urlscan.io logo urlscan.io
SecurityTrails logo

my.norton.com Open in urlscan Pro
40.118.234.43  Public Scan

Go To Rescan Add Verdict Report
URL: https://my.norton.com/extspa/passwordmanager?path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath...
Submission Tags: falconsandbox
Submission: On March 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 36 HTTP transactions. The main IP is 40.118.234.43, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is my.norton.com. The Cisco Umbrella rank of the primary domain is 213874.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 2nd 2021. Valid for: a year.
This is the only time my.norton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 40.118.234.43 8075 (MICROSOFT...)
11 2.18.233.77 16625 (AKAMAI-AS)
5 18.197.253.20 16509 (AMAZON-02)
1 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
2 151.101.65.175 54113 (FASTLY)
10 104.42.150.190 8075 (MICROSOFT...)
2 54.171.186.191 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 54.77.200.211 16509 (AMAZON-02)
1 1 52.51.88.158 16509 (AMAZON-02)
1 54.76.73.153 16509 (AMAZON-02)
1 35.241.45.82 15169 (GOOGLE)
36 11
1    40.118.234.43 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
my.norton.com
11    2.18.233.77 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-77.deploy.static.akamaitechnologies.com
static.nortoncdn.com
5    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
1    2a02:26f0:fb:5ad::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    151.101.65.175 (United States)

ASN54113 (FASTLY, US)
nebula-cdn.kampyle.com
10    104.42.150.190 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
identitysafe.norton.com
2    54.171.186.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-186-191.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2a02:26f0:6c00:2b6::1015 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.nortonlifelock.com
1    54.77.200.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-200-211.eu-west-1.compute.amazonaws.com
symantec.demdex.net
1    52.51.88.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-88-158.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    54.76.73.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-73-153.eu-west-1.compute.amazonaws.com
symantec.tt.omtrdc.net
1    35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
Apex Domain
Subdomains		 Transfer
11 nortoncdn.com
static.nortoncdn.com — Cisco Umbrella Rank: 25605
1 MB
11 norton.com
my.norton.com — Cisco Umbrella Rank: 213874
identitysafe.norton.com — Cisco Umbrella Rank: 504654
530 KB
5 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2591
23 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
symantec.demdex.net — Cisco Umbrella Rank: 104252
5 KB
3 kampyle.com
nebula-cdn.kampyle.com — Cisco Umbrella Rank: 3348
udc-neb.kampyle.com — Cisco Umbrella Rank: 2681
99 KB
1 omtrdc.net
symantec.tt.omtrdc.net — Cisco Umbrella Rank: 117163
1 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 878
517 B
1 nortonlifelock.com
www.nortonlifelock.com — Cisco Umbrella Rank: 38761
21 KB
1 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 515
61 KB
36 9
Domain Requested by
11 static.nortoncdn.com my.norton.com
static.nortoncdn.com
identitysafe.norton.com
10 identitysafe.norton.com my.norton.com
identitysafe.norton.com
5 nexus.ensighten.com my.norton.com
nexus.ensighten.com
2 dpm.demdex.net assets.adobedtm.com
my.norton.com
2 nebula-cdn.kampyle.com my.norton.com
nebula-cdn.kampyle.com
1 udc-neb.kampyle.com
1 symantec.tt.omtrdc.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 symantec.demdex.net assets.adobedtm.com
1 www.nortonlifelock.com assets.adobedtm.com
1 assets.adobedtm.com my.norton.com
1 my.norton.com
36 12

This site contains links to these domains. Also see Links.

Domain
sitedirector.norton.com
Subject Issuer Validity Valid
my.norton.com
DigiCert SHA2 Extended Validation Server CA		 2021-09-02 -
2022-09-02		 a year crt.sh
store.norton.com
DigiCert SHA2 Extended Validation Server CA		 2022-02-18 -
2023-03-10		 a year crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-10-12		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-22 -
2023-03-26		 a year crt.sh
identitysafe.norton.com
DigiCert SHA2 Extended Validation Server CA		 2021-03-19 -
2022-04-18		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
www.norton.com
DigiCert SHA2 Extended Validation Server CA		 2022-03-08 -
2023-04-08		 a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-11 -
2022-10-12		 a year crt.sh

This page contains 3 frames:

Primary Page: https://my.norton.com/extspa/passwordmanager?path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Frame ID: 10A1FC4E05F9235AD31B99DA4F74AA84
Requests: 23 HTTP requests in this frame

Frame: https://symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: CC5589AEB028ACD87BF71691E63E9E87
Requests: 1 HTTP requests in this frame

Frame: https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Frame ID: CFF7E7DAFA79BD010C7E36463BF79347
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Norton - Mein Abonnement

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/

Page Statistics

36
Requests

97 %
HTTPS

17 %
IPv6

9
Domains

12
Subdomains

11
IPs

3
Countries

1818 kB
Transfer

4785 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://cm.everesttech.net/cm/dd?d_uuid=14314158432110697222763251739146620607 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yjh40QAAAMH1cwQS

