us.norton.com Open in urlscan Pro
2a02:26f0:3500:88e::1015 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bizemail.gendigital.com/e3t/Ctc/DN+113/d15vxB04/MW4nyx8VDjCW8cbX005YcH6vW37H_hZ5dChmVN2C5czq3qgyTW8wLKSR6lZ3nRW5qLqsN4VH...
Effective URL:
https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_h...
Submission: On May 02 via manual (May 2nd 2024, 5:47:43 pm UTC) from US — Scanned from DE

Summary HTTP 227 Redirects Links 93 Behaviour Indicators

Summary

This website contacted 80 IPs in 7 countries across 59 domains to perform 227 HTTP transactions. The main IP is 2a02:26f0:3500:88e::1015, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is us.norton.com. The Cisco Umbrella rank of the primary domain is 18542.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on March 22nd 2024. Valid for: a year.

This is the only time us.norton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:671d	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
53	2a02:26f0:350... 2a02:26f0:3500:88e::1015	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:588::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	3.124.173.63 3.124.173.63	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:310... 2a02:26f0:3100:782::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.48.221.63 52.48.221.63	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:991::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.246.26.134 34.246.26.134	16509 (AMAZON-02) (AMAZON-02)
1 1	34.252.79.101 34.252.79.101	16509 (AMAZON-02) (AMAZON-02)
1	66.235.152.225 66.235.152.225	15224 (OMNITURE) (OMNITURE)
1	63.140.62.27 63.140.62.27	16509 (AMAZON-02) (AMAZON-02)
1	172.67.20.158 172.67.20.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
7	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14d5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:206... 2600:9000:206f:5a00:1:996f:a9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
2	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
5	104.126.37.145 104.126.37.145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:26e... 2600:9000:26e8:e600:12:1bcc:1d00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:8e::84 2a04:4e42:8e::84	54113 (FASTLY) (FASTLY)
2	54.218.116.186 54.218.116.186	16509 (AMAZON-02) (AMAZON-02)
1	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.245.31.105 18.245.31.105	16509 (AMAZON-02) (AMAZON-02)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
1	52.35.126.167 52.35.126.167	16509 (AMAZON-02) (AMAZON-02)
1 1	216.200.122.11 216.200.122.11	6461 (ZAYO-6461) (ZAYO-6461)
2 3	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
1 2	95.101.111.156 95.101.111.156	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	23.37.34.49 23.37.34.49	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:310... 2a02:26f0:3100:795::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	70.42.32.127 70.42.32.127	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	34.251.169.192 34.251.169.192	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2 4	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
4 9	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
3 9	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
6	2600:1f18:e8a... 2600:1f18:e8a:cd04:9b88:a313:d24d:af44	14618 (AMAZON-AES) (AMAZON-AES)
1	34.95.127.121 34.95.127.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
7	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.2.7.148 52.2.7.148	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.236.68 52.222.236.68	16509 (AMAZON-02) (AMAZON-02)
1	34.208.11.252 34.208.11.252	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1f::9c	15169 (GOOGLE) (GOOGLE)
9	172.217.16.195 172.217.16.195	15169 (GOOGLE) (GOOGLE)
4	35.239.153.217 35.239.153.217	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.255.41.64 3.255.41.64	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1	34.149.44.52 34.149.44.52	15169 (GOOGLE) (GOOGLE)
1	34.149.235.45 34.149.235.45	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.149.56.191 34.149.56.191	15169 (GOOGLE) (GOOGLE)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
2	157.240.252.35 157.240.252.35	32934 (FACEBOOK) (FACEBOOK)
1	2600:1901:0:5... 2600:1901:0:56e0::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.193.48 34.102.193.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
227	80

2 2606:2c40::c73c:671d (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

bizemail.gendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2a02:26f0:3500:88e::1015 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

us.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.nortonlifelock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:588::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com

ensighten.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:782::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.221.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-221-63.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:991::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.26.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-26-134.eu-west-1.compute.amazonaws.com

symantec.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.79.101 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-79-101.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.225 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-225.data.adobedc.net

symantec.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-27.data.adobedc.net

oms.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.20.158 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14d5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:5a00:1:996f:a9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

spider.australiarevival.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.126.37.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-145.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26e8:e600:12:1bcc:1d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.knotch-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.208.240 (None, )

ASN13335 (CLOUDFLARENET, US)

zn7ngvh48sidro926-gendigital.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.218.116.186 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-116-186.us-west-2.compute.amazonaws.com

app.leadsrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-105.fra56.r.cloudfront.net

tag.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.35.126.167 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-126-167.us-west-2.compute.amazonaws.com

tvspix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.122.11 (Portland, United States) 1 redirects

ASN6461 (ZAYO-6461, US)
PTR: 216.200.122.11.IPYX-141870-ZYO.zip.zayo.com

gwmtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.111.156 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-156.deploy.static.akamaitechnologies.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.34.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-34-49.deploy.static.akamaitechnologies.com

buy.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:795::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

02179916.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.169.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-169-192.eu-west-1.compute.amazonaws.com

norton.ow5a.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

8136487.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.196 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

bite.australiarevival.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.35 (San Francisco, United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.7.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-7-148.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-68.fra56.r.cloudfront.net

configs.knotch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.208.11.252 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-208-11-252.us-west-2.compute.amazonaws.com

event.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1f::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f195.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.239.153.217 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 217.153.239.35.bc.googleusercontent.com

ingest.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.255.41.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.84 (San Francisco, United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.44.52 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 52.44.149.34.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.235.45 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 45.235.149.34.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.56.191 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 191.56.149.34.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:56e0:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.bouncex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	norton.com us.norton.com — Cisco Umbrella Rank: 18542 ensighten.norton.com — Cisco Umbrella Rank: 190274 oms.norton.com — Cisco Umbrella Rank: 84853 buy.norton.com — Cisco Umbrella Rank: 193920	592 KB
17	doubleclick.net 7 redirects ad.doubleclick.net — Cisco Umbrella Rank: 159 8136487.fls.doubleclick.net — Cisco Umbrella Rank: 408740 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 89	10 KB
11	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 165 www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3095	732 B
9	google.de www.google.de — Cisco Umbrella Rank: 7810	575 B
9	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 2384 api.bounceexchange.com — Cisco Umbrella Rank: 2673	169 KB
7	australiarevival.com spider.australiarevival.com — Cisco Umbrella Rank: 202430 bite.australiarevival.com — Cisco Umbrella Rank: 160878	40 KB
7	bing.com bat.bing.com — Cisco Umbrella Rank: 345	16 KB
6	bouncex.net events.bouncex.net — Cisco Umbrella Rank: 2244	698 B
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 338 www.linkedin.com — Cisco Umbrella Rank: 619 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	4 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 901 tr6.snapchat.com — Cisco Umbrella Rank: 1398	798 B
5	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 902	5 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 712	155 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	436 KB
5	quantummetric.com cdn.quantummetric.com — Cisco Umbrella Rank: 2535 ingest.quantummetric.com — Cisco Umbrella Rank: 2975	86 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	413 B
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3210 tr.outbrain.com — Cisco Umbrella Rank: 3148 wave.outbrain.com — Cisco Umbrella Rank: 3203	10 KB
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 5153 page.cdnbasket.net — Cisco Umbrella Rank: 5166 view.cdnbasket.net — Cisco Umbrella Rank: 5161	1014 B
3	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 126	4 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	76 KB
3	qualtrics.com zn7ngvh48sidro926-gendigital.siteintercept.qualtrics.com — Cisco Umbrella Rank: 147643 siteintercept.qualtrics.com — Cisco Umbrella Rank: 908	27 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 243 symantec.demdex.net — Cisco Umbrella Rank: 117767	2 KB
2	cdnwidget.com ids.cdnwidget.com — Cisco Umbrella Rank: 3992 e.cdnwidget.com — Cisco Umbrella Rank: 15436	331 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 3535	123 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 882	609 B
2	t.co t.co — Cisco Umbrella Rank: 717	606 B
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2455	1 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1370 insight.adsrvr.org — Cisco Umbrella Rank: 691	4 KB
2	havasedge.com tag.havasedge.com — Cisco Umbrella Rank: 41937 event.havasedge.com — Cisco Umbrella Rank: 30463	23 KB
2	leadsrx.com app.leadsrx.com — Cisco Umbrella Rank: 12046	17 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 911	22 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 6140 q.quora.com — Cisco Umbrella Rank: 4081	15 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 681	7 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1160	12 KB
2	paypal.com www.paypal.com — Cisco Umbrella Rank: 2954 t.paypal.com — Cisco Umbrella Rank: 3518	7 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1444 c.go-mpulse.net — Cisco Umbrella Rank: 647	41 KB
2	gendigital.com 1 redirects bizemail.gendigital.com	4 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1570	502 B
1	knotch.com configs.knotch.com — Cisco Umbrella Rank: 13112	581 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1376	638 B
1	ojrq.net www.ojrq.net — Cisco Umbrella Rank: 5551	468 B
1	ow5a.net norton.ow5a.net — Cisco Umbrella Rank: 365338	1005 B
1	akstat.io 02179916.akstat.io — Cisco Umbrella Rank: 74021	226 B
1	ispot.tv pt.ispot.tv — Cisco Umbrella Rank: 2703	315 B
1	gwmtracking.com 1 redirects gwmtracking.com — Cisco Umbrella Rank: 23038	388 B
1	tvspix.com tvspix.com — Cisco Umbrella Rank: 14862	195 B
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4639	450 B
1	knotch-cdn.com www.knotch-cdn.com — Cisco Umbrella Rank: 11058	26 KB
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4545	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 803	17 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1134	19 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 3462	6 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 4578	12 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 801	15 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 4072	16 KB
1	omtrdc.net symantec.tt.omtrdc.net — Cisco Umbrella Rank: 128012	1 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1317	517 B
1	nortonlifelock.com www.nortonlifelock.com — Cisco Umbrella Rank: 46467	26 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 425	61 KB
0	knotch.it Failed frontdoor.knotch.it Failed
227	59

	Domain	Requested by
52	us.norton.com	bizemail.gendigital.com us.norton.com
17	ensighten.norton.com	us.norton.com ensighten.norton.com
9	www.google.de
9	googleads.g.doubleclick.net	3 redirects ensighten.norton.com
9	www.google.com	4 redirects
7	assets.bounceexchange.com	ensighten.norton.com
7	bat.bing.com	ensighten.norton.com
6	events.bouncex.net
6	bite.australiarevival.com	ensighten.norton.com
5	ct.pinterest.com	ensighten.norton.com
5	analytics.tiktok.com	ensighten.norton.com
5	www.googletagmanager.com	ensighten.norton.com
4	www.facebook.com
4	ingest.quantummetric.com	cdn.quantummetric.com
4	px.ads.linkedin.com	3 redirects ensighten.norton.com
4	8136487.fls.doubleclick.net	2 redirects ensighten.norton.com
4	tr.snapchat.com	ensighten.norton.com
3	www.googleadservices.com	1 redirects ensighten.norton.com
3	connect.facebook.net	ensighten.norton.com
3	ad.doubleclick.net	2 redirects
2	api.bounceexchange.com	ensighten.norton.com
2	siteintercept.qualtrics.com	ensighten.norton.com
2	us-central1-adaptive-growth.cloudfunctions.net	ensighten.norton.com
2	tr.outbrain.com	ensighten.norton.com
2	analytics.twitter.com
2	t.co
2	trkn.us	1 redirects
2	app.leadsrx.com	ensighten.norton.com
2	s.pinimg.com	ensighten.norton.com
2	s.yimg.com	ensighten.norton.com
2	www.redditstatic.com	ensighten.norton.com
2	dpm.demdex.net	assets.adobedtm.com us.norton.com
2	bizemail.gendigital.com	1 redirects
1	e.cdnwidget.com
1	ids.cdnwidget.com	ensighten.norton.com
1	view.cdnbasket.net	ensighten.norton.com
1	page.cdnbasket.net	ensighten.norton.com
1	data.cdnbasket.net	ensighten.norton.com
1	tr6.snapchat.com	ensighten.norton.com
1	insight.adsrvr.org	ensighten.norton.com
1	sp.analytics.yahoo.com
1	stats.g.doubleclick.net	ensighten.norton.com
1	region1.analytics.google.com	ensighten.norton.com
1	event.havasedge.com
1	configs.knotch.com	ensighten.norton.com
1	q.quora.com
1	t.paypal.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	alb.reddit.com
1	www.ojrq.net
1	norton.ow5a.net	ensighten.norton.com
1	wave.outbrain.com	ensighten.norton.com
1	02179916.akstat.io	ensighten.norton.com
1	buy.norton.com	ensighten.norton.com
1	pt.ispot.tv
1	adservice.google.com
1	gwmtracking.com	1 redirects
1	tvspix.com
1	js.adsrvr.org	ensighten.norton.com
1	tag.havasedge.com	ensighten.norton.com
1	tag.simpli.fi	ensighten.norton.com
1	zn7ngvh48sidro926-gendigital.siteintercept.qualtrics.com	ensighten.norton.com
1	www.knotch-cdn.com	ensighten.norton.com
1	a.quora.com	ensighten.norton.com
1	tag.wknd.ai	ensighten.norton.com
1	snap.licdn.com	ensighten.norton.com
1	www.paypal.com	ensighten.norton.com
1	sc-static.net	ensighten.norton.com
1	cdn.pdst.fm	ensighten.norton.com
1	spider.australiarevival.com	ensighten.norton.com
1	websdk.appsflyer.com	ensighten.norton.com
1	amplify.outbrain.com	ensighten.norton.com
1	static.ads-twitter.com	ensighten.norton.com
1	d.impactradius-event.com	ensighten.norton.com
1	cdn.quantummetric.com	ensighten.norton.com
1	oms.norton.com	us.norton.com
1	symantec.tt.omtrdc.net	ensighten.norton.com
1	cm.everesttech.net	1 redirects
1	symantec.demdex.net	ensighten.norton.com
1	c.go-mpulse.net	s.go-mpulse.net
1	www.nortonlifelock.com	assets.adobedtm.com
1	s.go-mpulse.net	us.norton.com
1	assets.adobedtm.com	us.norton.com
0	frontdoor.knotch.it Failed
227	85

This site contains links to these domains. Also see Links.

Domain
my.norton.com
lifelock.norton.com
www.gendigital.com
support.norton.com
community.norton.com
buy.norton.com
ar.norton.com
br.norton.com
ca.norton.com
ca-fr.norton.com
pr.norton.com
lam.norton.com
cl.norton.com
co.norton.com
mx.norton.com
be-nl.norton.com
be.norton.com
cz.norton.com
dk.norton.com
de.norton.com
es.norton.com
ie.norton.com
fr.norton.com
il.norton.com
it.norton.com
hu.norton.com
nl.norton.com
no.norton.com
at.norton.com
pl.norton.com
pt.norton.com
ro.norton.com
ch.norton.com
ch-fr.norton.com
ch-it.norton.com
za.norton.com
fi.norton.com
se.norton.com
tr.norton.com
ae.norton.com
uk.norton.com
gr.norton.com
ru.norton.com
au.norton.com
asia.norton.com
hk-en.norton.com
hk.norton.com
in.norton.com
malaysia.norton.com
nz.norton.com
sg.norton.com
kr.norton.com
cn.norton.com
tw.norton.com
jp.norton.com
www.afr.com
www.ic3.gov
twitter.com
www.instagram.com
www.facebook.com
www.youtube.com
updatecenter.norton.com
login.norton.com
www.reputationdefender.com
status.norton.com
www.nortonlifelock.com

Subject Issuer	Validity	Valid
bizemail.gendigital.com GTS CA 1P5	`2024-03-11` - `2024-06-09`	3 months	crt.sh
www.norton.com DigiCert SHA2 Extended Validation Server CA	`2024-03-22` - `2025-04-18`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
ensighten.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-12` - `2024-07-30`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2024-03-06` - `2025-03-06`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
oms.norton.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-03` - `2024-10-03`	a year	crt.sh
quantummetric.com GTS CA 1P5	`2024-04-16` - `2024-07-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-08` - `2025-01-06`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
*.australiarevival.com Amazon RSA 2048 M02	`2023-11-12` - `2024-12-11`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2024-03-19` - `2024-06-17`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M03	`2023-12-21` - `2025-01-18`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-08` - `2024-07-06`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-04-30` - `2024-06-19`	2 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
tag.wknd.ai R3	`2024-03-19` - `2024-06-17`	3 months	crt.sh
quora.com R3	`2024-03-31` - `2024-06-29`	3 months	crt.sh
www.knotch-cdn.com Amazon RSA 2048 M02	`2023-07-17` - `2024-08-15`	a year	crt.sh
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-27` - `2025-02-19`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-07`	a year	crt.sh
*.leadsrx.com GeoTrust TLS ECC CA G1	`2024-05-02` - `2025-04-11`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.havasedge.com Go Daddy Secure Certificate Authority - G2	`2023-08-09` - `2024-08-30`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tvspix.com Amazon RSA 2048 M03	`2024-03-25` - `2025-04-24`	a year	crt.sh
*.ispot.tv R3	`2024-03-09` - `2024-06-07`	3 months	crt.sh
buy.norton.com DigiCert SHA2 Extended Validation Server CA	`2024-01-03` - `2025-01-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-10` - `2024-05-10`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
pkof.net Amazon RSA 2048 M02	`2023-12-25` - `2025-01-22`	a year	crt.sh
misc.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-21` - `2025-02-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.ojrq.net Sectigo RSA Domain Validation Secure Server CA	`2023-12-12` - `2025-01-07`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2024-03-19` - `2024-06-17`	3 months	crt.sh
*.quora.com R3	`2024-04-21` - `2024-07-20`	3 months	crt.sh
*.knotch.com Amazon RSA 2048 M02	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-19` - `2025-02-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2024-03-19` - `2024-09-11`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
data.cdnbasket.net GTS CA 1D4	`2024-03-06` - `2024-06-04`	3 months	crt.sh
page.cdnbasket.net GTS CA 1D4	`2024-03-13` - `2024-06-11`	3 months	crt.sh
view.cdnbasket.net GTS CA 1D4	`2024-03-17` - `2024-06-15`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
ids.cdnwidget.com R3	`2024-03-12` - `2024-06-10`	3 months	crt.sh
e.cdnwidget.com R3	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.wunderkind.co R3	`2024-04-04` - `2024-07-03`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Frame ID: 2ED98673294EFB10BA3FBBE0D86CFDF0
Requests: 214 HTTP requests in this frame

Frame: https://symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: 4B290AE9E1971E1DA055176FD6D23021
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=08bef49b-4b6f-474e-958b-5a0be7a0227e&u_scsid=f60a1b84-eeae-4f18-9cd8-6fa90cd62c82&u_sclid=25733e17-cf8b-4275-92be-847f2a9997d5
Frame ID: D4FCE507E33DAA4256C3EFA7101B5A4D
Requests: 1 HTTP requests in this frame

Frame: https://8136487.fls.doubleclick.net/activityi;dc_pre=CMfZlJfD74UDFbdXHgIdU44Aeg;src=8136487;type=lp;cat=unive0;ord=1;num=3368704923764;npa=0;auiddc=26354531.1714672057;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;pscdl=noapi;gtm=45fe44t0v9170891986za200;gcs=G111;gcd=13t3t3t2t5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation
Frame ID: F4D3CF68859EA2639C373D2E6817036D
Requests: 1 HTTP requests in this frame

Frame: https://8136487.fls.doubleclick.net/activityi;dc_pre=CNzdlJfD74UDFf9jHgIdKYYB_w;src=8136487;type=lp;cat=blogp0;ord=1236415075160;npa=0;auiddc=26354531.1714672057;u10=unknown;u14=direct;u16=undefined;pscdl=noapi;gtm=45fe44t0v9170891986za200;gcs=G111;gcd=13t3t3t2t5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation
Frame ID: A6C516D0BE2E415F8546DEE37F8981FC
Requests: 1 HTTP requests in this frame

Frame: https://ingest.quantummetric.com/horizon/norton?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&t=1714672057074&v=1714672057975&S=0&N=0&P=0&z=1
Frame ID: A6FAB377D175AF8656569B221D03BC1F
Requests: 5 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=9e5b3bs&ref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&upid=jirrmzm&upv=1.1.0
Frame ID: 8BC7B3478E111ECBBAA567CD3B0CEDC4
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: E33987A3047A5BBD86F2A102C0F07265
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 8E0B1D1A37050284AFAA815EE9FD24C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Whaling attack: Definition + tips for prevention - Norton

Page URL History Show full URLs

https://bizemail.gendigital.com/e3t/Ctc/DN+113/d15vxB04/MW4nyx8VDjCW8cbX005YcH6vW37H_hZ5dChmVN2C5czq3qgyTW8w... Page URL
https://bizemail.gendigital.com/events/public/v1/encoded/track/tc/DN+113/d15vxB04/MW4nyx8VDjCW8cbX005YcH6vW3... HTTP 307
https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

227
Requests

95 %
HTTPS

28 %
IPv6

59
Domains

85
Subdomains

80
IPs

7
Countries

2004 kB
Transfer

6067 kB
Size

89
Cookies

93 Outgoing links

These are links going to different origins than the main page.

URL: https://my.norton.com/extspa/dashboard/Home?inid=nortoncom_nav_mynorton_home_blog:whaling-attack
Title: Go to account

Search URL Search Domain Scan URL

URL: https://my.norton.com/extspa/dashboard/Home?inid=nortoncom_nav_mynorton_home2_blog:whaling-attack
Title: Sign In

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home_blog:whaling-attack
Title: Account info

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home2_blog:whaling-attack
Title: Preferences

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/billinginformation?inid=nortoncom_nav_mynorton_billinginformation_blog:whaling-attack
Title: Billing info

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home3_blog:whaling-attack
Title: Renew

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/orders?inid=nortoncom_nav_mynorton_orders_blog:whaling-attack
Title: Order history

Search URL Search Domain Scan URL

URL: https://my.norton.com/onboard/home/setup?inid=nortoncom_nav_mynorton_setup_blog:whaling-attack
Title: Enter your Product Key

Search URL Search Domain Scan URL

URL: https://lifelock.norton.com/?inid=nortoncom_nav_lifelock.norton.com_blog:whaling-attack
Title: LifeLock Identity Protection

Search URL Search Domain Scan URL

URL: https://www.gendigital.com/us/en/partner/?inid=nortoncom_nav_logo_blog:whaling-attack
Title: Partner with Us

Search URL Search Domain Scan URL

URL: https://support.norton.com/?inid=nortoncom_nav_support_blog:whaling-attack
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://community.norton.com/en?inid=nortoncom_nav_community_blog:whaling-attack
Title: Community

Search URL Search Domain Scan URL

URL: https://buy.norton.com/ps?multipage=true&inid=nortoncom_nav_store_blog:whaling-attack

Search URL Search Domain Scan URL

URL: https://my.norton.com/extspa/dashboard/Home?inid=nortoncom_nav_mynorton_home3_blog:whaling-attack
Title: Go to account

Search URL Search Domain Scan URL

URL: https://my.norton.com/extspa/dashboard/Home?inid=nortoncom_nav_mynorton_home4_blog:whaling-attack
Title: Sign In

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home4_blog:whaling-attack
Title: Account info

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home5_blog:whaling-attack
Title: Preferences

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/billinginformation?inid=nortoncom_nav_mynorton_billinginformation2_blog:whaling-attack
Title: Billing info

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home6_blog:whaling-attack
Title: Renew

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/orders?inid=nortoncom_nav_mynorton_orders2_blog:whaling-attack
Title: Order history

Search URL Search Domain Scan URL

URL: https://my.norton.com/onboard/home/setup?inid=nortoncom_nav_mynorton_setup2_blog:whaling-attack
Title: Enter your Product Key

Search URL Search Domain Scan URL

URL: https://ar.norton.com/
Title: Argentina

Search URL Search Domain Scan URL

URL: https://br.norton.com/
Title: Brasil

Search URL Search Domain Scan URL

URL: https://ca.norton.com/
Title: Canada (English)

Search URL Search Domain Scan URL

URL: https://ca-fr.norton.com/
Title: Canada (Français)

Search URL Search Domain Scan URL

URL: https://pr.norton.com/
Title: Caribbean (English)

Search URL Search Domain Scan URL

URL: https://lam.norton.com/
Title: Caribe (Español)

Search URL Search Domain Scan URL

URL: https://cl.norton.com/
Title: Chile

Search URL Search Domain Scan URL

URL: https://co.norton.com/
Title: Colombia

Search URL Search Domain Scan URL

URL: https://mx.norton.com/
Title: México

Search URL Search Domain Scan URL

URL: https://be-nl.norton.com/
Title: België (Nederlands)

Search URL Search Domain Scan URL

URL: https://be.norton.com/
Title: Belgique (Français)

Search URL Search Domain Scan URL

URL: https://cz.norton.com/
Title: Česko

Search URL Search Domain Scan URL

URL: https://dk.norton.com/
Title: Danmark

Search URL Search Domain Scan URL

URL: https://de.norton.com/
Title: Deutschland

Search URL Search Domain Scan URL

URL: https://es.norton.com/
Title: España

Search URL Search Domain Scan URL

URL: https://ie.norton.com/
Title: Estonia (English)

Search URL Search Domain Scan URL

URL: https://fr.norton.com/
Title: France

Search URL Search Domain Scan URL

URL: https://il.norton.com/
Title: Israel (English)

Search URL Search Domain Scan URL

URL: https://it.norton.com/
Title: Italia

Search URL Search Domain Scan URL

URL: https://hu.norton.com/
Title: Magyarország

Search URL Search Domain Scan URL

URL: https://nl.norton.com/
Title: Nederland

Search URL Search Domain Scan URL

URL: https://no.norton.com/
Title: Norge

Search URL Search Domain Scan URL

URL: https://at.norton.com/
Title: Österreich

Search URL Search Domain Scan URL

URL: https://pl.norton.com/
Title: Polska

Search URL Search Domain Scan URL

URL: https://pt.norton.com/
Title: Portugal

Search URL Search Domain Scan URL

URL: https://ro.norton.com/
Title: România

Search URL Search Domain Scan URL

URL: https://ch.norton.com/
Title: Schweiz (Deutsch)

Search URL Search Domain Scan URL

URL: https://ch-fr.norton.com/
Title: Suisse (Français)

Search URL Search Domain Scan URL

URL: https://ch-it.norton.com/
Title: Svizzera (Italiano)

Search URL Search Domain Scan URL

URL: https://za.norton.com/
Title: South Africa

Search URL Search Domain Scan URL

URL: https://fi.norton.com/
Title: Suomi

Search URL Search Domain Scan URL

URL: https://se.norton.com/
Title: Sverige

Search URL Search Domain Scan URL

URL: https://tr.norton.com/
Title: Türkiye

Search URL Search Domain Scan URL

URL: https://ae.norton.com/
Title: United Arab Emirates (English)

Search URL Search Domain Scan URL

URL: https://uk.norton.com/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://gr.norton.com/
Title: Ελλάδα

Search URL Search Domain Scan URL

URL: https://ru.norton.com/
Title: Россия

Search URL Search Domain Scan URL

URL: https://au.norton.com/
Title: Australia

Search URL Search Domain Scan URL

URL: https://asia.norton.com/
Title: Cambodia (English)

Search URL Search Domain Scan URL

URL: https://hk-en.norton.com/
Title: Hong Kong (English)

Search URL Search Domain Scan URL

URL: https://hk.norton.com/
Title: 香港

Search URL Search Domain Scan URL

URL: https://in.norton.com/
Title: India (English)

Search URL Search Domain Scan URL

URL: https://malaysia.norton.com/
Title: Malaysia (English)

Search URL Search Domain Scan URL

URL: https://nz.norton.com/
Title: New Zealand

Search URL Search Domain Scan URL

URL: https://sg.norton.com/
Title: Singapore (English)

Search URL Search Domain Scan URL

URL: https://kr.norton.com/
Title: 대한민국

Search URL Search Domain Scan URL

URL: https://cn.norton.com/
Title: 中国

Search URL Search Domain Scan URL

URL: https://tw.norton.com/
Title: 台灣

Search URL Search Domain Scan URL

URL: https://jp.norton.com/
Title: 日本

Search URL Search Domain Scan URL

URL: https://www.afr.com/companies/financial-services/fake-zoom-invite-cripples-aussie-hedge-fund-with-8m-hit-20201122-p56f9c
Title: $800,000 of lost revenue

Search URL Search Domain Scan URL

URL: https://lifelock.norton.com/how-it-works/what-is-identity-theft
Title: steals the identity

Search URL Search Domain Scan URL

URL: https://www.ic3.gov/Media/PDF/AnnualReport/2022State/StateReport.aspx
Title: half a million in losses

Search URL Search Domain Scan URL

URL: https://lifelock.norton.com/learn/fraud/wire-transfer-scams
Title: unauthorized wire

Search URL Search Domain Scan URL

URL: https://twitter.com/norton

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nortonsecurity/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Norton

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/norton

Search URL Search Domain Scan URL

URL: https://support.norton.com/
Title: Norton Support

Search URL Search Domain Scan URL

URL: https://updatecenter.norton.com/
Title: Norton Update Center

Search URL Search Domain Scan URL

URL: https://community.norton.com/en
Title: Community

Search URL Search Domain Scan URL

URL: https://login.norton.com/
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.gendigital.com/
Title: Company

Search URL Search Domain Scan URL

URL: https://www.gendigital.com/us/en/partner/
Title: Partner with Us

Search URL Search Domain Scan URL

URL: https://lifelock.norton.com/
Title: LifeLock by Norton

Search URL Search Domain Scan URL

URL: https://www.reputationdefender.com/
Title: ReputationDefender by Norton

Search URL Search Domain Scan URL

URL: https://www.gendigital.com/legal
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.gendigital.com/legal/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.gendigital.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.gendigital.com/privacy/do-not-sell/
Title: Do Not Sell or Share My Personal Data

Search URL Search Domain Scan URL

URL: https://www.gendigital.com/accessibility-policy
Title: Accessibility Policy

Search URL Search Domain Scan URL

URL: https://status.norton.com/
Title: System Status

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/us/en/privacy/cookies-and-analytics/
Title: Learn more

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bizemail.gendigital.com/e3t/Ctc/DN+113/d15vxB04/MW4nyx8VDjCW8cbX005YcH6vW37H_hZ5dChmVN2C5czq3qgyTW8wLKSR6lZ3nRW5qLqsN4VH6KRW8-SRcv6f1gkXW2DPHhJ8lbpQGW2m-K007W5G03W3s3yg81-sKN6W3-JhBR2yNyd9W2LdcfD4VHZ1qW56My0s53WV6NVk8K637TLWvpW6VDq5G77r71JW3bnwXZ73VXbKW5Q24SZ3dfd07W3ZW57t43l6ngVmyYWW1ZP373VVfNWd747P9hW7pv6kz8Kvj7WW97kn2t7ppw8fW5Y3FBn8v7Nm2VFghNb4flPx6W1Rk1zC1FY9vYW1vhjxN4Zq_1gW5qqD8r6H129NW3lzyVp72Cx36W1t6qXd1PphzxW82-zbR2KHJZqW5WQjC31xRTPxVLvWDm19_T9xW6mFkzN1RMGhDf8BhwVY04 Page URL
https://bizemail.gendigital.com/events/public/v1/encoded/track/tc/DN+113/d15vxB04/MW4nyx8VDjCW8cbX005YcH6vW37H_hZ5dChmVN2C5czq3qgyTW8wLKSR6lZ3nRW5qLqsN4VH6KRW8-SRcv6f1gkXW2DPHhJ8lbpQGW2m-K007W5G03W3s3yg81-sKN6W3-JhBR2yNyd9W2LdcfD4VHZ1qW56My0s53WV6NVk8K637TLWvpW6VDq5G77r71JW3bnwXZ73VXbKW5Q24SZ3dfd07W3ZW57t43l6ngVmyYWW1ZP373VVfNWd747P9hW7pv6kz8Kvj7WW97kn2t7ppw8fW5Y3FBn8v7Nm2VFghNb4flPx6W1Rk1zC1FY9vYW1vhjxN4Zq_1gW5qqD8r6H129NW3lzyVp72Cx36W1t6qXd1PphzxW82-zbR2KHJZqW5WQjC31xRTPxVLvWDm19_T9xW6mFkzN1RMGhDf8BhwVY04?_ud=79776cc8-bc66-4366-ac80-1517308b1774&_jss=1&_fl=8&_pl=5&_hc=17&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://cm.everesttech.net/cm/dd?d_uuid=40930319706279316162824264558932328777 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjPRuAAAAH3ZNgNe

Request Chain 95

https://gwmtracking.com/p/v/1/59bc0993f8708105b27e9bf1/format/img HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9309239;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9309239;dc_pre=CLX8x5fD74UDFesJogMd0tkAzQ;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CLX8x5fD74UDFesJogMd0tkAzQ;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 97

https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=782213122 HTTP 302
https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=782213122&ip=80.255.7.119&cuidchk=1

Request Chain 121

https://8136487.fls.doubleclick.net/activityi;src=8136487;type=lp;cat=unive0;ord=1;num=3368704923764;npa=0;auiddc=26354531.1714672057;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;pscdl=noapi;gtm=45fe44t0v9170891986za200;gcs=G111;gcd=13t3t3t2t5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation HTTP 302
https://8136487.fls.doubleclick.net/activityi;dc_pre=CMfZlJfD74UDFbdXHgIdU44Aeg;src=8136487;type=lp;cat=unive0;ord=1;num=3368704923764;npa=0;auiddc=26354531.1714672057;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;pscdl=noapi;gtm=45fe44t0v9170891986za200;gcs=G111;gcd=13t3t3t2t5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation

Request Chain 122

https://8136487.fls.doubleclick.net/activityi;src=8136487;type=lp;cat=blogp0;ord=1236415075160;npa=0;auiddc=26354531.1714672057;u10=unknown;u14=direct;u16=undefined;pscdl=noapi;gtm=45fe44t0v9170891986za200;gcs=G111;gcd=13t3t3t2t5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation HTTP 302
https://8136487.fls.doubleclick.net/activityi;dc_pre=CNzdlJfD74UDFf9jHgIdKYYB_w;src=8136487;type=lp;cat=blogp0;ord=1236415075160;npa=0;auiddc=26354531.1714672057;u10=unknown;u14=direct;u16=undefined;pscdl=noapi;gtm=45fe44t0v9170891986za200;gcs=G111;gcd=13t3t3t2t5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation

