urlscan.io logo urlscan.io
SecurityTrails logo

login.norton.com Open in urlscan Pro
13.93.136.125  Public Scan

Go To Rescan Add Verdict Report
URL: https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-Q...
Submission: On December 09 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 6 countries across 7 domains to perform 30 HTTP transactions. The main IP is 13.93.136.125, located in San Jose, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is login.norton.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 23rd 2019. Valid for: 10 months.
This is the only time login.norton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 13.93.136.125 8075 (MICROSOFT...)
12 104.103.97.33 16625 (AKAMAI-AS)
3 151.101.113.175 54113 (FASTLY)
4 18.197.253.20 16509 (AMAZON-02)
1 3 34.253.43.81 16509 (AMAZON-02)
1 2.17.5.34 16625 (AKAMAI-AS)
1 63.35.240.22 16509 (AMAZON-02)
1 35.181.91.36 16509 (AMAZON-02)
1 66.117.29.3 15224 (OMNITURE)
1 35.241.45.82 15169 (GOOGLE)
30 11
2    13.93.136.125 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
login.norton.com
12    104.103.97.33 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-103-97-33.deploy.static.akamaitechnologies.com
static.nortoncdn.com
3    151.101.113.175 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
nebula-cdn.kampyle.com
4    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
3    34.253.43.81 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-253-43-81.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2.17.5.34 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-17-5-34.deploy.static.akamaitechnologies.com
cdn.tt.omtrdc.net
1    63.35.240.22 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-35-240-22.eu-west-1.compute.amazonaws.com
symantec.demdex.net
1    35.181.91.36 (Paris, France)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-181-91-36.eu-west-3.compute.amazonaws.com
oms.norton.com
1    66.117.29.3 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
symantec.tt.omtrdc.net
1    35.241.45.82 (Ascension Island)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 82.45.241.35.bc.googleusercontent.com
udc-neb.kampyle.com
Domain Requested by
12 static.nortoncdn.com login.norton.com
4 nexus.ensighten.com login.norton.com
nexus.ensighten.com
3 dpm.demdex.net 1 redirects login.norton.com
3 nebula-cdn.kampyle.com login.norton.com
nebula-cdn.kampyle.com
2 login.norton.com login.norton.com
1 udc-neb.kampyle.com nebula-cdn.kampyle.com
1 symantec.tt.omtrdc.net nexus.ensighten.com
1 oms.norton.com nexus.ensighten.com
login.norton.com
1 symantec.demdex.net nexus.ensighten.com
1 cdn.tt.omtrdc.net nexus.ensighten.com
0 cm.everesttech.net Failed login.norton.com
30 11

This site contains links to these domains. Also see Links.

Domain
sitedirector.symantec.com
Subject Issuer Validity Valid
login.norton.com
DigiCert SHA2 Extended Validation Server CA		 2019-07-23 -
2020-05-09		 10 months crt.sh
store.norton.com
DigiCert SHA2 Extended Validation Server CA		 2019-05-15 -
2020-06-28		 a year crt.sh
j.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2019-09-11 -
2020-06-11		 9 months crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2019-10-03 -
2020-10-02		 a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.tt.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2017-10-26 -
2020-11-25		 3 years crt.sh
oms.norton.com
DigiCert SHA2 High Assurance Server CA		 2019-10-23 -
2020-10-27		 a year crt.sh
*.kampyle.com
RapidSSL RSA CA 2018		 2019-02-17 -
2020-03-01		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Frame ID: 09336908A02487DC50AC003C0AAEC248
Requests: 29 HTTP requests in this frame

Frame: https://symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: 1397A5C71A8C738B3B79F22DA2C9370C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i
Overall confidence: 100%
Detected patterns
  • script /ruxitagentjs/i

Page Statistics

30
Requests

93 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

11
IPs

6
Countries

953 kB
Transfer

2184 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1575911878284 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1575911878284

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set validateUser
login.norton.com/sso/embedded/ 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.93.136.125 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
sso /
Resource Hash
b4b322809f32529bf84958d753afff749bbd06480096956394200dafde048639
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob: 'unsafe-inline' stage.nortoncdn.com static.nortoncdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' stage.nortoncdn.com static.nortoncdn.com ssl.google-analytics.com www.google.com www.gstatic.com symantec.tt.omtrdc.net cdn.tt.omtrdc.net nexus.ensighten.com nebula-cdn.kampyle.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
login.norton.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

