: s_nr Value: 1649490492570-New
.norton.com/	1970-01-20 07:57:06	Name: event69 Value: event69
.norton.com/	1970-01-20 10:57:06	Name: channelStack Value: s_eVar72~safeweb
.norton.com/	1970-01-20 02:11:32	Name: s_gpv Value: safeweb%3Aus%3Areport%3Ashow
.norton.com/	1970-01-20 02:11:32	Name: s_gpv_custom Value: safeweb%3Areport%3Ashow
.dpm.demdex.net/	1970-01-20 06:30:42	Name: dpm Value: 80316981567262723342179526028444045197
.norton.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.symantec.tt.omtrdc.net/	1970-01-20 02:11:32	Name: symantec!mboxSession Value: f45bbb0e83c041e9ab73e1e858194051
.symantec.tt.omtrdc.net/	1970-01-20 19:45:35	Name: symantec!mboxPC Value: f45bbb0e83c041e9ab73e1e858194051.37_0
.norton.com/	1970-01-20 19:45:35	Name: mbox Value: session#f45bbb0e83c041e9ab73e1e858194051#1649492353\|PC#f45bbb0e83c041e9ab73e1e858194051.37_0#1712735293
.norton.com/	1970-01-20 19:44:08	Name: AMCV_67C716D751E567F70A490D4C%40AdobeOrg Value: 870038026%7CMCIDTS%7C19092%7CMCMID%7C80156459607985884152194416315727708988%7CMCAAMLH-1650095292%7C6%7CMCAAMB-1650095292%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1649497692s%7CNONE%7CMCSYNCSOP%7C411-19099%7CvVersion%7C5.0.0
login.norton.com/	1970-01-20 10:57:06	Name: mdLogger Value: false
login.norton.com/	1970-01-20 10:57:06	Name: kampyle_userid Value: 40c2-f1a5-6c00-44e2-4ff7-d1aa-80b2-a296
login.norton.com/	1970-01-20 10:57:06	Name: kampyleUserSession Value: 1649490493211
login.norton.com/	1970-01-20 10:57:06	Name: kampyleUserSessionsCount Value: 1
login.norton.com/	1970-01-20 10:57:06	Name: kampyleSessionPageCounter Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.quantummetric.com
cm.everesttech.net
dpm.demdex.net
login.norton.com
nebula-cdn.kampyle.com
nexus.ensighten.com
oms.norton.com
safeweb.norton.com
symantec.demdex.net
symantec.tt.omtrdc.net
udc-neb.kampyle.com
www.nortonlifelock.com
udc-neb.kampyle.com
13.36.218.177
13.93.137.227
151.101.129.175
18.195.42.228
18.203.152.154
2606:4700:10::6816:34fc
2a02:26f0:3500:88e::1015
2a02:26f0:df:3a5::1e80
52.213.125.155
52.224.14.113
54.155.94.243
63.35.137.213
00e62e15a57f751639ddc025ea46a0da97e19223b9a370e333a0f3a1d3b26c9e
03eca4194a60a16ee2bb38e5fb5cc59ca6dbbff4ff3f814af30236bf42069fe2
0437af9cf59bc195ea5eb28cac4ef2243b93e06e14a840d7f2f2998d834d5966
18d6223ce12b961d4f9f8b19b7767cfe0347a0a7dcbccdfc233880a6b2dde9ea
1a7fbd9218bd8a0ff4177292612202b3a8cce281832db1b2bdb06029f72ae800
1b7b3c975a7be05b44f21ccb63d5bf741ae1df59527a753ee49a7c0a4d71838b
28e30eb66a8994e820cbfe96c688d192355855f064a8432fe91c304d2b325fd7
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3d424d7dea221af76e1eee86f8ed74f81ff4b0450b33138002096242d31dc1a7
426dd1439353abbb47662b80e1a88112f4a13ed86848d72187cc1fdeeafd65b1
47d98c780369571153ad43132c36af2244142d1c95c6f3af54425acd292de432
484cd3183e7a41c87640836ea5517308f4c859ccf1755a5bc9493390568d15c0
48e2459cd5160ab33f258bcd86d78661909d6a9c0f974d8b5a37ec97031d33ce
4b230a648b1d389974a0d72eb3b54e3371c65ab93995856d3b521461a64e69fd
4ee8ccbea31ec406a8474770e0581bb4b5b701849e43d3c172e14785c830c77c
545f8d3ac1113ee4cf4d1b97ca49e608dc7a1387e6f06f104853173f03d21c75
5495422e8b6ccbdb15402e8a24cd7ad5444060b069a875abf7b2c7d3ea26aace
5af2ce5d5ada96dfe8a0304f3c021d1ceac25d3e59a42f8f5e9a099826d5d578
5dab510f2cd0771500da16c040d18f0675d620b3ccc789a6765b6d88e3d58e3e
6fc5c3f9269c3777ec783af059224740282fafb4f415b61fa45ca940ee7eb529
796940318a56cc104cc4d32a3de53ba0657be98b3f482acc88a8d4657d562700
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7fa7ba7691e054afed137d1d56a288f2e35917531a8ae1cb8ff07d402b9cf318
864becd1ad5f7dd116ac1a7627d530c08912407e6f00575e3de15340b19af513
905d6cc1a25f01a3b390f04719becc11d4138be61c2ca16735a1cede4e196dbb
90fc7f377f2dec3d52fd65d1d91ab7c61bf0eeb39d0080b644b5b886f8f75260
943ef094a34cecf93d2fe6ec6866f140c209561c660fe4a1aa452b348736e337
a06fcb877cdc15a297967e986a3352afab55f5c24409e4258ae6105abccc0ca6
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b7fd9420ffd9bf296a60cf5db7f891fa7ad3be277e58deb43b7729ab378b3d5c
bcbeb9db1b39b246d67b16a1ff6d4189520bbdc6445d74a693152816c12cbb5a
c13591b8816e91c5797dfa08bf177ab38c239c695df149d4fa6f9e92cca99d33
c1bc1f82220a36edccd79d6b82b0f9ad10e3f823a2857e954acba964691cb557
ccca6725f155d521b1355c52c9a0580e6100e2b0ddc956cba8fdae1d9decea9b
d569ad1880e36cfd1b6afe0ed422f166a8cba821fc9fdf07087250d49c6d4578
d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de
dff718e065a28a394895cbb1c2ee9377fb76bbaad0d1eab3dce7873487e4d339
e33f16e8796e7e860ef73675b0acbf6a6e2b7f75b547ebddc3938cf2dfa41fb1
ec22080d138768a606790d95f2d6e3cbe5e5249d99a91f6fc442f822501d5cea
ecbb13209d61d82fd3deab8106f70f07fa56bbb8e094b4c3e7714f355d12bf54
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

safeweb.norton.com Open in urlscan Pro 52.224.14.113 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

93 %HTTPS

25 %IPv6

9 Domains

13 Subdomains

12 IPs

5 Countries

895 kBTransfer

2304 kBSize

23 Cookies

20 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

safeweb.norton.com Open in urlscan Pro
52.224.14.113 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

93 %
HTTPS

25 %
IPv6

9
Domains

13
Subdomains

12
IPs

5
Countries

895 kB
Transfer

2304 kB
Size

23
Cookies

44 HTTP transactions
0 data transactions