Request Chain 123

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=143129871.1714672057&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack&dma_cps=sypham&dma=1&npa=0&gtm=45fe44t0v9170891986za200&auid=26354531.1714672057 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=143129871.1714672057&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack&dma_cps=sypham&dma=1&npa=0&gtm=45fe44t0v9170891986za200&auid=26354531.1714672057

Request Chain 133

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1714672057909&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1714672057909&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2504060%26time%3D1714672057909%26url%3Dhttps%253A%252F%252Fus.norton.com%252Fblog%252Femerging-threats%252Fwhaling-attack%253Futm_campaign%253DFY25%252520Employee%252520Benefits%2526utm_medium%253Demail%2526_hsenc%253Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%2526_hsmi%253D302650963%2526utm_content%253D302650963%2526utm_source%253Dhs_automation%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1714672057909&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1714672057909&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&cookiesTest=true&liSync=true&e_ipv6=AQLQuZSr4D1U3QAAAY86a0EIwwcHKLalFiGB5HBfdsWNuGw6JR8xHKkHs1Bz64JaUDUfZ10

Request Chain 179

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1504739296&cv=11&fst=1714672058230&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&label=sale&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&gtm_ee=1&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dwhaling-attack%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIreTOl8PvhQMV9YKDBx2lqwh2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/1043330685/?random=1504739296&cv=11&fst=1714672058230&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&label=sale&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&gtm_ee=1&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dwhaling-attack%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIreTOl8PvhQMV9YKDBx2lqwh2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqz3Fn4DHN5Hoi19SJ6wi519LB6MqIsDgYMqGadNmGIbuV9nG7&random=2806842667 HTTP 302
https://www.google.de/pagead/1p-conversion/1043330685/?random=1504739296&cv=11&fst=1714672058230&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&label=sale&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&gtm_ee=1&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dwhaling-attack%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIreTOl8PvhQMV9YKDBx2lqwh2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqz3Fn4DHN5Hoi19SJ6wi519LB6MqIsDgYMqGadNmGIbuV9nG7&random=2806842667&ipr=y

Request Chain 192

https://www.googleadservices.com/pagead/conversion/1043330685/?label=23KzCJj-jYMYEP3sv_ED&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?label=23KzCJj-jYMYEP3sv_ED&guid=ON&script=0&ct_cookie_present=false&random=1128972622&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMIt5jjl8PvhQMV6IuDBx1ewwCkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/1043330685/?label=23KzCJj-jYMYEP3sv_ED&guid=ON&script=0&ct_cookie_present=false&random=1128972622&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMIt5jjl8PvhQMV6IuDBx1ewwCkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqYfRrBXeqpS8Ix_Qha2apkXZfOqy1qchbnqybw_OPz0uvfecI&random=3880585357 HTTP 302
https://www.google.de/pagead/1p-conversion/1043330685/?label=23KzCJj-jYMYEP3sv_ED&guid=ON&script=0&ct_cookie_present=false&random=1128972622&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMIt5jjl8PvhQMV6IuDBx1ewwCkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqYfRrBXeqpS8Ix_Qha2apkXZfOqy1qchbnqybw_OPz0uvfecI&random=3880585357&ipr=y

Request Chain 201

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1630494681&cv=11&fst=1714672058780&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&gtm_ee=1&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIgu3il8PvhQMVw46DBx22gwniMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/1043330685/?random=1630494681&cv=11&fst=1714672058780&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&gtm_ee=1&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIgu3il8PvhQMVw46DBx22gwniMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqmxL_FOdpi8BCnaueJdNXP-zP7rDdYsUg1Tfg1GLd5lX5UBq3&random=657377268 HTTP 302
https://www.google.de/pagead/1p-conversion/1043330685/?random=1630494681&cv=11&fst=1714672058780&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&gtm_ee=1&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIgu3il8PvhQMVw46DBx22gwniMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqmxL_FOdpi8BCnaueJdNXP-zP7rDdYsUg1Tfg1GLd5lX5UBq3&random=657377268&ipr=y

227 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 MW4nyx8VDjCW8cbX005YcH6vW37H_hZ5dChmVN2C5czq3qgyTW8wLKSR6lZ3nRW5qLqsN4VH6KRW8-SRcv6f1gkXW2DPHhJ8lbpQGW2m-K007W5G03W3s3yg81-sKN6W3-JhBR2yNyd9W2LdcfD4VHZ1qW56My0s53WV6NVk8K637TLWvpW6VDq5G77r71JW3bnwX...
bizemail.gendigital.com/e3t/Ctc/DN+113/d15vxB04/ 8 KB
4 KB 369ms
220ms Document
text/html 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://bizemail.gendigital.com/e3t/Ctc/DN+113/d15vxB04/MW4nyx8VDjCW8cbX005YcH6vW37H_hZ5dChmVN2C5czq3qgyTW8wLKSR6lZ3nRW5qLqsN4VH6KRW8-SRcv6f1gkXW2DPHhJ8lbpQGW2m-K007W5G03W3s3yg81-sKN6W3-JhBR2yNyd9W2LdcfD4VHZ1qW56My0s53WV6NVk8K637TLWvpW6VDq5G77r71JW3bnwXZ73VXbKW5Q24SZ3dfd07W3ZW57t43l6ngVmyYWW1ZP373VVfNWd747P9hW7pv6kz8Kvj7WW97kn2t7ppw8fW5Y3FBn8v7Nm2VFghNb4flPx6W1Rk1zC1FY9vYW1vhjxN4Zq_1gW5qqD8r6H129NW3lzyVp72Cx36W1t6qXd1PphzxW82-zbR2KHJZqW5WQjC31xRTPxVLvWDm19_T9xW6mFkzN1RMGhDf8BhwVY04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 87d9d655febf65ae-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Thu, 02 May 2024 17:47:34 GMT
last-modified: Thu, 02 May 2024 17:47:34 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2n9CiD7zp3u11hNAmkk0v978oRrqAu3%2FfnxzOV7p0WwWgDYCiGSeFw%2FJS4Cfq3di9rxsPoQf1N820NFMK4KAXB7WHzuHSxc3gSIZWBCEnDJBBNooJRwiHqrTGk9WVa2zvQc3QnpYZaFxU6nPBjVWXeYI9hCf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 17
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-544dd46489-srjmq
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: b8b4779b-fee8-4adb-9ec8-547734c19e56
x-request-id: b8b4779b-fee8-4adb-9ec8-547734c19e56
x-robots-tag: none

GET
H2

200

Primary Request whaling-attack Show response
us.norton.com/blog/emerging-threats/
Redirect Chain

https://bizemail.gendigital.com/events/public/v1/encoded/track/tc/DN+113/d15vxB04/MW4nyx8VDjCW8cbX005YcH6vW37H_hZ5dChmVN2C5czq3qgyTW8wLKSR6lZ3nRW5qLqsN4VH6KRW8-SRcv6f1gkXW2DPHhJ8lbpQGW2m-K007W5G03W...
https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7...

276 KB
43 KB

217ms
71ms

Document
text/html

2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation

Requested by

Host: bizemail.gendigital.com
URL: https://bizemail.gendigital.com/e3t/Ctc/DN+113/d15vxB04/MW4nyx8VDjCW8cbX005YcH6vW37H_hZ5dChmVN2C5czq3qgyTW8wLKSR6lZ3nRW5qLqsN4VH6KRW8-SRcv6f1gkXW2DPHhJ8lbpQGW2m-K007W5G03W3s3yg81-sKN6W3-JhBR2yNyd9W2LdcfD4VHZ1qW56My0s53WV6NVk8K637TLWvpW6VDq5G77r71JW3bnwXZ73VXbKW5Q24SZ3dfd07W3ZW57t43l6ngVmyYWW1ZP373VVfNWd747P9hW7pv6kz8Kvj7WW97kn2t7ppw8fW5Y3FBn8v7Nm2VFghNb4flPx6W1Rk1zC1FY9vYW1vhjxN4Zq_1gW5qqD8r6H129NW3lzyVp72Cx36W1t6qXd1PphzxW82-zbR2KHJZqW5WQjC31xRTPxVLvWDm19_T9xW6mFkzN1RMGhDf8BhwVY04

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

279da263227d9bda0a877ba42501841d604bde5056790db3869d909891276b7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bizemail.gendigital.com/e3t/Ctc/DN+113/d15vxB04/MW4nyx8VDjCW8cbX005YcH6vW37H_hZ5dChmVN2C5czq3qgyTW8wLKSR6lZ3nRW5qLqsN4VH6KRW8-SRcv6f1gkXW2DPHhJ8lbpQGW2m-K007W5G03W3s3yg81-sKN6W3-JhBR2yNyd9W2LdcfD4VHZ1qW56My0s53WV6NVk8K637TLWvpW6VDq5G77r71JW3bnwXZ73VXbKW5Q24SZ3dfd07W3ZW57t43l6ngVmyYWW1ZP373VVfNWd747P9hW7pv6kz8Kvj7WW97kn2t7ppw8fW5Y3FBn8v7Nm2VFghNb4flPx6W1Rk1zC1FY9vYW1vhjxN4Zq_1gW5qqD8r6H129NW3lzyVp72Cx36W1t6qXd1PphzxW82-zbR2KHJZqW5WQjC31xRTPxVLvWDm19_T9xW6mFkzN1RMGhDf8BhwVY04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 02 May 2024 17:47:35 GMT
etag: W/"42ca8-617797b83659b-gzip"
last-modified: Thu, 02 May 2024 14:33:10 GMT
link: <https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-700.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-800.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-500.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-greek-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://assets.adobedtm.com>;rel="preconnect",<https://ensighten.norton.com>;rel="preconnect"
server: Apache
server-timing: cdn-cache; desc=HIT edge; dur=23 origin; dur=0 ak_p; desc="1714672055256_388276627_344637613_2326_7614_40_80_255";dur=1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-akam-sw-version: 0.5.0
x-akamai-transformed: 9 39581 0 pmb=mNONE,1mRUM,2
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cf-cache-status: MISS
cf-ray: 87d9d65778cb65ae-FRA
content-security-policy: upgrade-insecure-requests
date: Thu, 02 May 2024 17:47:35 GMT
link: <https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation>; rel="canonical"
location: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vFpg85xG73J2PacOdaWiybBuHoerASXOszCZCcMfhZtQZMhHAgYSCh8JixL%2FVGBrlqzvpW%2BY2xlFCgZ2MpVViEYRs628QTagZYXYO9niWKUwDXPfaWBcqK8NueDkMq5LcmuOqYb3uNe8a4FnjL5UmGO8Iawe"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 47
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-544dd46489-mjvvj
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 2cca2aa9-4cc0-41d4-bc97-e7a517ba7e1f
x-request-id: 2cca2aa9-4cc0-41d4-bc97-e7a517ba7e1f
x-robots-tag: none

GET
H2 200 inter-latin-700.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 37 KB
37 KB 100ms
99ms Font
application/octet-stream 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-700.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Origin: https://us.norton.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Tue, 03 May 2022 18:30:59 GMT
server: Apache
etag: "9394-5de1fb5ccbec0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31517676
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055416_388276627_344637973_28_4390_38_0_219";dur=1
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Fri, 02 May 2025 12:42:11 GMT

GET
H2 200 inter-latin-800.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 37 KB
37 KB 56ms
55ms Font
application/octet-stream 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-800.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Origin: https://us.norton.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Tue, 03 May 2022 18:30:59 GMT
server: Apache
etag: "9394-5de1fb5ccbec0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31517697
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055422_388276627_344638003_57_3812_38_0_219";dur=1
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Fri, 02 May 2025 12:42:32 GMT

GET
H2 200 inter-latin-400.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 37 KB
37 KB 124ms
123ms Font
application/octet-stream 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-400.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Origin: https://us.norton.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Tue, 03 May 2022 18:30:59 GMT
server: Apache
etag: "9394-5de1fb5ccbec0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31517634
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055422_388276627_344638004_60_3786_38_0_219";dur=1
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Fri, 02 May 2025 12:41:29 GMT

GET
H2 200 inter-latin-500.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 37 KB
37 KB 74ms
73ms Font
application/octet-stream 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-500.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Origin: https://us.norton.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Tue, 03 May 2022 18:30:59 GMT
server: Apache
etag: "9394-5de1fb5ccbec0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31486785
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055422_388276627_344638005_63_3781_38_0_219";dur=1
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Fri, 02 May 2025 04:07:20 GMT

GET
H2 200 inter-greek-400.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 21 KB
22 KB 115ms
114ms Font
application/octet-stream 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-greek-400.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

598e85c4fb1f9e5269de4955cc9d9e3b7301122eaba31a2b7885d3f784a1ab25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Origin: https://us.norton.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055422_388276627_344638006_62_3761_38_0_219";dur=1
content-length: 21904
x-xss-protection: 1; mode=block
last-modified: Tue, 03 May 2022 18:30:59 GMT
server: Apache
etag: "5574-5de1fb5ccbec0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31517686
accept-ranges: bytes
expires: Fri, 02 May 2025 12:42:21 GMT

GET
H2 200 cookies Show response
us.norton.com/bin/norton/ 0
654 B 208ms
208ms XHR
text/plain 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/bin/norton/cookies?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 17:47:35 GMT
x-content-type-options: nosniff, nosniff
server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/plain; charset=UTF-8
server-timing: cdn-cache; desc=MISS, edge; dur=144, origin; dur=17, ak_p; desc="1714672055457_388276627_344638205_16119_5424_39_0_255";dur=1
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 launch-EN1cc7556280444b10a3c687a73ed01baa.min.js Show response
assets.adobedtm.com/ 184 KB
61 KB 163ms
70ms Script
application/x-javascript 2a02:26f0:3500:588::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:588::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 765bcc5c747a0e4c9bce94f6132561e4d81ca391be2bf5d8080c3c04a85cba08

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:35 GMT
content-encoding: gzip
last-modified: Tue, 09 Apr 2024 22:13:13 GMT
server: AkamaiNetStorage
etag: "8c370ab1abe10490aca72c000fc8b322:1712700793.108499"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://us.norton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 61898
expires: Thu, 02 May 2024 18:47:35 GMT

GET
H2 200 Bootstrap.js Show response
ensighten.norton.com/symantec/aemprod/ 619 KB
104 KB 264ms
81ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 8b63551250b638b8a14fc8e2d7584b280217efca2a2880cefa680cce24cb2b6a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:35 GMT
x-amz-version-id: _KJ0PLktP_JAAcSecLiQ2IOdHUeEIoQS
content-encoding: br
via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 1127734
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 19 Apr 2024 16:31:40 GMT
server: CloudFront
etag: W/"747ed9ab16cc46ab85b6974fa44ea82c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: TmT-vnnvZX0b78Yhl_ffdn9lA1FUy6AiZ6r62pSq8Jc_3SNb626jXA==

GET
H2 200 MDDJR-3RVW8-S3M46-HL4QS-RLVQ4 Show response
s.go-mpulse.net/boomerang/ 156 KB
40 KB 253ms
69ms Script
application/javascript 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/MDDJR-3RVW8-S3M46-HL4QS-RLVQ4
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8b912949753e4876dcc1242255b958c1cf74cfc84859fae7e44c698b02ce2f43

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:35 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Sat, 09 Mar 2024 22:11:42 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 40263

GET
H2 200 container.min.d41d8cd98f00b204e9800998ecf8427e.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 0
402 B 45ms
45ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/container.min.d41d8cd98f00b204e9800998ecf8427e.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 17:47:35 GMT
x-content-type-options: nosniff, nosniff
last-modified: Tue, 21 Nov 2023 19:59:31 GMT
server: Apache
etag: "0-60aaf0a710ec0"
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=473
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055673_388276627_344639366_34_4501_39_0_255";dur=1
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 02 May 2024 17:55:28 GMT

GET
H2 200 stickybanner.min.efc144216219e5a0aa5884f27c8bcd1a.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 3 KB
1 KB 57ms
48ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/stickybanner.min.efc144216219e5a0aa5884f27c8bcd1a.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

43f80764e0d9752a9552f8183c96c294ef1676e4e81e116103c5c2583558b819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1714672055680_388276627_344639398_632_3770_39_0_255";dur=1
content-length: 756
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Jul 2022 17:55:29 GMT
server: Apache
etag: "c29-5e42c309f6640-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 02 May 2024 18:02:35 GMT

GET
H2 200 stickybanner.min.970a557e26b33a1ae1c83cee7a5a537a.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 2 KB
1 KB 70ms
62ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/stickybanner.min.970a557e26b33a1ae1c83cee7a5a537a.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

8ad3e9cd041964b09acb85f6e9d0c1b260413ce28844c35c421d4a09f13f0c31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="1714672055687_388276627_344639403_1574_3918_39_0_146";dur=1
content-length: 605
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:34:33 GMT
server: Akamai Resource Optimizer
etag: "605-61057818d8a80-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31519741
accept-ranges: bytes
expires: Fri, 02 May 2025 13:16:36 GMT

GET
H2 200 topnav.min.d8d162235186b8652dca48d1064e73ac.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 21 KB
3 KB 58ms
50ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/topnav.min.d8d162235186b8652dca48d1064e73ac.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

fdb3f80ad6876da45ed4e07db6bdb29b314f2a272ff97bfa9889e4b6e4740f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055680_388276627_344639399_32_3708_39_0_255";dur=1
content-length: 2664
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:54:07 GMT
server: Akamai Resource Optimizer
etag: "5291-602953ed82800-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31517696
accept-ranges: bytes
expires: Fri, 02 May 2025 12:42:31 GMT

GET
H2 200 icon_myaccount.svg
us.norton.com/content/dam/norton/icon/ 2 KB
1 KB 59ms
51ms Image
image/svg+xml 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_myaccount.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

9cae17c82ee21eebeb7713ea50198ae11522924f892e3ea70d0e38ae84a70f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Tue, 30 Apr 2024 19:59:27 GMT
server: Akamai Resource Optimizer
etag: "929-60e39bc662740"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_myaccount.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055683_388276627_344639400_273_4464_39_0_182";dur=1
accept-ranges: bytes
content-length: 851
x-xss-protection: 1; mode=block

GET
H2 200 icon_flag_united_states.svg
us.norton.com/content/dam/norton/icon/flag/ 2 KB
1 KB 65ms
57ms Image
image/svg+xml 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/flag/icon_flag_united_states.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

7adb2fbfe7954dc15cd52b3fd050b57f65d2cd79987544247664929134329f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Tue, 30 Apr 2024 19:36:56 GMT
server: Akamai Resource Optimizer
etag: "914-60e39bd4b0900"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_flag_united_states.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055687_388276627_344639401_661_3986_39_0_182";dur=1
accept-ranges: bytes
content-length: 932
x-xss-protection: 1; mode=block

GET
H2 200 logo_norton_d.svg
us.norton.com/content/dam/norton/logo/ 7 KB
3 KB 61ms
53ms Image
image/svg+xml 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/logo/logo_norton_d.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

d92510e1217668642bc5364d01f23adc6a2462587993f16a0eb3e58678902165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Tue, 30 Apr 2024 20:00:16 GMT
server: Akamai Resource Optimizer
etag: "1dfd-60e39bd975440"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="logo_norton_d.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055681_388276627_344639402_33_3826_39_0_182";dur=1
accept-ranges: bytes
content-length: 2312
x-xss-protection: 1; mode=block

GET
H2 200 icon_ui_cart_empty_m_2x.png
us.norton.com/content/dam/norton/cb/ 684 B
1001 B 62ms
54ms Image
image/png 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/cb/icon_ui_cart_empty_m_2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

ebdf93991a2ed22745d06711d88be171680e237cc52491457833f82fc4639937

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Wed, 19 Jul 2023 18:41:13 GMT
server: Akamai Image Manager
etag: "2ac-5dada4b52da40"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: private, no-transform, max-age=699402
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055681_388276627_344639404_45_5381_39_0_146";dur=1
content-length: 684
expires: Fri, 10 May 2024 20:04:17 GMT

GET
H2 200 icon_ui_search_m_2x.png
us.norton.com/content/dam/norton/cb/ 700 B
1017 B 124ms
115ms Image
image/png 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/cb/icon_ui_search_m_2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

963adb4be5eee8f53bd330e7a6b03749ffb2de194b69705b25c0be94b86aa1b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Fri, 22 Mar 2024 13:58:36 GMT
server: Akamai Image Manager
etag: "2bc-5dada4b068f00"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: private, no-transform, max-age=1235024
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055729_388276627_344639723_66_5482_38_0_146";dur=1
content-length: 700
expires: Fri, 17 May 2024 00:51:19 GMT

GET
H2 200 country-selector.min.5d85ae94786b6a7c5d3798c94fd577bf.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 6 KB
1 KB 66ms
58ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/country-selector.min.5d85ae94786b6a7c5d3798c94fd577bf.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

01a35bb43d6af1d38f1240aa5e4935892e9feb2888813b1f41bea599be833f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055695_388276627_344639501_240_3970_39_0_182";dur=1
content-length: 963
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:54:33 GMT
server: Akamai Resource Optimizer
etag: "1892-5fbbf6813b2c0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31517697
accept-ranges: bytes
expires: Fri, 02 May 2025 12:42:32 GMT

GET
H2 200 icon_close.svg
us.norton.com/content/dam/norton/icon/ 2 KB
858 B 127ms
119ms Image
image/svg+xml 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_close.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

047326738d40c8e278c7e117df1ae29260ccb40ea994b650075a3c669f85046d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Tue, 30 Apr 2024 19:44:48 GMT
server: Akamai Resource Optimizer
etag: "677-60e39bd698d80"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_close.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055731_388276627_344639724_340_3643_38_0_146";dur=1
accept-ranges: bytes
content-length: 454
x-xss-protection: 1; mode=block

GET
H2 200 icon_chevrondown.svg
us.norton.com/content/dam/norton/icon/ 644 B
705 B 131ms
123ms Image
image/svg+xml 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_chevrondown.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

0afb5adee300f91b2ac3acb6feab6c55078727db7612d20fa5f5542640637d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Tue, 30 Apr 2024 19:33:39 GMT
server: Akamai Resource Optimizer
etag: "284-60e39bd698d80"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_chevrondown.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055729_388276627_344639725_56_4111_38_0_146";dur=1
accept-ranges: bytes
content-length: 297
x-xss-protection: 1; mode=block

GET
H2 200 country-selector.min.60ca2fca0db8c309ed65e0c722e06c90.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 5 KB
2 KB 132ms
124ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/country-selector.min.60ca2fca0db8c309ed65e0c722e06c90.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

f607d2985f3fd420844ab40e87858dd70276c9ba9791a9e6c429b7f800998419

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055729_388276627_344639726_62_4020_38_0_146";dur=1
content-length: 1636
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:35:25 GMT
server: Akamai Resource Optimizer
etag: "15f3-61057819cccc0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31517697
accept-ranges: bytes
expires: Fri, 02 May 2025 12:42:32 GMT

GET
H2 200 topnav.min.56d1005b1a10a29d58b24974c82d9c7f.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 8 KB
2 KB 137ms
129ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/topnav.min.56d1005b1a10a29d58b24974c82d9c7f.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

3f54cc213dd270b7b7f66e7167c234e76cde1ff02a19923f299c82731fd8d2b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055729_388276627_344639727_65_3957_38_0_146";dur=1
content-length: 1905
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:32:54 GMT
server: Akamai Resource Optimizer
etag: "1e12-61057818d8a80-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31517697
accept-ranges: bytes
expires: Fri, 02 May 2025 12:42:32 GMT

GET
H2 200 blogsecondarynav.min.e911c416b0b02c52b973615dae33fadf.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 4 KB
1 KB 67ms
59ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/blogsecondarynav.min.e911c416b0b02c52b973615dae33fadf.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

3cfad2c28fe50f641c4a891d158cd951206ebfc4438cf7d5827e2b3d7a68435e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055695_388276627_344639502_246_3992_39_0_182";dur=1
content-length: 667
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:41:27 GMT
server: Akamai Resource Optimizer
etag: "eb2-5f2900afb3140-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31519741
accept-ranges: bytes
expires: Fri, 02 May 2025 13:16:36 GMT

GET
H2 200 blogsecondarynav.min.c51325888fb02623356c34770a7b06b5.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 4 KB
1 KB 137ms
130ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/blogsecondarynav.min.c51325888fb02623356c34770a7b06b5.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

08bf9e4793d975969d1e3a4c7bba6196e3164a4ff40d6dbd0dc8ae2c4654ff15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055729_388276627_344639728_81_3862_38_0_146";dur=1
content-length: 823
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:45:13 GMT
server: Akamai Resource Optimizer
etag: "e64-61057819cccc0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31519741
accept-ranges: bytes
expires: Fri, 02 May 2025 13:16:36 GMT

GET
H2 200 blogarticle.min.5c4c38e53191d80af63ea3e711205ebb.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 10 KB
2 KB 88ms
81ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/blogarticle.min.5c4c38e53191d80af63ea3e711205ebb.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ff0f4e4f7dcaac0334ec00e1a654bce5aee589c1208d30872ce5061568975b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1714672055695_388276627_344639503_872_3978_39_0_182";dur=1
content-length: 1876
x-xss-protection: 1; mode=block
last-modified: Mon, 15 May 2023 20:03:46 GMT
server: Apache
etag: "2752-5fbc0f3cacc80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=900
accept-ranges: bytes
expires: Thu, 02 May 2024 18:02:35 GMT

GET
H2 200 breadcrumb.min.cce01bed5fa9e61960c13d1940f696ea.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 725 B
649 B 67ms
60ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/breadcrumb.min.cce01bed5fa9e61960c13d1940f696ea.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

bce657f4cccebf522c57d100dd000580e9d540711cab1b9c014a0e8854251f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055695_388276627_344639504_249_3867_39_0_182";dur=1
content-length: 227
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:42:46 GMT
server: Akamai Resource Optimizer
etag: "2d5-5dc842f3eec80-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31517917
accept-ranges: bytes
expires: Fri, 02 May 2025 12:46:12 GMT

GET
H2 200 breadcrumb.min.ef13a39f9ac9a5b84e96d70c258fced6.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 2 KB
1 KB 138ms
131ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/breadcrumb.min.ef13a39f9ac9a5b84e96d70c258fced6.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

d9e3d43df088484bb1906f19520256905295bc1e59b27c17d1a1d0095f1f9fb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055729_388276627_344639730_76_3769_38_0_146";dur=1
content-length: 626
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:32:36 GMT
server: Akamai Resource Optimizer
etag: "60b-6138f0f2b2200-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31517917
accept-ranges: bytes
expires: Fri, 02 May 2025 12:46:12 GMT

GET
H2 200 clare-stouffer.png
us.norton.com/content/dam/blogs/images/norton/as/ 2 KB
2 KB 176ms
169ms Image
image/avif 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/as/clare-stouffer.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a1a7069365ef1fa15bd89c341e44edb807bec4e6006c3f6cc2eede1df5868531

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:35 GMT
content-encoding: gzip
last-modified: Wed, 19 Jul 2023 18:08:50 GMT
server: Akamai Image Manager
etag: "6396-5fc145dee5840"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/avif
cache-control: private, no-transform, max-age=579951
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055732_388276627_344639731_374_5491_39_0_146";dur=1
content-length: 2002
expires: Thu, 09 May 2024 10:53:26 GMT

GET
H2 200 whaling-attack-hero.jpg
us.norton.com/content/dam/blogs/images/norton/am/ 50 KB
50 KB 640ms
632ms Image
image/avif 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/am/whaling-attack-hero.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

319f990aafde19439e1b244bff353227271dc51864212810c9662ab725da4cc1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:36 GMT
last-modified: Tue, 02 Jan 2024 08:59:10 GMT
server: Akamai Image Manager
etag: "13952-60cf293874a40"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=1328035
server-timing: cdn-cache; desc=HIT, edge; dur=358, origin; dur=0, ak_p; desc="1714672055730_388276627_344639732_35985_4298_44_0_219";dur=1
content-length: 51087
expires: Sat, 18 May 2024 02:41:31 GMT

GET
H2 200 button.min.b6cd44890344fd7dfacf40a3726ce577.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 3 KB
1 KB 145ms
138ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/button.min.b6cd44890344fd7dfacf40a3726ce577.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

46b355413fae37112947fa2f5604e3efe8316000ea62ed2e034aca633ed52638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055729_388276627_344639733_75_3808_38_0_146";dur=1
content-length: 998
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:42:55 GMT
server: Akamai Resource Optimizer
etag: "b0d-61057818d8a80-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31517697
accept-ranges: bytes
expires: Fri, 02 May 2025 12:42:32 GMT

GET
H2 200 container.min.397e5d2d0116bfeed2a5ffc2c224aecf.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 782 B
804 B 146ms
139ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/container.min.397e5d2d0116bfeed2a5ffc2c224aecf.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

2865b3e23715c80fdfedbe5766a9dddffb4bb69cc73d2ea8ae6708ccf3aed8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055729_388276627_344639734_80_3831_38_0_146";dur=1
content-length: 373
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:38:34 GMT
server: Akamai Resource Optimizer
etag: "30e-61057819cccc0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31517697
accept-ranges: bytes
expires: Fri, 02 May 2025 12:42:32 GMT

GET
H2 200 pullquote.min.fc91b1c24b9ca2348365231e9d93db4a.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 485 B
611 B 101ms
95ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/pullquote.min.fc91b1c24b9ca2348365231e9d93db4a.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

c56ee754a0d6974b3c0e1f60a9466fce375eeecb3baaa9b6e66d9ee7a9d30129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055729_388276627_344639714_81_3893_38_0_182";dur=1
content-length: 190
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 21:04:43 GMT
server: Akamai Resource Optimizer
etag: "1e5-5e194b73a1640-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31520451
accept-ranges: bytes
expires: Fri, 02 May 2025 13:28:26 GMT

GET
H2 200 image.min.43f301a4b3ac363c013e58316a4f0cd2.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 502 B
601 B 104ms
97ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/image.min.43f301a4b3ac363c013e58316a4f0cd2.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

2cb058bb56808e629a3c76ee922baf9344c280b867dd0e6c29d6b1bbe0080294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055730_388276627_344639715_250_3101_38_0_182";dur=1
content-length: 179
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:34:49 GMT
server: Akamai Resource Optimizer
etag: "1f6-5f67d2d8b44c0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31517697
accept-ranges: bytes
expires: Fri, 02 May 2025 12:42:32 GMT

GET
H2 200 text.min.7d2c876a8cd18892408c7a306e517b0a.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 2 KB
915 B 105ms
99ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/text.min.7d2c876a8cd18892408c7a306e517b0a.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

3af99c9e152eb6a388574c6cbd1df620882f99b486c542360b84eeea25923d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055728_388276627_344639716_41_4170_38_0_182";dur=1
content-length: 495
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:48:07 GMT
server: Akamai Resource Optimizer
etag: "96f-5e07a914e1a00-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31517697
accept-ranges: bytes
expires: Fri, 02 May 2025 12:42:32 GMT

GET
H2 200 text.min.7acafd068fefda54b418d9b6d1591662.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 2 KB
1 KB 150ms
143ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/text.min.7acafd068fefda54b418d9b6d1591662.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2c63ca2fdd4c7f1f7cfa97c4b4c0b0df6ee8b77841ad7da2a3f4d1ef6cc5367b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055730_388276627_344639736_145_3133_38_0_146";dur=1
content-length: 839
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Feb 2024 20:04:42 GMT
server: Apache
etag: "7b6-61057818d8a80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=473
accept-ranges: bytes
expires: Thu, 02 May 2024 17:55:28 GMT

GET
H2 200 blogarticle.min.1fdc3db9d99269d47bf7e30df569f3b3.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 6 KB
2 KB 153ms
147ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/blogarticle.min.1fdc3db9d99269d47bf7e30df569f3b3.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

9220b770c3024f3fb68151593f77e58465e67fcbb479e7acafd10f66b2c5f8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055729_388276627_344639737_90_3751_38_0_146";dur=1
content-length: 1812
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 20:05:22 GMT
server: Akamai Resource Optimizer
etag: "1779-6138f0f2b2200-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31519741
accept-ranges: bytes
expires: Fri, 02 May 2025 13:16:36 GMT

GET
H2 200 list.min.5fd11e79d98a89cff653f321356cc9fb.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 14 KB
3 KB 107ms
101ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/list.min.5fd11e79d98a89cff653f321356cc9fb.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

021c5fc6030190f968031644cc8a81738766d504ef2c6f351a642d1eabe90ed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055728_388276627_344639717_47_4246_38_0_182";dur=1
content-length: 2265
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:48:12 GMT
server: Akamai Resource Optimizer
etag: "3849-5eeb8ab300f40-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31519741
accept-ranges: bytes
expires: Fri, 02 May 2025 13:16:36 GMT

GET
H2 200 spear-phishing-Thumb.jpg
us.norton.com/content/dam/blogs/images/norton/tn/ 29 KB
29 KB 158ms
151ms Image
image/avif 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/tn/spear-phishing-Thumb.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3cfb91118d5642a4749b8759fd312ad0bced370be64b704aabad72f3d2fe2dc7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Thu, 25 Jan 2024 14:43:31 GMT
server: Akamai Image Manager
etag: "1bddf-60e3a0307d180"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=1117047
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055729_388276627_344639738_117_5033_38_0_146";dur=1
content-length: 29268
expires: Wed, 15 May 2024 16:05:02 GMT

GET
H2 200 what-is-phishing-thumbnail.jpg
us.norton.com/content/dam/blogs/images/norton/tn/ 28 KB
28 KB 159ms
153ms Image
image/avif 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/tn/what-is-phishing-thumbnail.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6dca3cda351266b457f2ae9cd563ad3379fe41a9d5e2f8c49a3602a47f247293

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Thu, 25 Jan 2024 07:06:25 GMT
server: Akamai Image Manager
etag: "2b53c-60e3a031713c0"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=1071883
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055730_388276627_344639740_191_4735_38_0_146";dur=1
content-length: 28341
expires: Wed, 15 May 2024 03:32:18 GMT