Date
Mon, 09 Dec 2019 17:17:56 GMT
Server
sso
X-OneAgent-JS-Injection
true
Request-Context
appId=cid-v1:6ea52e03-0757-4fc0-b13a-638afc461255
Referrer-Policy
unsafe-url
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob: 'unsafe-inline' stage.nortoncdn.com static.nortoncdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' stage.nortoncdn.com static.nortoncdn.com ssl.google-analytics.com www.google.com www.gstatic.com symantec.tt.omtrdc.net cdn.tt.omtrdc.net nexus.ensighten.com nebula-cdn.kampyle.com
P3P
CP="IDC DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-XSS-Protection
1; mode=block
Cache-Control
no-store
X-Frame-Options
SAMEORIGIN
vary
accept-encoding
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Set-Cookie
JSESSIONID=3B8C9AA14C0222624235EC19C6BE17EE.jvmroute8081; Path=/sso; Secure; HttpOnly
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
ruxitagentjs_ICA2SVfqru_10179191120132458.js
login.norton.com/sso/ 		135 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.norton.com/sso/ruxitagentjs_ICA2SVfqru_10179191120132458.js
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.93.136.125 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Apache /
Resource Hash
ebab5631fc232033cef7e21a69ce3e3ff28495d24a3db72cce006973c097b2c3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' stage.nortoncdn.com static.nortoncdn.com ssl.google-analytics.com www.google.com www.gstatic.com symantec.tt.omtrdc.net cdn.tt.omtrdc.net nexus.ensighten.com nebula-cdn.kampyle.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 09 Dec 2019 17:17:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Keep-Alive
Content-Length
53561
X-XSS-Protection
1; mode=block
Referrer-Policy
unsafe-url
Last-Modified
Wed, 03 Mar 2010 07:01:40 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, immutable
Content-Security-Policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src 'self' 'unsafe-inline' 'unsafe-eval' stage.nortoncdn.com static.nortoncdn.com ssl.google-analytics.com www.google.com www.gstatic.com symantec.tt.omtrdc.net cdn.tt.omtrdc.net nexus.ensighten.com nebula-cdn.kampyle.com
Keep-Alive
timeout=15, max=100
Expires
Tue, 08 Dec 2020 17:17:57 GMT
sprites-2019-12-06-10-52-10.css
static.nortoncdn.com/static/sso/2019.4.4/10/css/ 		7 KB
995 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/sso/2019.4.4/10/css/sprites-2019-12-06-10-52-10.css
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.97.33 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-97-33.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
bffb7f6d00cf4bd7811a20a69636a00119914e7b06b0abc2846ebd18a7289e32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 06 Dec 2019 23:36:49 GMT
server
Apache/2.4.6 (CentOS)
access-control-allow-origin
*
etag
"1c63-59911850f85a8"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
status
200
date
Mon, 09 Dec 2019 17:17:57 GMT
accept-ranges
bytes
content-length
769
nsl-web-2019-12-06-10-52-10.css
static.nortoncdn.com/static/sso/2019.4.4/10/css/ 		270 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/sso/2019.4.4/10/css/nsl-web-2019-12-06-10-52-10.css
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.97.33 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-97-33.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
4eb2ccad7f511cb7f6ded1b07c1eddf6b99d0e51e22fdf9f14947f8a26017866
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 06 Dec 2019 23:36:49 GMT
server
Apache/2.4.6 (CentOS)
access-control-allow-origin
*
etag
"43991-59911850f79f0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/css
status
200
date
Mon, 09 Dec 2019 17:17:57 GMT
accept-ranges
bytes
content-length
38665
sso-default-2019-12-06-10-52-10.js
static.nortoncdn.com/static/sso/2019.4.4/10/js/ 		171 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/sso/2019.4.4/10/js/sso-default-2019-12-06-10-52-10.js
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.97.33 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-97-33.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
99163a85f559857f74eea39c3199f4fdf71eda8c5a66747bcff011f711852f5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 06 Dec 2019 23:36:49 GMT
server
Apache/2.4.6 (CentOS)
access-control-allow-origin
*
etag
"2ad09-5991185175d7a"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
status
200
date
Mon, 09 Dec 2019 17:17:57 GMT
accept-ranges
bytes
content-length
55599
zxcvbn-2019-12-06-10-52-10.js
static.nortoncdn.com/static/sso/2019.4.4/10/js/ 		801 KB
390 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/sso/2019.4.4/10/js/zxcvbn-2019-12-06-10-52-10.js
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.97.33 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-97-33.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
5b9ecbb26fc1d1925baeb2a5fff83ab59fd3717ff199758f2bb01fea8aff376a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Fri, 06 Dec 2019 23:36:49 GMT
server
Apache/2.4.6 (CentOS)
access-control-allow-origin
*
etag
"c8271-599118517b752"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
status
200
date
Mon, 09 Dec 2019 17:17:57 GMT
accept-ranges
bytes
content-length
398430
embed.js
nebula-cdn.kampyle.com/wu/458056/onsite/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/wu/458056/onsite/embed.js
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e06f688fb65a7978f957f52839f9a9b3da88eae9ab145c4353c61596ab53e76