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request passwordmanager
my.norton.com/extspa/ 		7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.norton.com/extspa/passwordmanager?path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
40.118.234.43 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6a4e8774a2ad5ea933bdb93fe4e4dbc4b43b701cf8e66e33d3628968422430ed
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.norton.com https://*.nortonlifelock.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache
pragma
no-cache
content-encoding
gzip
expires
-1
vary
Accept-Encoding
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self' https://*.norton.com https://*.nortonlifelock.com;
x-content-type-options
nosniff
x-xss-protection
1
referrer-policy
origin-when-cross-origin
date
Mon, 21 Mar 2022 13:08:31 GMT
app.css
static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/ 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/app.css
Requested by
Host: my.norton.com
URL: https://my.norton.com/extspa/passwordmanager?path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7e1dd4f72741cf71e5a67ec9ee40f13595f97d93235a64935a7002d2edbb0f5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:08:32 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 12:45:46 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
66BUL0ayIrpvbUQCWw8UKA==
etag
"0x8DA074AE483EC9E"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
4591e4ff-b01e-0013-2d3b-39dc29000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
5929
Bootstrap.js
nexus.ensighten.com/symantec/cp1/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Requested by
Host: my.norton.com
URL: https://my.norton.com/extspa/passwordmanager?path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5af2ce5d5ada96dfe8a0304f3c021d1ceac25d3e59a42f8f5e9a099826d5d578

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:08:32 GMT
content-encoding
gzip
last-modified
Wed, 08 Dec 2021 18:27:29 GMT
server
nginx
etag
W/"61b0f911-10af8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
assets.adobedtm.com/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
Requested by
Host: my.norton.com
URL: https://my.norton.com/extspa/passwordmanager?path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5ad::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5dab510f2cd0771500da16c040d18f0675d620b3ccc789a6765b6d88e3d58e3e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:08:32 GMT
content-encoding
gzip
last-modified
Thu, 14 Oct 2021 21:01:33 GMT
server
AkamaiNetStorage
etag
"421a422dec9ae3e01e66fc6c769281b3:1634245293.428407"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://my.norton.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
61870
expires
Mon, 21 Mar 2022 14:08:32 GMT
embed.js
nebula-cdn.kampyle.com/wu/458056/onsite/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/wu/458056/onsite/embed.js
Requested by
Host: my.norton.com
URL: https://my.norton.com/extspa/passwordmanager?path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a5962734a8f0935ecd3780dd8f1fd006e744cc48bce1db24f2fc6b8951c84110

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
EeIiXHP9oV_2chbbgO5_9JyuDU3Tnycr
content-encoding
gzip
etag
"403e63a17fa52a42584ee192b67d4f4d"
age
3
via
1.1 varnish
x-cache
HIT
content-length
664
x-amz-id-2
hWNqBmNafR7kdx9bDBOdq6QGXD+myLFCeHQFJDa/yJqQtS4YLeUqdxi3QDzGN5VDTRdChHW2ZJA=
x-served-by
cache-hhn4036-HHN
last-modified
Mon, 21 Mar 2022 13:08:28 GMT
server
AmazonS3
x-timer
S1647868113.861608,VS0,VE0
date
Mon, 21 Mar 2022 13:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
NQMTPJ0XHB3DTQVS
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
2
vendor.js
static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/vendor.js
Requested by
Host: my.norton.com
URL: https://my.norton.com/extspa/passwordmanager?path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
35b3614d6d6baa35fc55d9f7f9c6d217ad2a1a074a68c103b3f3f639d13a970b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:08:32 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 12:45:46 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
+yxgNyOPatvYLD63saa5VA==
etag
"0x8DA074AE4839E8B"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0c33897d-b01e-005c-7741-391831000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
4247
app.js
static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/app.js
Requested by
Host: my.norton.com
URL: https://my.norton.com/extspa/passwordmanager?path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c14524e45ede6231c2a9e7c1743f410a08e94264cd0a1cde66919e60a853038d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:08:32 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 12:45:46 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
Ow+HJiIt6Kv0xcFZ/Bsevw==
etag
"0x8DA074AE4894309"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7e749bc1-301e-002b-1141-399d70000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
9862
bootstrap.js
identitysafe.norton.com/content/scripts/ 		89 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identitysafe.norton.com/content/scripts/bootstrap.js?v=42020
Requested by
Host: my.norton.com
URL: https://my.norton.com/extspa/passwordmanager?path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.42.150.190 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
IDSCP /
Resource Hash
65570a15aa96eb0124ddd782cc5fe2dc2e626495ed64fa94d2347786878f909f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 13:08:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Mar 2022 04:45:48 GMT
Server
IDSCP
ETag
W/"91213-1647492348000"
vary
accept-encoding
Content-Type
text/javascript
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
id
dpm.demdex.net/ 		367 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1647868112813
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.186.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-186-191.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c9f2fef70609300b929d1810ab26d04fc308fcd7abf0249c1bfad82a03629d18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://my.norton.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v030-0da722906.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
ZqOyIs39Sng=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://my.norton.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
309
Expires
Thu, 01 Jan 1970 00:00:00 UTC
s_code_norton_min.js
www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/s_code_norton_min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b6::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
47d98c780369571153ad43132c36af2244142d1c95c6f3af54425acd292de432
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff, nosniff
content-disposition
attachment
content-length
21429
x-xss-protection
1; mode=block
last-modified
Mon, 24 Jan 2022 21:05:33 GMT
server
Apache
x-frame-options
SAMEORIGIN
date
Mon, 21 Mar 2022 13:08:32 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=41037
etag
"103b2-5d65a5448a140-gzip"
accept-ranges
bytes
expires
Tue, 22 Mar 2022 00:32:29 GMT
norton-black.svg
static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/images/norton-black.svg
Requested by
Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
da1b234a41b7c1b16c6dcaf6d44a7d79332e2d5f8a24881add7dc2421f47a36c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:08:32 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 12:45:47 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
vu1U8j6D9SAk6y1mD5TFUA==
etag
"0x8DA074AE4929078"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
0c4ee11c-501e-003b-1441-39ab96000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
1420
avatar.svg
static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/images/ 		899 B
805 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/images/avatar.svg
Requested by
Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f01fbd12e2edaa3a62384f0ed858450426137845dd3654f1b45283e9ef9961b1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:08:32 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 12:45:47 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
+KM/uw6I2jrLspJyXntpsg==
etag
"0x8DA074AE491F45F"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
bdc68e54-701e-0068-5241-39b799000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
498
SourceSansPro-Regular.woff
static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/fonts/ 		196 KB
197 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/fonts/SourceSansPro-Regular.woff
Requested by
Host: static.nortoncdn.com
URL: https://static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/app.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c05048d8a2a9dec06d7af3c97af1c410c3e16616598bf423df6c8fe74151ec76