GET
H2 200 img_man-holding-tablet_thumb2x.jpg
us.norton.com/content/dam/blogs/images/norton/tn/ 9 KB
9 KB 162ms
157ms Image
image/avif 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/tn/img_man-holding-tablet_thumb2x.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

cd33ca26e810e13f4112a54d10d4f85d12ebb98a5f977af67ca9442e68d86f80

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Fri, 16 Feb 2024 04:23:12 GMT
server: Akamai Image Manager
x-serial: 1876
x-check-cacheable: YES
etag: "1122d-60e3a02cac880"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=501240
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055730_388276627_344639741_198_4785_38_0_146";dur=1
content-length: 8745
expires: Wed, 08 May 2024 13:01:35 GMT

GET
H2 200 img_home-desk-overhead_thumb2x.jpg
us.norton.com/content/dam/blogs/images/norton/tn/ 55 KB
56 KB 163ms
158ms Image
image/avif 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/tn/img_home-desk-overhead_thumb2x.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

0ff9152a3dd6c8041b96dde9366c8ed3753c87219bc5ed07f4e4f377578d5f7d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Mon, 19 Feb 2024 02:29:44 GMT
server: Akamai Image Manager
x-serial: 1167
x-check-cacheable: YES
etag: "27f2b-60e3a02cac880"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=873218
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055730_388276627_344639742_199_5229_38_0_146";dur=1
content-length: 56678
expires: Sun, 12 May 2024 20:21:13 GMT

GET
H2 200 list.min.01df836dabb8040e1c75e0dd076d6adb.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 6 KB
2 KB 173ms
168ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/list.min.01df836dabb8040e1c75e0dd076d6adb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

c28de7c229644b119a9247e281ce9e7dbe58fd5075f66493b7e744096443f2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055741_388276627_344639743_1262_4129_38_0_146";dur=1
content-length: 1712
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:34:19 GMT
server: Akamai Resource Optimizer
etag: "18d2-6138f0f2b2200-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31519741
accept-ranges: bytes
expires: Fri, 02 May 2025 13:16:36 GMT

GET
H2 200 socialmediabanner.min.3731a4cc58e589c439fe1d43dd8a4768.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 1 KB
757 B 108ms
103ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/socialmediabanner.min.3731a4cc58e589c439fe1d43dd8a4768.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

9be9d584d9718fb12864ee91ea739e931ec9a2cbd66594b6654888b6f5c469b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055728_388276627_344639718_50_4211_38_0_182";dur=1
content-length: 337
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:36:12 GMT
server: Akamai Resource Optimizer
etag: "4ae-5e07a914e1a00-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31519741
accept-ranges: bytes
expires: Fri, 02 May 2025 13:16:36 GMT

GET
H2 200 icon_twitter1.svg
us.norton.com/content/dam/norton/icon/ 330 B
618 B 164ms
159ms Image
image/svg+xml 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_twitter1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

ff5738e7904810d00e0c2a81fb10db7dab8e4c69e8df3582dcd0764ee15a5715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Tue, 30 Apr 2024 23:47:26 GMT
server: Akamai Resource Optimizer
etag: "14a-60e39bd881200"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_twitter1.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055730_388276627_344639744_195_3612_38_0_146";dur=1
accept-ranges: bytes
content-length: 214
x-xss-protection: 1; mode=block

GET
H2 200 icon_instagram1.svg
us.norton.com/content/dam/norton/icon/ 3 KB
1 KB 171ms
167ms Image
image/svg+xml 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_instagram1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

e3ffc0b66d8feace6bbb5bf4db49d7d2f5d9a0516965b93dff62c180317740ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Tue, 30 Apr 2024 19:40:40 GMT
server: Akamai Resource Optimizer
etag: "bb9-60e39bca33040"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_instagram1.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="1714672055734_388276627_344639745_1087_3524_38_0_146";dur=1
accept-ranges: bytes
content-length: 901
x-xss-protection: 1; mode=block

GET
H2 200 icon_facebook1.svg
us.norton.com/content/dam/norton/icon/ 2 KB
1 KB 166ms
162ms Image
image/svg+xml 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_facebook1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

7f60b70cd0914dab4dbb9f4e2f97e3e8b2784c500ec236e68adb2956bff893ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Tue, 30 Apr 2024 20:03:06 GMT
server: Akamai Resource Optimizer
etag: "751-60e39bca33040"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_facebook1.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055730_388276627_344639746_201_3523_38_0_146";dur=1
accept-ranges: bytes
content-length: 632
x-xss-protection: 1; mode=block

GET
H2 200 icon_youtube-dark.svg
us.norton.com/content/dam/norton/icon/ 697 B
739 B 169ms
165ms Image
image/svg+xml 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_youtube-dark.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

22c66cd15f32e15c9373fc199c95f3dd381435590e5592f1b93ad971491b7172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
last-modified: Thu, 02 May 2024 12:50:50 GMT
server: Akamai Resource Optimizer
etag: "2b9-60e39bd3bc6c0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_youtube-dark.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055730_388276627_344639747_196_3444_38_0_146";dur=1
accept-ranges: bytes
content-length: 329
x-xss-protection: 1; mode=block

GET
H2 200 spacer.min.94a76473d368b52fba594239c1580199.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 2 KB
880 B 108ms
104ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/spacer.min.94a76473d368b52fba594239c1580199.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

df1c84b7b7dc39655db2bd72f4f17cefd065d4140ba2bf771f6d35a18f9b1ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055728_388276627_344639719_48_4138_38_0_182";dur=1
content-length: 450
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Apr 2022 07:32:50 GMT
server: Apache
etag: "84f-5dc842f3eec80-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
cache-control: max-age=473
accept-ranges: bytes
expires: Thu, 02 May 2024 17:55:28 GMT

GET
H2 200 footer.min.bf2f3a7b6716c365bb104cb6451d9ef4.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 3 KB
1 KB 111ms
107ms Stylesheet
text/css 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/footer.min.bf2f3a7b6716c365bb104cb6451d9ef4.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

23cbdb9898337abd7b695077d28d5ce16d5c77228c3da33e6c40b9b4ff9d49ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055729_388276627_344639720_49_4208_38_0_182";dur=1
content-length: 727
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:35:32 GMT
server: Akamai Resource Optimizer
etag: "cfe-6013ee858d580-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31517697
accept-ranges: bytes
expires: Fri, 02 May 2025 12:42:32 GMT

GET
H2 200 t-base-component-util.min.6c02aa1bd2345db5182d9058962cad87.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/ 49 KB
13 KB 174ms
171ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/t-base-component-util.min.6c02aa1bd2345db5182d9058962cad87.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

990690dac3475c73a58cbda78a333c12b99080066f9624fc8945ac0e42d61474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055760_388276627_344639721_3207_4670_39_0_182";dur=1
content-length: 12531
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:48:54 GMT
server: Akamai Resource Optimizer
etag: "c51a-615ac364f7880-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31517697
accept-ranges: bytes
expires: Fri, 02 May 2025 12:42:32 GMT

GET
H2 200 t-base-defer.min.77da1760427480c728112dce416b2fa1.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/ 31 KB
8 KB 169ms
166ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/t-base-defer.min.77da1760427480c728112dce416b2fa1.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

65919c22e02d065710e6458265be840309aa2e68fc4420e790b4215ecc9a83e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055730_388276627_344639748_198_2995_38_0_146";dur=1
content-length: 7786
x-xss-protection: 1; mode=block
last-modified: Tue, 09 Apr 2024 16:14:10 GMT
server: Apache
etag: "7d0c-615ac364f7880-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=473
accept-ranges: bytes
expires: Thu, 02 May 2024 17:55:28 GMT

GET
H2 200 core.wcm.components.commons.datalayer.v1.min.904d3c2f1e821ab45124d66de422b409.js Show response
us.norton.com/etc.clientlibs/core/wcm/components/commons/datalayer/v1/clientlibs/ 35 KB
11 KB 113ms
110ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/core/wcm/components/commons/datalayer/v1/clientlibs/core.wcm.components.commons.datalayer.v1.min.904d3c2f1e821ab45124d66de422b409.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

5e303e88b8398f416f84591973b2dc5df6d02746f782fc367368e3f6fbfae6ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:35 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672055729_388276627_344639722_52_4158_38_0_182";dur=1
content-length: 11018
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 19:33:18 GMT
server: Akamai Resource Optimizer
etag: "8a54-5efb8d78e4740-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31535952
accept-ranges: bytes
expires: Fri, 02 May 2025 17:46:47 GMT

GET
H2 200 id Show response
dpm.demdex.net/ 367 B
913 B 190ms
57ms XHR
application/json 52.48.221.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1714672056255

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.48.221.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-221-63.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4ccf7294fc7d14755d2ff24b6d01612d53de53abaa48c16334143177eea7cadf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v060-03a0364c5.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Thu, 02 May 2024 17:47:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: wt16MRA6TKg=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://us.norton.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 309
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 s_code_norton_min.js Show response
www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/ 80 KB
26 KB 99ms
88ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/s_code_norton_min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

519c5c52de1e6e974ec1b3afc82b30c4986ccccbfa3e836e7568b5afebea9db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 02 May 2024 17:47:36 GMT
content-disposition: attachment
content-length: 26430
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Apr 2024 16:23:18 GMT
server: Apache
etag: "1404a-6173eabccc980-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=55514
accept-ranges: bytes
expires: Fri, 03 May 2024 09:12:50 GMT

GET
H2 200 config.json Show response
c.go-mpulse.net/api/ 3 KB
1 KB 379ms
284ms XHR
application/json 2a02:26f0:3500:991::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=MDDJR-3RVW8-S3M46-HL4QS-RLVQ4&d=us.norton.com&t=5715574&v=1.766.70&sl=0&si=fe6b3233-50bb-47be-99a7-92e27e31be84-scvdfb&plugins=AK,ConfigOverride,Continuity,PageParams,RT,PaintTiming,NavigationTiming,ResourceTiming,Memory,Errors,Akamai,EventTiming,LOGN&acao=&ak.ai=181220
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/MDDJR-3RVW8-S3M46-HL4QS-RLVQ4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:991::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c898aac83b1f69c83051ae3a6edf082e2753657151fc8298d433d2774fc97093

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:36 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
content-length: 1082

GET
H2 200 dest5.html
symantec.demdex.net/ Frame 4B29 0
0 170ms
55ms Document
text/html 34.246.26.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://symantec.demdex.net/dest5.html?d_nsid=0

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.246.26.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-26-134.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 02 May 2024 17:47:36 GMT
dcs: dcs-prod-irl1-1-v060-07acbf80b.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Tue, 9 Apr 2024 11:57:45 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: GsmBGzLRQJI=

GET
H2

200

ibs:dpid=411&dpuuid=ZjPRuAAAAH3ZNgNe
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=40930319706279316162824264558932328777
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjPRuAAAAH3ZNgNe

42 B
722 B

59ms
59ms

Image
image/gif

52.48.221.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjPRuAAAAH3ZNgNe

Requested by

Protocol

Server

52.48.221.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-221-63.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs: dcscanary-prod-irl1-1-v073-05bad56c9.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Thu, 02 May 2024 17:47:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 1CP8MxWrRzo=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZjPRuAAAAH3ZNgNe
Date: Thu, 02 May 2024 17:47:36 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 json Show response
symantec.tt.omtrdc.net/m2/symantec/mbox/ 1 KB
1 KB 289ms
79ms XHR
application/json 66.235.152.225
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://symantec.tt.omtrdc.net/m2/symantec/mbox/json?mbox=sym_global_mbox&mboxSession=66e965a0fefe4474a47f1a8e0023a24f&mboxPC=&mboxPage=ef85590fb25241979c193661436e578e&mboxRid=5473bf78b77f4fb3944d62be579134bb&mboxVersion=1.8.3&mboxCount=1&mboxTime=1714679256265&mboxHost=us.norton.com&mboxURL=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&Promocode=defaultweb&profile.TCG=5&vendor_type=none&program_type=unknown&site_country=us&site_section=norton.com&content_title=whaling-attack&site_language=en&traffic_source=direct&ExistingCustomer=existing_customer%3A%20No&site_sub_section=blog&profile.promocode=defaultweb&current_subchannel=&site_content_title=whaling-attack&original_subchannel=&profile.vendor_type=none&profile.program_type=unknown&profile.site_country=us&site_sub_sub_section=emerging-threats&%20profile.site_section=norton.com&profile.site_language=en&profile.%20traffic_source=direct&profile.ExistingCustomer=existing_customer%3A%20No&profile.%20site_sub_section=blog&profile.current_subchannel=&profile.site_content_title=whaling-attack&profile.original_subchannel=&mboxMCSDID=762651192C4F86DA-66AD820CE41A4F27&mboxMCGVID=40730215586189643052844820053831355896&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.225 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-66-235-152-225.data.adobedc.net

Software

jag /

Resource Hash

2656179397f3a526d5f9661b73e8f867d7b5b82d74d479918c355e27254b5588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
x-xss-protection: 1; mode=block
x-request-id: 5473bf78b77f4fb3944d62be579134bb
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 serverComponent.php Show response
ensighten.norton.com/symantec/aemprod/ 989 B
786 B 55ms
54ms Script
text/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=/symantec/aemprod/code/&publishedOn=Fri%20Apr%2019%2016:31:38%20GMT%202024&ClientID=21&PageID=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation%26_COUNTRY%3Dus%26_LANGUAGE%3Den%26_TRAFFIC_SOURCE%3Ddirect%26_PGM_ID%3Dmissing%26_PGM_TYPE%3Dunknown%26_IPF%3Dmissing%26_IPD%3Dmissing%26_PSN%3Dmissing%26_SUBCHANNEL%3Dmissing%26_ORIG_SUB%3Dmissing%26_PIFCAM%3Dmissing%26_I_SKU%3Dmissing%26_DEX%3Dmissing%26_INID%3Dmissing%26_IPV%3Dmissing%26_IPC%3Dmissing%26_IUC%3Dmissing%26_IPL%3Dmissing%26_ENP%3Dmissing%26_SKT%3Dmissing%26_ITD%3Dmissing%26now_site_country%3Dus%26now_site_language%3Den%26now_site_content_title%3Dwhaling-attack%26now_site_sub_section%3Dblog%26now_site_section%3Dnorton.com%26now_trafficsource_cookie_name%3Ddirect%26now_program_type%3Dunknown%26now_current_subchannel%3Dmissing%26now_original_subchannel%3Dmissing%26product_name%3Dwhaling-attack%26vendor_type%3Dnone%26isMobile%3Dfalse%26viewCampaigns%3Dmissing%26path%3D%2Fblog%2Femerging-threats%2Fwhaling-attack%26siteCode%3Dnortoncom&custDomain=ensighten.norton.com
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: a1a49d11608caeef00569d70f10439a0669819e55f0676327e9759ac37bc7349

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:36 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA56-P7
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fKQ3ZjbIVZqa37sJ9SLrmcaTS-BdbjESff4C-SlG4bGEHRVmCJpiuQ==
expires: Thu, 02 May 2024 17:47:35 GMT

GET
H2 200 s57494352538712
oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/ 43 B
374 B 175ms
57ms Image
image/gif 63.140.62.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/s57494352538712?AQB=1&ndh=1&pf=1&t=2%2F4%2F2024%2019%3A47%3A36%204%20-120&sdid=762651192C4F86DA-66AD820CE41A4F27&mid=40730215586189643052844820053831355896&aamlh=6&ce=UTF-8&pageName=norton.com%3Aus%3Ablog%3Aemerging-threats%3Awhaling-attack&g=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302&server=norton&events=event69&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=us&c3=en&v5=none&c8=D%3Dv163&c14=D%3Dv16&v16=norton%3Adirect&v18=norton.com%3Aus%3Ablog%3Aemerging-threats%3Awhaling-attack&v21=D%3Dc21&v27=D%3Dc2&v28=D%3Dc3&c35=D%3DpageName&c41=norton.com&v41=D%3Dc41&c46=html&c47=page&v47=s_code_norton%202024-04-17&c48=whaling-attack&v48=D%3Dc49&c49=blog&v49=D%3Dc48&v57=40730215586189643052844820053831355896&v58=emerging-threats&c59=norton.com%3Ablog%3Aemerging-threats%3Awhaling-attack&v59=D%3Dc59&v66=unknown&v72=norton.com&c75=D%3Dv57&v90=existing_customer%3A%20No&v96=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack&v97=defaultweb&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=650963%26utm_source%3Dhs_automation&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 03 May 2024 17:47:36 GMT
server: jag
etag: 3682230203555414016-4618590112919452026
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 01 May 2024 17:47:36 GMT

GET
H2 200 d79d748ceee7152b21b232bc52d7bedf.js Show response
ensighten.norton.com/symantec/aemprod/code/ 10 KB
4 KB 60ms
57ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/d79d748ceee7152b21b232bc52d7bedf.js?conditionId0=649166
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: f4d1d59032f0f9c315e32cbec848aee3f61480dacb58f3e624a0825a23328fbe

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:36 GMT
x-amz-version-id: z0R6_UP7F.IFvh1ptbwa_STMQGFeieZP
content-encoding: gzip
via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 3244558
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Mar 2024 18:52:21 GMT
server: CloudFront
etag: W/"1d79c7153f88ccf7a8e58a389a097d80"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: kfJnqwoawzs5HMFRJvBPZzGsecq8Vue6USVZvtWLjPYEwYBR0_9hkg==

GET
H2 200 b21e5bae01f6ed320966223265a313c1.js Show response
ensighten.norton.com/symantec/aemprod/code/ 3 KB
2 KB 62ms
59ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/b21e5bae01f6ed320966223265a313c1.js?conditionId0=4940767
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: d9980934f596e8d33c9874e3a451ae10ded9b7715ea4e0911a66396bd674c620

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:36 GMT
x-amz-version-id: NBqA5BVIj5BociJSsAMNq1Hz0E07fNJV
content-encoding: br
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2932864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 29 Mar 2024 19:06:24 GMT
server: CloudFront
etag: W/"1d8c62cd1eebf40332798c8c27b5045d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: XjRkjpEA5uXdEJ9oHvjKSmHF8SN9GlfTabRNzEs7xzQd5ad4o4WmNg==

GET
H2 200 32cb3cf219685a54ec919c68be2c95f1.js Show response
ensighten.norton.com/symantec/aemprod/code/ 10 KB
1 KB 62ms
61ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/32cb3cf219685a54ec919c68be2c95f1.js?conditionId0=423130
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 3543e8116e63866bf68a357dbbea9e8c5cd07c635955666f6db2329b95b8330c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:36 GMT
x-amz-version-id: w9z9lSj2wx3s_18VDHV7SkAaxqJv2eIf
content-encoding: br
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 3146744
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 01 Dec 2023 18:43:53 GMT
server: CloudFront
etag: W/"d5455f771f55837a41c1306f2951be8e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: NVojcZl_D8RqvowIVz8dF9VvAss2ir9Y6RFNTuw8NjhfgoVmBLAMJQ==

GET
H2 200 556633ad223bfc6bf51b845c73d42104.js Show response
ensighten.norton.com/symantec/aemprod/code/ 15 KB
5 KB 64ms
63ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/556633ad223bfc6bf51b845c73d42104.js?conditionId0=473910
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 097fc701a3c28095c30fbd1ed5c268bd7c5598eac0be99e63c21aa534b54e131

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:36 GMT
x-amz-version-id: SR8oM6ereYhdC_7zGht5pZ4SRZw0D91S
content-encoding: br
via: 1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 3023863
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 28 Mar 2024 17:49:48 GMT
server: CloudFront
etag: W/"2c8855cccb4396bf0b33e65ded1088fa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: cq9s1AWBxIBaODEvMpRlq_MJfW8wj7lSOefTyw4noxefs2y3u7ULQw==

GET
H2 200 4c6fd02f75d7eb6d6cd143c8acf19c27.js Show response
ensighten.norton.com/symantec/aemprod/code/ 582 B
1 KB 66ms
65ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/4c6fd02f75d7eb6d6cd143c8acf19c27.js?conditionId0=4955795&conditionId1=4937810
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 945cf787eed6276cc645158b724919f242f595e046f45f17bf6fa1ac63b7a691

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:36 GMT
x-amz-version-id: e27EzXjCbfb0aTTB3I2p6gNBNM8g.r1m
via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2549040
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 582
last-modified: Fri, 01 Mar 2024 18:52:21 GMT
server: CloudFront
etag: "2b5768656afbbe64dd653e657706b616"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: djfADWbRYupQmjZw2da50J3B0AMtd8x68i8_W0vXiXkrvMc5_V5j2w==

GET
H2 200 6e246484d45c474a8c87c8b7ef93038f.js Show response
ensighten.norton.com/symantec/aemprod/code/ 494 B
972 B 67ms
66ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/6e246484d45c474a8c87c8b7ef93038f.js?conditionId0=1790211
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 488db805a326a9218cf40ddfdfeffb16f2344ff7061ce17d3dac68ef009d99c9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:36 GMT
x-amz-version-id: b_0SKib55B_l2DwzAU24FYCOeclclPrK
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 2549040
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 494
last-modified: Thu, 20 Apr 2023 17:37:42 GMT
server: CloudFront
etag: "cb62e7ae6a1179ef4e8fc2dc6b1059c6"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Crd8dJeDPd5o0jk65ajc8-E-3JjFWYYKI2qleuixK70ifBe-CBAsCQ==

GET
H3 200 quantum-norton.js Show response
cdn.quantummetric.com/qscripts/ 305 KB
85 KB 133ms
65ms Script
text/javascript 172.67.20.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-norton.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.20.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56cf42dde34910d2c64688d31d7c5608af764352d9fe475ff31835ee7e2e4305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	no-sniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: no-sniff
cf-cache-status: HIT
content-encoding: br
age: 155
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"171414313234817133705820331714636802721"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87d9d6628db99199-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
75 KB 162ms
69ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8136487

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e685d0570b5f2a53386b284e5cbd16cd863d6d8724ce847b5858ef3344e68cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76862
x-xss-protection: 0
last-modified: Thu, 02 May 2024 17:19:25 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 May 2024 17:47:37 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 167ms
71ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 02 May 2024 17:47:36 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F1876473FFB74056A98B6078BDC21B4D Ref B: FRA31EDGE0810 Ref C: 2024-05-02T17:47:37Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 A247452-16ea-46a1-bf3e-0d9e4518ff9c1.js Show response
d.impactradius-event.com/ 37 KB
16 KB 129ms
41ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A247452-16ea-46a1-bf3e-0d9e4518ff9c1.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 187bd24e7f4c07a7f3e9898f0719ed419c0f15476e4c1efb3e0241ea59e99e4a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:42:40 GMT
content-encoding: gzip
age: 297
x-guploader-uploadid: ABPtcPqFxUCM1PWN-zouZJ1iylKTq2w4jMR9b0QEGi6DHujP5UTSnuoKFiOCMWEI_cFeiJnDmB4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15415
last-modified: Fri, 22 Mar 2024 16:59:36 GMT
server: UploadServer
etag: "4388e94bd6a42fddafc214ba5376d9de"
vary: Accept-Encoding
x-goog-generation: 1711126776793689
x-goog-hash: crc32c=miJbdA==, md5=Q4jpS9akL92vwhS6U3bZ3g==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 15415
accept-ranges: bytes
expires: Thu, 02 May 2024 17:47:40 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 138ms
44ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: gzip
last-modified: Fri, 22 Mar 2024 21:07:24 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-etou8220053-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
80 KB 210ms
129ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1069927954

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

089f367698a85197af062d060fdbcd91d5b3d90b35f94498542c9bf7eab0090f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81871
x-xss-protection: 0
last-modified: Thu, 02 May 2024 16:55:32 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 May 2024 17:47:37 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 27 KB
9 KB 144ms
43ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 095d8250a2bb5d0bd8d571e028cf271ff02fa05e0c1435a81a48344e8b828027

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 17:47:37 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 May 2024 06:14:15 GMT
Server: AkamaiNetStorage
ETag: "4495b620ae94c3ee15e206db4a6c08cd:1714630635.7335"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8373
Expires: Thu, 02 May 2024 18:07:37 GMT

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 180ms
61ms Script
application/javascript 2a02:26f0:3500:11::215:14d5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:11::215:14d5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 17:47:37 GMT
Content-Encoding: gzip
x-amz-request-id: 2YBFDHXY2BG0X743
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 11792
x-amz-id-2: X0mLy+zhQfGcMJeE6Lu48tPmxFSWqOpnSxdZQBh4ixekSso906hm/iT5X8JInwPSkeLM9fgFwoQ=
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
ETag: "5a676288bcea03bd05e483bc4ce066ae"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2895
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Thu, 02 May 2024 18:35:52 GMT

GET
H2 200 8d08b1cf12b6dedd46c680b7d1eca911.js Show response
spider.australiarevival.com/i/ 102 KB
38 KB 141ms
45ms Script
text/javascript 2600:9000:206f:5a00:1:996f:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spider.australiarevival.com/i/8d08b1cf12b6dedd46c680b7d1eca911.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5a00:1:996f:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 9356c1d2df35e0cccffe18122bb542072a507edf0892146830eb6af86b8a54bf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 07:29:11 GMT
content-encoding: gzip
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-C1
age: 37171
etag: "1975e-fn/dwGenC2h1+Keo0Z8LpzbEqQA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 38108
x-amz-cf-id: 8GIIsH23S6OS7ydcurDMkOBXS5Pubh4HPPjnJwn4JRa9TiJvGVOTYg==
expires: Thu, 02 May 2024 19:28:06 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 136ms
44ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 16:48:51 GMT
content-encoding: gzip
age: 3526
x-guploader-uploadid: ABPtcPo8DE9aTTo7A39NjIOgtpCNO_MJL1TMNmRHBypayF6SSpAlPkMlzNUeP0KLHtvANgMV20I
x-goog-storage-class: STANDARD
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Thu, 02 May 2024 17:48:51 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 45 KB
19 KB 155ms
64ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: dac99c71e943d58b4fac29e7bed45da2fc55ceec4d6627ecce863dec95a520aa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: gzip
via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 19396
x-amz-cf-id: tyzV7-yxmy__Tdc9RWQWlu77nDBib0JsqsSpyWd_YtSIA_EnvijiCA==

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 16 KB
7 KB 156ms
47ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?t=xo&id=norton.com

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

131aa7c9845bb29260758b95fd4e71090a661de130569036181ddbbd09c93382

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6Rr5QRcQWDdZBeUUMMzNPNPZIz45PfC1xClZKFen+HfA9C3V' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-6Rr5QRcQWDdZBeUUMMzNPNPZIz45PfC1xClZKFen+HfA9C3V' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 May 2024 17:47:37 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 64607
x-cache: HIT, MISS
paypal-debug-id: f69435750ccd4
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 5111
x-xss-protection: 1; mode=block
x-served-by: cache-fra-etou8220153-FRA, cache-fra-etou8220153-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f69435750ccd4-9b8e106278a1079d-01
x-timer: S1714672057.238479,VS0,VE4
etag: W/"3e32-1AlcWFx8T2X6ld+8R3rmx6c+ts4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 38 KB
12 KB 132ms
40ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 57bd3463acfad02c222f7beac208f69df5507f7de42fa38b18a1e1e48df2a44a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 24 Apr 2024 17:35:49 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "c4d61fbb6e730a840c7f140cbb9bcd06"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 11214

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 134ms
42ms Script
application/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

05dce95eaa2457f1ed9076e0d32b59680b654cf7ca6a4e35f3fe682c78f460b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-edgeconnect-origin-mex-latency: 635
date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2024 10:06:07 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 0
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=41616
accept-ranges: bytes
content-length: 17038

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 152ms
44ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ats-carp-promotion: 1, 1
date: Thu, 02 May 2024 16:55:11 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: D3F4CVH66QSRQPP3
age: 3147
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: pHODpt3FwF3K5emXH8QDI3j/sq2uhSEsl0Aud3v2+qLV4R/0DA4fb9sLnyXYyipA888J0Nd1YXssyCL6DByJqQ==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 268ms
153ms Script
application/javascript 104.126.37.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4JSARJR2Q3OG0JAETF0&lib=ttq
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-145.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8140d06b0dac3aba3cf4a2686e54209ee4cdc24202405da7a5986ef38e3cefa9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1d7b3c3e.19cc2243
date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240502174737D4CD2B7038DC80A9E6A8-2D6331CDED25FB4C-00
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time: 91,104.126.37.141
server-timing: cdn-cache; desc=MISS, edge; dur=84, origin; dur=7, inner; dur=3
content-length: 1765
pragma: no-cache
server: nginx
x-tt-logid: 20240502174737D4CD2B7038DC80A9E6A8
x-cache-remote: TCP_MISS from a23-220-104-16.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.104.16
x-tt-trace-host: 01f94a6051abfa348b9ae8f4b7467510443a6e3cf6f62b8b8080b915865707eda963ce90987c70233327e22de7884c999f89b7c58ece7fc54a3ce58d7dd8c7476dab5a0185817e784f913c37142a5290ffb127b2270202796e5bf6d1dfc3b8596894c83f3e6b9dbedf2dee81e0f6a9a44e
expires: Thu, 02 May 2024 17:47:37 GMT

GET
H2 200 i.js Show response
tag.wknd.ai/2004/ 66 KB
15 KB 143ms
40ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/2004/i.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 70192e1fb00626e113a419bd9edbc3a7666ccafb49d6bc95681dfce09d8aabee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:46:35 GMT
content-encoding: gzip
via: 1.1 google
age: 62
x-envoy-upstream-service-time: 1
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14983
server: istio-envoy
etag: ac555880a35eaa
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H3 200 qevents.js Show response
a.quora.com/ 41 KB
14 KB 154ms
83ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
x-amz-version-id: jrgqQn59BHyNBJEhUqaibHl1Lk06.AzO
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: M04HPBTPY5GDBBF5
age: 3024832
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Tl+NCrT4/ROq8BOB/jXEFbjekr+B/799PB4hsh4cPaz8GcT19YQzaMe+k+f+IJxKpv7tKCeNqoQ=
last-modified: Thu, 28 Mar 2024 17:33:19 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:87b5ecaafd0e88097cbbb1bbb7695fe9
etag: W/"87b5ecaafd0e88097cbbb1bbb7695fe9"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 87d9d665bf2344f2-TXL
expires: Thu, 02 May 2024 21:47:37 GMT

GET
H2 200 ktag.min.js Show response
www.knotch-cdn.com/ktag/latest/ 87 KB
26 KB 160ms
48ms Script
text/javascript 2600:9000:26e8:e600:12:1bcc:1d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.knotch-cdn.com/ktag/latest/ktag.min.js?accountId=68c7d46d-4f53-496f-99ba-ec17ab2c1f6c

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:e600:12:1bcc:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bf8e90f6783d986a0bd1b31cd3979b0a1310848515e2fb2629ef9085c3ec19c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 02:23:35 GMT
content-encoding: gzip
via: 1.1 38dab0d877593711162f7409f4fc8fca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P10
age: 55443
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Thu, 11 Apr 2024 15:14:10 GMT
server: AmazonS3
etag: W/"8897f8f1275a543aea65bf0223925c58"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: USiq8Hon4rd9CMAUOHv1H4S0yNArgtj1dZm-XbXpvy3IwHczocstHw==

GET
H2 200 / Show response
zn7ngvh48sidro926-gendigital.siteintercept.qualtrics.com/SIE/ 10 KB
5 KB 224ms
98ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zn7ngvh48sidro926-gendigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_7NGVH48sIDRo926

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b91e17bd69d5b70daa2a376dc99dedf80adb25bfe58516e045b97140aa4c30f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 583927
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2670-lGgvCqvXrr6ENUIgFOg42l+vd0U"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87d9d666a96534c7-WAW

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 5 KB
2 KB 151ms
47ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: br
x-cdn: fastly
etag: "c292daff66d2a9db8fb67b7807bf3c7b"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
alt-svc: h3=":443";ma=600
content-length: 1881

GET
H2 200 visitor.js Show response
app.leadsrx.com/ 16 KB
16 KB 881ms
427ms Script
application/javascript 54.218.116.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadsrx.com/visitor.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.218.116.186 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-218-116-186.us-west-2.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 7e8f70f86d34990e70e0b696310775bc5c4327110a78a08cebf21fc072cab1b2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
last-modified: Wed, 01 May 2024 18:34:01 GMT
server: nginx/1.20.1
etag: "66328b19-40d1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 16593

GET
H2 200 ae8f1a90-7a0c-0139-4083-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ 0
450 B 149ms
47ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/ae8f1a90-7a0c-0139-4083-06abc14c0bc6
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:37 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
x-request-id: F8u9JsX3Xm-OaXD8ZbWC
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 evtnc.js Show response
tag.havasedge.com/js/ 23 KB
23 KB 158ms
47ms Script
application/javascript 18.245.31.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.havasedge.com/js/evtnc.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-105.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a8046ae76f3c2fa5def7d0153cdb57e8d97c88ccb913dcb4209e3a9f001a36f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:45:38 GMT
via: 1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
last-modified: Wed, 18 Jan 2023 23:02:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
age: 120
x-amz-server-side-encryption: AES256
etag: "bb282c181bffec3889d3030dd6e067ea"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 23382
x-amz-cf-id: 2HW71LlGZ38x_KYlWNDE-QNsr6f9budi5f2bsF-UhWC6trt8rqm1gA==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 10 KB
4 KB 138ms
39ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a95689e90e588b166f7b3ecd334959a2d6a3da1d73d557c8fb72fa10cf465dd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 04:35:17 GMT
Content-Encoding: gzip
Via: 1.1 d6f2ecdfd53b40c1776d655bd15fdeb0.cloudfront.net (CloudFront)
Last-Modified: Thu, 25 Apr 2024 19:49:47 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
Age: 47541
x-amz-server-side-encryption: AES256
ETag: W/"d6f0435164aefe6cf324147b77c7b6bb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: -MFqoggQQ-Z4YEz1u8-ErzhXtpoSz65pFx0dP10PY4Lbw0jid1eECw==