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 17:17:57 GMT
content-encoding
gzip
age
1101326
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
status
200
content-length
1040
x-amz-id-2
A4MI/ZgjtUxZ1YNh0jM5YdNeAdG37UIfyfEykMnqWwBKxqe/DLIleK0AXFEj4/DHyGs2qerl4jw=
x-served-by
cache-iad2146-IAD, cache-hhn4060-HHN
last-modified
Tue, 26 Nov 2019 23:22:32 GMT
server
AmazonS3
x-timer
S1575911877.393072,VS0,VE0
etag
"b8a15d26d5d7f1cf42cebb45f73c5590"
vary
Accept-Encoding
x-amz-request-id
B55E3817D5B20FD5
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1, 1480
Bootstrap.js
nexus.ensighten.com/symantec/cp1/ 		165 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
51168a7a63f3ff52645eea27342034e93e22ce824f4a72c76398dc0ef6461eb3

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 17:17:57 GMT
content-encoding
gzip
last-modified
Tue, 26 Nov 2019 21:54:56 GMT
server
nginx
etag
W/"5ddd9f30-294fe"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
s_code_norton_min.js
nexus.ensighten.com/symantec/scode/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/scode/s_code_norton_min.js
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b4c7f2eef48e56bc43441c5e4e3e4c41697b8f164494c909f4df0c6cfc90e1f9

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 17:17:57 GMT
content-encoding
gzip
last-modified
Tue, 03 Dec 2019 21:39:53 GMT
server
nginx
etag
W/"5de6d629-1202c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=300
loading_animation.gif
static.nortoncdn.com/static/sso/longlived/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nortoncdn.com/static/sso/longlived/images/loading_animation.gif
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.97.33 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-97-33.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
2fbdc600988b0c0deb30d8e6877917a845a2f404781a088d0913cdd6021cdc2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 15 Nov 2018 00:53:25 GMT
server
Apache/2.4.6 (CentOS)
access-control-allow-origin
*
etag
"17fd-57aa97a642b40"
access-control-allow-methods
GET,POST
content-type
image/gif
status
200
date
Mon, 09 Dec 2019 17:17:58 GMT
accept-ranges
bytes
content-length
6141
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1575911878284
  • https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1575911878284
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1575911878284
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.43.81 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-253-43-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1575911878284
X-TID
v8r8BW5fQ/k=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://login.norton.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://login.norton.com
X-TID
v8r8BW5fQ/k=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1575911878284
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
target.js
cdn.tt.omtrdc.net/cdn/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tt.omtrdc.net/cdn/target.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.5.34 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-17-5-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7ecf3bf86151cd72036fb67feb8fcbd8c80359e0ca871e1aeb955428ed43c26d

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 09 Dec 2019 17:17:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Oct 2019 05:03:41 GMT
Server
Apache
ETag
"1fcda-aa3e-593d246a6d5b9"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
must-revalidate, max-age=2437
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14200
serverComponent.php
nexus.ensighten.com/symantec/cp1/ 		273 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/serverComponent.php?r=76129.15565551486&ClientID=21&PageID=https%3A%2F%2Flogin.norton.com%2Fsso%2Fembedded%2FvalidateUser%3Ftok%3DJDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9344d74a8740c40b92b4c1494289f6e8a23a1e7e4539e99e3176246e9dddb443

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Mon, 09 Dec 2019 17:17:58 GMT
cache-control
no-cache, no-store
expires
Mon, 09 Dec 2019 17:17:57 GMT
server
nginx
content-length
273
content-type
text/javascript
663687745e8b82875c31e7bdb4d675de.js
nexus.ensighten.com/symantec/cp1/code/ 		247 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/code/663687745e8b82875c31e7bdb4d675de.js?conditionId0=423130
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
89e2536f63e24e339b8e83ea201af16a264323ee5fc9a8860c39c3f2bc3f99c6