Request headers

Referer
https://static.nortoncdn.com/static/ngpcdn/static/ngp2022.1.5.20/dist/app.css
Origin
https://my.norton.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:08:32 GMT
last-modified
Wed, 16 Mar 2022 12:45:47 GMT
server
Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
content-md5
TBiMU/oMR+laKpwzx8Ic3w==
etag
"0x8DA074AE493A1C2"
access-control-allow-methods
GET,POST
content-type
font/woff
access-control-allow-origin
*
x-ms-request-id
445955a0-501e-0030-4341-39b3e2000000
x-ms-version
2018-03-28
accept-ranges
bytes
content-length
200568
spinner-blue.gif
identitysafe.norton.com/content/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://identitysafe.norton.com/content/images/spinner-blue.gif
Requested by
Host: my.norton.com
URL: https://my.norton.com/extspa/passwordmanager?path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.42.150.190 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
IDSCP /
Resource Hash
1846d706310e24b07619d273ffae63b43fc021298b6920399832550905df21eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 13:08:32 GMT
Last-Modified
Thu, 17 Mar 2022 04:45:32 GMT
Server
IDSCP
ETag
W/"30922-1647492332000"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30922
serverComponent.php
nexus.ensighten.com/symantec/cp1/ 		482 B
624 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/symantec/cp1/code/&publishedOn=Wed%20Dec%2008%2018:27:29%20GMT%202021&ClientID=21&PageID=https%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-genhttps%253A%252F%252Fmy.norton.com%252Fextspa%252Fpasswordmanager%253Fpath%253Dpwd-gen
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c44c973b3863aef9c1ada5d3a43e1e620d554d3cd296c544596ba3f94a7ef791

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:08:32 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
482
expires
Mon, 21 Mar 2022 13:08:31 GMT
55ed090a14f40e6b7b02a1bbfc72a1a9.js
nexus.ensighten.com/symantec/cp1/code/ 		11 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/code/55ed090a14f40e6b7b02a1bbfc72a1a9.js?conditionId0=423130
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6fc5c3f9269c3777ec783af059224740282fafb4f415b61fa45ca940ee7eb529