GET
H2 204 sst
ensighten.norton.com/pc/symantec/ 0
320 B 172ms
172ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/pc/symantec/sst?sstVersion=1.0.0&sstData=%7B%22virtualBrowser%22%3A%7B%22page%22%3A%22https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation%22%2C%22language%22%3A%22en-US%2Cen%22%2C%22screenDepth%22%3A24%2C%22height%22%3A1200%2C%22width%22%3A1600%2C%22title%22%3A%22Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton%22%2C%22timezone%22%3A%22Europe%2FBerlin%22%2C%22screenHeight%22%3A1200%2C%22screenWidth%22%3A1600%7D%2C%22events%22%3A%5B%7B%22name%22%3A%22facebook_conversions_api_integration%22%2C%22data%22%3A%7B%22pixel_id%22%3A%222010787619164716%22%2C%22event_data%22%3A%7B%22event_name%22%3A%22PageView%22%2C%22data_processing_options%22%3A%5B%22LDU%22%5D%2C%22data_processing_options_country%22%3A0%2C%22data_processing_options_state%22%3A0%2C%22event_id%22%3A%226e54db82-4f4e-4b6e-96e3-feead13f5691%22%2C%22user_data%22%3A%7B%7D%7D%7D%7D%5D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:37 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx
x-ens-event-id: da1737dc-c187-4a94-bf7e-ed98215c9a5f
x-offsite-uuid: 556e03b7-6ad1-41d5-9119-fcda8717a6b7
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 t.png
tvspix.com/ 68 B
195 B 1032ms
213ms Image
image/png 52.35.126.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tvspix.com/t.png?t=1714672056964&l=tvscientific-pix-o-eb001251-d952-4b93-b92d-f7ac10d97dab&u3=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.35.126.167 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-126-167.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/png
pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 68
expires: 0

GET
H3

200

src=9309239;dc_pre=CLX8x5fD74UDFesJogMd0tkAzQ;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://gwmtracking.com/p/v/1/59bc0993f8708105b27e9bf1/format/img
https://ad.doubleclick.net/ddm/activity/src=9309239;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=9309239;dc_pre=CLX8x5fD74UDFesJogMd0tkAzQ;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CLX8x5fD74UDFesJogMd0tkAzQ;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
63 B

158ms
76ms

Image
image/gif

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CLX8x5fD74UDFesJogMd0tkAzQ;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 02 May 2024 17:47:38 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"1259626404171094818"}],"aggregatable_trigger_data":[{"filters":[{"14":["8402852"]}],"key_piece":"0x797a1fa9ca53ce97","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xe5c87ad1b61d4bc8","not_filters":{"14":["8402852"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":[{"14":["8402852"]}],"key_piece":"0xcb32e69b7f731b51","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xc21081325c5013c8","not_filters":{"14":["8402852"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"3472895725620825406","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"1259626404171094818","filters":[{"14":["8402852"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"1259626404171094818","filters":[{"14":["8402852"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"1259626404171094818","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"1259626404171094818","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["9309239"]}}
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: image/png
location: https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CLX8x5fD74UDFesJogMd0tkAzQ;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 TC-3086-2.gif
pt.ispot.tv/v2/ 43 B
315 B 143ms
41ms Image
image/gif 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3086-2.gif?app=web&type=visit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 02 May 2024 17:47:37 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H/1.1

200
OK

c
trkn.us/pixel/
Redirect Chain

https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=782213122
https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=782213122&ip=80.255.7.119&cuidchk=1

42 B
721 B

51ms
50ms

Image
image/gif

95.101.111.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=782213122&ip=80.255.7.119&cuidchk=1

Protocol

HTTP/1.1

Server

95.101.111.156 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-156.deploy.static.akamaitechnologies.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 May 2024 17:47:37 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Location: /pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=782213122&ip=80.255.7.119&cuidchk=1
Date: Thu, 02 May 2024 17:47:37 GMT
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
644 B 163ms
66ms Image
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613158642812&event=pageVisit&productName=whaling-attack
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:37 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: e7285c2861f8b0c4b3ba79e0e56541fa8492424c
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 4298600275274067
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
108 B 43ms
42ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=0&c=21&i=7rfqy7&p=aemprod&s=330&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3JmcXk3IiwicGFja2V0IjowLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8BkiLCJ0eXBlIjoiYmlsbGluZyIsInN0YXJ0IjoxNzE0NjcyMDU2OTc0XwDAZCI6LTEsInNvdXJjMgACKwBhdHVzIjoiZgBAYXNvbmUA1F0sImRhdGFQYXR0ZXISAMJsaXN0IjpbXSwiaWRdAMA2NzIwNTY5NzR9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:36 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 02 May 2024 17:47:35 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/c/ 0
108 B 325ms
324ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/c/r.rnc?n=0&c=21&i=8sfjy9&p=aemprod&s=428&d=9CV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxDgDwHk5hbWUiOiJzeW1hbnRlYyIsInB1Ymxpc2hQYXRoIjoiYWVtcHJvZCIsIm1vZCoAkHdoaXRlbGlzdFEA8CNvb2tpZXMiOnsiU1lNQU5URUNfRU5TSUdIVEVOX1BSSVZBQ1lfQkFOTkVSX0xPQURFRKMA8Q8ifSwiZHQiOjE3MTQ2NzIwNTY5OTcsInNldHRpbmdPAPEnbW9kYWwiOiJlbnRlcnByaXNlIiwiZW52aXJvbm1lbnQiOiJVUyBOb3J0b24iLCJkZWZhdWx0OwDxH1NvY2lhbCBNZWRpYSI6MSwiUGVyZm9ybWFuY2UgYW5kIEZ1bmN0aW9uYWxpdHkiALJBZHZlcnRpc2luZxAA8ARuYWx5dGljcyI6MX19LCJldmVuXQAiW3sLAEEiOiJj-wBgQ2hhbmdlHgEP0AAABfgAwEFERUQiOiIxIn1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 02 May 2024 17:47:36 GMT

GET
H2 200 seo Show response
buy.norton.com/redirector/ 43 B
627 B 265ms
116ms Script
text/javascript 23.37.34.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.norton.com/redirector/seo?callback=cartFn1714672056999

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.34.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-34-49.deploy.static.akamaitechnologies.com

Software

Resource Hash

65b95f1cfd39f04681add711717f57b8380173a02c65f18bc2fce1d0a27f4e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 17:47:37 GMT
requestid: 1125e8233e5eb000
content-type: text/javascript;charset=utf-8
x-oneagent-js-injection: true
cache-control: max-age=0, no-cache, no-store
server-timing: dtRpid;desc="-1541731677", dtSInfo;desc="0"
content-length: 43
expires: Thu, 02 May 2024 17:47:37 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
101 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FG3M2ET3ED

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d10120e8049800e3274fe1301cef6bdda830c1ba4f9d666ab447fd8b10266aff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103027
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 May 2024 17:47:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 130ms
42ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd3521e9b79712590c50523ef00789c637324afa1c8987bf5b773c5d3a66fb3d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 May 2024 17:47:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57855
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: bWjpNJWd4Ur/ayEZe0K3a4AZP7K0cnD6ZETp0EMm8yZl5gL78RyffuFVXOgvTGNlveYlAE8yts6JuJWPZATv1Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 / Show response
02179916.akstat.io/ 0
226 B 464ms
336ms XHR
image/gif 2a02:26f0:3100:795::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179916.akstat.io/

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:37 GMT
content-type: image/gif
access-control-allow-origin: https://us.norton.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=93600
x-xss-protection: 0
expires: Thu, 02 May 2024 17:47:37 GMT

GET
H2 200 nlok.ico
us.norton.com/content/dam/norton/cb/ 4 KB
5 KB 53ms
53ms Other
image/x-icon 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/content/dam/norton/cb/nlok.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ccd7e9557cd9db88268e80255b101f1f48d4d150dbcf036b661aa99099f43500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 02 May 2024 17:47:37 GMT
content-disposition: attachment
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1714672057039_388276627_344647131_30_5478_41_0_219";dur=1
content-length: 4176
x-xss-protection: 1; mode=block
last-modified: Mon, 07 Mar 2022 21:38:58 GMT
server: Apache
etag: "1039-5d9a7b1204080"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: max-age=31517896
accept-ranges: bytes
expires: Fri, 02 May 2025 12:45:53 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 269ms
161ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=d5aaff6d-32e5-4015-b6b4-5aebdaecc41c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=35abd8d5-2e26-4761-a793-b708c6f7da6f&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuzip&type=javascript&version=2.3.30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 117
date: Thu, 02 May 2024 17:47:36 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 935b0d298ffb3134
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 75d7828d9cc65ac9db31145a78d42660ed950d18b48cdd539731a9987a25fe92
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
393 B 240ms
144ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d5aaff6d-32e5-4015-b6b4-5aebdaecc41c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=35abd8d5-2e26-4761-a793-b708c6f7da6f&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuzip&type=javascript&version=2.3.30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 103
date: Thu, 02 May 2024 17:47:37 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c5c7b141de8cd13e
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 1a10d8f21736b530b8333d5d22b57080f87e4494a08a624e6110b3beed1c51ec
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
229 B 246ms
238ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=44b8076c-f3ac-4b98-af52-f309992186d8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=35abd8d5-2e26-4761-a793-b708c6f7da6f&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5fum&type=javascript&version=2.3.30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 195
date: Thu, 02 May 2024 17:47:37 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5b396efba8d449c5
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 75d7828d9cc65ac9db31145a78d42660ed950d18b48cdd539731a9987a25fe92
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
216 B 154ms
153ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=44b8076c-f3ac-4b98-af52-f309992186d8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=35abd8d5-2e26-4761-a793-b708c6f7da6f&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5fum&type=javascript&version=2.3.30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 110
date: Thu, 02 May 2024 17:47:37 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 9b7fe07091231739
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 1a10d8f21736b530b8333d5d22b57080f87e4494a08a624e6110b3beed1c51ec
content-length: 43

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
442 B 442ms
117ms Ping
image/gif 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=07585190890084021&referrer=&marketerId=001f961bd9b051a2818b4058353fda92bf&name=PAGE_VIEW&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&g=0&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 17:47:38 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: image/gif;
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-TraceId: 7efdee94191df7b9e7cac749992db447
Content-Length: 54

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
382 B 491ms
119ms Script
application/javascript 70.42.32.127
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=001f961bd9b051a2818b4058353fda92bf

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 17:47:38 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: f6221e1008479295f21c11bc5a3eb978
Content-Length: 39
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/javascript

GET
H/1.1 200
OK 001f961bd9b051a2818b4058353fda92bf Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
615 B 137ms
43ms Script
text/html 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/001f961bd9b051a2818b4058353fda92bf

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-237-86.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Thu, 02 May 2024 17:47:37 GMT
X-Check-Cacheable: YES
X-Akamai-Pragma-Client-IP: 23.36.160.145, 109.255.88.233
X-CC: DE
Connection: keep-alive
X-TraceId: 3d25721c7b7f923f5c1bcc703c647edd
Content-Length: 22
ob-sent-time: 1714600824911
X-Serial: 66280
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
Expires: Thu, 02 May 2024 17:48:37 GMT

POST
H2 200 4405 Show response
norton.ow5a.net/xur/ 119 B
1005 B 178ms
55ms XHR
application/json 34.251.169.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://norton.ow5a.net/xur/4405
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.169.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-169-192.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6b7c15ba709a6100aeb73c2a6337d4f39c3b91127c6e84498e178ea0302b4196

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:37 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin: https://us.norton.com
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 02 May 2024 17:46:16 GMT

POST
H2 200 pdst-events-prod-sink Show response
us-central1-adaptive-growth.cloudfunctions.net/ 2 B
123 B 208ms
204ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://us.norton.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 83b6e5bbda808f459fd05a3c567dcf11
cache-control: private
function-execution-id: 0rynoyh0poxh
access-control-allow-headers: Content-Type, Accept
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 271ms
164ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://us.norton.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Thu, 02 May 2024 17:47:37 GMT
function-execution-id: udydec9iazou
server: Google Frontend
x-cloud-trace-context: bb7a06f531635bed88af5dc0a91709a5

GET
H2 204 5441611.js Show response
bat.bing.com/p/action/ 0
119 B 71ms
70ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5441611.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 02 May 2024 17:47:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 08F3F51C6AAC454FAF400ED89DD02BC6 Ref B: FRA31EDGE0810 Ref C: 2024-05-02T17:47:37Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 104ms
104ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5441611&Ver=2&mid=01748582-631d-4207-afc2-ea8202b84eb1&sid=10402be008ac11ef9b45b57c46d60cb7&vid=1040655008ac11ef82efa35fa7767782&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&p=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&r=&lt=2072&evt=pageLoad&sv=1&rn=778954

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 May 2024 17:47:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 13AA357EABE543E7B25E5AC0113AC184 Ref B: FRA31EDGE0810 Ref C: 2024-05-02T17:47:37Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 08bef49b-4b6f-474e-958b-5a0be7a0227e.js Show response
tr.snapchat.com/config/com/ 191 B
467 B 228ms
141ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/08bef49b-4b6f-474e-958b-5a0be7a0227e.js?v=3.16.0-2404242003

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

917aa1c6fe42f8b54acfb06b75ebc9f106f1ebe9133b34bc791f2d265272a774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Origin: https://us.norton.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://us.norton.com
x-envoy-upstream-service-time: 92
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 191

GET
H2 200 i
tr.snapchat.com/cm/ Frame D4FC 0
0 160ms
53ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=08bef49b-4b6f-474e-958b-5a0be7a0227e&u_scsid=f60a1b84-eeae-4f18-9cd8-6fa90cd62c82&u_sclid=25733e17-cf8b-4275-92be-847f2a9997d5

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 02 May 2024 17:47:37 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 298 KB
100 KB 101ms
99ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FG3M2ET3ED&l=dataLayer&cx=c

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9d3c45f5b6d5ab662c80a2f1b399e7663ccccb307415edfa29fb0edb9145e85b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101999
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 02 May 2024 17:47:37 GMT

GET
H2

200

activityi;dc_pre=CMfZlJfD74UDFbdXHgIdU44Aeg;src=8136487;type=lp;cat=unive0;ord=1;num=3368704923764;npa=0;auiddc=26354531.1714672057;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=...
8136487.fls.doubleclick.net/ Frame F4D3
Redirect Chain

https://8136487.fls.doubleclick.net/activityi;src=8136487;type=lp;cat=unive0;ord=1;num=3368704923764;npa=0;auiddc=26354531.1714672057;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u...
https://8136487.fls.doubleclick.net/activityi;dc_pre=CMfZlJfD74UDFbdXHgIdU44Aeg;src=8136487;type=lp;cat=unive0;ord=1;num=3368704923764;npa=0;auiddc=26354531.1714672057;u10=unknown;u11=missing;u14=d...

0
0

78ms
77ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8136487.fls.doubleclick.net/activityi;dc_pre=CMfZlJfD74UDFbdXHgIdU44Aeg;src=8136487;type=lp;cat=unive0;ord=1;num=3368704923764;npa=0;auiddc=26354531.1714672057;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;pscdl=noapi;gtm=45fe44t0v9170891986za200;gcs=G111;gcd=13t3t3t2t5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation?

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 532
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 May 2024 17:47:37 GMT
expires: Thu, 02 May 2024 17:47:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 May 2024 17:47:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8136487.fls.doubleclick.net/activityi;dc_pre=CMfZlJfD74UDFbdXHgIdU44Aeg;src=8136487;type=lp;cat=unive0;ord=1;num=3368704923764;npa=0;auiddc=26354531.1714672057;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;pscdl=noapi;gtm=45fe44t0v9170891986za200;gcs=G111;gcd=13t3t3t2t5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CNzdlJfD74UDFf9jHgIdKYYB_w;src=8136487;type=lp;cat=blogp0;ord=1236415075160;npa=0;auiddc=26354531.1714672057;u10=unknown;u14=direct;u16=undefined;pscdl=noapi;gtm=45fe44t0v917089198...
8136487.fls.doubleclick.net/ Frame A6C5
Redirect Chain

https://8136487.fls.doubleclick.net/activityi;src=8136487;type=lp;cat=blogp0;ord=1236415075160;npa=0;auiddc=26354531.1714672057;u10=unknown;u14=direct;u16=undefined;pscdl=noapi;gtm=45fe44t0v9170891...
https://8136487.fls.doubleclick.net/activityi;dc_pre=CNzdlJfD74UDFf9jHgIdKYYB_w;src=8136487;type=lp;cat=blogp0;ord=1236415075160;npa=0;auiddc=26354531.1714672057;u10=unknown;u14=direct;u16=undefine...

0
0

84ms
80ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8136487.fls.doubleclick.net/activityi;dc_pre=CNzdlJfD74UDFf9jHgIdKYYB_w;src=8136487;type=lp;cat=blogp0;ord=1236415075160;npa=0;auiddc=26354531.1714672057;u10=unknown;u14=direct;u16=undefined;pscdl=noapi;gtm=45fe44t0v9170891986za200;gcs=G111;gcd=13t3t3t2t5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation?

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 514
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 May 2024 17:47:37 GMT
expires: Thu, 02 May 2024 17:47:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 May 2024 17:47:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8136487.fls.doubleclick.net/activityi;dc_pre=CNzdlJfD74UDFf9jHgIdKYYB_w;src=8136487;type=lp;cat=blogp0;ord=1236415075160;npa=0;auiddc=26354531.1714672057;u10=unknown;u14=direct;u16=undefined;pscdl=noapi;gtm=45fe44t0v9170891986za200;gcs=G111;gcd=13t3t3t2t5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=143129871.1714672057&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack&dma_cps=sypham&dma=1&npa=0&gtm=45fe...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=143129871.1714672057&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack&dma_cps=sypham&dma=1&n...

42 B
64 B

61ms
58ms

Ping
image/gif

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=143129871.1714672057&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack&dma_cps=sypham&dma=1&npa=0&gtm=45fe44t0v9170891986za200&auid=26354531.1714672057

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t2t5&rnd=143129871.1714672057&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack&dma_cps=sypham&dma=1&npa=0&gtm=45fe44t0v9170891986za200&auid=26354531.1714672057
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
80 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1043330685&l=dataLayer&cx=c

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

993dd58982b1ac8d552faf847ad5613219cdeca250c46a2d6e4e7616afb64a7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81893
x-xss-protection: 0
last-modified: Thu, 02 May 2024 16:55:32 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 May 2024 17:47:37 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/ 4 KB
2 KB 139ms
54ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/?random=1714672057390&cv=11&fst=1714672057390&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9166610413za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0c8437e08f14b097573421577ae242e6e483cff52889c0dcbfd7088e57ad575a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1595
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/ 4 KB
2 KB 132ms
56ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/?random=1714672057408&cv=11&fst=1714672057408&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9166610413za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&fdr=QA&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%5C%3DFY25%2520Employee%2520Benefits%26utm_medium%5C%3Demail%26_hsenc%5C%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%5C%3D302650963%26utm_content%5C%3D302650963%26utm_source%5C%3Dhs_automation%3Bu2%3Dblog%3Bu3%3Dwhaling-attack%3Bu4%3Dmissing&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

fa55872ee4912961cf72a0e39cfe69cc03d36961bb5e5931e8fd0c48af5171c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1661
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activity;src=8136487;npa=0;auiddc=26354531.1714672057;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%...
ad.doubleclick.net/ 42 B
66 B 175ms
90ms Image
image/gif 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;src=8136487;npa=0;auiddc=26354531.1714672057;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation;u2=blog;u3=whaling-attack;u4=missing;pscdl=noapi;gtm=45fe44t0v9170891986za200;gcs=G111;gcd=13t3t3t2t5;dma_cps=sypham;dma=1;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ct Show response
bite.australiarevival.com/ 5 KB
2 KB 901ms
638ms Script
text/javascript 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/ct?id=34870&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&sf=0&tpi=&ch=Norton&uvid=&tsf=0&tsfmi=&tsfu=&cb=1714672057824&hl=2&op=0&ag=2115704966&rand=845521868672270127626027128112829391514810852105180115711257139165697207217998080092&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDkxMDldLFsiYm5jaCIsMV0sWyJhYm5jaCIsMV0sWy0xOCwiWzAsMCwwLDFdIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTU5LCJkZWZhdWx0Il0sWy00OSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFstNjgsIi0iXSxbLTUsIi0iXSxbLTI4LCJlbi1VUyxlbiJdLFstNCwiPGh0bWwgY2xhc3M9XCJlbi1VU1wiIGxhbmc9XCJlbi1VU1wiPjxoZWFkIGNsYXNzPVwiYXQtZWxlbWVudC1tYXJrZXJcIj48c2NyaXB0IGFzeW5jPVwidHJ1ZVwiIHNyYz1cImh0dHBzOi8vdHIuc25hcGNoYXQuY29tL2NvbmZpZy9jb20vMDhiZWY0OWItNGI2Zi00NzRlLTk1OGItNWEwYmU3YTAyMjdlLmpzP3Y9My4xNi4wLTI0MDQyNDIwMDNcIiBjcm9zc29yaWdpbj1cImFub255bW91c1wiPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3dhdmUub3V0YnJhaW4uY29tL210V2F2ZXNCdW5kbGVyL2hhbmRsZXIvMDAxZjk2MWJkOWIwNTFhMjgxOGI0MDU4MzUzZmRhOTJiZlwiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj48L3NjcmlwdD48c2NyaXB0IHNyYz1cImh0dHBzOi8vY29ubmVjdC5mYWNlYm9vay5uZXQvZW5fVVMvZmJldmVudHMuanNcIj48L3NjcmlwdD48c2NyaXB0IHNyYz1cImh0dHBzOi8vd3d3Lmdvb2dsZXRhZ21hbmFnZXIuY29tL2d0YWcvanM%2FaWQ9Ry1GRzNNMkVUM0VEXCI%2BPC9zY3JpcHQ%2BPHN0eWxlIHR5cGU9XCJ0ZXh0L2Nzc1wiPmh0bWwuZW4tVVMgI2Vuc05vdGlmeUJhbm5lciAjZW5zQmFubmVyRGVzY3JpcHRpb24ge1xuICAgIHRvcDogdW5zZXQ7XG59PC9zdHlsZT48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vanMuYWRzcnZyLm9yZy91cF9sb2FkZXIuMS4xLjAuanNcIj48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vYXBwLmxlYWRzcnguY29tL3Zpc2l0b3IuanNcIj48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vcy5waW5pbWcuY29tL2N0L2NvcmUuanNcIj48L3NjcmlwdD48c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly9hLnF1b3JhLmNvbS9xZXZlbnRzLmpzXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL2FuYWx5dGljcy50aWt0b2suY29tL2kxOG4vcGl4ZWwvZXZlbnRzLmpzP3Nka2lkPUM0SlNBUkpSMlEzT0cwSkFFVEYwJmFtcDtsaWI9dHRxXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCBzcmM9XCJodHRwczovL3MueWltZy5jb20vd2kveXRjLmpzXCIgYXN5bmM9XCJcIj48L3NjcmlwdD48c2NyaXB0IHNyYz1cImh0dHBzOi8vd3d3LnJlZGRpdHN0YXRpYy5jb20vYWRzL3BpeGVsLmpzXCIgYXN5bmM9XCJcIj48L3NjcmlwdD48c2NyaXB0IGFzeW5jPVwiXCIgc3JjPVwiaHR0cHM6Ly93d3cucGF5cGFsLmNvbS90YWdtYW5hZ2VyL3BwdG0uanM%2FdD14byZhbXA7aWQ9bm9ydG9uLmNvbVwiPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL3NjLXN0YXRpYy5uZXQvc2NldmVudC5taW4uanNcIj48L3NjcmlwdD48c2NyaXB0IGlkPVwicGRzdC1jYXB0dXJlXCIgYXN5bmM9XCJcIiBzcmM9XCJodHRwczovL2Nkbi5wZHN0LmZtL3BpbmcubWluLmpzXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cImh0dHBzOi8vd2Vic2RrLmFwcHNmbHllci5jb20%2Fc3Q9YmFubmVycyZhbXA7XCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cIi8vYW1wbGlmeS5vdXRicmFpbi5jb20vY3Avb2J0cC5qc1wiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj48L3NjcmlwdD48c2NyaXB0IHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIiBhc3luYz1cIlwiIHNyYz1cIi8vd3d3Lmdvb2dsZXRhZ21hbmFnZXIuY29tL2d0YWcvanM%2FaWQ9QVctMTA2OTkyNzk1NFwiPjwvc2NyaXB0PjxzY3JpcHQgYXN5bmM9XCJcIiBzcmM9XCIvL3N0YXRpYy5hZHMtdHdpdHRlci5jb20vdXd0LmpzXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCBhc3luYz1cIlwiIHNyYz1cIi8vZC5pbXBhY3RyYWRpdXMtZXZlbnQuY29tL0EyNDc0NTItMTZlYS00NmExLWJmM2UtMGQ5ZTQ1MThmZjljMS5qc1wiPjwvc2NyaXB0PjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiIGFzeW5jPVwiXCIgc3JjPVwiLy9iYXQuYmluZy5jb20vYmF0LmpzXCI%2BPC9zY3JpcHQ%2BPHNjcmlwdCB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCIgYXN5bmM9XCJcIiBzcmM9XCIvL3d3dy5nb29nbGV0YWdtYW4iXSxbLTMzLCJbXCJbMzYyNjIzNDAzMSxmdW5jdGlvbihoKXtXKGQsZnVuY3Rpb24oKXtiKC00NykoaCl9KTtcXG5yZXR1cm4gZi5hcHBseSh3aW5kb3csYXJndW1lbnRzKX1dXCIsXCJcIixcIls0NDA5NjUwMjEsZnVuY3Rpb24gdG9TdHJpbmcoKSB7IFtuYXRpdmUgY29kZV0gfV1cIl0iXSxbLTM0LCJbXCJbNDkxMjU2Mjg0LGZ1bmN0aW9uKGgpe1coZCxmdW5jdGlvbigpe2IoLTQ4KShoKX0pO3JldHVybiBnLmFwcGx5KHdpbmRvdyxhcmd1bWVudHMpfV1cIixcIlwiLFwiWzQ0MDk2NTAyMSxmdW5jdGlvbiB0b1N0cmluZygpIHsgW25hdGl2ZSBjb2RlXSB9XVwiXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy02NiwiZ2VvbG9jYXRpb24sc3RvcmFnZWFjY2VzcyxnYW1lcGFkLGNoZWN0LG1pZGksZGlzcGxheWNhcHR1cmUsdXNiLHBpY3R1cmVpbnBpY3R1cmUscHVibGlja2V5Y3JlZGVudGlhbHNnZXQsbG9jYWxmb250cyxvdHBjcmVkZW50aWFscyxlbmNyeXB0ZWRtZWRpYSxjaHNhdmVkYXRhLGNodWFmdWxsdmVyc2lvbmxpc3QsY2h1YXdvdzY0LGNoZG93bmxpbmssY2hwcmVmZXJzY29sb3JzY2hlbWUsc3luY3hocixjaHVhbW9kZWwsY2hwcmVmZXJzcmVkdWNlZHRyYW5zcGFyZW5jeSxzZXJpYWwsY2FtZXJhLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24scHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LGNodWFmdWxsdmVyc2lvbixmdWxsc2NyZWVuLGNoZHByLHVubG9hZCxrZXlib2FyZG1hcCxjaHVhcGxhdGZvcm0sZ3lyb3Njb3BlLGNodWFtb2JpbGUsd2luZG93bWFuYWdlbWVudCxjaHVhLHB1YmxpY2tleWNyZWRlbnRpYWxzY3JlYXRlLG1hZ25ldG9tZXRlcixhY2NlbGVyb21ldGVyLHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixjaHVhYXJjaCx4cnNwYXRpYWx0cmFja2luZyxjaHVhZm9ybWZhY3RvcnMsaWRsZWRldGVjdGlvbixjaHVhcGxhdGZvcm12ZXJzaW9uLGNod2lkdGgsY2xpcGJvYXJkcmVhZCxjaHZpZXdwb3J0d2lkdGgscGF5bWVudCxjaHZpZXdwb3J0aGVpZ2h0LGNocnR0LGF1dG9wbGF5LGNyb3Nzb3JpZ2luaXNvbGF0ZWQsaGlkLGNodWFiaXRuZXNzLHNjcmVlbndha2Vsb2NrLGNsaXBib2FyZHdyaXRlLGNoZGV2aWNlbWVtb3J5LG1pY3JvcGhvbmUiXSxbLTEsIi0iXSxbLTUzLCIxMDAiXSxbLTIsIjM2LGVBSFdYMS9mM3F6Q3Zia3V5bVF3Z2xJYUYzcEVzUkVFVHBvVmRGVkJRUXBSY1JCRlNLSUlnaVJJcjBLaEpScXBTQXRDQWtRSHBJenliYlhwbVpyLzUvZDk2YnpjdVNBUEovR3QiXSxbLTIxLCItIl0sWy0yMywiKyJdLFstMjUsIltcIlsxNDUyMDM3NTAyLGZ1bmN0aW9uKGgpe1coZCxmdW5jdGlvbigpe2IoLTIzKShoKX0pO3JldHVybiBlLmFwcGx5KHdpbmRvdyxhcmd1bWVudHMpfV1cIixcIlwiLFwiWzQ0MDk2NTAyMSxmdW5jdGlvbiB0b1N0cmluZygpIHsgW25hdGl2ZSBjb2RlXSB9XVwiXSJdLFstNjUsIi0iXSxbLTE0LCItIl0sWy0yNiwie1widGpoc1wiOjI3MTA5MjEzLFwidWpoc1wiOjIwMzY4OTU3LFwiamhzbFwiOjQyOTQ3MDUxNTJ9Il0sWy01OCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJvZzp0aXRsZVwiLFwib2c6ZGVzY3JpcHRpb25cIixcInR3aXR0ZXI6dGl0bGVcIixcInR3aXR0ZXI6ZGVzY3JpcHRpb25cIl19Il0sWy01NiwibGFuZHNjYXBlLXByaW1hcnkiXSxbLTYzLCItIl0sWy0zOCwiYywtMSwtMSwyNDcsMCwyNiwwLDAsMTIxLDEyMSwtMSw1MSwxOTY0LjUsMTk2NC41LDI0MDEsMjQwMSJdLFstMjAsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MCwiMzMiXSxbLTI0LCJbXCJzZW5kQmVhY29uXCIsMCwxLDEsMV0iXSxbLTE1LCItIl0sWy00NywiRXVyb3BlL0JlcmxpbixkZS1ERSxsYXRuLGdyZWdvcnkiXSxbLTgsIi0iXSxbLTE3LCIxNyJdLFstNTUsIjEiXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWy01MCwiLSJdLFstNywiLSJdLFstNTQsIntcImhcIjpbXCJfMVwiLFwiMzI5OTkxMzY5XCIsXCJfM1wiLFwiMzI5OTkxMzY5XCJdLFwiZFwiOltcIl8xXCIsXCIyMTE1OTc2NDk2XCJdLFwiYlwiOltcIl8xXCIsXCIxNDg1MTU5NDgzXCIsXCJfMFwiLFwiMjk3OTc0MTQ4MlwiLFwiMTg5NjEwNTEzOFwiLFwiODE5NTk2MThcIl0sXCJzXCI6MX0iXSxbLTU3LCJXRTBaVjF4T2NWaFhYVlZjU3hjRldsWlVTVXhOWEYwSEdXSllTaGxZU1VsVlFHUVpFVnhQV0ZVWldFMFpCVmhYVmxkQVZGWk1TZ2NaRVFNT0F3Z01DUW9KQVJBVkdRVllWMVpYUUZSV1RFb0hBd2dCQXdvSkVCVllUUmw0UzB0WVFCZFBYQmtSVVUxTlNVb0RGaFpLU1ZCZFhFc1hXRXhLVFV0WVZWQllTMXhQVUU5WVZSZGFWbFFXVUJZQlhRa0JXd2hhWHdnTFd3OWRYRjFkRFE5YUR3RUpXdzVkQ0Z4YVdBQUlDQmRUU2dNSUF3OE9DQWtKRUJWWVRSbFJUVTFKU2dNV0ZrcEpVRjFjU3hkWVRFcE5TMWhWVUZoTFhFOVFUMWhWRjFwV1ZCWlFGZ0ZkQ1FGYkNGcGZDQXRiRDExY1hWME5EMW9QQVFsYkRsMElYRnBZQUE9PSJdLFstNjQsIlswLFwiV2luMzJcIixbe1wiYlwiOlwiR29vZ2xlIENocm9tZVwiLFwidlwiOlwiMTI0XCJ9LHtcImJcIjpcIk5vdDpBLUJyYW5kXCIsXCJ2XCI6XCI4XCJ9LHtcImJcIjpcIkNocm9taXVtXCIsXCJ2XCI6XCIxMjRcIn1dXSJdLFstNiwiLSJdLFstNDYsIjAiXSxbLTYyLCI4MCJdLFstMTAsIi0iXSxbLTM1LCJbMTcxNDY3MjA1NzQ0OSwtMl0iXSxbLTE5LCJbMTE3MCwxNDAwLDExNzAsMTQwMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTI4NSwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy02MSwie1wid2dzbFwiOlwiNDtyZWFkb25seV9hbmRfcmVhZHdyaXRlX3N0b3JhZ2VfdGV4dHVyZXM7cGFja2VkXzR4OF9pbnRlZ2VyX2RvdF9wcm9kdWN0O3VucmVzdHJpY3RlZF9wb2ludGVyX3BhcmFtZXRlcnM7cG9pbnRlcl9jb21wb3NpdGVfYWNjZXNzO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy02NywiLSJdLFstMTYsIjAiXSxbLTUxLCItIl0sWy0yOSwiLSJdLFstNDQsIjAsMCwwLDUiXSxbLTYwLDE1OF0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJpbnRlcm5hbC1wZGYtdmlld2VyXCJdIl0sWy00MSwiLSJdLFstNDUsIi0iXSxbLTUyLCItIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstNDgsIjAsMCJdLFstMTIsIm51bGwiXSxbLTI3LCJbMTAwLDEwLDAsXCI0Z1wiLG51bGxdIl0sWy0zMiwiLSJdLFstOSwiKyJdLFstMTMsIi0iXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcImludGVsIGluYy5cIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMCAob3BlbmdsIGVzIGdsc2wgZXMgMS4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wIChvcGVuZ2wgZXMgMi4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJiZW5cIjozNDcsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjoxOTMwODIwMjc5LFwic2VjXCI6XCJcIn0iXSxbLTMxLCJmYWxzZSJdLFsiZGRiIiwiMCwzNiwwLDMsMCwwLDAsMCwwLDAsMCwwLDAsMCw0LDAsMCwwLDAsMCwxLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwxLDAsMCwwLDEsMiwwLDAsMCwwLDEsMCwwLDAsMCwxLDAsMCwwLDUsMCw1LDEsMCwwLDEsMCwwLDAsMCJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCwyLDAsMCwzNTIsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMTUsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDYsMCwwLDMsMSwwLDAsMCwwLDEsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwzLDAsNSwwLDAsMCwwLDAsMCwwLDAsMCJdXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=ohUBuAjNia&pto=2899&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1714672057.xBfdNbC9zCWSOyhl&suid=1.1714672057.Huhbpc82oReZoqpI&tuid=1.1714672057.k3JO4rv2VadWcrSz&fbc=-&gtm=WyJjb252ZXJzaW9uIl0%3D&it=107%2C2036%2C251&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=1040655008ac11ef82efa35fa7767782&spa=1&urid=0&ab=&sck=-
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 19cba53f17f49486691bccffeed3cd45d9de5416d1d5f43c1f937b62c3fbd390

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript
pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1562
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.ojrq.net/p/ 50 B
468 B 275ms
48ms Image
image/gif 34.95.127.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ojrq.net/p/?return=&cid=4405&tpsync=no&auth=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.127.121 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.127.95.34.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
via: 1.1 google
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
expires: Thu, 02 May 2024 17:47:38 GMT

POST
H2 200 p
tr.snapchat.com/ 0
238 B 151ms
56ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://us.norton.com
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 t2_cxz0s4qa_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
701 B 129ms
43ms XHR
application/json 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_cxz0s4qa_telemetry
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 98

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
638 B 230ms
41ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1714672057903&id=t2_cxz0s4qa&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=b4bd02b4-a788-4049-b41c-965ec796bb93&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_3ba1cddf&dpm=&dpcc=&dprc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1714672057909&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benef...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1714672057909&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benef...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2504060%26time%3D1714672057909%26url%3Dhttps%253A%252F%252Fus.norton.com%252Fblog...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1714672057909&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benef...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1714672057909&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Bene...