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 17:17:58 GMT
last-modified
Mon, 04 Nov 2019 18:35:26 GMT
server
nginx
etag
"5dc06f6e-f7"
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
accept-ranges
bytes
content-length
247
rd
dpm.demdex.net/id/ 		367 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1575911878284
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.43.81 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-253-43-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0477134892f86f079f13ca2636630a905f0eafba71c51a7004dae8fb4d17ccbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Origin
https://login.norton.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v055-06aff09e6.edge-irl1.demdex.com 5.64.1.20191128093837 4ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
u4441fMvRdQ=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://login.norton.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
301
Expires
Thu, 01 Jan 1970 00:00:00 GMT
norton-ui-sprite.png
static.nortoncdn.com/static/sso/2019.4.4/10/images/ 		190 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nortoncdn.com/static/sso/2019.4.4/10/images/norton-ui-sprite.png
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/ruxitagentjs_ICA2SVfqru_10179191120132458.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.97.33 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-97-33.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
e283c397fd65f429abbfa95959be6b297b49ad5df760bee88af1464d4ddc0dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static.nortoncdn.com/static/sso/2019.4.4/10/css/nsl-web-2019-12-06-10-52-10.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 06 Dec 2019 23:36:49 GMT
server
Apache/2.4.6 (CentOS)
access-control-allow-origin
*
etag
"2f851-5991185132f29"
access-control-allow-methods
GET,POST
content-type
image/png
status
200
date
Mon, 09 Dec 2019 17:17:58 GMT
accept-ranges
bytes
content-length
194641
main_sprites.png
static.nortoncdn.com/static/sso/2019.4.4/10/images/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nortoncdn.com/static/sso/2019.4.4/10/images/main_sprites.png
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/ruxitagentjs_ICA2SVfqru_10179191120132458.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.97.33 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-97-33.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
5dd8d8729684a9cf2f3a412ef3f4f4ec07a5b7d058c918807a39fa4d1b8408d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static.nortoncdn.com/static/sso/2019.4.4/10/css/nsl-web-2019-12-06-10-52-10.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 06 Dec 2019 23:36:49 GMT
server
Apache/2.4.6 (CentOS)
access-control-allow-origin
*
etag
"6755-59911851313d1"
access-control-allow-methods
GET,POST
content-type
image/png
status
200
date
Mon, 09 Dec 2019 17:17:58 GMT
accept-ranges
bytes
content-length
26453
email_validation_required.svg
static.nortoncdn.com/static/sso/2019.4.4/10/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nortoncdn.com/static/sso/2019.4.4/10/images/email_validation_required.svg
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/ruxitagentjs_ICA2SVfqru_10179191120132458.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.97.33 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-97-33.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
98e80d6536e92f57ec712b7b289664e8645e0dea5cf4b31f87655a3074fca7d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static.nortoncdn.com/static/sso/2019.4.4/10/css/sprites-2019-12-06-10-52-10.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 06 Dec 2019 23:36:49 GMT
server
Apache/2.4.6 (CentOS)
access-control-allow-origin
*
etag
"c1d-599118511c3e1"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
status
200
date
Mon, 09 Dec 2019 17:17:58 GMT
accept-ranges
bytes
content-length
3101
corporate-sign-off-white.png
static.nortoncdn.com/static/sso/2019.4.4/10/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nortoncdn.com/static/sso/2019.4.4/10/images/corporate-sign-off-white.png
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/ruxitagentjs_ICA2SVfqru_10179191120132458.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.97.33 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-97-33.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
c056e9b3a0eb2520094a3b0a5e6e73ab1e9457b349d302103bed607de43af138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static.nortoncdn.com/static/sso/2019.4.4/10/css/nsl-web-2019-12-06-10-52-10.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 06 Dec 2019 23:36:49 GMT
server
Apache/2.4.6 (CentOS)
access-control-allow-origin
*
etag
"5f4-599118511bff9"
access-control-allow-methods
GET,POST
content-type
image/png
status
200
date
Mon, 09 Dec 2019 17:17:58 GMT
accept-ranges
bytes
content-length
1524
Cookie set dest5.html
symantec.demdex.net/ Frame 1397 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://symantec.demdex.net/dest5.html?d_nsid=0
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.240.22 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-35-240-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
symantec.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
nested-navigate
Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Accept-Encoding
gzip, deflate, br
Cookie
demdex=16502795633094364981552071593626533769
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Thu, 28 Nov 2019 14:17:17 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=16502795633094364981552071593626533769;Path=/;Domain=.demdex.net;Expires=Sat, 06-Jun-2020 17:17:58 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
ohni/g6sT0Y=
Content-Length
2764
Connection
keep-alive
id
oms.norton.com/ 		49 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oms.norton.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&mid=16342106253348543711567544620868498232&ts=1575911878460
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.181.91.36 Paris, France, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-181-91-36.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
79fe9b74639088d3b1de1ceb8917de2f6a02980d193d93955bfe8bf1ff610650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Origin
https://login.norton.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Mon, 09 Dec 2019 17:17:58 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-5fc496b8d4-kvd78
vary
Origin
x-c
master-1061.Iecc33a.M0-311
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://login.norton.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript
content-length
49
x-xss-protection
1; mode=block
dd
cm.everesttech.net/cm/ 		0
0
ajax
symantec.tt.omtrdc.net/m2/symantec/mbox/ 		1 KB
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://symantec.tt.omtrdc.net/m2/symantec/mbox/ajax?mboxHost=login.norton.com&mboxPage=e20d7e6d35804131b4cb57a6137b8976&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=60&colorDepth=24&mboxSession=e20d7e6d35804131b4cb57a6137b8976&mboxCount=1&mboxTime=1575915478290&page_name=missing&site_country=missing&site_language=missing&site_section=missing&visitor_segment=missing&mbox=sym_global_mbox&mboxId=0&mboxMCSDID=49868E719F05E91C-321DBE2911930637&mboxMCGVID=16342106253348543711567544620868498232&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6&vst.trk=om.norton.com&vst.trks=oms.norton.com&mboxURL=https%3A%2F%2Flogin.norton.com%2Fsso%2Fembedded%2FvalidateUser%3Ftok%3DJDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII&mboxReferrer=&mboxVersion=63
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.117.29.3 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software
/
Resource Hash
0b427a590dee2b07f07f1fd830830fadac5482e63f914ef2ef049964b990f647