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:08:32 GMT
content-encoding
gzip
last-modified
Tue, 05 Oct 2021 20:29:23 GMT
server
nginx
etag
W/"615cb5a3-2b94"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
5a511eff6ece75f86134f0b7c2baed9b.js
nexus.ensighten.com/symantec/cp1/code/ 		1 KB
860 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/code/5a511eff6ece75f86134f0b7c2baed9b.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
037aee8b899729d810f4d25b755a1f59062c841462ff650ffdde54fd1f9c5f93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:08:32 GMT
content-encoding
gzip
last-modified
Mon, 04 Nov 2019 18:35:26 GMT
server
nginx
etag
W/"5dc06f6e-5b3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
dest5.html
symantec.demdex.net/ Frame CC55 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://symantec.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.200.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-200-211.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Mon, 21 Mar 2022 13:08:33 GMT
DCS
dcs-prod-irl1-2-v030-080d1cadb.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Tue, 15 Mar 2022 12:36:14 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
HwVdbK4+Rg0=
Content-Length
2791
Connection
keep-alive
ibs:dpid=411&dpuuid=Yjh40QAAAMH1cwQS
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=14314158432110697222763251739146620607
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yjh40QAAAMH1cwQS
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yjh40QAAAMH1cwQS
Requested by
Host: my.norton.com
URL: https://my.norton.com/extspa/passwordmanager?path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
HTTP/1.1
Server
54.171.186.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-186-191.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v030-0c088c812.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vCpoebA1Qro=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yjh40QAAAMH1cwQS
Date
Mon, 21 Mar 2022 13:08:33 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
json
symantec.tt.omtrdc.net/m2/symantec/mbox/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://symantec.tt.omtrdc.net/m2/symantec/mbox/json?mbox=sym_global_mbox&mboxSession=c48059aceff8460ab2f209012011224f&mboxPC=&mboxPage=b72ec3ced18846789f2f84f50b1447df&mboxRid=68a1443573e64eda9cec785091b98954&mboxVersion=1.8.2&mboxCount=1&mboxTime=1647868112822&mboxHost=my.norton.com&mboxURL=https%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-genhttps%253A%252F%252Fmy.norton.com%252Fextspa%252Fpasswordmanager%253Fpath%253Dpwd-gen&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&profile.TCG=&vendor_type=&program_type=&site_country=&site_section=&content_title=&site_language=&traffic_source=&ExistingCustomer=&site_sub_section=&current_subchannel=&site_content_title=&original_subchannel=&profile.vendor_type=&profile.program_type=&profile.site_country=&site_sub_sub_section=&%20profile.site_section=&profile.site_language=&profile.%20traffic_source=&profile.ExistingCustomer=&profile.%20site_sub_section=&profile.current_subchannel=&profile.site_content_title=&profile.original_subchannel=&mboxMCSDID=2501CD4D1BC8F815-0C1FC9C9906AFCA9&mboxMCGVID=14114389670989510832743276778997219854&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.73.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-73-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5bf652b04b80040a9f4f89b9439815294460b8cb0acca4a9852ca1618c78150e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Mar 2022 13:08:33 GMT
content-encoding
gzip
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
p3p
CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://my.norton.com
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
68a1443573e64eda9cec785091b98954
version
identitysafe.norton.com/status/ 		23 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://identitysafe.norton.com/status/version
Requested by
Host: identitysafe.norton.com
URL: https://identitysafe.norton.com/content/scripts/bootstrap.js?v=42020
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.42.150.190 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
IDSCP /
Resource Hash
abbd0f23f86574d7352af0de6bca6aea68be8cd264cb88deebf159dddfa5c1fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://my.norton.com
Date
Mon, 21 Mar 2022 13:08:33 GMT
Server
IDSCP
Connection
keep-alive
Content-Length
23
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/json
e.gif
nexus.ensighten.com/error/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=mboxFactoryDefault%20is%20not%20defined&lnn=-1&fn=&cid=21&client=symantec&publishPath=cp1&rid=300053&did=167100&errorName=ReferenceError
Requested by
Host: my.norton.com
URL: https://my.norton.com/extspa/passwordmanager?path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:08:33 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 21 Mar 2022 13:08:32 GMT
generic1647868106711.js
nebula-cdn.kampyle.com/us/wu/458056/onsite/ 		896 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/us/wu/458056/onsite/generic1647868106711.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/wu/458056/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a0c1cbbbbbe1cf42c4ed31f05c2f663eea5949f99e06bfdb89293e6fca8f674