0
268 B

398ms
306ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1714672057909&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&cookiesTest=true&liSync=true&e_ipv6=AQLQuZSr4D1U3QAAAY86a0EIwwcHKLalFiGB5HBfdsWNuGw6JR8xHKkHs1Bz64JaUDUfZ10
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9C2261B7B1A24C96A6EBA23AA7CE946F Ref B: DUS30EDGE0722 Ref C: 2024-05-02T17:47:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYXfDL5b/GtZUtbu1DNzg==

Redirect headers

date: Thu, 02 May 2024 17:47:38 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7EA528DBC98C4A56BB23A82B4B764C7E Ref B: DUS30EDGE0920 Ref C: 2024-05-02T17:47:38Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1714672057909&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&cookiesTest=true&liSync=true&e_ipv6=AQLQuZSr4D1U3QAAAY86a0EIwwcHKLalFiGB5HBfdsWNuGw6JR8xHKkHs1Bz64JaUDUfZ10
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYXfDL17rmxddvYkecTvg==

GET
H2 200 11548.json Show response
s.yimg.com/wi/config/ 43 B
693 B 131ms
46ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/11548.json

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b0d59e6793fe0753b08ca807791faf4b84909d00eb0ea9eee991bfd961065402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

ats-carp-promotion: 1
date: Thu, 02 May 2024 17:31:29 GMT
x-amz-version-id: YmfUqh2hNGKjBCrMTs9jMkQzMPQW4Y6A
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: F80K629QRBZFZJE2
age: 970
x-amz-server-side-encryption: AES256
content-length: 43
x-amz-id-2: qoBb0K+TnSnAjQD7mXPv1FKdmE2lZcThqvQuWhKff0K4rx0FCbctrj8QNGBcaScrnjb/WVCcDPk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 07 Jun 2025 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 02 May 2024 16:45:09 GMT
server: ATS
etag: "ee67895e23e55fb16238fcc20064cdd0"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 ts
t.paypal.com/ 42 B
514 B 299ms
199ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ADC854CZKCW2SE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ADC854CZKCW2SE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3acffdcb-c025-475c-ba85-3218f5e08f49&fltp=analytics&mrid=DC854CZKCW2SE&code=MUSE_ADMIN_TOOL&partner_name=MUSE_ADMIN_TOOL&flag_consume=yes&pt=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1714672057957&g=-120&completeurl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&disableSetCookie=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Thu, 02 May 2024 17:47:38 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 451926c8fc4f4
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-etou8220068-FRA
pragma: no-cache
correlation-id: 451926c8fc4f4
traceparent: 00-0000000000000000000451926c8fc4f4-581cd4dad72bde9b-01
x-timer: S1714672058.246068,VS0,VE160
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 May 2024 17:47:38 GMT

GET
H2 200 runtime_6459738026535cda4232dc813c61447d.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
2 KB 167ms
43ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_6459738026535cda4232dc813c61447d.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 03:41:58 GMT
content-encoding: br
age: 569140
x-guploader-uploadid: ABPtcPpqtuMq8K2n3FMEj-dm4631wWBT6lEvuEz_spUwSQe8dWxB9rrqTd31aGXnjNSTubV3NBk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1316
last-modified: Tue, 23 Apr 2024 14:37:31 GMT
server: UploadServer
etag: "09512239cb2a22728ca9f8608dfc2181"
x-goog-generation: 1713883050962681
x-goog-hash: crc32c=BS9gKg==, md5=CVEiOcsqInKMqfhgjfwhgQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1316
accept-ranges: bytes
content-type: text/javascript

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/105830223f174e668d8cfee6991bcb40/ 43 B
422 B 481ms
119ms Image
image/gif 52.2.7.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/105830223f174e668d8cfee6991bcb40/pixel?j=1&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&tag=ViewContent&ts=1714672057963

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.2.7.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-2-7-148.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 02 May 2024 17:47:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,9d4563c50058a030658599eaa18dfd26,10.0.0.156,60018,80.255.7.119,,363733292867,1,1714672058.585,0.002,,.,0,0,0.004,0.004,-,0,0,203,249,124,10,26847,,,,,,-,
Content-Type: image/gif

GET
H2 200 main.2bdc3040.js Show response
s.pinimg.com/ct/lib/ 69 KB
20 KB 48ms
47ms Script
application/javascript 2a04:4e42:8e::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.2bdc3040.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
content-encoding: br
x-cdn: fastly
etag: "12a8f2d3ddbe2363a4a569b085d70d28"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
alt-svc: h3=":443";ma=600
content-length: 19942

GET
H2 200 main.MTIyYzc3NzllMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 431 KB
114 KB 55ms
55ms Script
application/javascript 104.126.37.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTIyYzc3NzllMQ.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-145.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 19cc1cced30687035cb740cbbf86a4c2d7c5085ca95e3fdef76d7e28d35af57d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 19cc2bf0
date: Thu, 02 May 2024 17:47:38 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202404190410088E00BF63830C7BA728C8
x-tt-trace-id: 00-2404190410088E00BF63830C7BA728C8-0E91932628B856AE-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0148ea8f6469076c148a25409a9f9e4ae9b245c035b8fb8535ab414287ba0c22d193a38e7cf122606f7ec813b4f481a18a1121898862eef058e5e27c8a281a09203a903010a85a197f085ac3f7e2062958d427fa5f02fac0675e453cc7efb9c1bd
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=4
content-length: 116133

GET
H2 200 68c7d46d-4f53-496f-99ba-ec17ab2c1f6c Show response
configs.knotch.com/v2/ 153 B
581 B 139ms
41ms XHR
application/octet-stream 52.222.236.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://configs.knotch.com/v2/68c7d46d-4f53-496f-99ba-ec17ab2c1f6c
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cddedd8608723d22a8931d30e123bc6fe3d2657e9567997c2b4434361a04e3fa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 07:26:36 GMT
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 37370
x-cache: Hit from cloudfront
content-length: 153
last-modified: Wed, 03 Apr 2024 15:56:05 GMT
server: AmazonS3
etag: "e06a8fe72f012106da71ba031d0a0cbc"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Accept-Encoding
x-amz-cf-id: wJQwysV7fessTdhZEEocXwGgiEKuPOWg6JjEWhvOy-2dbM18mgjCug==

GET
H2 200 track-event
event.havasedge.com/ 0
39 B 658ms
211ms Image
text/plain 34.208.11.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.havasedge.com/track-event?emeta=eyJwIjoiaHR0cHM6Ly91cy5ub3J0b24uY29tL2Jsb2cvZW1lcmdpbmctdGhyZWF0cy93aGFsaW5nLWF0dGFjaz91dG1fY2FtcGFpZ249RlkyNSUyMEVtcGxveWVlJTIwQmVuZWZpdHMmdXRtX21lZGl1bT1lbWFpbCZfaHNlbmM9cDJBTnF0ei0tekhNanBEb0xUUU1HMFR5RkQydllvc3hPS05hYU0wR1JzUWpjUU5iNFN5dVF5R2Q1RFd1MXppa2lpWU9kdVN2bzdFYnJWVW1yX0R6TElCa1pJcXF3aENaeTY5dyZfaHNtaT0zMDI2NTA5NjMmdXRtX2NvbnRlbnQ9MzAyNjUwOTYzJnV0bV9zb3VyY2U9aHNfYXV0b21hdGlvbiIsIm8iOiJodHRwczovL3VzLm5vcnRvbi5jb20iLCJhbyI6W10sInBhcm1zIjp7InV0bV9jYW1wYWlnbiI6IkZZMjUlMjBFbXBsb3llZSUyMEJlbmVmaXRzIiwidXRtX21lZGl1bSI6ImVtYWlsIiwiX2hzZW5jIjoicDJBTnF0ei0tekhNanBEb0xUUU1HMFR5RkQydllvc3hPS05hYU0wR1JzUWpjUU5iNFN5dVF5R2Q1RFd1MXppa2lpWU9kdVN2bzdFYnJWVW1yX0R6TElCa1pJcXF3aENaeTY5dyIsIl9oc21pIjoiMzAyNjUwOTYzIiwidXRtX2NvbnRlbnQiOiIzMDI2NTA5NjMiLCJ1dG1fc291cmNlIjoiaHNfYXV0b21hdGlvbiJ9LCJwciI6IiIsImluZiI6ZmFsc2UsImxja2lkIjoiNjI0ZDliODMtNjNkMS05ZGFjLTlhNzEtMTMxN2UwNWE5Yzg3XzE3MTQ2NzIwNTgiLCJzb3VyY2UiOiJIYXZhc0VkZ2UuRXZlbnRUYWciLCJidCI6MTcxNDY3MjA1ODEyMiwiYnoiOi0xMjAsInBsZyI6WyJQREYgVmlld2VyIiwiQ2hyb21lIFBERiBWaWV3ZXIiLCJDaHJvbWl1bSBQREYgVmlld2VyIiwiTWljcm9zb2Z0IEVkZ2UgUERGIFZpZXdlciIsIldlYktpdCBidWlsdC1pbiBQREYiXSwicGx0IjoiV2luMzIiLCJjayI6dHJ1ZSwidHIiOmZhbHNlLCJoIjoxMjAwLCJ3IjoxNjAwLCJjZCI6MjR9&trkGuid=0d24d362-9133-4cf0-8e7e-be8762f0510a&evtGuid=5cf27ba5-9ea8-4014-99ea-ec775d2a8e7e&data-product_list=missing&data-order_id=missing&data-subtotal=missing&data-country=US
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.11.252 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-11-252.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
content-length: 0

GET
H2 200 12.ffd98a9d3b8cbf2075ed.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 74 KB
21 KB 86ms
79ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/12.ffd98a9d3b8cbf2075ed.chunk.js?Q_CLIENTVERSION=2.5.0&Q_CLIENTTYPE=web&Q_BRANDID=us.norton.com

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4018d7f0a983131974acbea85f1be1a84c2cca541c584f98b5c5c83413913695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 227414
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control: max-age=604800
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 15 Apr 2024 17:52:42 GMT
server: cloudflare
etag: W/"1267d-18ee2e3c610"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
permissions-policy: camera=(), geolocation=(), microphone=()
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 87d9d66c39d034c7-WAW

GET
H2 200 2010787619164716 Show response
connect.facebook.net/signals/config/ 73 KB
15 KB 55ms
53ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2010787619164716?v=2.9.154&r=stable&domain=us.norton.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c18c5c1ac5e5e3acc90c054fad1285ec55f67b9839b7476b3c5943075cd7bf79

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 May 2024 17:47:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14629
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=45, rtx=0, c=63, mss=1294, tbw=63309, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: lB7jb3i57WcqgnvCJ5+XCVYeqD8qLCV7M0AXROj5/Tv+lgkCZMggzuwduYe40sZ2EmooYC1xtU18G3GXk61bKQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 145ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FG3M2ET3ED&gtm=45je44t0v880748444za200&_p=1714672056948&_gaz=1&gcs=G111&gcd=13t3t3t2t5&npa=0&dma_cps=sypham&dma=1&cid=610907757.1714672058&ecid=1574759666&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1714672058&sct=1&seg=0&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&dt=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3264
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 148ms
48ms Ping
text/plain 2a00:1450:400c:c1f::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FG3M2ET3ED&cid=610907757.1714672058&gtm=45je44t0v880748444za200&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13t3t3t2t5&npa=0
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 130ms
71ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FG3M2ET3ED&cid=610907757.1714672058&gtm=45je44t0v880748444za200&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13t3t3t2t5&npa=0&z=1178333311

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 norton Show response
ingest.quantummetric.com/horizon/ Frame A6FA 90 B
243 B 517ms
222ms XHR
application/json 35.239.153.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ingest.quantummetric.com/horizon/norton?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&t=1714672057074&v=1714672057975&S=0&N=0&P=0&z=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.239.153.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.153.239.35.bc.googleusercontent.com

Software

Resource Hash

e0ff71bdb1ab7cb99acd4e67f23558566173715a539990dc40f98ab3b58a2b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://us.norton.com
date: Thu, 02 May 2024 17:47:38 GMT
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
content-length: 90
content-type: application/json

GET
H3 200 /
www.google.com/pagead/1p-user-list/1069927954/ 42 B
64 B 53ms
52ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069927954/?random=1714672057390&cv=11&fst=1714669200000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9166610413za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqv-GeND3aySh4IC-qL8pRs4wTIsC8332uE4T7JPMBm2LPIOJT&random=997012261&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1069927954/ 42 B
64 B 92ms
54ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069927954/?random=1714672057390&cv=11&fst=1714669200000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9166610413za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqv-GeND3aySh4IC-qL8pRs4wTIsC8332uE4T7JPMBm2LPIOJT&random=997012261&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1069927954/ 42 B
64 B 54ms
53ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069927954/?random=1714672057408&cv=11&fst=1714669200000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9166610413za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&fdr=QA&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%5C%3DFY25%2520Employee%2520Benefits%26utm_medium%5C%3Demail%26_hsenc%5C%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%5C%3D302650963%26utm_content%5C%3D302650963%26utm_source%5C%3Dhs_automation%3Bu2%3Dblog%3Bu3%3Dwhaling-attack%3Bu4%3Dmissing&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqM0lYhchAsLdEuMtU4nbbjAAiEHZ5IprHxcIJTo9PtC5u2XIv&random=3319394074&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1069927954/ 42 B
64 B 55ms
53ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069927954/?random=1714672057408&cv=11&fst=1714669200000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v9166610413za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&fdr=QA&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%5C%3DFY25%2520Employee%2520Benefits%26utm_medium%5C%3Demail%26_hsenc%5C%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%5C%3D302650963%26utm_content%5C%3D302650963%26utm_source%5C%3Dhs_automation%3Bu2%3Dblog%3Bu3%3Dwhaling-attack%3Bu4%3Dmissing&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqM0lYhchAsLdEuMtU4nbbjAAiEHZ5IprHxcIJTo9PtC5u2XIv&random=3319394074&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
502 B 189ms
58ms Image
image/gif 3.255.41.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2002%20May%202024%2017%3A47%3A38%20GMT&n=-2d&b=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&.yp=11548&f=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&enc=UTF-8&yv=1.15.1&tagmgr=gtm%2Cadobe%2Censighten

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.255.41.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-255-41-64.eu-west-1.compute.amazonaws.com

Software

ATS/9.1.10.112 /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
via: http/1.1 traffic_server (ApacheTrafficServer/9.1.10.112)
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS/9.1.10.112
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 02 May 2024 17:47:38 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame 8BC7 0
0 177ms
61ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=9e5b3bs&ref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&upid=jirrmzm&upv=1.1.0
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Thu, 02 May 2024 17:47:38 GMT
server: Kestrel

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1043330685/ 3 KB
2 KB 126ms
62ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1043330685/?random=1714672058230&cv=11&fst=1714672058230&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&label=sale&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&gtm_ee=1&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dwhaling-attack%3Becomm_traffic_source%3Ddirect&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

699f851d058da8710b22c397fa96aac5422a4b48a44c7021e7e397254903b754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1795
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/ 4 KB
2 KB 53ms
52ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1714672058238&cv=11&fst=1714672058238&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

950cbbd2a8f2a1dbfac2c7e25471dbf0904ec5015d686aacdbe1970f4bc117ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1683
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/ 5 KB
2 KB 54ms
54ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1714672058244&cv=11&fst=1714672058244&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%5C%3DFY25%2520Employee%2520Benefits%26utm_medium%5C%3Demail%26_hsenc%5C%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%5C%3D302650963%26utm_content%5C%3D302650963%26utm_source%5C%3Dhs_automation%3Bu2%3Dblog%3Bu3%3Dwhaling-attack%3Bu4%3Dmissing&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a234eb641f1d5e20a5c4c22c13403467cf0e8f140bed15a9c768783b3b08b349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1747
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 visitor.php Show response
app.leadsrx.com/ 103 B
534 B 235ms
234ms XHR
text/html 54.218.116.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.leadsrx.com/visitor.php?acctTag=csiyrk42502&tz=-120&ref=&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&t=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&lc=null&anon=0&vin=null

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.218.116.186 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-218-116-186.us-west-2.compute.amazonaws.com

Software

nginx/1.20.1 / PHP/5.6.40

Resource Hash

8a78c85e56bc02bedda2ac52ef9787d843c550a1bb4e5763b9de26be89640f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
x-content-type-options: nosniff
server: nginx/1.20.1
x-powered-by: PHP/5.6.40
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true

GET ingress
frontdoor.knotch.it/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
275 B 130ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2010787619164716&ev=PageView&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&rl=&if=false&ts=1714672058269&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmensighten&ec=0&o=4125&fbp=fb.1.1714672058267.1461888165&cs_est=true&ler=empty&cdl=API_unavailable&it=1714672058143&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=6e54db82-4f4e-4b6e-96e3-feead13f5691&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2766, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 17:47:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
ct.pinterest.com/user/ 326 B
369 B 74ms
73ms XHR
application/json 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613158642812&pd=%7B%22np%22%3A%22ensighten%22%7D&cb=1714672058271&dep=2%2CPAGE_LOAD
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 1532929608661574
content-length: 185
pin-unauth: dWlkPU4ySXhZekppWTJNdE9HSXpPQzAwTnpSbExUZzFabVl0TkRBd05USmxabVUxTTJJNA
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://us.norton.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: e7285c2861f8b0c4b3ba79e0e56541fa8492424c
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/v3/ 35 B
240 B 68ms
68ms Fetch
image/gif 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/v3/?tid=2613158642812&pd=%7B%22np%22%3A%22ensighten%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%222bdc3040%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22x86%22%2C%22bitness%22%3A%2264%22%2C%22brands%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22124%22%7D%2C%7B%22brand%22%3A%22Not%3AA-Brand%22%2C%22version%22%3A%228%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22124%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%2C%22uaFullVersion%22%3A%22124.0.6367.118%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1714672058272
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: https://us.norton.com
pinterest-version: e7285c2861f8b0c4b3ba79e0e56541fa8492424c
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 8136406392520431
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_c26a2.js Show response
analytics.tiktok.com/i18n/pixel/static/ 139 KB
37 KB 92ms
92ms Script
application/javascript 104.126.37.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c26a2.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-145.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 19cc3041
date: Thu, 02 May 2024 17:47:38 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202404190410088E00BF63830C7BA728D9
x-tt-trace-id: 00-2404190410088E00BF63830C7BA728D9-0E91932628B859BE-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0148ea8f6469076c148a25409a9f9e4ae9b245c035b8fb8535ab414287ba0c22d193a38e7cf122606f7ec813b4f481a18a1121898862eef058e5e27c8a281a09203a903010a85a197f085ac3f7e20629585931eb661dd27e912e1461d79547a42d
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3
content-length: 37305

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
851 B 247ms
247ms Ping
text/plain 104.126.37.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-145.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 188eb2de.19cc309b
date: Thu, 02 May 2024 17:47:38 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24050217473840C6A28786CAB4B03EAD-31908982E6195F25-00
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time: 168,104.126.37.141
server-timing: cdn-cache; desc=MISS, edge; dur=144, origin; dur=38, inner; dur=34
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024050217473840C6A28786CAB4B03EAD
x-cache-remote: TCP_MISS from a23-220-106-203.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 38,23.220.106.203
x-tt-trace-host: 01f94a6051abfa348b9ae8f4b7467510443a6e3cf6f62b8b8080b915865707eda9cf09702567c559db2807eb8704f1b05f24fa8d6b6fb86d18173835423dd7aa552dd190b7137afd6bd3cf4f7e343701ec950e9375bb0dd8ba78b9d0cc2bb9cde4ee212a74e186c2ecc6078da59bee4d0e
access-control-allow-headers: Authorization,*
expires: Thu, 02 May 2024 17:47:38 GMT

GET
H2 200 main-v2_1332979ed7c7516ecc60067da43b37ed.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 492 KB
107 KB 43ms
43ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_1332979ed7c7516ecc60067da43b37ed.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4013c59455800a51f0516969f19b7e3caf9e3e82860541b85f76b1fafa6b5ea1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 16:48:10 GMT
content-encoding: br
age: 3568
x-guploader-uploadid: ABPtcPq28LzIsdY0lukddJMIMs0gGBGrMkQ60otHmIUQrX8FoX1JgBkqLolPFp8-EzcB3GoKxCQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109197
last-modified: Thu, 02 May 2024 16:48:03 GMT
server: UploadServer
etag: "8fc2338519434e756d5e3e6814a663eb"
x-goog-generation: 1714668483256369
x-goog-hash: crc32c=zekyWQ==, md5=j8IzhRlDTnVtXj5oFKZj6w==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 109197
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 cjs_min_3a843477d8e318f67237a66d0a58c542.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 49 KB
16 KB 133ms
133ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a843477d8e318f67237a66d0a58c542.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:31:31 GMT
content-encoding: gzip
age: 209767
x-guploader-uploadid: ABPtcPq1Nhgt92MdffOVecYRv3QqxOF2y5ouABmXBKcD-6gVSiFx62R5vJTKF63_ANiqLm2cHJRiCrZVFQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15748
last-modified: Mon, 22 Apr 2024 20:59:52 GMT
server: UploadServer
etag: "1eb885454ea6bef1c9747800702959de"
x-goog-generation: 1713819592631797
x-goog-hash: crc32c=Joap5g==, md5=HriFRU6mvvHJdHgAcClZ3g==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 15748
accept-ranges: bytes
content-type: text/javascript; charset=utf-8

GET
H3 200 /
www.google.com/pagead/1p-user-list/1043330685/ 42 B
64 B 57ms
56ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043330685/?random=1714672058244&cv=11&fst=1714669200000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%5C%3DFY25%2520Employee%2520Benefits%26utm_medium%5C%3Demail%26_hsenc%5C%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%5C%3D302650963%26utm_content%5C%3D302650963%26utm_source%5C%3Dhs_automation%3Bu2%3Dblog%3Bu3%3Dwhaling-attack%3Bu4%3Dmissing&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqfVXO2TXz2j-nNmC8yPdF1wjLNSYnsPjteGXqsC10tp5msXTe&random=156782860&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1043330685/ 42 B
64 B 53ms
52ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043330685/?random=1714672058244&cv=11&fst=1714669200000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%5C%3DFY25%2520Employee%2520Benefits%26utm_medium%5C%3Demail%26_hsenc%5C%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%5C%3D302650963%26utm_content%5C%3D302650963%26utm_source%5C%3Dhs_automation%3Bu2%3Dblog%3Bu3%3Dwhaling-attack%3Bu4%3Dmissing&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqfVXO2TXz2j-nNmC8yPdF1wjLNSYnsPjteGXqsC10tp5msXTe&random=156782860&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1043330685/ 42 B
64 B 54ms
54ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043330685/?random=1714672058238&cv=11&fst=1714669200000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtq58Pqatuf9Lsud8AxiPDzw2fj1smIg9lfpvvJOAFIaoMfhaxk&random=1437273439&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1043330685/ 42 B
64 B 57ms
56ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043330685/?random=1714672058238&cv=11&fst=1714669200000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtq58Pqatuf9Lsud8AxiPDzw2fj1smIg9lfpvvJOAFIaoMfhaxk&random=1437273439&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 Targeting.php Show response
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 5 KB
1 KB 188ms
188ms XHR
application/json 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_7NGVH48sIDRo926&Q_CLIENTVERSION=2.5.0&Q_CLIENTTYPE=web

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf612aee71a7ff956265aa283e46f1d6af53e8d888951ae2546ca53a0987ea1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
content-security-policy-report-only: frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
content-type: application/json
access-control-allow-origin: https://us.norton.com
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
trace-id: 5709cc1e4245c2ea
timing-allow-origin: *
cf-ray: 87d9d66ccaa834c7-WAW

GET
H3 200 token_create.js Show response
ct.pinterest.com/static/ct/ 4 KB
4 KB 42ms
42ms Script
application/javascript 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/static/ct/token_create.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.0.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
x-cdn: fastly
age: 3411
etag: "19c94b308deaf8fbf050b4fca2fa21b7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
timing-allow-origin: https://ct.pinterest.com
alt-svc: h3=":443";ma=600
content-length: 4103

GET
H2 200 ct.html
ct.pinterest.com/ Frame E339 0
0 149ms
67ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 02 May 2024 17:47:38 GMT
pinterest-version: e7285c2861f8b0c4b3ba79e0e56541fa8492424c
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 3035962095154328

POST
H2 200 p
tr6.snapchat.com/ 0
46 B 57ms
52ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
via: 1.1 google
server: API Gateway
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 inbox-v2_02aca5df0e176b8810a86da97ac05424.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 17 KB
5 KB 44ms
43ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_02aca5df0e176b8810a86da97ac05424.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 03dbf9dc05fa84370cbdfb363a10855e9fd035a833cd83b67e14cdb975882bed

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 29 Apr 2024 16:07:19 GMT
content-encoding: br
age: 265219
x-guploader-uploadid: ABPtcPrqA9beEJUSPQ9h9K1vHYgQDpe0HcdJfBV_rRR720gzxLpXkcOeLjHDy9qTIcq1siWDTuw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5089
last-modified: Mon, 29 Apr 2024 16:07:09 GMT
server: UploadServer
etag: "2a4c802d3ec2dfc292cc9bb15ef5f45d"
x-goog-generation: 1714406829637644
x-goog-hash: crc32c=PRHjLA==, md5=KkyALT7C38KSzJuxXvX0XQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 5089
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 43ms
42ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_0e56ab6ba004ee080ce3deb3edae35e9.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 07:26:56 GMT
content-encoding: br
age: 210042
x-guploader-uploadid: ABPtcPrdBlcP_9OmgJyNteETY_rAwO3M4GOu-yunTy9ZcN-WQSbejJeG66uW57E_FtJv2rM-GQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5003
last-modified: Mon, 29 Apr 2024 16:07:17 GMT
server: UploadServer
etag: "7ff99b6f1cea743cef749de91009e764"
x-goog-generation: 1714406837056150
x-goog-hash: crc32c=qFvE1Q==, md5=f/mbbxzqdDzvdJ3pEAnnZA==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 5003
accept-ranges: bytes
content-type: text/javascript

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 539ms
151ms XHR
application/json 34.149.44.52
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.44.52 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 52.44.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 56a91178be19c73d3cd57f522c0c8dc23246780057acf2a768f0fd7b12bf492a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 02 May 2024 17:47:38 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 519ms
156ms XHR
application/json 34.149.235.45
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.235.45 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 45.235.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 10d8b3ff7850f2970b02368006230ce7d0be3d17d869b0cdf66de92305dea88a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 02 May 2024 17:47:38 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 658ms
150ms XHR
application/json 34.149.56.191
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.56.191 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 191.56.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 0cadebb1c13e97b954b5695b97ec7729bc1ccf9e2684d7bd78fa54dc3984399d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Thu, 02 May 2024 17:47:39 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/1043330685/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1504739296&cv=11&fst=1714672058230&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&...
https://www.google.com/pagead/1p-conversion/1043330685/?random=1504739296&cv=11&fst=1714672058230&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&...
https://www.google.de/pagead/1p-conversion/1043330685/?random=1504739296&cv=11&fst=1714672058230&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u...

42 B
64 B

57ms
57ms

Image
image/gif

172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1043330685/?random=1504739296&cv=11&fst=1714672058230&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&label=sale&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&gtm_ee=1&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dwhaling-attack%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIreTOl8PvhQMV9YKDBx2lqwh2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqz3Fn4DHN5Hoi19SJ6wi519LB6MqIsDgYMqGadNmGIbuV9nG7&random=2806842667&ipr=y

Protocol

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1043330685/?random=1504739296&cv=11&fst=1714672058230&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&label=sale&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&gtm_ee=1&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dwhaling-attack%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIreTOl8PvhQMV9YKDBx2lqwh2MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqz3Fn4DHN5Hoi19SJ6wi519LB6MqIsDgYMqGadNmGIbuV9nG7&random=2806842667&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
849 B 243ms
243ms Ping
text/plain 104.126.37.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-145.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 23567aab.19cc330c
date: Thu, 02 May 2024 17:47:38 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24050217473894AFB646ED2EC1A57037-671449AEBBC2347B-00
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time: 132,104.126.37.141
server-timing: cdn-cache; desc=MISS, edge; dur=119, origin; dur=29, inner; dur=23
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024050217473894AFB646ED2EC1A57037
x-cache-remote: TCP_MISS from a23-220-104-8.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.220.104.8
x-tt-trace-host: 01f94a6051abfa348b9ae8f4b7467510443a6e3cf6f62b8b8080b915865707eda939b6d5e2fd4c3cff156e80dd15c49d0c6d72ca1f8607dc3fd9a5739322e0830a7dc7f956a927db702e563b498a7de93de6026d8adb6e64b82d5dd5cff494f912f1f99603f16605db6c73ec4b4df5a142
access-control-allow-headers: Authorization,*
expires: Thu, 02 May 2024 17:47:38 GMT

GET
H3 200 jquery-3.5.1.min.js Show response
assets.bounceexchange.com/assets/bounce/ 87 KB
31 KB 42ms
42ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 03:42:16 GMT
content-encoding: br
age: 569122
x-guploader-uploadid: ABPtcPpBnQSkNw5deNcEGcEwNkuDuZnw5RFiJV53vLuIgNNY27ekU7Is1OeT7SMHxHy-BqrRQqM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31567
last-modified: Tue, 23 Apr 2024 14:37:04 GMT
server: UploadServer
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-goog-generation: 1713883024823955
x-goog-hash: crc32c=W9o9Ng==, md5=3F5/GMjTasHT1HU6h8mNCg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 89476
accept-ranges: none
content-type: text/javascript; charset=UTF-8

POST
H2 200 p
tr.snapchat.com/ 0
47 B 52ms
51ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://us.norton.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 8E0B 0
0 122ms
44ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 569150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 938
content-type: text/html; charset=UTF-8
date: Fri, 26 Apr 2024 03:41:48 GMT
etag: W/"fc893948c3efc689b5b19d8a77958e23"
last-modified: Tue, 23 Apr 2024 14:37:03 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1713883023838131
x-goog-hash: crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2408
x-guploader-uploadid: ABPtcPoHMrgSyl4pDMe-4-FnKMqgdHh8DcaVR0pSWFgMwQWg5rYT7B7a5ZNAVZAKfIiW841zdzE

POST
H2 200 norton Show response
ingest.quantummetric.com/horizon/ Frame A6FA 0
142 B 309ms
309ms XHR
application/json 35.239.153.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.239.153.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.153.239.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://us.norton.com
date: Thu, 02 May 2024 17:47:38 GMT
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
content-length: 0
content-type: application/json

POST
H2 200 norton Show response
ingest.quantummetric.com/horizon/ Frame A6FA 0
142 B 306ms
305ms XHR
application/json 35.239.153.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.239.153.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.153.239.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://us.norton.com
date: Thu, 02 May 2024 17:47:38 GMT
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
content-length: 0
content-type: application/json

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
122 B 119ms
118ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Thu, 02 May 2024 17:47:38 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3 200 2053905694837980 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 196ms
195ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2053905694837980?v=2.9.154&r=stable&domain=us.norton.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

681fcc3a0b865502154efd54bb593f187f0f1c3c339de0f1a46ef5d65286ddc3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 02 May 2024 17:47:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=23, mss=1232, tbw=4323, tp=9, tpl=0, uplat=155, ullat=0
pragma: public
x-fb-debug: hGFusYtkNUJkfulA4pavb37qso7JYKbgYn1x8glLp98HjIy02gGh/525NqY2iWj2FKVHLnIlcX5VixYnDAsyew==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
0 3ms
3ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:36 GMT
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F1876473FFB74056A98B6078BDC21B4D Ref B: FRA31EDGE0810 Ref C: 2024-05-02T17:47:37Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/ 4 KB
2 KB 56ms
55ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1714672058766&cv=11&fst=1714672058766&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

63bd113ca7d4f8a07a66f85015c9b878735c3c669f9e4db1d59b167c9f6ac51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1688
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1043330685/ 3 KB
2 KB 55ms
55ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1043330685/?random=1714672058780&cv=11&fst=1714672058780&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&gtm_ee=1&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

d7af9603418d193066b7c1b3dcc3ce7d4ca0def800c32e02aff5a9be9ea9a4b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1786
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 42ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2010787619164716&ev=CHEQ&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&rl=&if=false&ts=1714672058764&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmensighten&ec=1&o=4125&fbp=fb.1.1714672058267.1461888165&ler=empty&cdl=API_unavailable&it=1714672058143&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=3120, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 17:47:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/1043330685/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1043330685/?label=23KzCJj-jYMYEP3sv_ED&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?label=23KzCJj-jYMYEP3sv_ED&guid=ON&script=0&ct_cookie_present=false&random=1128972622&sscte=1&crd=CNm5sQIIscGxAgiwwbECCL...
https://www.google.com/pagead/1p-conversion/1043330685/?label=23KzCJj-jYMYEP3sv_ED&guid=ON&script=0&ct_cookie_present=false&random=1128972622&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=Ih...
https://www.google.de/pagead/1p-conversion/1043330685/?label=23KzCJj-jYMYEP3sv_ED&guid=ON&script=0&ct_cookie_present=false&random=1128972622&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhM...