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Dec 2019 17:17:58 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache
timing-allow-origin
*
x-request-id
eaeae64f-b68a-4c35-a2ab-2ae7d5126e96
s7144758988175
oms.norton.com/b/ss/symanteccom/1/JS-2.17.0/ 		0
0
generic1574810550897.js
nebula-cdn.kampyle.com/wu/458056/onsite/ 		235 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/wu/458056/onsite/generic1574810550897.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/wu/458056/onsite/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2564c6418f2dc4d51bbc5f6862b6ec527bd7e616c8985eada4ce05fca78005d0

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 17:17:58 GMT
content-encoding
gzip
age
0
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
status
200
content-length
56014
x-amz-request-id
00159BBD90152F97
x-amz-id-2
5iX7V+SAZUOQj7LacPC5kl8dsqfFuA/ZfdfHQkj3qnZ/+kXw3/Y6c661EkeQhEsftS61Azvfa4Y=
x-served-by
cache-iad2146-IAD, cache-hhn4060-HHN
last-modified
Tue, 26 Nov 2019 23:22:32 GMT
server
AmazonS3
x-timer
S1575911879.843631,VS0,VE0
etag
"058be45127f0b6153e28a81d202c768d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=160000
accept-ranges
bytes
x-cache-hits
1, 435
symantec-sans_regular.woff
static.nortoncdn.com/static/ngp/static/ngp.main.4.0.101/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngp/static/ngp.main.4.0.101/fonts/symantec-sans_regular.woff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.97.33 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-97-33.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
ea93edf14f7d8332f7173253d6709de07967039085aa10cca972e75f9d8b3454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Origin
https://login.norton.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 01 Aug 2018 18:51:31 GMT
server
Apache/2.4.6 (CentOS)
access-control-allow-origin
*
etag
"6dfc-572642ecc72c0"
access-control-allow-methods
GET,POST
content-type
application/font-woff
status
200
date
Mon, 09 Dec 2019 17:17:58 GMT
accept-ranges
bytes
content-length
28156
SourceSansPro-Regular.woff
static.nortoncdn.com/static/ngp/static/ngp.main.4.0.101/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngp/static/ngp.main.4.0.101/fonts/SourceSansPro-Regular.woff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.97.33 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-97-33.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Origin
https://login.norton.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
Apache/2.4.6 (CentOS)
access-control-allow-origin
*
date
Mon, 09 Dec 2019 17:17:59 GMT
access-control-allow-methods
GET,POST
content-type
text/html; charset=iso-8859-1
status
404
content-length
265
cool-2.1.15.min.js
nebula-cdn.kampyle.com/resources/onsite/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/wu/458056/onsite/generic1574810550897.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Dec 2019 17:17:58 GMT
content-encoding
gzip
age
0
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
status
200
content-length
5197
x-amz-request-id
181D27FC25E05628
x-amz-id-2
ulS9QpU8dN03o8UipRlkmnlw7PCEbNe+ZIdtHDr9GCnXL/Cra6xwws9CqcFzqRIalW97XqJ7AcQ=
x-served-by
cache-iad2132-IAD, cache-hhn4060-HHN
last-modified
Wed, 20 Nov 2019 10:02:07 GMT
server
AmazonS3
x-timer
S1575911879.902107,VS0,VE0
etag
"80dd5e3be5152c5c72d552c6a26ef6ff"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=160000
accept-ranges
bytes
x-cache-hits
1, 30184
track
udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/ 		59 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://udc-neb.kampyle.com/v1/qceuv8449dzg58ptt1bhda9g8ue19c7s/track
Requested by
Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.241.45.82 , Ascension Island, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
82.45.241.35.bc.googleusercontent.com
Software
Jetty(9.2.11.v20150529) /
Resource Hash
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459