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
fSUotWpjw2r6A32E41Isv0crPGt0tjGw
content-encoding
gzip
etag
"06e45ba7ad9eb934aa4fd9ef0308cbed"
age
5
via
1.1 varnish
x-cache
HIT
content-length
100180
x-amz-id-2
JkJ4hLBXslI54mZpy9IQhKcIgBZo/I5eXz6bqr8AfuGABtUZraV9OZCPudIMYOpBpXPxOKa3qFY=
x-served-by
cache-hhn4036-HHN
last-modified
Mon, 21 Mar 2022 13:08:27 GMT
server
AmazonS3
x-timer
S1647868114.678731,VS0,VE0
date
Mon, 21 Mar 2022 13:08:33 GMT
vary
Accept-Encoding
x-amz-request-id
4R10NWKHJQCWB9HQ
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
2
__cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 		0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJwYWdlX3RpdGxlIjogIk5vcnRvbiAtIE1laW4gQWJvbm5lbWVudCIsInBhZ2VfdXJsIjogImh0dHBzOi8vbXkubm9ydG9uLmNvbS9leHRzcGEvcGFzc3dvcmRtYW5hZ2VyP3BhdGg9cHdkLWdlbmh0dHBzJTNBJTJGJTJGbXkubm9ydG9uLmNvbSUyRmV4dHNwYSUyRnBhc3N3b3JkbWFuYWdlciUzRnBhdGglM0Rwd2QtZ2VuIiwidHJhY2tlcl90eXBlIjogImphdmFzY3JpcHQiLCJ0cmFja2VyX3ZlcnNpb24iOiAiMi4yLjIzIiwiZXZlbnRfbmFtZSI6ICJuZWJ1bGFfcGFnZV92aWV3IiwiZXZlbnRfdGltZXN0YW1wX2Vwb2NoIjogIjE2NDc4NjgxMTM3MzUiLCJldmVudF90aW1lem9uZV9vZmZzZXQiOiAwLCJ1c2VyX2lkIjogIjE3ZmFjOTdmMzNiMjlhLTAwMzUzMWYwNmYzZjE3LTk3NzE3M2MtMWQ0YzAwLTE3ZmFjOTdmMzNjOTlmIiwiZW52aXJvbWVudCI6ICJwcm9kVXNPcmVnb24iLCJhY2NvdW50SWQiOiA0NTgwNTQsInVybCI6ICJodHRwczovL215Lm5vcnRvbi5jb20vZXh0c3BhL3Bhc3N3b3JkbWFuYWdlcj9wYXRoPXB3ZC1nZW5odHRwcyUzQSUyRiUyRm15Lm5vcnRvbi5jb20lMkZleHRzcGElMkZwYXNzd29yZG1hbmFnZXIlM0ZwYXRoJTNEcHdkLWdlbiIsIndlYnNpdGVJZCI6IDQ1ODA1NiwiZm9ybUlkIjogbnVsbCwiZm9ybVRyaWdnZXJUeXBlIjogbnVsbCwia2FtcHlsZV9kYXRhIjogeyJMQVNUX0lOVklUQVRJT05fVklFVyI6ICIiLCJERUNMSU5FRF9EQVRFIjogIiIsImthbXB5bGVJbnZpdGVQcmVzZW50ZWQiOiAiIiwia2FtcHlsZV91c2VyaWQiOiAiYTg3Mi0wZWJhLTgwOTYtYWYwZS02MmE5LTJiODAtNzM3ZS1mMzU0Iiwia2FtcHlsZVVzZXJTZXNzaW9uIjogIjE2NDc4NjgxMTM3MzMiLCJrYW1weWxlVXNlclBlcmNlbnRpbGUiOiAiIiwiU1VCTUlUVEVEX0RBVEUiOiAiIn0sImNvb2tpZV9zaXplIjogODM1LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40NC4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40NC4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjQ3ODY4MTEzNzM1LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwiZmVlZGJhY2tfY29ycmVsYXRpb25fdXVpZCI6IG51bGx9Cl19
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-me
prod-instance-gatewayservice-green-1nwr
date
Mon, 21 Mar 2022 13:08:33 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
image/gif; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-application-context
application:9090
vault-tab-ui.html
identitysafe.norton.com/content/ui/ Frame CFF7 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Requested by
Host: identitysafe.norton.com
URL: https://identitysafe.norton.com/content/scripts/bootstrap.js?v=42020
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.42.150.190 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
IDSCP /
Resource Hash
60cdaf12ea0e9320e18666a27589a13a95ba1ddb30a8ca3040862e162ed8448d
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://my.norton.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://my.norton.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://my.norton.com/