42 B
64 B

54ms
53ms

Image
image/gif

172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1043330685/?label=23KzCJj-jYMYEP3sv_ED&guid=ON&script=0&ct_cookie_present=false&random=1128972622&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMIt5jjl8PvhQMV6IuDBx1ewwCkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqYfRrBXeqpS8Ix_Qha2apkXZfOqy1qchbnqybw_OPz0uvfecI&random=3880585357&ipr=y

Protocol

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1043330685/?label=23KzCJj-jYMYEP3sv_ED&guid=ON&script=0&ct_cookie_present=false&random=1128972622&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIImMGxAg&pscrd=IhMIt5jjl8PvhQMV6IuDBx1ewwCkMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqYfRrBXeqpS8Ix_Qha2apkXZfOqy1qchbnqybw_OPz0uvfecI&random=3880585357&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc_imp.gif
bite.australiarevival.com/tracker/ 43 B
79 B 121ms
120ms Image
image/gif 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bite.australiarevival.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126beac132e8478f959225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d15856a2717071a10acf9f29f674cd084dc522e691efb782601d63cd63492563354209254030c315156c6be6c4b77be26bb25cb43e2916af05365ac097c7a1bdb50ef4ef497d7d63ebb2807ff7ecaa8556d8e0e3143714493d60264f060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7908677a0ddc05afb35cd0e6f2094f79fb6f12a93daf07785715b90ebc33e1e47a3696fa1c51d65e8d8ae7d8603ae44e78149c54acdcd2dcc3b66979120d9778cc0b6a69de5e71b2bf033a4feb875433eae8b27d4f401b95a5944944304da9295c5cdb0843dc767d090b88d35e9737c2481732791db874437d7eb65ba4cf2994e987ca3780d4842da35be0481d0b87085863bc80ee484d9d738aa62143aba0e4674715b70cab764b302849ea723a99961f6863d9e95fff14080b7e1547171d7ee5147d0b94d6708e5ebee35a97a989b22aea464af61ea49e809946088d458a66750e4cadb104b3d266a75481468d19fdd3daf02c0270d2273abd5318d9c7b45bbd996cde869b68aa1fdcca1f4a8122643af02e5f00669f611277db23e1f1e18bc07d60442a8928022cd38a44fc2ad258aae62c13852782d017c119ac5e4d23a7843df5c18fa8086e5f49f0d4193b3bd7f90ca7372ded104792da4fe9a0964f574d052c7598c6ede56849542bce36dbc8994c0cc1270e5e12771c023f7ceeff504966f371f19863b515aa3d72a9df006988b91c948dfc2d62104335bac7ffe53ff17f0d42b843851335d282e27f3509cff6c17fd309eb5e927879e0bd52322eb4823728de2c35448f263a2df63865e645e0ec56f3e88bdca7ad74568c8f64ff88a83bbf916c857473f07ee65670e8e9a675fb935fbfdc32b93daec0e5c60ab6a200b18c61750e485ef181190626dd2978741cac8bbcf5922bc2cba076a56cb52227fd5d00c5d8ad6e3d5e2ae12e13aa56fc924c18f01c6f1f92b37eb805cc39ebeb6c3efd7cd34478cfa2649863c9a098143e2e322b4d2ccd675ae9bd6fefb5a6692e1e7935fd300cd0b4270187acb8e3831dd61ec5ad78a33aa0960903b0ab062c0873507c2040f581dc0e6c43fc69e07766b4d3ed1c1dcbd932c9012b9ac373988fa535059013a313dbc41e6912416bedec2d9f6e2e3f5e8dd22f0f4941e2d7c4364722866588d100c0b8fcce9b631efab3b16edc50ecfdd449b878188caffba778b09cb03b677bddeacded129228d81f7e33a2a5b3f81d6fca56859fecd5b6d1fb67df2752b0cef4ee265d44465cd4b53c59aa7ffd590c5bac235d246c1c22d96b8ffc77dfa92ed2c05cfc19935ac3bad96ca5062d0c472ce992f24b64044bf041d255770acdc7615b309783b34bb718e90ff6f71b61e44126487b1b6ee709d466c6aa0adee&cri=ohUBuAjNia&ts=963&cb=1714672058788
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK e7fe62ce-fc02-403b-83b1-6fad3d060a6f
https://us.norton.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://us.norton.com/e7fe62ce-fc02-403b-83b1-6fad3d060a6f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6471f0b9ad6556620ed186647dae62daac7f7d8cd9e14a7af524db1f50a38c47

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK 2bcb1f45-f873-4840-88a1-a3952d13f1da
https://us.norton.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://us.norton.com/2bcb1f45-f873-4840-88a1-a3952d13f1da
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ff57d5e8dd2a502f0280fc4009e13534ab6105734a9116ef379ddc5e0a1dc2c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H2 200 187010577.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 69ms
69ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187010577.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

22f8b5742f36975c1f0d054e483b4ef14eaab3c472c81558115f431dfee721a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 02 May 2024 17:47:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F7B2BC9DFB38487CB5B7522614CC8BB8 Ref B: FRA31EDGE0810 Ref C: 2024-05-02T17:47:38Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
239 B 103ms
103ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187010577&Ver=2&mid=ee1ed196-231d-40c7-ab27-54fcecd8d453&sid=10402be008ac11ef9b45b57c46d60cb7&vid=1040655008ac11ef82efa35fa7767782&vids=0&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&p=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&r=&lt=2072&evt=pageLoad&sv=1&rn=945788

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 May 2024 17:47:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A9C493CD679A4C578806EA254D26C2FE Ref B: FRA31EDGE0810 Ref C: 2024-05-02T17:47:38Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
239 B 103ms
103ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187010577&Ver=2&mid=ee1ed196-231d-40c7-ab27-54fcecd8d453&sid=10402be008ac11ef9b45b57c46d60cb7&vid=1040655008ac11ef82efa35fa7767782&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack&sw=1600&sh=1200&sc=24&evt=custom&rn=548423

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 02 May 2024 17:47:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 221F9BA90FAE4CDFB5A1B73B26C57EF7 Ref B: FRA31EDGE0810 Ref C: 2024-05-02T17:47:38Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1043330685/ 42 B
64 B 54ms
54ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043330685/?random=1714672058766&cv=11&fst=1714669200000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtq1DVYgGD_JjKVLpK4dOLHYjKl890j8bM9BROUfzwaNtl0z6nK&random=1912178294&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1043330685/ 42 B
64 B 52ms
51ms Image
image/gif 172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043330685/?random=1714672058766&cv=11&fst=1714669200000&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQB7FLtq1DVYgGD_JjKVLpK4dOLHYjKl890j8bM9BROUfzwaNtl0z6nK&random=1912178294&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1043330685/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1630494681&cv=11&fst=1714672058780&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&...
https://www.google.com/pagead/1p-conversion/1043330685/?random=1630494681&cv=11&fst=1714672058780&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&...
https://www.google.de/pagead/1p-conversion/1043330685/?random=1630494681&cv=11&fst=1714672058780&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u...

42 B
64 B

54ms
54ms

Image
image/gif

172.217.16.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1043330685/?random=1630494681&cv=11&fst=1714672058780&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&gtm_ee=1&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIgu3il8PvhQMVw46DBx22gwniMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqmxL_FOdpi8BCnaueJdNXP-zP7rDdYsUg1Tfg1GLd5lX5UBq3&random=657377268&ipr=y

Protocol

Server

172.217.16.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f195.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1043330685/?random=1630494681&cv=11&fst=1714672058780&bg=ffffff&guid=ON&async=1&gtm=45be44t0v878412864za200&gcs=G111&gcd=13t3t3t2t5&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Whaling%20attack%3A%20Definition%20%2B%20tips%20for%20prevention%20-%20Norton&gtm_ee=1&npa=0&pscdl=noapi&auid=26354531.1714672057&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=CNm5sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMIgu3il8PvhQMVw46DBx22gwniMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Fmh0dHBzOi8vdXMubm9ydG9uLmNvbS8&is_vtc=1&cid=CAQSKQB7FLtqmxL_FOdpi8BCnaueJdNXP-zP7rDdYsUg1Tfg1GLd5lX5UBq3&random=657377268&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
108 B 42ms
40ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=1&c=21&i=7rfqy7&p=aemprod&s=15661&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3JmcXk3IiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA9RJodHRwczovL3N5bWFudGVjLnR0Lm9tdHJkYy5uZXQvbTIaALAvbWJveC9qc29uPwoAwD1zeW1fZ2xvYmFsXxAAECYFADBTZXMOAfESPTY2ZTk2NWEwZmVmZTQ0NzRhNDdmMWE4ZTAwMjNhMjRmLQAyUEM9CADxFWFnZT1lZjg1NTkwZmIyNTI0MTk3OWMxOTM2NjE0MzZlNTc4ZSoA8RVSaWQ9NTQ3M2JmNzhiNzdmNGZiMzk0NGQ2MmJlNTc5MTM0YmIpABJWlgFhPTEuOC4zEgBxQ291bnQ9MQwA8QNUaW1lPTE3MTQ2NzkyNTYyNjUXAJFIb3N0PXVzLm43AUEuY29tFwBBVVJMPSYBmSUzQSUyRiUyRiQA8BIlMkZibG9nJTJGZW1lcmdpbmctdGhyZWF0cyUyRndoYWwSAPEaYXR0YWNrJTNGdXRtX2NhbXBhaWduJTNERlkyNSUyNTIwRW1wbG95ZWUNAGBCZW5lZmlBABA2MADxcG1lZGl1bSUzRGVtYWlsJTI2X2hzZW5jJTNEcDJBTnF0ei0tekhNanBEb0xUUU1HMFR5RkQydllvc3hPS05hYU0wR1JzUWpjUU5iNFN5dVF5R2Q1RFd1MXppa2lpWU9kdVN2bzdFYnJWVW1yX0R6TElCa1pJcXF3aENaeTY5dyVwAPEBbWklM0QzMDI2NTA5NjMlMpkAf2NvbnRlbnQaAADxAnNvdXJjZSUzRGhzX2F1dG9tbwIBTwGCUmVmZXJyZXL8AfQTWERvbWFpbj1lbmFibGVkJmJyb3dzZXJIZWlnaHQ9MTIwMBMAhldpZHRoPTE2EgAAxwFRT2Zmc2UpAHgmc2NyZWVuOgACEgAHOQDwC2NvbG9yRGVwdGg9MjQmZGV2aWNlUGl4ZWxSoAAjPTFEACBPcq4DABMA8AduPWxhbmRzY2FwZSZ3ZWJHTFJlbmRlvgDxTEludGVsJTIwSXJpcyUyME9wZW5HTCUyMEVuZ2luZSZQcm9tb2NvZGU9ZGVmYXVsdHdlYiZwcm9maWxlLlRDRz01JnZlbmRvcl90eXBlPW5vbmUmcHJvZ3JhbV8SAOB1bmtub3duJnNpdGVfY70CUnJ5PXVzEAAwc2VjvwMXPaoCA4wBel90aXRsZT14AgI1AFFsYW5ndWsDom4mdHJhZmZpY1-oAbA9ZGlyZWN0JkV4aRsEs2dDdXN0b21lcj1lEQAjX2MSAAEDAzIwTm9SAERzdWJfiwAABAMF4QAfcP4AAfIEY3VycmVudF9zdWJjaGFubmVsPUcAD7sAColvcmlnaW5hbDcABEkBH3ZDAQABYgEPSwECBDYAD1MBAwDMAAAEAANbAQzNA0kmJTIwQQAE-QAHhAEJIAAIbwEEGQA_JTIwegEDBCEAD4IBGAQzADElMjDRAA-NAQYPeAEBBD0AAToAD4ABCgQqAA-IAQIA8wWATUNTRElEPTdHBfENMTE5MkM0Rjg2REEtNjZBRDgyMENFNDFBNEYyN_0D8R5NQ0dWSUQ9NDA3MzAyMTU1ODYxODk2NDMwNTI4NDQ4MjAwNTM4MzEzNTU4OTYyAPEqQUFNQj02RzF5blljTFB1aVF4WVpyc3pfcGtxZkxHOXlNWEJwYjJ6WDVkdkpkWVFKelBYSW1kajB5PgCgTUNHTEg9NiIsIlUD0CI6InhociIsInN0YXJSBwEDBnAyMDU2NTAyQAcyZCI6FwYFFAACIQPiIjoiWEhSX01BTkFHRVJBADB0dXO9B2FsbG93ZWRkB0Bhc29uYwfUXSwiZGF0YVBhdHRlchIAsmxpc3QiOltdLCJpZgDPMzM4MTgyODgzMn0slQf_________oTBlbnOdDCdlbikOBiUPEmHOD_AlL3NlcnZlckNvbXBvbmVudC5waHA_bmFtZXNwYWNlPUJvb3RzdHJhcHBlciZzdGF0aWNKcxAQHj1KAABGDCMvJjQQ8ARlZE9uPUZyaSUyMEFwciUyMDE5BQDyBzY6MzE6MzglMjBHTVQlMjAyMDI0JkN1EL9EPTIxJlBhZ2VJRMgO_zUAgw_AQ09VTlRSWSUzRHVzEACATEFOR1VBR0WnDxBuEQDQVFJBRkZJQ19TT1VSQxcAAmUNABsA9AFQR01fSUQlM0RtaXNzaW5nFAAwVFlQKQAD-w0AFgA6SVBGJwAsSVA4ACpTTiIAqlNVQkNIQU5ORUwYAIpPUklHX1NVQhYAalBJRkNBTRQAWklfU0tVEwA6REVYEQAsSU7BADtJUFYjACtQQxEAHFURABtQpAA6RU5QMwA6U0tUEQAqSVQAAUNub3dfxQxUdW50cnmQAQUYAASHDQSYAQUZAAn2DDolM0QzDzUlMjYqAAdaDTAlM0TpDgkeAAIxDjYlM0QKDgMgAAPsDQJEDCFfY6wTEF8FBDUlM0QOAgBnAAivDgDCAAL8DwNGAA7ADQkTAQBAAA-dDQAJJAAAYBQ0dWN0fAAN6wAHSA8ByADAbmUlMjZpc01vYmlsxhFAZmFscxMAU3ZpZXdDvhIac2IAb2F0aCUzRA0TGSAyNrkBMENvZGIAAjwBAHMTAGsQBRUSDmoFBssNYnNjcmlwdI0NDM4NHjPODUI2NCwiigFQIjoibXV0BUNvbk9iqAUSTEgAAtUNP2xvYdINIo84OTE3ODYxNtINCA89BhMB8wXwGmQ3OWQ3NDhjZWVlNzE1MmIyMWIyMzJiYzUyZDdiZWRmLmpzP2NvbmRpCxKXSWQwPTY0OTE27A4PIQEIHjbvDjc2MjghAc9pbnNlcnRCZWZvcmUbATCvNjc5Nzk2NDc1Oe0OBw8bAXUdNDwCChsBDzwCQgQhAS82MSEBMv0RYjIxZTViYWUwMWY2ZWQzMjA5NjYyMjMyNjVhMzEzYzE8An80OTQwNzY3XgMSDz0CXa80MTQ3MTgxNjg3HAGQDz4CYgUiAQ9fAzP_EDMyY2IzY2YyMTk2ODVhNTRlYzkxOWM2OGJlMmM5NWY-AgBAMjMxM_waA2YTD3oECQ6bBT82MzB6BEevNDg0NzUxMTQ1NT0CMg8bAUoPPAIACRsBD3oEQgUhAR82IQEy_hE1NTY2MzNhZDIyM2JmYzZiZjUxYjg0NWM3M2Q0MjEwNHoETzczOTE8AicvNDE8AkiPNzg3Nzk3MzjRBzMPGwFKDzwCAAkbAQ88AkMEIQEfMzwCMv4RNGM2ZmQwMmY3NWQ3ZWI2ZDZjZDE0M2M4YWNmMTljMjc8Anc5NTU3OTUmBwl_MT00OTM3OFIChY84NzU3NDY0OOcHMw8xAWAPaAJjBDcBD4kDMzA2ZTKEAVA0ZDQ1Y50g_gA4Yzg3YzhiN2VmOTMwMzhaC1ExNzkwMskhD-EGIwmKAw9bCzyfMzM2ODU4ODA2wAUzDxwBSw8-AmIFIgEPQAoIBf8iYWRlbWRlePwiACkj_wE1Lmh0bWw_ZF9uc2lkPTAjCSIIBjwLU2lmcmFtNw0Kmg4-NDc4XgwnNzfDBgATFGBuZENoaWyDDgAbFAFoHA-TDiV_MjE1NDkwOf4ICQ_7AFUvOTn7AAwPowZCEzMCAR83HwMI8AJjZG4ucXVhbnR1bW1ldHJpY_wjIi9xxgojcy8bABItpBA2Lmpz6gECIwACIQ8K6gE9NjI37wA3OTM56gEPCAQ8nzI2NDM5MDA5OVsGCA_pAEMO0wIK6QAP2AFCBe8ADxMGCLAwMjE3OTkxNi5ha0kDRi5pby-7AQ8KIAM9NzAxuAE4NzAxGxEPCiA-rzQ0Mjc1NjY3MjRGCQcPywAjDZoBD8sAVg9uDQjwAmQuaW1wYWN0cmFkaXVzLWV2HxnxF2NvbS9BMjQ3NDUyLTE2ZWEtNDZhMS1iZjNlLTBkOWU0NTE4ZmY5uRAGwwEPfgMHLTk1bQQ_NzE0Zw5InzM2NzI2ODY5OQoLCA_5AFIdN9oTC_kAD44DQgL_AD83MDBmBQz_AXBkc3QuZm0vcGluZy5taW5NBRQQOb0VImVuOSOvNDY3MjA1NzE0Mk0FR681ODE1NDE3OTU4kwMHAE0FD9AAJQ-mAQII0AAPpgFCBNYADysKCQApBaBpYy5hZHMtdHdpwiQBDQc_dXd0rAEWHDD5Bj83MTT5BkivMzA1NzI4Njk0MKwBBw_WAC8PsgECCNYAD7IBQgTcAB815gYIsnRyLm91dGJyYWluqwFhbmlmaWVk2CqBP29wdE91dD3BGfYKJmJ1c3Q9MDc1ODUxOTA4OTAwODQwMjEmcpIr8B5hcmtldGVySWQ9MDAxZjk2MWJkOWIwNTFhMjgxOGI0MDU4MzUzZmRhOTJiZibKGt89UEFHRV9WSUVXJmRsXx7_NaYmZz0wJm9iQXBpxy5kMSZvYnRwEABXMi4wLjUIB3FlbmRCZWFj7C8M3Cg9NzE1cxUCFAAFDhuvU0VOREJFQUNPTuMoPI84MTM3NzA5OA4ICHphbXBsaWZ5wwIwY3Av7wAPcgQWD_QGAAABCAXhAA9rCzyfNTYwNjc5OTUzbxcID9gAMQ90BAEJ2AAPdARCBN4AHzTeAAgDCw1Bb3c1YSsPd3h1ci80NDCUAg9fCwQ-MTY2HgYAFAAFrAEPXws-UDMwNTgw4BoPXwsID9AAvfEVdXMtY2VudHJhbDEtYWRhcHRpdmUtZ3Jvd3RoLmNsb3VkZnVuQzARc78BAMcIAokLIHMtLCBWLXNpbmtgBAM_NA_nDgA_NzE37gcAABQABdABf1JFUVVFU1RaBDyPMDgyNTY3MzPUAQgPBAE7X2ZldGNoAgEjX0ZFVENIAAFfM3NjLfcIAMk1InNjaQ0PdQsZHjWrAwmsEg9XBTwQNEMwEDMHMA_JCQgP1QAtD1QFAQnVAA9UBUIF2wAPVAUIUGJhdC5iGA0ADA8RYZ4D8AYvMD90aT01NDQxNjExJlZlcj0yJm2IFPAVMTc0ODU4Mi02MzFkLTQyMDctYWZjMi1lYTgyMDJiODRlYjEmsRTwFjEwNDAyYmUwMDhhYzExZWY5YjQ1YjU3YzQ2ZDYwY2I3JnZpZD0lADU2NTUlAPABODJlZmEzNWZhNzc2Nzc4MiUAEHM7N_ISc2Nsa2lkPU4mcGk9OTE4NjM5ODMxJmxnPWRlLURFJnN3nzUic2i5NSBzY2Y1QnRsPVcGNzQlMjAIN5FBJTIwRGVmaW69ImAlMjAlMkIdMyBpcE01IGZv2ighcHKyAqJpb24lMjAtJTIwzzgvJnBnCv829hdyPSZsdD0yMDcyJmV2dD1wYWdlTG9hZCZzdj0xJnJuPTc3ODk1NAcGP2ltZwEFAh84YAoAABQABQMG8gdIVE1MSW1hZ2VfU0VUQVRUUklCVVRFTAACciUfYUczJp82MzQzMzI5NzZaAxUAZwMPwxUTLjk1QBMoMTgLFB9pJiU7AOYSXzcwMDAyyg4IAL8ABSYEAA0AD8wAFA_4BAEJzAAP-ARDwDUxODcwMDAzNH1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 02 May 2024 17:47:37 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
108 B 44ms
42ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=2&c=21&i=7rfqy7&p=aemprod&s=15674&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3JmcXk3IiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA90ZodHRwczovL3dlYnNkay5hcHBzZmx5ZXIuY29tLz9zdD1iYW5uZXJzJiIsInR5cGUiOiJzY3JpcHQiLCJzdGFydCI6MTcxNDY3MjA1Njk2MiwiZW5kFACwNzE5MCwic291cmM8AMJpbnNlcnRCZWZvcmVCAKF0dXMiOiJsb2FkqQBAYXNvbqgA1F0sImRhdGFQYXR0ZXISAMFsaXN0IjpbXSwiaWRkAM82MjI1NzEwNDA1fSzaAEsfN9oADTFtdXRUAa9PYnNlcnZlckNM4AA4HzHgAAixdHIuc25hcGNoYXS1AfBMY20vaT9waWQ9MDhiZWY0OWItNGI2Zi00NzRlLTk1OGItNWEwYmU3YTAyMjdlJnVfc2NzaWQ9ZjYwYTFiODQtZWVhZS00ZjE4LTljZDgtNmZhOTBjZDYyYzgyJi0A9hlsaWQ9MjU3MzNlMTctY2Y4Yi00Mjc1LTkyYmUtODQ3ZjJhOTk5N2Q1MAJTaWZyYW3uAQkwAj83MTlWAQEXMjAC-AhIVE1MSUZSQU1FX1NFVEFUVFJJQlVURVsBb2FsbG93ZT4CIa8zMzM5NzgwMDI0PgIH8QhzcGlkZXIuYXVzdHJhbGlhcmV2aXZhbGoB9hZpLzhkMDhiMWNmMTJiNmRlZGQ0NmM2ODBiN2QxZWNhOTExLmpzCAEPOAMJEDO_AwLUAhE0TANHNzIzMwgBoGFwcGVuZENoaWzpAD9zdGE3AyqfMzE1ODMzOTQw-QBuD1cDAAr5AA9XA0IEAAEvMTP5AQehd3d3Lmdvb2dsZewB8BBwYWdlYWQvbGFuZGluZz9nY3M9RzExMSZnY2Q9MTN0AgD1AzJ0NSZybmQ9MTQzMTI5ODcxLhoFYTcmdXJsPWwF0SUzQSUyRiUyRnVzLm6hBQBgAPASJTJGYmxvZyUyRmVtZXJnaW5nLXRocmVhdHMlMkZ3aGFsEgDwBmF0dGFjayZkbWFfY3BzPXN5cGhhbQ8A8Bk9MSZucGE9MCZndG09NDVmZTQ0dDB2OTE3MDg5MTk4NnphMjAwJmF1uwNoNjM1NDUznAAHogJxZW5kQmVhYzUGDN4FTTczNjWmAgEUAAXeBf8DU0VOREJFQUNPTl9NQU5BR0VSqQMzrzU1OTA5ODY3OTCwARGDdGFnbWFuYWfFBvcGZ3RhZy9qcz9pZD1EQy04MTM2NDg39AAPzgYHLzQ48AAAFziWAw_OBjyfNDkzNDU4MDkylwISD-cANg-EAwAoMzbnAA-EA0IE7QAvNDfUASvfQVctMTA2OTkyNzk1NNcBEi02MdcBPzQxNdcBR582MTc2OTYzODO-AiwP6gAfD9oBAArqAA_aAUIE8AAvNDHaAQeAYmF0LmJpbmf8BDAvYWONCvAGLzA_dGk9NTQ0MTYxMSZWZXI9MiZtxwjwFTE3NDg1ODItNjMxZC00MjA3LWFmYzItZWE4MjAyYjg0ZWIxJsMIAAgK8BIyYmUwMDhhYzExZWY5YjQ1YjU3YzQ2ZDYwY2I3JnZpZD0lADU2NTUlAPABODJlZmEzNWZhNzc2Nzc4MiUA8CFzPTEmbXNjbGtpZD1OJnBpPTkxODYzOTgzMSZsZz1kZS1ERSZzdz0xNjAwJnNoPTFdBaJzYz0yNCZ0bD1XrQUyJTIwrwUB8AVwMERlZmluaecA8w0lMjAlMkIlMjB0aXBzJTIwZm9yJTIwcHJldmVuIABCLSUyMLwLLyZwNQY08RQlM0Z1dG1fY2FtcGFpZ24lM0RGWTI1JTI1MjBFbXBsb3llZQ0AYEJlbmVmaXYGEDYwAPFwbWVkaXVtJTNEZW1haWwlMjZfaHNlbmMlM0RwMkFOcXR6LS16SE1qcERvTFRRTUcwVHlGRDJ2WW9zeE9LTmFhTTBHUnNRamNRTmI0U3l1UXlHZDVEV3UxemlraWlZT2R1U3ZvN0ViclZVbXJfRHpMSUJrWklxcXdoQ1p5Njl3JXAA8QFtaSUzRDMwMjY1MDk2MyUymQB_Y29udGVudBoAAAKNBrElM0Roc19hdXRvbZYL8AEmcj0mbHQ9MjA3MiZldnQ9zwf5AUxvYWQmc3Y9MSZybj03NzhABDJpbWe8BguyCh44qgk3NDQ5PQQMUwMSQUcAArAJX2Vycm9y6AwhnzM0MzMyOTc2OVMDBw8IDLwZODgODwALPA_5CxAPTwGqDqUCCk8BDKUCD60OMgVPDQ-tDhgXcLIHD30KCj04OTS2BwEUAALwAz8iOiJ9CkWfNDA5MTUzNTY3qQgMYHJlZGRpdJsNImlj1wZjZHMvY29uIhLwAnMtY29uZmlnL3YxL3BpeGVsHAAAEAD2BnQyX2N4ejBzNHFhX3RlbGVtZXRyeRcBIHhoMQQNjQsuOTDkAQEUAAUQAT9YSFKGCzuvMzY0MjI4MDE2MoUEBwA2DQ8JAf8MAfwBDxgQFh029QIvOTCrCkggNTIgDT83MjYZEAgP4wEGD9oAGg-bCgAK2gAPowRCBOAAHzeLCwgATRNhLmxpY2RuxgP_DWxpLmxtcy1hbmFseXRpY3MvaW5zaWdodC5taW7HARYeN8cBGDEXFQ_fBjufNDA3MTAyMTY1xgEID-YAQA_TAQEJ5gAP0wFCBe0ADxsJCfAHLmNvL2kvYWRzY3Q_YmNpPTMmZWNpPQsK8R1lbnRfaWQ9ZDVhYWZmNmQtMzJlNS00MDE1LWI2YjQtNWFlYmRhZWNjNDFjJqMLUHM9JTVCAwAgMjJFCvADdmlldyUyMiUyQyU3QiU3RCU1AwBxJmludGVncnsK0D1hZHZlcnRpc2VyJnBsADBUd2nVFnAmcF91c2VyEgBAMCZwbAgA8B0zNWFiZDhkNS0yZTI2LTQ3NjEtYTc5My1iNzA4YzZmN2RhNmYmdHdfZG9jdecXX19ocmVmIgz_NjJ0d1-qFhBfxAdAdXM9MGsB4m9yZGVyX3F1YW50aXR5FACwc2FsZV9hbW91bnQRACB4brwBYG51emlwJiMZUj1qYXZh7RUTJv0HED0LGhAzHhoAIQA_IjoiXwwFD3MSACg5MyoED0QDQp81OTYwNzE2MjfaBwgFAQUiLnTAAgEeBQ9VA___qR8xtA8IDw8NMq80NTI3MDc4Njk4LwsHD1UDIP8VNDRiODA3NmMtZjNhYy00Yjk4LWFmNTItZjMwOTk5MjE4NmQ4qgb__w1fbzVmdW2qBkMPVQNOrzUyMTkzMzM3MzZVAwcABx8P7gkLD0QD___tnzY2NTI5NzEzMQUPCAAHEPEINDg3LmZscy5kb3VibGVjbGljay5uZXSvGaN2aXR5aTtzcmM9KgAQO9kK8Rg9bHA7Y2F0PXVuaXZlMDtvcmQ9MTtudW09MzM2ODcwNDkyMzc2NDusHhA7jx5OZGM9MpEe8Bw7dTEwPXVua25vd247dTExPW1pc3Npbmc7dTE0PWRpcmVjdDt1MTY9dW5kVxlYZWQ7dTMNABc5DQDPcHNjZGw9bm9hcGk7Hh8JFDvSHxo70h8aO24fAA8AYD0xO2VwdqAaPzt-b4EN_zgWP_QUAogNAjkZCoAZEDNsGRplYiY3OTM0zAkfaWImO580NDgwODIyNjCUHwgDAwMPLQP__4EfNngUAAktAw9OEEIEMwMfMgAgCA8zAysAKyUTcGAGzzIzNjQxNTA3NTE2MFoGHQ9OBgQPNAb_vh41OxwPNAZKjzM2MzIwODMwXykJDwED__9cDwgGYwQHAx8xOR8ICQgmEXBbDDNvbi8FJg9fGxNONzE3OV8bGDU1Fw9fGzufNTcwNDAwODU3XxsID9gAMg9sJAAZOdgAD78HQgXfAA-4FAhScy55aW29JyR3ackggTExNTQ4LmpzPiwADw4_IjoiviAFLzUyswEACPkvH1i-ID1BNjIxNLcBD8kLCA_XANI_eXRjWQMTLzY5OAQBALoBBWQiD20NPI81NDI3NzYzNwEtCQqkAQ_NABgPnx4BCc0AD04DQwTTAA9OAwgAUiHRcGF5cGFsb2JqZWN0c1sbUG11c2UvBQAPrgETAP8sD1QDABc2Gw8PBwUEW2Jsb2NrQTNhIldoaXRlcDUPijUJCicAA5U1nzQwMDU1MzE4MZIfCA_zADUOoi8oOTWOKQ_zAFwPuQIJBvMAAd8BBr8v9gIvcHB0bS5qcz90PXhvJmlkPRcyBhMRAlAeDxMRAC82OZcxACg5Nv8GD6YDPI80MTkzMTkyNjc1CQ_tAEYPxgMBCe0AD8YDQgTzAB8z0w4I_wN0YWcud2tuZC5haS8yMDA0L2m5AxMgNjltMQzUEhg2DQcPxgIEDzU5JJ80ODYyMzE4MjOYCQgPzQAnD6EBAgjNAA-hAUMD1AAPdDAJcWEucXVvcmF-AxJxzCMPogEqD3YUSH82MDE1ODYwCQcKD88AKA-kAQIIzwAPpAFC0DYwMTU4NjA3Mjd9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 02 May 2024 17:47:37 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
108 B 81ms
79ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=3&c=21&i=7rfqy7&p=aemprod&s=15588&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3JmcXk3IiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8CdodHRwczovL3MucGluaW1nLmNvbS9jdC9jb3JlLmpzIiwidHlwZSI6InNjcmlwdCIsInN0YXKPAMA3MTQ2NzIwNTY5NzF9AERkIjoxFACwNzk4MCwic291cmM8AMJpbnNlcnRCZWZvcmVCAKF0dXMiOiJsb2FknwBAYXNvbp4A1F0sImRhdGFQYXR0ZXISALJsaXN0IjpbXSwiaWQAzzUzODA1MTQ2MDF9LNAAQh8z0AAMMW11dEABr09ic2VydmVyQ0zWADkfM9YAB_8rdGFnLnNpbXBsaS5maS9zaWZpdGFnL2FlOGYxYTkwLTdhMGMtMDEzOS00MDgzLTA2YWJjMTRjMGJjNskBM6BhcHBlbmRDaGlsuAE_c3RhyAEqnzM5Nzg2ODE1NMgBCA_yAE0P6wFiBfkAD-sBCPEBYW5hbHl0aWNzLnRpa3Rva5kD_yhpMThuL3BpeGVsL2V2ZW50cy5qcz9zZGtpZD1DNEpTQVJKUjJRM09HMEpBRVRGMCZsaWI9dHRx_QESLzY49gIAHzLGA0evNDU1MDE1ODg0MvACBw8FAV4vNzIFAQwP-wNCBQsBHzYLAQfhY29uZmlncy5rbm90Y2gOAvYYdjIvNjhjN2Q0NmQtNGY1My00OTZmLTk5YmEtZWMxN2FiMmMxZjZj_gEyeGhyqQQJwQVMODExNvYARzgxMTf7AbJYSFJfTUFOQUdFUkEAAvgDYGFsbG93ZQsEL3JlwwUbrzY1MDAyNzg1MzTyAGQfN_IAZh818gAHM3d3d-ABQS1jZG7kARBr4QVwbGF0ZXN0LwwAQC5taW71A1BhY2NvdVMIHz0DAhsPxwcILzY5FAEMD_4FO680MDc3MDc5NzQwEQGFDg0ECxcDDw0EQwQYAQ8dBgjxHWluc2lnaHQuYWRzcnZyLm9yZy90cmFjay91cD9hZHY9OWU1YjNicyZyZWY94gnRJTNBJTJGJTJGdXMubhcKAF4C8BIlMkZibG9nJTJGZW1lcmdpbmctdGhyZWF0cyUyRndoYWwSAPEaYXR0YWNrJTNGdXRtX2NhbXBhaWduJTNERlkyNSUyNTIwRW1wbG95ZWUNAGBCZW5lZmlBABA2MADxcG1lZGl1bSUzRGVtYWlsJTI2X2hzZW5jJTNEcDJBTnF0ei0tekhNanBEb0xUUU1HMFR5RkQydllvc3hPS05hYU0wR1JzUWpjUU5iNFN5dVF5R2Q1RFd1MXppa2lpWU9kdVN2bzdFYnJWVW1yX0R6TElCa1pJcXF3aENaeTY5dyVwAPEBbWklM0QzMDI2NTA5NjMlMpkAf2NvbnRlbnQaAAACtgqxJTNEaHNfYXV0b23rCfEGJnVwaWQ9amlycm16bSZ1cHY9MS4x8AsDIAtTaWZyYW3eCgtfBS4yMFkDABQAAmoA_wsiOiJIVE1MSUZSQU1FX1NFVEFUVFJJQlVURWsFNJ8wNTk3NDkxNzhoAwcoanNLAjB1cF-aCzFlci7kAA8HDBYNPAcpODHnAA8HDDyfMjcxMzkzNjM5KQMID9kAMw0lCgvZAA8IBEIF3wAPIwcIAB4LkGhhdmFzZWRnZdIDny9qcy9ldnRuY7UBFg28DUc4MTI2-wcP9QU7nzYwNjI2OTYyNbQBCA_VADAPsQEBCNUAD7EBQgXcAA_iBwjwInpuN25ndmg0OHNpZHJvOTI2LWdlbmRpZ2l0YWwuc2l0ZWludGVyY2VwdC5xdWFsdHIBDACTD_AKU0lFLz9RX1pJRD1aTl83TkdWSDQ4c0lEUkUABuIJD98HCB83hgQAGDPgCw_qATsgNTLbCz8zMDMOAYQPIwIACQ4BDyMCQgUVAQ-MBQg3YnV5owf1EC9yZWRpcmVjdG9yL3Nlbz9jYWxsYmFjaz1jYXJ0Rm5yEU82OTk5BwISHznmCQAnMzPxAw_5AEKfMzg0ODg3OTIz-QAI9Q5jb25uZWN0LmZhY2Vib29rLm5ldC9lbl9VUy9mYu8OD-UAED83MDDlAAAvNDXlAE2fMjc5Nzk4Mzc20BAIhnJlZ2lvbjEu2g5SZ29vZ2y9BfQwZy9jb2xsZWN0P3Y9MiZ0aWQ9Ry1GRzNNMkVUM0VEJmd0bT00NWplNDR0MHY4ODA3NDg0NDR6YTIwMCZfcD0xfhPwBDY5NDgmX2dhej0xJmdjcz1HMTEJAFBkPTEzdAIA8AkydDUmbnBhPTAmZG1hX2Nwcz1zeXBoYW0PAPUCPTEmY2lkPTYxMDkwNzc1Ny5iAjA4JmUaAPAOMTU3NDc1OTY2NiZ1bD1kZS1kZSZzcj0xNjAweDGKAPEQaXI9MSZ1YWE9eDg2JnVhYj02NCZ1YWZ2bD1DaHJvbQ8K8QRCMTI0LjAuNjM2Ny4xMTglN0NHBgEBQwoBJwA-ZSUzJQDwAU5vdC1BLkJyYW5kJTNCOTlyFYEuMCZ1YW1iPQcAsD0mdWFwPVdpbjMyCgBAdj0xMCQA9hMmdWF3PTAmcHNjZGw9bm9hcGkmX2V1PUVBJl9zPTEmc2lkPQFQOCZzY3QVACBlZyEBH2xAC_82QmR0PVdSDDQlMjBUDKBBJTIwRGVmaW5pjxbxCSUyMCUyQiUyMHRpcHMlMjBmb3IlMjBwcvwDomlvbiUyMC0lMjDXFvAJJmVuPXBhZ2VfdmlldyZfZnY9MSZfbnNpBwAQc9YB519lZT0xJnRmZD0zMjY0NwRxZW5kQmVhYxoXDM0WPzgxOScHAAAUAAWtC69TRU5EQkVBQ09OExE7nzQzMDkyNTM3NTEHCAByFeJzLmcuZG91YmxlY2xpYyYFH2c5BAsAuAMP0gMCD1IECVNhaXA9MRMECygED1UECg9qARcPewoAJzkxpQUPagFFnzUwNDc2NzU1NnoUCACLEQKaBaF0YWdtYW5hZ2VyYQsQZ5ERPGpzP50FIGw9uhiXTGF5ZXImY3g9dhMPlAkGPzczM6gGABg5jQcPMw08nzM1MzcxMzU1OHQRDA_6AE8fNoETAAn6AA-HCEMCAAEvNjCHCAgP-gEdB_ACDyMbBQ-RCAMAigkFVgQP7wBEjzUzMDQzNzc3-w8HAusBL2FkVwQBAGAFMGFkL2IFo3Rocm91Z2hjb27yHNAvMTA2OTkyNzk1NC8_kgcmb21FB-s3MzkwJmN2PTExJmZzdBgAQWJnPWYBAOAmZ3VpZD1PTiZhc3luY60IAeEIEmLhCKI5MTY2NjEwNDEz4ghHZ2NkPcEIC5MEMGRtYXcIIV93ighRJnVfaD2OCC91csIH_zc2aG49HAMgYWT7HEBpY2VzFgW_JmZybT0wJnRpYmHmBzwCqAoIugkQYTUChjI2MzU0NTMxnwqQNyZmZHI9UUEmhwURPTMIMCUzRK4FEi47GYAmcmZtdD0zJgYACA8ID7UDBj00MDW4EzcyMDShBg8yDzufNjY4ODI4MjkyrgP___8mHjHSEQquAw9jB0IEtQMP5xIJD2MHQz80MDhjBwIAGAAPYwf__1sGEwpQJTNCdTE5GwBUJg9yHD4vNUN1HBwBMQALeBwBFAAPexxaAXIAD34cBQ8dAAICFAwRJRwACYQcAGABQTIlM0S0HXwzQnUzJTNEph3fQnU0JTNEbWlzc2luZ_MIHx4xxBsQMgcJApQAAK4oDwImPH8yNTQ1OTA29BAIDz4F_____50PgwoBD3caTiMzOUUFDz4oCAa5Dw_PFAfvQVctMTA0MzMzMDY4NSbQFCIeNkkoKDI0SSgP0BQ8nzUzNjY5ODU4MEAGCA_7AFUO0RQK-wAPfwxCBQEBD_wBCbJhdmUub3V0YnJhaVUo8gJtdFdhdmVzQnVuZGxlci9oYQgA_xMwMDFmOTYxYmQ5YjA1MWEyODE4YjQwNTgzNTNmZGE5MmJm7BQRLjE11RY3MjQ4NxEPCgFDjzc2MTM1ODIy2xUMQW9qcnFaHqFwLz9yZXR1cm498hxxNDQwNSZ0cIoUhm5vJmF1dGg97wAyaW1njiUJ2yU_Nzg49gEAGDX7MA8jEjyPNDEyMDkzMzIUJAgA8AIP5QA8DRouKTgy5QAP0QFCFDbsAA_cAwiwdHIuc25hcGNoYXSHFBIv6hMQLzEj8BQwOGJlZjQ5Yi00YjZmLTQ3NGUtOTU4Yi01YTBiZTdhMDIyN-Ey9gU_dj0zLjE2LjAtMjQwNDI0MjAwM_cBD7sZBxAxqhoiZW6RMgIJMzg4MjW-Gg_rBDyfMzA1MjgyMDMzXSAIDw8BaQ_7BgAJDwEPJAJCBRUBD08mCRpy_QRwY2FjaGVkQzwd70lkP21hcmtldGVySWQ9_wQ1Dy4DAQgEBw8TBDufMzMyMDQyMjg5-AQIH3QDAV0PAgYAGDUDAQ8NAkMECgEfOe4aB2BhcHAubGU3LRF4MQTxGHZpc2l0b3IucGhwP2FjY3RUYWc9Y3NpeXJrNDI1MDImdHo9LTEyMEktLyZ1DCL_Ng8LIj3xA2xjPW51bGwmYW5vbj0wJnZpbhAABsgFD_kyBC8yNawDAQirCA_5Mj6fMjkwMjk0MjU5xwUID6UC__9xwDkwMjk0MjU5MX1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:39 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 02 May 2024 17:47:38 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 41ms
41ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2010787619164716&ev=CHEQ&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&rl=&if=false&ts=1714672058973&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmensighten&ec=2&o=4125&fbp=fb.1.1714672058267.1461888165&ler=empty&cdl=API_unavailable&it=1714672058143&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4368, tp=10, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 17:47:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 42ms
41ms Image
text/plain 157.240.252.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2053905694837980&ev=CHEQ&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&rl=&if=false&ts=1714672058974&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmensighten&ec=0&o=4126&fbp=fb.1.1714672058267.1461888165&ler=empty&cdl=API_unavailable&it=1714672058143&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4640, tp=11, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 02 May 2024 17:47:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 norton Show response
ingest.quantummetric.com/horizon/ Frame A6FA 0
142 B 194ms
193ms XHR
application/json 35.239.153.217
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.239.153.217 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