Request headers

Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Origin
https://login.norton.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

x-me
prod-instance-gatewayservice-green-psxh
date
Mon, 09 Dec 2019 17:17:59 GMT
via
1.1 google
server
Jetty(9.2.11.v20150529)
access-control-allow-headers
X-Requested-With, Origin, Content-Type, Accept
status
200
access-control-max-age
1800
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/plain;charset=ISO-8859-1
access-control-allow-origin
https://login.norton.com
access-control-allow-credentials
true
alt-svc
clear
content-length
59
x-application-context
application:9090
SourceSansPro-Regular.ttf
static.nortoncdn.com/static/ngp/static/ngp.main.4.0.101/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngp/static/ngp.main.4.0.101/fonts/SourceSansPro-Regular.ttf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.97.33 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-97-33.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://login.norton.com/sso/embedded/validateUser?tok=JDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1jgPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII
Origin
https://login.norton.com

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
Apache/2.4.6 (CentOS)
access-control-allow-origin
*
date
Mon, 09 Dec 2019 17:17:59 GMT
access-control-allow-methods
GET,POST
content-type
text/html; charset=iso-8859-1
status
404
content-length
264

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.everesttech.net
URL
https://cm.everesttech.net/cm/dd?d_uuid=16502795633094364981552071593626533769
Domain
oms.norton.com
URL
https://oms.norton.com/b/ss/symanteccom/1/JS-2.17.0/s7144758988175?AQB=1&ndh=1&pf=1&t=9%2F11%2F2019%2018%3A17%3A58%201%20-60&sdid=49868E719F05E91C-321DBE2911930637&mid=16342106253348543711567544620868498232&aamlh=6&ce=UTF-8&pageName=login%3Aen%3Aemail%20confirmation%20error&g=https%3A%2F%2Flogin.norton.com%2Fsso%2Fembedded%2FvalidateUser%3Ftok%3DJDA1OTFlMjViLTI0MjMtNDBmYS1hOWY5LTQ0M2IyYjE0MDA5ZK3hyODpoFIf4nVp-QOLqk_xJP4_3kmjrYkYmfioik4185LrXEkKiosxe2a6R6HJLrx66doP_IgEWqrYQ5WMeZh8nsQD0-AJ1ANU2gUjOXmy9XdQEMuyBbLy5L6deFTBa1KW3nVMDRkACt32iAuLvW1j&server=norton&events=event79%3D14%2Cevent69&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=na&c3=en&c14=D%3Dv16&v18=D%3DpageName&v21=D%3Dc21&v27=D%3Dc2&v28=D%3Dc3&v33=D%3Dc17&c35=D%3DpageName&c41=login&v41=D%3Dc41&c46=html&c47=page&v47=s_code_norton&c48=Email%20Confirmation%20Error%20-%20Official%20Site%20%7C%20Norton%20Account%20Sign%20In%20%26%20Set%20Up&v48=D%3Dc49&v49=D%3Dc48&v57=16342106253348543711567544620868498232&c59=login%3Aemail%20confirmation%20error&v59=D%3Dc59&v72=login&c75=D%3Dv57&v96=https%3A%2F%2Flogin.norton.com%2Fsso%2Fembedded%2FvalidateUser&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=gPoY6uTKmI37NqfCfPD8HybBDCgTXRKA2SFPVQpVSzsiC2O0HK-fAYVS9YYPJEf2P1T4UUSPQATdyflz16Aadzc_sG0nqbA3ycsvZTIz5zZye-nZbtnqaLZFxRPYhDs99eAgMql9_S4q_1YJo7kS10FZgn5e0fZFZUvxcKy1Ry6EMg6HZxOinTx_sjac97qty6doiPU40mZ6hk2a-tHTgSx9tCCHozszMOrLZ_0Dw7tudY3oGr_oV6J8lXsSrGDII&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1