Response headers

Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
ETag
W/"2709-1647492348000"
Last-Modified
Thu, 17 Mar 2022 04:45:48 GMT
vary
accept-encoding
Content-Encoding
gzip
Date
Mon, 21 Mar 2022 13:08:33 GMT
Server
IDSCP
Content-Security-Policy
frame-ancestors https://my.norton.com;
X-Frame-Options
ALLOW-FROM https://my.norton.com
Strict-Transport-Security
max-age=31536000; includeSubDomains
SourceSansPro-Bold.woff
static.nortoncdn.com/idscp/fonts/SourceSansPro-Bold/ Frame CFF7 		194 KB
194 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/idscp/fonts/SourceSansPro-Bold/SourceSansPro-Bold.woff
Requested by
Host: identitysafe.norton.com
URL: https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
7a11a026912f87201a700ca8d2738a717a0c887ef65fc16284a92920dbc9e09f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://identitysafe.norton.com/
Origin
https://identitysafe.norton.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Apr 2020 02:27:44 GMT
server
Apache/2.4.6 (CentOS)
etag
"30720-5a464b16dc800"
access-control-allow-methods
GET,POST
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
date
Mon, 21 Mar 2022 13:08:34 GMT
accept-ranges
bytes
content-length
198432
SourceSansPro-SemiBold.woff
static.nortoncdn.com/idscp/fonts/SourceSansPro-SemiBold/ Frame CFF7 		194 KB
195 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/idscp/fonts/SourceSansPro-SemiBold/SourceSansPro-SemiBold.woff
Requested by
Host: identitysafe.norton.com
URL: https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
d1ebdeca4d3e42c04c88e0a79064687afd00cdcc2b4d78f4d76930c3e614700f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://identitysafe.norton.com/
Origin
https://identitysafe.norton.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 29 Apr 2020 02:27:46 GMT
server
Apache/2.4.6 (CentOS)
etag
"3098c-5a464b18c4c80"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
date
Mon, 21 Mar 2022 13:08:34 GMT
accept-ranges
bytes
content-length
199052
x-xss-protection
1; mode=block
SourceSansPro-Light.woff
static.nortoncdn.com/idscp/fonts/SourceSansPro-Light/ Frame CFF7 		196 KB
197 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/idscp/fonts/SourceSansPro-Light/SourceSansPro-Light.woff
Requested by
Host: identitysafe.norton.com
URL: https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
bb307e1816126f48b4236b284c6d4fdcff22b7c096c4484c83ff40e32b62a802
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://identitysafe.norton.com/
Origin
https://identitysafe.norton.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 29 Apr 2020 02:27:45 GMT
server
Apache/2.4.6 (CentOS)
etag
"31190-5a464b17d0a40"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
date
Mon, 21 Mar 2022 13:08:34 GMT
accept-ranges
bytes
content-length
201104
x-xss-protection
1; mode=block
SourceSansPro-Regular.woff
static.nortoncdn.com/idscp/fonts/SourceSansPro-Regular/ Frame CFF7 		196 KB
197 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/idscp/fonts/SourceSansPro-Regular/SourceSansPro-Regular.woff
Requested by
Host: identitysafe.norton.com
URL: https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
c05048d8a2a9dec06d7af3c97af1c410c3e16616598bf423df6c8fe74151ec76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://identitysafe.norton.com/
Origin
https://identitysafe.norton.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 29 Apr 2020 02:27:46 GMT
server
Apache/2.4.6 (CentOS)
etag
"30f78-5a464b18c4c80"
access-control-allow-methods
GET,POST
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
date
Mon, 21 Mar 2022 13:08:34 GMT
accept-ranges
bytes
content-length
200568
Roboto-Regular.woff
static.nortoncdn.com/idscp/fonts/Roboto/ Frame CFF7 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/idscp/fonts/Roboto/Roboto-Regular.woff
Requested by
Host: identitysafe.norton.com
URL: https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.233.77 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-77.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
5c54e23b31fe7a518c005b3a9093a88b3f177943bd5210ea58ecc92379ad01a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://identitysafe.norton.com/
Origin
https://identitysafe.norton.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 29 Apr 2020 02:27:43 GMT
server
Apache/2.4.6 (CentOS)
etag
"126c4-5a464b15e85c0"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET,POST
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=2592000
date
Mon, 21 Mar 2022 13:08:34 GMT
accept-ranges
bytes
content-length
75460
x-xss-protection
1; mode=block
vendor.bundle1.js
identitysafe.norton.com/content/libs/ Frame CFF7 		728 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identitysafe.norton.com/content/libs/vendor.bundle1.js?ver=6.5.0.107
Requested by
Host: identitysafe.norton.com
URL: https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.42.150.190 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
IDSCP /
Resource Hash
49fca7944811195801c48ee5287171b01ecc9482894688785b69d576aa22bf47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 13:08:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Mar 2022 04:45:32 GMT
Server
IDSCP
ETag
W/"745096-1647492332000"
vary
accept-encoding
Content-Type
text/javascript
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
vendor.bundle2.js
identitysafe.norton.com/content/libs/ Frame CFF7 		362 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://identitysafe.norton.com/content/libs/vendor.bundle2.js?ver=6.5.0.107
Requested by
Host: identitysafe.norton.com
URL: https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.42.150.190 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
IDSCP /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 13:08:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Mar 2022 04:45:32 GMT
Server
IDSCP
ETag
W/"821713-1647492332000"
vary
accept-encoding
Content-Type
text/javascript
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
main.bundle.js
identitysafe.norton.com/content/scripts/ Frame CFF7 		462 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identitysafe.norton.com/content/scripts/main.bundle.js?ver=6.5.0.107
Requested by
Host: identitysafe.norton.com
URL: https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.42.150.190 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
IDSCP /
Resource Hash
c92869e262e0667dcf2457e9af76afbf33760012dc04d7ee135eccab5dd6bd37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 13:08:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Mar 2022 04:48:38 GMT
Server
IDSCP
ETag
W/"472852-1647492518000"
vary
accept-encoding
Content-Type
text/javascript
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
bootstrap.min.css
identitysafe.norton.com/content/ui/ Frame CFF7 		152 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identitysafe.norton.com/content/ui/bootstrap.min.css?ver=6.5.0.107
Requested by
Host: identitysafe.norton.com
URL: https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.42.150.190 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
IDSCP /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://my.norton.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://my.norton.com

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 13:08:34 GMT
Content-Encoding
gzip
vary
accept-encoding
Last-Modified
Thu, 17 Mar 2022 04:45:32 GMT
Server
IDSCP
ETag
W/"155758-1647492332000"
X-Frame-Options
ALLOW-FROM https://my.norton.com
Content-Type
text/css
Connection
keep-alive
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors https://my.norton.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
styles.bundle.css
identitysafe.norton.com/content/ui/ Frame CFF7 		123 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://identitysafe.norton.com/content/ui/styles.bundle.css?ver=6.5.0.107
Requested by
Host: identitysafe.norton.com
URL: https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.42.150.190 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
IDSCP /
Resource Hash
c4b2f945b029179b458d67da97a762687ad16a4e7daccd0be820932a610af74e
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://my.norton.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://my.norton.com