217.153.239.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://us.norton.com
date: Thu, 02 May 2024 17:47:39 GMT
strict-transport-security: max-age=31536000
access-control-allow-credentials: true
content-length: 0
content-type: application/json

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
281 B 140ms
140ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://us.norton.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:38 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: FA4FD847597E4F66B4620FF80D096F77 Ref B: DUS30EDGE0920 Ref C: 2024-05-02T17:47:39Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
access-control-allow-origin: https://us.norton.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYXfDL+KjWSVBS9/Q/9eA==

GET
H2 200 c Show response
ids.cdnwidget.com/ 61 B
231 B 335ms
241ms XHR
application/json 2600:1901:0:56e0::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=036233215&GCS2=MTcyLjE3LjAuMjIsMTAuNC4xNzcuMjQxLGZkYmY6MWQzNzpiYmUwOjo3NToxOjpmMSxmZGJmOjFkMzc6YmJlMDo6NzU6MTo6ZjE=&pe=false&wsid=2004&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A2004%2C%22loadID%22%3A%22jH1cF6fQWbis88h%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A1%2C%22IDStageStart%22%3A1%2C%22netComplete%22%3A133%2C%22obsReqpage%22%3A566%2C%22obsReqdata%22%3A569%2C%22obsReqview%22%3A663%2C%22IDStagePrefire%22%3A663%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A2%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%228661204614664747757%22%2C%22visitid%22%3A%221714672058807343%22%7D
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:56e0:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:39 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
40 B 135ms
134ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Thu, 02 May 2024 17:47:39 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
16 B 182ms
182ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Thu, 02 May 2024 17:47:39 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 245ms
154ms Image
image/png 34.102.193.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=forbidden%253A%2520disallowed%2520country%252C%2520country%2520code%2520is%2520DE&cookieID=&deviceID=&BXWID=2004&warpspeed=2%5EHIykD&loadID=jH1cF6fQWbis88h&version=1.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:40 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 4 KB
2 KB 225ms
115ms Script
text/javascript 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=3699&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHZ8AWANkICYAGM66ygZk2AC8QoBafGzAdwCmAIxypgAgPqoAJlBrUSmAE4CcIADZw0GAnWoAPHvWUCYApSqVRsAQ3XrUCAOYS4S9VAAWwYAAccAKSMAIIBlABiYeFwOAB0CCBKoAixSCAAtlFC6iBOUQLp5k6OTpzAnio2wIERfJ52JZxVwDZIANZB0cDpEkg26b42qE4IQQAi4QCalACsYTM0AKIDOQCeAgLzNABCAgimYjVkWj2F0qhwmYxjBUPqYWQSnjh7SOO+lMEAcgCObJycVgACQAsmBfGMQAAZAAqEBBAHFqDDVuExpQAG6TEA4fQAeQA0l8bDYQdQEQAlHAQMBICBfIQkADKqzgEFWCOkMzGAHU4PhWKg2qhUJM8dI4EyMSBCIshEoAGoAVXSSgkY1YUIAkts2gAtLU-H51ADCetWZAAnHwHk8cOlUONGAwyDNqJayIwHidehhxAhgE6XW6PV7KMduhI1G4kJtrs8JDYtBkqugsBjUKJgL6QMKBFAAoRtmFKOpfCWgqFKJRvH4ajMQltIrMIjF4olkqkMk3srkmwUio1ypVqk26g1nE0fK0OrNGF0en0BkMRvNrlNZlsFtRlr41hstzs9gdRy2I6cBOdLmubuk7ltHs9XjePt8-qwAcCwRDoXDEcjUXRLEcXxIkSTJSlqVpelGRZNkOS5Xl+UFYVRXFSVpVleVlVVdVNR1fVDWNTwzQta0HztB0b2dcMQ09B8fTSAM9kDOcxho113Xos8fWjJRYxvBMk1AO9tFGaswhNEslArRsJIkwgxmwEBc1QfNC2LatzmkWSq0oAAOMgyCMchSCMkhCAswgZkICtKCk6sMx0iSQiIMyqGoGZ9P06hCEYEgwwczFdI0ktzhwNJEGzfoQCi3TqEkks+NjCRgFWXxNhc4IYDsF5Eq0mxVhwVKQAkAR9F8VAlFTDBdJy9Q8vsktHDSB1nAkXwlBAaQozgIQJHUPYnHKOrcsyoKxAKYrHF6Gwkni-LKD6easvqxqgukARNH0SRwsigMFqa6sYCqnBs2W7NJsyVaxsWk6lDO2akikcQehO-RRoa8aSwEDFzAG3InEvKRxMoSs1u+6tOu6uAUAkFRWsKBBpBq0HKwSo7KBsGATocKpJDSjLPvWktsdx1B8dS9LJCB-ZqvuG6vsWtJ5RsZGSg6ubgDp4nIaxnHUDx8Qyr+g7GZJ6sycFinhcGar0mKsA2d5xapaFgnqvaEoVcxnInCBnqZpkFjUBOy8daCtWZckOX+mKlnqvZ5wQvkhsF1m5dhnEhsJmmOYW23Xd90yhZt12fYTtPBZzwkM4Lmun3bkFiin2QF9Pl+f5AVBcFIVheEkRRNFMWxXFCWJUlySpGk6QZZlWXZTluT5AUhRFMUJSlGU5UVFU1Q1bVdQNI1TXNK0bTPSjHTYji6LDaPGL9FjqODLj5-DXjYv4kP42K4SU20OzLYF9XOfl+2QFZp2XDgXwUfEF2wZ4yMl0GL2bw3f3Q6WFYQHWEOWzUHDieesG9Ixx2vGxJODNo52mfGxV8mcPzZ2-HnP8hdAIlxAuXcCVcoK11gg3BCzdkJtzQp3TCPccL93wkPIio8yIT1gc8KiM9V6hgYi-JeYsfazzXpwnoyUd5jCEsmUS6Aj4lguh1TQ9MxCrEfldSRx0qqSCtpTDAAlxZ82kS8ViYMQgQ2ZlzCQfwFFZQxkFaRGI7BwEygY4IliSy3ycNVTaPUQA43+jYGxgsbDZHseDW6mN-Fs2kBgJG2ZBhAwtiWBAPiJCbQzClFqXMVaKUWtIJw4RTrAChCAGwzkHHACUHYwsSkbEPQANp9GRqseGM4JAZlEAEgAurAMamBKk4BqZ4AQ7RYqXVejgdpEMulzR6UgPpAytBRnEL4UZnTulVL2rFAMiZ0hrOAO06g4zqlTKqBIIQIB9AdRUC8AMiyvp7J6S8HAogMCx26nYM5qgWJXJeDcqpjyVAZgEHwCQiRNpqjOgIBZHTrnLJsQ4HqkVfAYA+QIL5SAkASAQJcIQ-0WLmEvIir5LwkBuHkb6TaZVmIqGkHi5ZBKMA9U6gUeOvQHDtFxRCz51Kt4pUJgIKlEyVmFWKqAMqFUqqo15dUlqGQObQx6jgPqA0hrlHFT0q600EBPW2VAXZyy9YGxBsqmpqL9640GpStlSLlkXQNZtbau1Mz7U1dqvlNLkZzLCXNWFzK2isrGdS-ptLElbTgDtJlqAWVmt9Xy+6j1pFXQNdG86JiroSHega36-1dXA0cAamVsNswIwyEje+aYdlfPUcLblBry0E2phIWm5g7AGodmE6VXM6YGuqoLRM0gPHqvpRczVkbqnVpFu881ZaT7WzPnbCQSsEAGqEDYUQqLOphp5dYalLRkYerOWu9pXybXBptkoPdG6+X0odJcXdsZ93LMXcu1w7h2m1n8JWAA9G+tsCQkgYC7OkRAm0Tr7GkPirdKMlA9TcOoZ9PhX0hA-V+jsv7WoAYOMBg9QaQ1QZg3Wd9n64jfs7Ch5GaHLxfIvYy7DXhYOBHg-h9sP6UjEcA44MjyzUBCFOdEmtGUDUca4zYIGA1CqDNvXy-jIM5kgHaO0-AXzyqZjQO1QlZ0MjmCrZOymJSZwlCbRgNQg0oycvXecBGwAvmZsNuq42AZTZqQjUsvl0KZCJJTNmqAJS7ETvJpTW2CtfRX3OM4dpa53avxXN7dcftDw7l-v-GLwDI6gJjhAhO1xoEpwuW8BBGd3yfhzj+fO-4i5AVLqBCuEFq7QTrnBRuiEW4oXbuhLuWFe64QHgRYexFSLj0y6w3h7DuILy4cxHh1w+EcOfoI4zgk95iJqt56Wvm5ozubdfVwd98Yhamx7N+q42Kfxi0HP+B4A5HgjocARsdLzxxvBlyeqdss+0QXllBudfwFwAsXYCZcwKV0gjXGC9d4JNyQq3VCHcMLd2wn3PCg9CIjxImPciD37TTwG7RfhO2mL+lYhjzik3hvTZjMI0RIkFuWpMXuNwDQ0rtKul8+6ajNPC00euodkyTF6KbSYsxpbKfPWhXY-n56up0pPTe8dyyZVov6Ozxz+z6jdGeeoRMKBUB-TTXeLtqmKULrWbGU5qABjnIefOqXovcjyykA5yFfLoFSYpU0ygPPno5EKT6hXPSYgc0vEJ+UIA+AvCUAalxbjgaeLMGqHxdx-GDRzWLvNsvCgu4t8OxdyMIksU5kDA1CQbGhpNmar5+ebBPDEDIMT1TS+uGD5Xs9w7wmYtjkgB0xfLUqTzE8lGqv+1js8xavl8SMSBuSZIVJSQ88JKSWujq4LfWAZWfarZGytn88XyjIqJVhWVWqmJKli-JVtRcDLuV-VBrOCVVLw-wzJNWq1V0jfmG7URTXw-jEi+E0apegUFNqB9AH6mBVK5pwwFrpBFpirv6L4jqVrX5AEwG1r1r0yAEwA1KXyOxBYn5trqZwGoEjrpqXK4FVIjp+aKxswoHEEs4aw6bBZEGWaSY2ZoBmy27sqf6qKJhUGArIDy6QqL5h4e4eJeLR6+LqBx48GsHwEZ7hIICRI57iFIppCqQEwqTCZKBAzjpCC+AP4CB+BQBVIABE0iiQvQ0ybQgy+hAANIYfjE4IkKsJYfoZ4Gpg4SAcAA4S8HNFMvoa0pgL4NUNYK1HuBTNwSmqIU4BuvUFAEAA
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 2ce0526436c8329fbad37c4bab39f5cacba0bd54f70fb2fb01dacb803101cd78

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:40 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 02 May 2024 17:47:40 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 55
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 visit
events.bouncex.net/track.gif/ 42 B
106 B 71ms
64ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLpJanUWItYdAGUUADMUJBAneld3VQAyUAgYJAQK5A6kHBbwKGgKPh40U3QEWCRSHDTISFNhanrjGno6Nbp4RkwCJEgCTEZ47M3aG1ICNDOEHKQ0UYBaSAyEFEgl9doBNJRwzDQj3ekBQiTWclosEgWQA+vEUFlxiA0JhwQARWgATWWNAUAFFEZcAJ4IXIKBRYTpQT7UVRQ2E5XggWBZdG3FBkTaqGFpRCYeLo0zUYwiACOkCIj0eRB8eAAVqY0QQAmIAIp4GLMMRE2ho6jATEEMC6ADydhEKBQeGYMQASmBVXL4qqRDZ1KUibBVUSYrx6GjOLBJCQIiAQJiTbxYKVgAQXHibEgAGoAVSySBhaKIAQAkgoIgAtHOi0U-YIFomqACcAi5PLAWVqyzkaLkzFp9GYVdUci59Lhh0gWEg6LbHa7Pb70JhYAIU3iuXqaN5MJQUOy7xAh36bWgHVnpChW8wuhwklUzGYO8G+4Ih8gx6JZ50V9ag3i8AOWWA1RAKAuCBgDglAuNo1DwnwRIwqgiQwm+AE0NQ8irNQ1BVKQiCISEiHxGkCRJFCMJQLcSxIXIKFoX8mGodhqG4fhc6QDOQ6mFh5GIeh1FIdQoSoUyYAnLA2Crlkc7YGxFElNxvHgb8TE2AQugwqY+7DhJHFUbk0mIYgYAQIcMKibwfzKap4k0exqGcVptHUAZHSgAgAgwnsvDIMxCCsRZFHWVhPGIT+4S8AOsCmIc6lWZpfkyfE8QwpgLI2O5w7IAgvARZRGE2f5qGIB+NSQFBJxuTCKUdOl3kaVl0U6QkhzBSptzMrC8ThIkaUZb5NE5dQs7zggMKFaYNmWZlXG2cZRJgINBClbopggKgD7hZVkXVd1Mk8CcjYAqZBDBWAsA2DClgAi8nVRRtiHEVk008HC1QjqtOg1ahlxoBgwU8Bd63aXRcVrgcFRkJYFVkT5l1-eBj0-eNPVuYeugDfxgnmeDiFSbZeX1cxKB8NUwWtSA7Vg8hVVwzJ2N8DCCOwEjcJtVEpOjV1UPA0gYBMfC+xEUOrLPaztns5zD08zdMLA7osPZTJCDAO572fURqIC5DtkqftsDxExHTbTk+PLSr6OoZjPWVMD4TvANQ0jRDv22ebZB-kOg1EsNMIYJgyB-NLr3gQQiZ40yu3jPsXtIL7V2oagZCrrwwUGY1fJPcbY0y4hjuWy7ctqar9tmxUFvOwNocItNcp45HUM2CgEBxSpxO235UOc0HBOmY3GV+7T9MNwuXdR9QjWNiyHf989fs13XMJTKQGVzAswiWbQTjbLs+yHMc2RCW5wNe6TPWt-jSDBbP8-zIsZMbFsYA7HsBxHNtO9Uvv3cIIjA1n89C+X8vq+3+vB+W8sjPz3h1Qew9moz2mOfReV8V43zvhvR+28+Av3AVDEANglLjAwK7YaVdbJYJwRME6KAiSMQHpg7BytmIEDBM9SQfsEC6HAA+XaH5ObZGQIQguRcraDRgqGAEvCYqHAPANPqSBx6pyZLrFOtlFZpVoSANy2AQDAwwVfNOftAqqJphub6z1IBIFgOnVCmdi7KWqGXAcgcRgiIns2SE054SIg5CidEWIcTLF8cwAkFgCAkkXH4ikXtgYfCnAyNKzU2RZA5HPXx3JeRYAFM2NEQoRTiklNKWUColQqnVJqbUup9SGmNGaC0VobT2kdM6V07pPTel9P6QMwZIhhgjFGGMcYEzJjTBmLMuZ8xFhLGWCs1ZaxJPrI2Uc7ZVCdm7L2JJ-YTjYFzkuMcCyJzLPWHSacUjx5LhXIDDcy0-aWIEaXW6djUAOLQDPUwxkhwDz2ashESJPHpO8fQTY6x-GEiCaSP5OgwlUkiSs6cjJYnpPZJyaZKT+SCmFGKCUUoZTykVMqNUGotQ6j1AaI0ppzSWmtHaB0ToXRug9F6H0foAxBhDJ0yM0ZYzxkTKmdMmZsx5kLMWUsaRyyVhrHWXksz0lbMWZOSFLVBwbJbJKnZUSZxzmkYuFsJz1zxPOYPbmTELBTD+FAIkGUbp+3ZgNS5LtDgyO0YLHqeqZwIAUSzNWDrHownFCa56psYoesCmYjKvrEIawajUW1rr84yVDfFBETc1oUxwnJIyJlQQPnlqIxCcLSB0PKpm1CCkhILiUiARE+59JGztW66NmQ0CoFhKo-N1Bs25uUcAbiqd7V+p5pcFAblmZ20TaheAoxSq8DwYmQQiAI55yHdQUKda+3KIIIXdyKAfxkH-JYJtoatZMUwHGjtVao0ZxrnwQ4+t9UTCbbsH8DMQDDkbU4qGt6UA8igE+1OftX0z2nZ+7RFz+BJUMvERsA7m62ROAQUMA0U05qTrnVOJjA2DwPcAGmctG7Kz1Te9dGHQALmUl5TtasXBomvDAKDMHgKgUQkycDqEAAcqhVD5GYOoVjHGNAuHUC4Fw9AXC6P-eRSQLhJAcZcDoC81A5BtnUMsmSwB1K0bIxNNAtBFqcwCAQPtElkO5BkhUYALrjCifE6oSTzALwOwIBJEoMlSDEe0T-T4lkvhnDXvfTe20zgXCuDcO4DwATPFeO8Gk3xfj-EBMCUEERwQuJah8jxKslw-NxAE4kwLqDkkpBEmk+zolMhZHEhJoq+RpKXJk1FOSMX5OxUUvFpTCUVJJdU8ldSqWNNpS0hl7TQzhhZT09l-SuVDN5aMgVQrJllfFZs+ZUrdm0lWXK8yc3xxLOVYc9Vy5pqnO1ceC5pFkL2YCqYJT3kmHwwygfGSM6v26uMxJMzEmpMndysJ4wjxLsyTQPEO7yFWO2X5uDN71BSCPYu2Jl7VnQdpHiNNeAgCVrgyYWRpo8BvaexgJOoQyAcDpEyDkdH06JjYGgPLDmx5nyFBkLT4nmPhzQAsO8Coewsg4BUPwIQUgrwY9QFj6AbkCPOrdggHAbkwARAOKYJonCvzIGgL8AShwKdDl4DgK8GACDQFRiYokxUxdojxE0LXOuxJ64N3IHARuUwm4QNr3XSAiQHpyDgOISB4mYCJHbh3g4eDDgNzgPEtujJi6vAIWwbQECqJwC+dQFGY-PYs69mTcm5BNCF43GPzHWM6A4+Z7jvH+MuCaLgzDTlE9NEQKKMx-Jo-q6vETYcD4cit0RGeKHyeYfUBcOnpv2AUALQpxWnAII0Dp8zwucXTQXiLQao9KCXD+fI3AFutKOBrIz6IAQHAX2dBV9VVPiPNgmik9wHzoAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:40 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 pageview
events.bouncex.net/track.gif/ 42 B
174 B 65ms
58ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NyhAdAHYD2qubLTAxmwFt6AI3Rsw9CAIiowMFmAC0ubKgghcJWvGwh08pRtwheAazINcAgPq8QA0DDAsyAERoBNKgFZq3qgAMAKIOYgCeEBB+gQBCECwQAGYwmtQAbMhW1tIAJjDIQqSuUiAw6OnW2ITxvG7AVOQAcgCOuABeioptABIAsgBWwK5sADIAKgCKvQDiAWNhNK5UUB5shAAeAPIA0o0gIL0B0wBKhBP9vBONwgAsAMphyBNh0znergDqyACMbTCmMBgHk2OWQdygbAA7EFhKgAGoAVQEqGsrjaIwAkjFTAAtDHNZo6ADCOLCaQAnPAKlUBDA3KQAlQ0t4AuS0qR0pkbPwWLh4rh6Yzmaz2ZysoQ2GheFEilVrCBMoINDBuAAyUCQWAIRC8RhcARQECoGAgUQQQiYYiQmLUKh2Fg5MLWVAmUzWWCEGBm21kShUKiJPTVH1UIm23jYCBmSW4awpKRaKi+22B9DB-3UMP+iNR0wx6yEPnAH0UFNBqIZ0O2vKEfjIXnygSS3klv2BENZu26WPCNjrazANTVFsZ0v+1PppNV-3VQie7jZNg5PQDof81tltMVqedhdqLXwawcHIyAtFjfj8sd22G-Q5WyS4DcC8Bq+Vzu8XjWFgFYSn-kyBAOQvhO26Zra1S6sauBOvwJ7WABajAaObagdeM5Rtw96DlI+TcvoZhASBb47hBkqoNK1gwcAYFjq+W7oVQy5hIQVFsAh6zADALq4CqLgoZuk7gf68j8LSCirkuBbIMI1joPEYAqMRDHvra8YCKx8i2EaAoCf6ASMWIYCQPe8jKUJ052l+CpcMk6DychSZ0WhqnZjp5lgZZJ7oMg6wQNYNZ1iOTltgZrlUJBWFniADpGvevAEaYRF6fRFmdpFDoBRAPl+bYiXJSFgmeZ2ySoIW2mcHGfJCClLmkeO3HlXYlXqdYyTrB5jHQKeRkmXG-GFZeKn1VQg5LsgvCxmoYnSLFvHPilYUjSAiR2SafJUWENGdeFK1rRo-nUf5kAJC65S1SRwl2mwsIxXkEmgJwp07SNLplPKOT3guOHDrpg2pcVtp7WU63+d1wXJkNaVA6tIMHQORr2Kx-QxS9V3CCAnpfoOMDSi+jGFndcWrrjtFtox3m+f5ON4yljE4bSBQk7T-2MRjWPWGg53-XgBAkGOdC0IwrAcFwPBifWJ7JAkjlXYTsWoPeXMvrzRCQ4LDDMOwnDcHwgiS0k8gFVdlO5crKWq-zfoa8L2ti3rAgG9LxuWQzeGcxgKv4GrAv0Lbou6xLDqGzLjFev2GqHVtZNFWHwgR+A-noCAYQxvj4Xh-1Z5sGYL7fF16wwIWBi2HqggyGjlnA-o8O4C6ZgGJXH7cBK8kFuRLOQ0x3FRn9V29UBWcwCevIwMkxvOZdlm3sPAVKmZKV18ggP+tXoMIy6GkPrdDqN3TPikJY3L2I4zh+EUng+NE-jBKEbARBW-g33ECTJKkPhMly2RAXh5-FAIpRzr+DSJUYctQD6uHqE0VoHQuh9EGMMcYUxZjzEWMsVYGwdh7AOEcU45xLjXHuI8Z4rx3hfF+P8QEwJQTgihDCeESIURokxNiPEBJiSkgpFSD+ICaR0ggQyJkLI2Qch4V-HkfIRzeCKII4UIjogZHFB3R+spWI2SVPNRia94aPSRtvF0u8JLIGAMuPk6dgHiJPqUM+EDL6+A-jfEIwBwiRGvrEeIht34WKyLkX+ECShlAUaAmof8oEtHaJ0HoAwhijEmDMOYCwlgrDWFsXY+xDgnDOBcK4twHhPBeG8T4Pw-gAiBCCMEEJoSwkRMiVE6IsS4nxISbAJIySUiCXwv+sjhGijEVkCR64BFCh6aI7xNgJRShUa4OU6iAGaPCs1WMzi0B6BSGEF86lGKlX8toja3BO6T2GldRZBYIB90OdDNylVWjrMWoxE5t5l4viWldMa2FjQHNQlPTsbzvz2BjlDFeXYNBNmXOgeUk0YBQABQDLqAD3qFg4BPL5RzLK9nrNKfsMAHBDnnANLudVXmoHEJvOMssLlAoCeCxFSF3RTn+oSyyJyxAgBPOSlFlyqCMBLkBSA1hYRsHgNUVATdbTGLAC6NlR5VqnhAIaMopp5Kiv9G8iasYWD-PpQS75QMMYOm4LNJZidlVUHYIaPKcBR7spDCNM1IBKgpGHunW1bBzWMBkE6-ey0cg3X8gIXgtJrWVhGvwNgAI-VLhXD9QZ-0l5Ao1VALKsBKKiXchdVFnYE1JtJgOYs6ahKQlcOqROB4dRsDDXAT0bQICYG+JCSEVBi2ajgEge03BcZ6BwN7K29A-ZawDuLQQIgjKSGkLIAwyhVDqHfjQHQqyFCKCMK6Jt0AW1lorYdctckjSQEwKBFdpbQ3hs2jRTApBnGEAPWuo9cACwwGrWeqgkJSCqjEsAHUDhMABFfYId9uBeCJC-T+hwKBCDACA2+xAYBgDge-aCmt374AQGEJ6Pkw9MCBACDcVUHpHU5FrZCb4Nw0gNoCGkRkpAGQ3BfSeZNEB0MAA40hpG+IEYjRHmM3EhFxyE3hIRXoQOh74qpqjNGXiwaUQnX36H5LxaQhNP11o46R8jT7vDSctcYLi0Kyp8UwMYMANHV3SkwDkVUKhuLYR0k6GlicApF0VUBPd5ZzNtDYJgRQrHv0TIojWpDwhVSJ15Jgd1qAgA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:40 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 item
events.bouncex.net/track.gif/ 42 B
104 B 67ms
60ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/item?wklz=JYFwpgtgXMAmC8B3AFgQwDbAHYHMC0qIIqAxgNYCkAzAIJ6xgBm2owA9lnhQEwBCeIYAAcAznkZsATniGSwANzBZBHAGShIUEmyEBPeAHU0mXDwAMhYuWo1zAESYsVWcz17nBo8xMnnZCpWd1cGgSQjAcKX0sKRA1DWhgCFQcMABXSXR4ZCIvWh4AMUKAIzTdPBFiQRIAOhjJOKwa7QhC+sbCr24C1EZGUqxYdDARQqSUkcL0Nki8do48dHQaoVxgzQysnJA8227CtJE62I5mtlbu4umcQsgwSRxsfBBkOUJR7pQMJ4IiUjJ1oksJU2OR4CBJGkwKoIGwGPAzKpEGBiiINHB4NwzGYACyqeTANGCBAARgA7CScQA2MlYqlmbhUKi4qiqBgEkhgDEADipVJJWOplL5OLJorJAFYyaohBMCWBEBiSaoRGAAI5QrCcjHcVQkTCBQQQEbECBCeDk4W0sz07hkgCceoNylQQmAikkaI44JSrPZwE58FgqhewEksAA+rKGroIyDJBMI7BCagrmAEIwMKqQwAvNjwPACxEiNgZQPI4qqCbKeCHe5AA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:40 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 view%20item
events.bouncex.net/track.gif/ 42 B
104 B 68ms
61ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/view%20item?wklz=JYFwpgtgXMAmC8B3AFgQwDbAHYHMC0qIIqAxgNYCkAzAIJ6xgBm2owA9lnhQEwBCeIYAAcAznkZsATniGSwANzBZBHAGQQ2DeAAZViMACMRoMHHjdt2gCyr5wY4IQBGAOxOrANhcWP27lSprKlUGOxJTBAAODw8nC093GKsXZJcAVhdVIVQcBWAwRDMnVREwAEcAVyVws2CSTCUiYAgwEWIIIXhXRO9tX25I3Xr85VQhYEVJYw54Yhxg0OBw+FhVEGRgSVgAfWzJEABPbbapHLBt2HtUA3QwBEYMUrWALzZ4PDjdETYKyWX9AyqM7KeAVUqSIA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:40 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 cmp
events.bouncex.net/track.gif/ 42 B
106 B 65ms
59ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/cmp?wklz=MYewdgzgpmAuBcsCWBbKBlWBDFAHAvAIwDshALAGzEBMADAKwAc9AzAJwBkokMCAFlggBhcNDj4wIAKR1geDihAATKPlocA7lABGEJLChIl+OrTIcAbkj3JjJclToVa1FizMsOKq8EPHGFBSEdJQOFGTEEcT0xBy4WADmUFZQGkZEHNAAjgCuML7p5sAANki8yGgQ2HhEpJQ0tM7UbJwlZXBYuEgWUABOeuD42Ame3ki++EocsHxIvUoA+vG9sACeC1UgvYlQC0rWWNrFUMYAZljF0NMAXiD4ALTB6hAgOb0TWtocO+I50L1AA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:40 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 reloadCampaigns.js Show response
api.bounceexchange.com/bounce/ 4 KB
2 KB 123ms
122ms Script
text/javascript 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=4037&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHZ8AWANkICYAGM6gDn2s2AC8QoBafGzAdwCmAIxypgAgPqoAJlBrUSmAE4CcIADZw0GAnWoAPHtWYqYApSqVRsAQ3XrUCAOYS4S9VAAWwYAAccAKQAzACCAZQAYuERcDgAdAggSqAIcUggALbRQuogTtECGeZOjk6cwJ4qNsCBkXyedqWc1cA2SADWwTHAGRJINhm+NqhOCMEAIhEAmpQArOGzNACig7kAngICCzQAQgIIAjBitWRavUXSqHBZQeOFw+rhZBKeOPtIE76UIQByAI5sTicVgACQAsmBfOMQAAZAAqEDBAHFqHC1hFxpQAG5TEA4fQAeQA0j8bDYwdQkQAlHAQMBICA-IQkADKazgEDWSOks3GAHU4PhWKh2qhUFMCdI4CysSBCEshEoAGoAVQySgk41YMIAkjt2gAtHV-P71ADCBrWZAAnHwni8cBlUBMgtRKGRZtRrWQgk8zn0MOIEMAXW6PV6fX6ehI1G4kFtbq8JDYtJlqugsFjUKJgAGQKKBFAAoQduFKOpfGXgmFKJRvH5arNQtsonNIrEEkkUmlMi2cnkW4Vik0KlUai36o1nM0fG1OnMgt1ev1BsNRgtbtM5ttFtQVr51psd7t9odjttTtGLlcsgu7hkHheHe8N+Mvr8AawgaCIVDYQjkVRdFMRxPFCRJMkKWpWl6UZZk2Q5LkeX5QVhVFcVJWlWV5UVVV1U1bU9UNY1TU8C0rVtJ9XidV9XXdT1vV9NtL2XQN9hDO86PDRiL39WMlHjV8kxTUAH20MZa3CM0yyUKtm0khTpNrbMJCcEAY1UUQMDkkIYDsN4pLLFSnF8DScC0iTKGrPT1AMwhxmwEB81QQti1LWtLmkHSy3oMgyCMchSD8khCBCwhZkIKtKCU7EZB0oggqoWg3SCV0SCYmKsW8ksy0uHB0kQXMBhAQrvNragopi-j4wkYA1l8LZJNCGyDOi3KbDWHBavUgR9F8VAlHTbSmprSgWsaqy2uU5BMlKCRfCUEBpBjOAhAkdR9icCoyrG-SJsM5TxAyLrHD6Gxkh2irFLLfoLpG8aDsoaQBE0fRJDygrg0uyqyyOJQcFzW7czEQodIeqaxoGgGzuSKQjokI59B28HJpigQsXMda8icARlscMG9sehalrgFAJBUdIMiKBBpCGyzqzLK7UbLGwYCOBxqkkOqGuRwnrtrVn2dQTnavqyQcYOQbHhG36+eZ2t0kVGwabmoZkkl3nbP2iHBdQDnxAkdH2M11r5coXX9ckNWBi6sBlZN7WYot4WDeAQaOlKB2ftrXInBxvGECkZ7g1QI5ca9-nzbZvWXat86bYDJWVecHaNyXM7VxGCSm0mGZ5jbXd90PRrFl3PYDiOcdmP9a9rlfe49aot5kFfd9-kBYFwUhaF4URFE0QxbFcXxYlSXJSkaTpBkmVZdlOW5XkBSFEUxQlKUZTlBVlTVDUtV1fUjRNc1LRtO1mIdGjOLDBjI2r6N0mDY2r-oiMmMWFiYxKgSS8TLqRLTbQ3so5CxFtbY6idBrJxcHAXwtNxCpzvsuAYQws6vi3PnUuyxVggA2CXNs1By5niru-GuuMbz1wfI3c+rwXx3jbp+b8Xc-y90AgPECw9wJjygpPWCM8ELz2QkvNCq9MIbxwtvfCe8iKH1IuRU+TdL45y4jfN+7p-QPyDBxJR19X68WjNVH+4xhKpjEugIBQN5qaClmINYO0Qa3jNn9SQzsRYYEEjLWsKNHoWLeBxKyzU+YxQsQCWxI0rpBPOrmLEdg4D7VCOEssMCnCDWestEAbNMY2GiXrGwOQ4mjS8TrIQytpAYGprmIYOMI5mwQFkiQz0sw1UcEDAmWtizjEetIJwEQobABhCAGwXkRpu1iY9GAWI-HVgSuQJKdBHo2BADpBJPtKweLrD4fwG4ayLFbDsjsiRkgYB7LeHZ-Z8htgiEOJQJRpyjgENURsdQGgOGnC0Ocad1HILXNnTcedwg7CLjgo8lAdiEMro8j+tcTm3AbtLd+z4W50O+O3L8ndfw9wAv3YCQ8wKj0ghPGC094JzyQovVCK8MLr2wlvPCu9CIHxIsfCiZ94XUWdM-bit8SH3zYl9DlKi9G9AMUJP+Ji6ZAJsLUfxIRlnYl8FlEa+BOk7SGWbWSazzETPisQGZNA5kQ1EKq6sJBHpOCQOq6V-lHoOOrLK9QWrFU6ooHq2VngkBdViAclI8V2mYGif9AA2v0GmaxyZzgkFmUQeSAC6sA9p+vOjgINngBAdBKsDI6OBY3jQTYGpAKa01aBjOIXw2b43+qTR9EqwZkwZGrcAWNzAK3JuqBIIQIB9DzRUM3Btcata5qTW8cyGYJB1tpuoLtqh2Jlv7c2jA5N0YuT4BIJIz0NQAwEKWvtbwB0BuiQ4ZaBVfAYBnTu5tSAkASAQNcIQmN2LmFxqegQu63hIDcDYgMz1DaPxUNIJ9L7U0YGWgtQoN4+gOA6I+7dz7m0GNFg1f9zbaadW6obPqA06aIcTQG5ps1nBdqWitNaG1nAVCw4G+xJ1A5A0bbu32-spAIHI0mi9yZUzsw2n+6Du6aPcaQy9OAb16nZk+r2pt2HX1AeLSU86h6IPtCgzm2DgGab1IE0JpA8nFPluw39aGFj7HMYDXpwGkS4aFARqgfQRmjYano7jRjRniZSjJhTTI1M4EZlo82lxrsxZGd81zMWqlTxSyM4rSBlx8Nq2AJLIzg09bJmkGkwOIGe0BejpbQ2GNgwZZAQbMBttlZGeKaIS9C1UDxljS+1oNNZNdsqwIar-HXpWyUI15r2GQNOmuA1qr1hm2lcq64dwsb6ybNCAAekm-srsRzKaIGekcA40gasyaUMtNw6gxsbMCFNmb8QvXzcyIts8K3d3PVayN7bXhdvVmm7Nw5qQFs0zO7jXd3WwNbZ2w2e7B3OxPeOad5b73m2oCEJ2ypQWEN8ew+DyHNgcbrQ6umzrFGIeMeLSADosb8C7t6tmNA+G30A0yOYPLMcRZuznKUcLGA1AbU-nGJrUBLgU2AHR7GDnToyHYqHFyXGlPYf3TIepaZHCxpGTB7DgX5rx3ARFkptOiwLnTiuFB647zoOPHubBuCddgvPIg0dZC653lhU3WhOd6Edx-N3f8fcgKD1AiPCC49oJTzgrPRCC8ULL3QmvLCm9cI7wIvvYiR8yIn0otQx07LtEvx4sbjRT8E+ctUR-YVd5jGiSGru2XhWIFK-wzAuBLPBUZw1z83O24C5YIPECvBZdTzgor1Cihj5Y9W9uDb1FdvmGYqd+w3FbvuGEq9-w0lfvhGUqD+I2lYfpGMqj8yhR8fbjKN0cn3lWiN86KT9yoVX93E5xzwA9APGzMHjcI0Oqsb7G7qccmTLscV3IBZ0LvNZnfHhbMyE7z2GFi+6sSABgazmfWH+OmYBi0y0tSRQ4WDQPQS0dgyYKAqAGMNmlCE6pOv6JW1a8YnaqAgw3aFkTmi0ySAwQcmBDwWOv6EalAv+sMuQgy2ms62GsQc0uMSOioIAfAbwSgRmSSKSDm6SZgGoWSDwuSG0ZBJMZMcBAgDBsOgauSJSZS7EcuOMRmiQ0S4GLkIcXGu62hNgLwYgMgaOSaRhrg-BZhA2MupSt6o6SAToBh56TkBYo6yBE6aW06UAUuhhdSDSjWjGvGn+FhARi6NUvgW6Oa6QzkXMTkyO1yhYOaQgvgUAzAAgfgUAAaAARBYkkH0AWu0OmjkQADR5GcxqRKBrBlE5GeBk61HOakzAC1FvDnT5o5HRqYC+A1DWCUwHjCzv4IzqCI4DYNDpHdFZiyB47uDcyFhDblbtbxilEAzrbAZLECClGXaCZtaNalGfa9YVbLELHXYrG1a0wbanHbFCZbb7EqA9a9C3EPwM6SAGKlEi7LSlKUIIClEF7y5dSK5QK-Ev6gL-FF5QKuCwKcylEWLX7WJ1SlGWGaZ6FoDSCIkgA6GeCmFomWGxDmAyC-H2GSAZBOEEmxHuFjooHeHBjKDqDyFQD+rCx5JAA
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 4e3ed2afa5d960b8c49dfbb89134265d6e39f67f320920db5e0ea2df102ee358