Verdicts & Comments Add Verdict or Comment

186 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dT_ object| dtrum object| RecaptchaOptions object| $jscomp object| CustomSubmit object| BlockFalseSubmit function| showFocusOutlineOnKeyBoardTab function| getCookie function| deleteCookie function| thirdPartyIdpSelect function| hideScrollbar function| detectCookie function| detectEmbeddedIFrame object| HASH_FUNCTIONS function| obfuscateFields function| submitFormWithAjax function| submitFormPreventDefault function| submitForm function| obfuscateAndSubmitForm function| ToggleText boolean| isValueChanged function| registerChangeProfileHandler function| updateTrustedFormValues function| submitTrustForm function| fndisableTFA function| showDiv function| showDialog function| hideDialog function| showConfirmDialog function| showDeleteConfirmationDialog function| showEditAccountDialog function| showCountryCodePhone function| showCountryCode function| disableButton function| enableButton function| selectedCountryIDP function| selectedCountry function| selectedCountryChange function| setFlag function| displayMessageStyleBlock function| displayMessageStyleNone function| onClickTab function| show2SVText function| getWrapMessage function| svgSupported function| togglePopover function| bindCheckInput function| checkInput function| getVipPushResult function| checkSecureKeyBrowserSupported function| Cryptography function| pad function| checkSessionTimeout object| module object| pwScores undefined| minChar undefined| pwStrengthClasses function| initPasswordStrength function| initValidateRegisterForm function| setupSubmitToggle object| TooltipFactory object| Border function| transition function| eventResponse function| resizeAnimatedBorder function| animatedBorder function| toggleUsernameField function| $ function| jQuery object| imgPreload function| ssoPageLoad function| zxcvbn object| ensBootstraps object| Bootstrapper function| targetPageParams object| ruleMETA object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor function| _log function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxList function| mboxSignaler function| mboxLocatorDefault function| mboxLocatorNode function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mbox function| mboxFactory function| mboxScPluginFetcher object| mboxFactories object| mboxFactoryDefault number| mboxVersion function| mboxCreate function| mboxDefine function| mboxUpdate function| mboxVizTargetUrl function| mboxSetCookie function| mboxGetCookie function| mboxLoadSCPlugin object| _AT object| v object| TNT string| mboxCopyright object| _enslog object| val function| getSizzleForTarget function| omEvent object| errorList string| formErrorsValue string| pageName object| nortonAnalytics function| s_getLoadTime function| s_doPlugins function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_Media function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq boolean| enableAdobeAnalytics string| s_account object| s number| s_loadT object| _numeric_ object| expiration_date function| trackCustomDownload function| trackPageView object| uStudio number| s_objectID number| s_giq string| isNewAccount function| sendPageNameEvent object| KAMPYLE_EMBED function| uglipop function| removeuglipop string| s_tnt string| tmp object| s_i_symanteccom object| mboxCurrent string| tntVal object| ttMETA function| debugttMETA string| KAMPYLE_REVISION object| MDIGITAL object| KAMPYLE_CONSTANT object| KAMPYLE_FUNC object| KAMPYLE_DATA object| KAMPYLE_TARGETING object| KAMPYLE_ANIMATION object| KAMPYLE_VIEW object| KAMPYLE_MESSAGE object| KAMPYLE_UTILS object| KAMPYLE_EVENT_DISPATCHER object| MDIGITAL_OnPrem object| KAMPYLE_COOLADATA object| KAMPYLE_COMMON object| KAMPYLE_THERMO_TEALEAF_FUNC object| KAMPYLE_CLICKTALE_FUNC object| KAMPYLE_SESSIONCAM object| KAMPYLE_SCREEN_CAPTURE object| KAMPYLE_ONSITE_SDK undefined| KAMPYLE_POLYFILLS object| KAMPYLE_INTEGRATION object| cooladata