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 13:08:34 GMT
Content-Encoding
gzip
vary
accept-encoding
Last-Modified
Thu, 17 Mar 2022 04:45:48 GMT
Server
IDSCP
ETag
W/"125966-1647492348000"
X-Frame-Options
ALLOW-FROM https://my.norton.com
Content-Type
text/css
Connection
keep-alive
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors https://my.norton.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes
vault-tab-router.js
identitysafe.norton.com/content/ui/ Frame CFF7 		471 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://identitysafe.norton.com/content/ui/vault-tab-router.js?ver=6.5.0.107
Requested by
Host: identitysafe.norton.com
URL: https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.42.150.190 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
IDSCP /
Resource Hash
09b052383e237b39bbc246a5b9b1bb35aa571c73b4a7a0ecde36ac52f01e69e0
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://my.norton.com;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM https://my.norton.com

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://identitysafe.norton.com/content/ui/vault-tab-ui.html?version=6.6.2-348&path=pwd-genhttps%3A%2F%2Fmy.norton.com%2Fextspa%2Fpasswordmanager%3Fpath%3Dpwd-gen
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Mar 2022 13:08:34 GMT
Content-Encoding
gzip
vary
accept-encoding
Last-Modified
Thu, 17 Mar 2022 04:48:38 GMT
Server
IDSCP
ETag
W/"482331-1647492518000"
X-Frame-Options
ALLOW-FROM https://my.norton.com
Content-Type
text/javascript
Connection
keep-alive
Transfer-Encoding
chunked
Content-Security-Policy
frame-ancestors https://my.norton.com;
Strict-Transport-Security
max-age=31536000; includeSubDomains
Accept-Ranges
bytes

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored object| ensBootstraps object| Bootstrapper function| _log object| _enslog object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in string| previewurl string| produrl object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| webpackChunkngp_webapp object| val object| user object| browserInfo function| handleButtonClick string| RequestVerificationToken string| viewBagRecord function| makeTokenCall function| RevalidateSession function| spaLogout function| getATAsync function| handleATValidationFailure object| SpaAuth function| notifySPAContainer object| platformstorage function| getCremeCustomization function| getResourceOverrides object| Telemetry object| nortonAnalyticsVars object| OmnitureAnalyticsWrapper object| Feedback function| s_getLoadTime function| s_doPlugins function| removeTrailingComma function| isEmpty function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq boolean| enableAdobeAnalytics string| s_account object| s number| s_loadT object| nortonAnalytics object| _numeric_ object| expiration_date function| trackCustomDownload function| trackPageView number| s_objectID number| s_giq string| s_tnt string| tntVal string| ipGeoLocation object| ttMETA function| debugttMETA object| IPv6 object| punycode object| SecondLevelDomains function| URI function| URITemplate object| IDSafe object| KAMPYLE_EMBED string| crossDomains object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| KAMPYLE_GA object| MDIGITAL_ELEMENT_BUILDER object| COOLADATA_CODE object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_ADOBE_ANALYTICS object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata function| postCustomSPAFeedbackData function| triggerFeedbackBox function| triggerSurvey