10 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 16502795633094364981552071593626533769
.norton.com/ Name: s_cc
Value: true
.norton.com/ Name: mbox
Value: check#true#1575911939|session#e20d7e6d35804131b4cb57a6137b8976#1575913739|PC#e20d7e6d35804131b4cb57a6137b8976.26_28#1577121479
.norton.com/ Name: s_gpv
Value: login%3Aen%3Aemail%20confirmation%20error
.norton.com/ Name: AMCV_67C716D751E567F70A490D4C%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C18240%7CMCMID%7C16342106253348543711567544620868498232%7CMCAAMLH-1576516678%7C6%7CMCAAMB-1576516678%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1575919078s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.norton.com/ Name: s_nr
Value: 1575911878579-New
.norton.com/ Name: s_ecid
Value: MCMID%7C16342106253348543711567544620868498232
.norton.com/ Name: event69
Value: event69
.norton.com/ Name: channelStack
Value: s_eVar72~login
.norton.com/ Name: AMCVS_67C716D751E567F70A490D4C%40AdobeOrg
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; img-src 'self' data: blob: 'unsafe-inline' stage.nortoncdn.com static.nortoncdn.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' stage.nortoncdn.com static.nortoncdn.com ssl.google-analytics.com www.google.com www.gstatic.com symantec.tt.omtrdc.net cdn.tt.omtrdc.net nexus.ensighten.com nebula-cdn.kampyle.com
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tt.omtrdc.net
cm.everesttech.net
dpm.demdex.net
login.norton.com
nebula-cdn.kampyle.com
nexus.ensighten.com
oms.norton.com
static.nortoncdn.com
symantec.demdex.net
symantec.tt.omtrdc.net
udc-neb.kampyle.com
cm.everesttech.net
oms.norton.com
104.103.97.33
13.93.136.125
151.101.113.175
18.197.253.20
2.17.5.34
34.253.43.81
35.181.91.36
35.241.45.82
63.35.240.22
66.117.29.3
0477134892f86f079f13ca2636630a905f0eafba71c51a7004dae8fb4d17ccbc
0b427a590dee2b07f07f1fd830830fadac5482e63f914ef2ef049964b990f647
0e06f688fb65a7978f957f52839f9a9b3da88eae9ab145c4353c61596ab53e76
2564c6418f2dc4d51bbc5f6862b6ec527bd7e616c8985eada4ce05fca78005d0
2fbdc600988b0c0deb30d8e6877917a845a2f404781a088d0913cdd6021cdc2f
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
4eb2ccad7f511cb7f6ded1b07c1eddf6b99d0e51e22fdf9f14947f8a26017866
51168a7a63f3ff52645eea27342034e93e22ce824f4a72c76398dc0ef6461eb3
5b9ecbb26fc1d1925baeb2a5fff83ab59fd3717ff199758f2bb01fea8aff376a
5dd8d8729684a9cf2f3a412ef3f4f4ec07a5b7d058c918807a39fa4d1b8408d5
79fe9b74639088d3b1de1ceb8917de2f6a02980d193d93955bfe8bf1ff610650
7ecf3bf86151cd72036fb67feb8fcbd8c80359e0ca871e1aeb955428ed43c26d
89e2536f63e24e339b8e83ea201af16a264323ee5fc9a8860c39c3f2bc3f99c6
9344d74a8740c40b92b4c1494289f6e8a23a1e7e4539e99e3176246e9dddb443
98e80d6536e92f57ec712b7b289664e8645e0dea5cf4b31f87655a3074fca7d8
99163a85f559857f74eea39c3199f4fdf71eda8c5a66747bcff011f711852f5d
b4b322809f32529bf84958d753afff749bbd06480096956394200dafde048639
b4c7f2eef48e56bc43441c5e4e3e4c41697b8f164494c909f4df0c6cfc90e1f9
bffb7f6d00cf4bd7811a20a69636a00119914e7b06b0abc2846ebd18a7289e32
c056e9b3a0eb2520094a3b0a5e6e73ab1e9457b349d302103bed607de43af138
cbc1399b82e42018fbc8b8b9277200665d6367c9134ead9308ea5e568b00e459
e283c397fd65f429abbfa95959be6b297b49ad5df760bee88af1464d4ddc0dc4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea93edf14f7d8332f7173253d6709de07967039085aa10cca972e75f9d8b3454
ebab5631fc232033cef7e21a69ce3e3ff28495d24a3db72cce006973c097b2c3