17 Cookies

Domain/Path Name / Value
my.norton.com/ Name: __RequestVerificationToken
Value: CfDJ8KoZR7b4M_5BmTgLrxxLMblTL17hjZB7DmXwYHEyZ3zeBZQwepYFAWa-661wP4_OJ-0r-u0tbCqvE7KCcl1jc-RfFRNeouReb3dz3QGsqVs7A4aw0joS07Y9dQ2BK96c8N5DTXb7b90jahtyMEDAbgc
my.norton.com/ Name: .AspNetCore.Session
Value: CfDJ8KoZR7b4M%2F5BmTgLrxxLMblY1oJfDGKJUCdKkaMS2agiActGEyq%2FZvWMlGpuDV29tFPPaa3vU0WT0uTwh4Nr26e90hrH6NRbYIPmS%2FJMNlDqyXyM6f1N%2BAhLqEK2h69oShfPatZ7z85pq%2BJs6OCk46rPDPbAC3PFU6RqhbCqYbkY
my.norton.com/ Name: IQBERAWQ
Value: 02eec82c2f-6d55-44qZ0hp5ZGJ94nbMrcQ6Hh3vJVfe6yAGfWU-gWxLt9odERiVPKdNv20rvyxBJ2TxKuw_8
.norton.com/ Name: at_check
Value: true
.demdex.net/ Name: demdex
Value: 14314158432110697222763251739146620607
.norton.com/ Name: AMCVS_67C716D751E567F70A490D4C%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yjh40QAAAMH1cwQS
.symantec.tt.omtrdc.net/ Name: symantec!mboxSession
Value: c48059aceff8460ab2f209012011224f
.symantec.tt.omtrdc.net/ Name: symantec!mboxPC
Value: c48059aceff8460ab2f209012011224f.37_0
.norton.com/ Name: mbox
Value: session#c48059aceff8460ab2f209012011224f#1647869974|PC#c48059aceff8460ab2f209012011224f.37_0#1711112914
.dpm.demdex.net/ Name: dpm
Value: 14314158432110697222763251739146620607
.norton.com/ Name: AMCV_67C716D751E567F70A490D4C%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19073%7CMCMID%7C14114389670989510832743276778997219854%7CMCAAMLH-1648472912%7C6%7CMCAAMB-1648472912%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1647875312s%7CNONE%7CMCSYNCSOP%7C411-19080%7CvVersion%7C5.2.0
my.norton.com/ Name: mdLogger
Value: false
my.norton.com/ Name: kampyle_userid
Value: a872-0eba-8096-af0e-62a9-2b80-737e-f354
my.norton.com/ Name: kampyleUserSession
Value: 1647868113733
my.norton.com/ Name: kampyleUserSessionsCount
Value: 1
my.norton.com/ Name: kampyleSessionPageCounter
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://*.norton.com https://*.nortonlifelock.com;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cm.everesttech.net
dpm.demdex.net
identitysafe.norton.com
my.norton.com
nebula-cdn.kampyle.com
nexus.ensighten.com
static.nortoncdn.com
symantec.demdex.net
symantec.tt.omtrdc.net
udc-neb.kampyle.com
www.nortonlifelock.com
104.42.150.190
151.101.65.175
18.197.253.20
2.18.233.77
2a02:26f0:6c00:2b6::1015
2a02:26f0:fb:5ad::1e80
35.241.45.82
40.118.234.43
52.51.88.158
54.171.186.191
54.76.73.153
54.77.200.211
037aee8b899729d810f4d25b755a1f59062c841462ff650ffdde54fd1f9c5f93
09b052383e237b39bbc246a5b9b1bb35aa571c73b4a7a0ecde36ac52f01e69e0
1846d706310e24b07619d273ffae63b43fc021298b6920399832550905df21eb
1a0c1cbbbbbe1cf42c4ed31f05c2f663eea5949f99e06bfdb89293e6fca8f674
35b3614d6d6baa35fc55d9f7f9c6d217ad2a1a074a68c103b3f3f639d13a970b
47d98c780369571153ad43132c36af2244142d1c95c6f3af54425acd292de432
49fca7944811195801c48ee5287171b01ecc9482894688785b69d576aa22bf47
5af2ce5d5ada96dfe8a0304f3c021d1ceac25d3e59a42f8f5e9a099826d5d578
5bf652b04b80040a9f4f89b9439815294460b8cb0acca4a9852ca1618c78150e
5c54e23b31fe7a518c005b3a9093a88b3f177943bd5210ea58ecc92379ad01a5
5dab510f2cd0771500da16c040d18f0675d620b3ccc789a6765b6d88e3d58e3e
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60cdaf12ea0e9320e18666a27589a13a95ba1ddb30a8ca3040862e162ed8448d
65570a15aa96eb0124ddd782cc5fe2dc2e626495ed64fa94d2347786878f909f
6a4e8774a2ad5ea933bdb93fe4e4dbc4b43b701cf8e66e33d3628968422430ed
6fc5c3f9269c3777ec783af059224740282fafb4f415b61fa45ca940ee7eb529
7a11a026912f87201a700ca8d2738a717a0c887ef65fc16284a92920dbc9e09f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e1dd4f72741cf71e5a67ec9ee40f13595f97d93235a64935a7002d2edbb0f5f
a5962734a8f0935ecd3780dd8f1fd006e744cc48bce1db24f2fc6b8951c84110
abbd0f23f86574d7352af0de6bca6aea68be8cd264cb88deebf159dddfa5c1fa
bb307e1816126f48b4236b284c6d4fdcff22b7c096c4484c83ff40e32b62a802
c05048d8a2a9dec06d7af3c97af1c410c3e16616598bf423df6c8fe74151ec76
c14524e45ede6231c2a9e7c1743f410a08e94264cd0a1cde66919e60a853038d
c44c973b3863aef9c1ada5d3a43e1e620d554d3cd296c544596ba3f94a7ef791
c4b2f945b029179b458d67da97a762687ad16a4e7daccd0be820932a610af74e
c92869e262e0667dcf2457e9af76afbf33760012dc04d7ee135eccab5dd6bd37
c9f2fef70609300b929d1810ab26d04fc308fcd7abf0249c1bfad82a03629d18
d1ebdeca4d3e42c04c88e0a79064687afd00cdcc2b4d78f4d76930c3e614700f
da1b234a41b7c1b16c6dcaf6d44a7d79332e2d5f8a24881add7dc2421f47a36c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01fbd12e2edaa3a62384f0ed858450426137845dd3654f1b45283e9ef9961b1