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:40 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 02 May 2024 17:47:40 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 64
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 reloadcampaigns
events.bouncex.net/track.gif/ 42 B
104 B 58ms
58ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHhLDACeAfWBQ4AaxEU0ONAxC8erAMwBBZQDMoYHEr68AwsrgALEFIiESItCRCIcytZr469BlTxN9zlyWtbUhBkFw1tXX0XH2UYOThrLFskJJJwtx4ABhjffjMoWzoIAA8RZFB9ZIzIz1zlfRx5CCwRRAgYXXLKkGrDCPcor2NlFrEQWRAAdxEIYBgQYBEQsP7Mj2jDWL4qMDQYEUTCZBaawbqtvLg4ESxCRDpFkV6HUBgzng3h7Z59IhoSKJEgtnslFiB3mtaptvHk-i0DhVHGh7oc9lIIR8vvU+DhrMA4CARIDkMMBp8hjieJ0hDhiRBniVkGhxCQ0KcoecYSM+GgsIlEHyMN0OstCHQRIwsBgSGYsZTLsp7I46XzDtR0pzslTIBgMBC7Fh5RdYaYblAbBAtGgwIxISpydjFX4NcbuT8FmBCCUifEcEc+g7Mjlnb9LAjliQoIJqAc4OjJJitU7Tbjw4IRJ7vUT42gMfbXNDvnlrcBSOrgLZlYg3cXtCzywhK3YHIgRNaSrWqRMnrr9Qc+V3QxUOoQ4LZQALEL1OmyOUHlCHUzwoFprXtCkSSWT1grl6v17QHMShKSRPqsItdEPl4k6OJBELyhrL8AbzyeOIbSJYAcxkiqk1BcuTrPgDxtI8iR7QNCxAqlwI3Y9UHEJwRAAK2jd8fjoKB5BuCo8x3GJl1IaNOnmbpCI+Kksx9SjCWo4dQEFVECIYrUqRwvCREIYAwA+MwSBIZBnAGAAxXgxOIAA6LA5jILBpIFQhBBAa1LwLH5SJjCjeP4rVBOE0S3AkngpJwWT5JaJTyBUhZ1KTZdaKJPSBKEkTYNM8zLMrazlNUhzNLyJEWLbVyDPc4zJMkmS5N8xT-PsvlHI-BQylQfUT1JLC8jS59MrAKAhCCRjlzytVSAgKQPgARm7Eo5DZaVDmIMhpzfZM9w-BDIOJcQpCFHLTBaPFGGWfF2OA6kWUsICPz7A01X2F40GtFLHS6n5dn2TNyHQI0tRIYBCFAlc1wgzdnxQuk7wfeJpUYgBWVQpJINsEBQdBsF4Z6ABExIATR4R6fuB7IAFEUEgIQQAMR6wayThejU+xnDBgA2Gw22neJ7h+1RfscdB9Ph9GRDMKo4Hx37kB4dQADkAEcSAALwAWjZlmAAkAFk0OQX6IAAGQAFQARR5gBxLIRaEMTfp4CgAYgHASgAeQAaXpqAoB5rJJYAJRwMW0LgMX6boAAWABlIRCDFoRJZgR7foAdUIGqWbQSQ0DQAG1ZgQhrYoCB2HB+8ADUAFVECWX6WaFgBJThJAALUTxnGamMwjFToR0YATimUGyYpwVqdULIeHRx6sgL9HVBLrHDhaBw+j+yvq9r+vG4x5u8V49i-opn9LUQQp2Xg87EKJZCkBuiB7zIp9jlnIitlJ5uPtQTADr+wHgdB+Gskh5Bodho-siRy9rRINHN7etoIRRGtgYJombRL8nKep2mGeZ9mnNeb80FqLCW0tZby0VsrVWmtta631kbE2ZsLY2ztg7J2Lt3ae29r7f2gdg6h3DsAaOscRDxyTindOmds653zkXL+Zc0AVyrjXOuDcm6P0SGCduBNO5sJ7pwtsA8CRwwJiPC0bUJ4QCpE2WwZ9eK6HsEID41YqSliJD1S6LRJqwQpCaD8cjlggDmhtAxPwjHMxUVqJchiNQyF0CdD4tifgjkRDQXRZj3TBWAKKLASB176O8aYAob0OhdAkGyCggSUwfg-mASMcx1q7nMXkYoKlCRlDQCgSozQDpTVia43xGAUJ2ALF4068TElvBkN4Apm0rj2MgLAZJRYqTECfBCTK94IBTH0B1epqTlDHBKS0v8a4nhQCoDaegjAhp8DcWOWw-jpx1L0YUvI9AyItGnMkfKMSGnKDklQNEaAVrlMyFSY5UByb2H2KVD81yeL9PuRxUMsBF5EkQHAQUFziKGIgBAH2XzwkJIAi8D4R0nGhn8RQTMExCKGjkfMngsL4WyEJOUVYgzuTsF+gAMlAM0+ASAd7YHwCskAzAqA0FmSAQl4BoAks+rvfA25mBcTzPRAwRhtLkXcVRHwzluXGBCi-EVPhOU3HCryqMOkDgyuFTKsVqIZXcNGkSER7EjDbQODAPag4fBaKQtQeeLcl6Pgeka6evU56oVusvZqq9NzGCMQo8QexATGCebmc53qIAnLMHcyERgnnEEWK8owHzHhtB+ZGxIQKzltFBd0JgLx8XtAWMwLI+KpggDoPIBw+xmDZCyJbfFshC3FpquwGqlt0bsGyOjKuqhK6W1UPihYGKQDFoABzo3RjVbI9a60Dstuwcd7BHrsHxRlBF0xq34v0IzE6-Ie0wGYI9fFvrkhsmnKRFAzAa2jsbVkZtvah3br2C8KAzJollnZFgZgUYMAdq7YRZgMB8WyhZIiDUohKriEyn6OlG6vjfpZhAZgbMh05q1VSvNdB8VQAvCQZg4bgBAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 02 May 2024 17:47:40 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 42ms
41ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=4&c=21&i=7rfqy7&p=aemprod&s=16351&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3JmcXk3IiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8CpodHRwczovL2FwcC5sZWFkc3J4LmNvbS92aXNpdG9yLmpzIiwidHlwZSI6InNjcmlwdCIsInN0YXKSAMA3MTQ2NzIwNTY5NzGAAERkIjoxFACwODI1OCwic291cmM8AMJpbnNlcnRCZWZvcmVCAKF0dXMiOiJsb2FkogBAYXNvbqEA1F0sImRhdGFQYXR0ZXISALJsaXN0IjpbXSwiaWQAzzUxNDEwNjY3Njd9LNMARR8z0wAMMW11dEYBr09ic2VydmVyQ0zZADkfOdkAB_FEY29ubmVjdC5mYWNlYm9vay5uZXQvc2lnbmFscy9jb25maWcvMjAxMDc4NzYxOTE2NDcxNj92PTIuOS4xNTQmcj1zdGFibGUmZG9tYWluPXVzLm4qAgD5AfBYJmhtZT1jM2E1NDVjNjMwNDRlOGU5MTAyZDRmMzJkODRhMTEzNzU5NGQwMjRmMjhlODAxZDY3MGJjNzZkYzVjMDc1NTc1JmV4X209NjclMkMxMTIlMkM5OSUyQzEwMyUyQzU4JTJDMxQAAA4AIDY2JAAQNQ8AoDElMkM4NCUyQzQtABA1DwARMS0AITE2DAAgNzIrACE2OAYAACMAIDE3GAAQMhEAEDk4AGA1MCUyQzdWACAxNwsAITE1DAARNWMAEDZkABIxbwACJAAQMj4AEDE5ABA0QwAiMTcGABA3YAARMjoAAAsAEDMKABEzGwAAmwAANAAQNokAEDYYABA2PgABkgAROCIAAWoAABkAEDmAABA4QAAROBQAEDAQACAxMDkAEDMWACAxMEkAEDLGABEymQAQNUoAITE1HAAQMy0AETILAAAKABAxKwABRgEAKgAATwAQMi0AAb8AEDJSAAE8ABA1TAABKQEBFgEQOSwAEDItAAE3AQCeAABRABA3EgAQNAUAEDJbABA5FAAQOQ8AAD4AETEFAAArABA4cwABPgEQNxQAEDNmAAFTAQA1ABE4EwAAIgABMgEQOPAAEDRvABA0lwAQOCwAEDNTAAEOAAAYABA3ZgARNBgAATsAARkAAEoAARMAACIAEDYOABA0BQAQOX8AEDRTABE3GQAABQAgMTAyAAEcAQHMAQEgARA5PQAQNR8AEDUKABA0ZAAQNygAEDZkAALAAS8wNbwEEE44MTQ06QMnNjm8BA_pA0KvMzA1MjA0NTY4OOkDCLB0LnBpbnRlcmVzdJ0D8CcvdXNlci8_dGlkPTI2MTMxNTg2NDI4MTImcGQ9JTdCJTIybnAlMjIlM0ElMjJlbnNpZ2h0ZW4SAGc3RCZjYj2dBXA3MSZkZXA9PAGWUEFHRV9MT0FELgEyeGhyzAQJ5wUvODLnBQEAFAAF5wWyWEhSX01BTkFHRVJBAALmBW9hbGxvd2XpBSGvNDc3NzM5NjcwMycB_y8Qc00CMWltZ0oC_wVjdC9saWIvbWFpbi4yYmRjMzA0MO0HE043OTc5MQMvNzIxA02vNTUwNTM2MDY2NQoCGC92My8DJcRldmVudD1pbml0JmFeAzBsb2NNAwFfAwE5CQFqA0lGJTJGRAfwEiUyRmJsb2clMkZlbWVyZ2luZy10aHJlYXRzJTJGd2hhbBIA8AthdHRhY2slM0Z1dG1fY2FtcGFpZ24lM0RGWRIG8Ac1MjBFbXBsb3llZSUyNTIwQmVuZWZpQQAQNjAA8XBtZWRpdW0lM0RlbWFpbCUyNl9oc2VuYyUzRHAyQU5xdHotLXpITWpwRG9MVFFNRzBUeUZEMnZZb3N4T0tOYWFNMEdSc1FqY1FOYjRTeXVReUdkNURXdTF6aWtpaVlPZHVTdm83RWJyVlVtcl9EekxJQmtaSXFxd2hDWnk2OXclcADAbWklM0QzMDI2NTA5DgcBmQB_Y29udGVudBoAAAIjBLElM0Roc19hdXRvbTwJAE8BgDJDJTIycmVmDAABWwEACQABFQATaRQAYWZhbHNlJRMAIHNoHgBBM0ExMlQHUyUyMnN3EgAUNhIAE20kADQlMjLbAgAjAAFAAFBpc19ldQ4AUzNBdHJ1VQDCYXJjaGl0ZWN0dXJlHABAJTIyeLsHACAFpSUyMmJpdG5lc3McAAD5BwQbAERyYW5kGgAiNUKHBRBiFQAFLgDhR29vZ2xlJTIwQ2hyb21iAAGMAAM8DAUoABAx2QdAMiU3ROsAAc8FCkgAlE5vdCUzQUEtQl4AD0YAAhA4UAAPRAAGAYMAADwCATsIPyUyMoUABxE1iABgMjJtb2JpvwAAWAYHigEAjQwQbGwACrQBhXBsYXRmb3JtGgAwV2luQQgDLwEEHwASVjgNBSYAIDEwPw0ADwAB1QBtdWFGdWxsJQDBMjQuMC42MzY3LjEx6AABLQBgZWNtX2Vu0woQZEEAIjNBpgAO9AYWMuIGAxMNAqUGDOYGHzLgBAx_UkVRVUVTVOoGPJ85Mzk5MDk3NjDgBP____81X2ZldGNo3gQjX0ZFVENI3ARf8QFhbmFseXRpY3MudGlrdG9rpwrGYXBpL3YyL3BpeGVsvQWBc2VuZEJlYWPdEgyNEj44MzLRDQEUAAKDCN8iOiJTRU5EQkVBQ09O5wA7nzI1Mjc4OTYxM6MKCA_nAAJCaTE4buUAIC9zVRISY5kL701USXlZemMzTnpsbE1RnwsVHjiMEwr_AA_QDkOPNTAyODUyMjGSEwnyBXNzZXRzLmJvdW5jZWV4Y2hhbmdl6AEBGgCzL3NtYXJ0LXRhZy-XCPADZWQvcnVudGltZV82NDU5NzM4cQr_CDM1Y2RhNDIzMmRjODEzYzYxNDQ3ZC5irhQUPzc5NiIBAQiuFA8iAUOPMzYyNjIzMTAeAggRZysK8gFhZHMuZy5kb3VibGVjbGlj4hPzBnBhZ2VhZC92aWV3dGhyb3VnaGNvbigB0C8xMDQzMzMwNjg1Lz8fCihvbe4PyzQ0JmN2PTExJmZzdBgAQWJnPWYBAPAlJmd1aWQ9T04mYXN5bmM9MSZndG09NDViZTQ0dDB2ODc4NDEyODY0emEyMDAmZ2NkPTEzdAIA8AMydDUmZG1hX2Nwcz1zeXBoYW0PAPABPTEmdV93PTE2MDAmdV9oPbALXyZ1cmw9OA3_NIUmaG49d3d3LjACcGVydmljZXNNA9ImZnJtPTAmdGliYT1Xbg40JTIwcA5wQSUyMERlZtkOQGlvbiUIFPEEQiUyMHRpcHMlMjBmb3IlMjBwcv4OAiAAQi0lMjBKGPAFJm5wYT0wJnBzY2RsPW5vYXBpJmE0ApUyNjM1NDUzMS5gEvUINyZ1YWE9eDg2JnVhYj02NCZ1YWZ2bD19DDozQjHLCyQ3QyUNFTUnDQ8lAABiTm90LUEuAA1AM0I5OTQMgS4wJnVhbWI9BwBhPSZ1YXA9cwwACgAidj1YDOAmdWF3PTAmZmRyPVFBJmAYET3iADYlM0REA1AlM0J1MaEOABMZD9oPPi81Q90PHAExAAvgDwEUAA_jD1oBcgAP5g8FDx0AAgJmBxElHAAK7A9xM0J1MiUzRBwRfDNCdTMlM0QOEfAGQnU0JTNEbWlzc2luZyZyZm10PTMmBgAXNP4HD4caBU04MjQ2ug0oMzLZBaBhcHBlbmRDaGlsjRQAbAcPhhoprzYyNTQ4MTYyODazDQcFogMP0gX______ykfN9IFDA-rC0IF2QUPzQwID9kFRC8zOKsLAz8zOCarC___7zBndGG9HADgIg8bCiAOzyMoMzLmHw8bCjufMzk3MzQ1NTk33x8ID0IE____oA-LCAEIQgQPiwhCBEkELzgyZA4HQXNpdGUoJLBjZXB0LnF1YWx0ckkXAMkpcFdSU2l0ZUlGJAAeAPQ4RW5naW5lL1RhcmdldGluZy5waHA_UV9ab25lSUQ9Wk5fN05HVkg0OHNJRFJvOTI2JlFfQ0xJRU5UVkVSU0lPTj0yLjUuMCYWAIZUWVBFPXdlYp4PDzskBD4zMzjJCQAUAAIvED8iOiI7JD6fMjkzNzg3MzI4SykIDzoBkg5vIygzM3gCDzoBRh85ix4IDzoBCfQdZHhqc21vZHVsZS8xMi5mZmQ5OGE5ZDNiOGNiZjIwNzVlZC5jaHVuay5qcz9KAg9gAgu5JlFfQlJBTkRJRD1rIwZ4Ag-dLAZPODEzMHsCAAhBAQ_7BzufNDkzNTc0MzYxsyYIDz4BmQ8tGQAJfwIP9wRCBUUBHzT3BAcPSxsU72lkZW50aWZ5X2MyNmEyRhsTPzgyODAKABg55SYPNQI7AEUlXzU1NDc5HRoID_AASS8zMiUDAAnwAA_nAUID9wAvODPeBgiydHI2LnNuYXBjaGEGKxdw9gMPCh4LHzmzBwAAFAAFdQYPCh5FnzQ0Nzk3MzkxMv8LCBxj3isAjxbQaWMvY3QvdG9rZW5fYzQoH2WxAhQvMzTsAAEI_BYPgzE8nzI5OTk3NDM4NV8HCA_jAD0PCgcAGDnjAA-kAkIE6QAvNjGLBAcSaW0t_xUuYWRzcnZyLm9yZy90cmFjay91cD9hZHY9OWU1YjNicyZyZWYCHf828QV1cGlkPWppcnJtem0mdXB2PTEuMYE1A640U2lmcmFtbDQL4ScP7AQANzQxM8EsD9wFO482MDU5NzQ5MgwQCQ9BAv-dDhQJCkECD4kEQgVIAg9yBQgRYUkjD2MjHAAGMP8ULXYyXzEzMzI5NzllZDdjNzUxNmVjYzYwMDY3ZGE0M2IzN2VjIxc-ODMyjgY_NDg0YwNGnzI4NTMzNjQ5NbIMCA8bAXYOCg8KGwEPPQJCBSIBD8YGCA2vB2djdC5odG16Jw9VBQcPgAgBLzUxMQtHnzM1OTc2Mjg0NdAARg5tCArQAA-nAUIF1wAPPQ4ID8kCIv8YY2pzX21pbl8zYTg0MzQ3N2Q4ZTMxOGY2NzIzN2E2NmQwYTU4YzU0IA0VAVchImVujjsCBjxHODUxNuEDDx8BQo81MDAzMzU0MkQnCQDfI6EuY2RuYmFza2V0HTsGMQwPnxIELjUxlQMBFAAFKgwPZRE-nzQ1MTkwMjAzNOIOCA_LALgAvigPlgGRwDgxNDk2NjE5NX1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:41 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 02 May 2024 17:47:40 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 80ms
79ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=5&c=21&i=7rfqy7&p=aemprod&s=6062&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3JmcXk3IiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8CBodHRwczovL3BhZ2UuY2RuYmFza2V0Lm5ldC8iLCJ0eXBlIjoieGhyIiwic3RhcogAwDcxNDY3MjA1ODUxOHYASmQiOjEUAFBzb3VyYzkAslhIUl9NQU5BR0VSQQAwdHVz8wBhbGxvd2VkmgBAYXNvbpkA1F0sImRhdGFQYXR0ZXISALNsaXN0IjpbXSwiaWYAvzgxNDk2NjE5NX0sywAFT3ZpZXfLAJCvNTY0NTEyNTM0McsA0vEJd3d3Lmdvb2dsZWFkc2VydmljZXMuY29tegJjYWQvY29uTAP2BS8xMDQzMzMwNjg1Lz9yYW5kb209YQLbMjMwJmN2PTExJmZzdBgAQWJnPWYBAPAuJmd1aWQ9T04mYXN5bmM9MSZndG09NDViZTQ0dDB2ODc4NDEyODY0emEyMDAmZ2NzPUcxMTEmZ2NkPTEzdAIA8AMydDUmZG1hX2Nwcz1zeXBoYW0PAPACPTEmdV93PTE2MDAmdV9oPTE_AEF1cmw9RgPRJTNBJTJGJTJGdXMubnsDAOAA8BIlMkZibG9nJTJGZW1lcmdpbmctdGhyZWF0cyUyRndoYWwSAPEaYXR0YWNrJTNGdXRtX2NhbXBhaWduJTNERlkyNSUyNTIwRW1wbG95ZWUNAGBCZW5lZmlBABA2MADxcG1lZGl1bSUzRGVtYWlsJTI2X2hzZW5jJTNEcDJBTnF0ei0tekhNanBEb0xUUU1HMFR5RkQydllvc3hPS05hYU0wR1JzUWpjUU5iNFN5dVF5R2Q1RFd1MXppa2lpWU9kdVN2bzdFYnJWVW1yX0R6TElCa1pJcXF3aENaeTY5dyVwAPEBbWklM0QzMDI2NTA5NjMlMpkAf2NvbnRlbnQaAAACIQSxJTNEaHNfYXV0b22PBP8AJmxhYmVsPXNhbGUmaG49MgIF0iZmcm09MCZ0aWJhPVdBATQlMjBDAaBBJTIwRGVmaW5p4gTzDSUyMCUyQiUyMHRpcHMlMjBmb3IlMjBwcmV2ZW4gAEItJTIwKgUAJgLwCl9lZT0xJm5wYT0wJnBzY2RsPW5vYXBpJmFRApUyNjM1NDUzMS6PAvENNyZ1YWE9eDg2JnVhYj02NCZ1YWZ2bD1DaHJvbZUB8QRCMTI0LjAuNjM2Ny4xMTglN0NHBQMByQEBJwA-ZSUzJQBwTm90LUEuQv4CUCUzQjk5XAaBLjAmdWFtYj0HALA9JnVhcD1XaW4zMgoAQHY9MTAkAOAmdWF3PTAmZmRyPVFBJlEFET3rADYlM0RhA0AlM0JhggXwBl9jdXN0b21fc2NyaXB0cyUzRHRydY8AYGVjb21tXxMGfG5hbWUlM0SoAhJCIgCFdHJhZmZpY1_PAeBkaXJlY3QmcmZtdD0zJgYAFjRGBgJnAAIIBgpJBj4yMzdJBkIyNCwiWQAAMgaQcHBlbmRDaGlsNgYyc3RhSQYwbG9hEAAvcmVGBhyPNzgwOTQ5MDN7BQgPfgIFD7AE____9R80sAQNMW11dNMGIE9i7AhCZXJDTPgED7cEMg8yCgnwA3NwLmFuYWx5dGljcy55YWhvb4UI8CMvc3AucGw_YT0xMDAwMCZkPVRodSUyQyUyMDAyJTIwTWF5JTIwMjAyNCUyMDE3JTNBNAUA_wEzOCUyMEdNVCZuPS0yZCZibgc8vy55cD0xMTU0OCZmQQn_NvAiZW5jPVVURi04Jnl2PTEuMTUuMSZ0YWdtZ3I9Z3RtJTJDYWRvYmUlMkNlbnNpZ2h0ZR4OA-UNMmltZ6QCC5wHLzE5nAcAFzWcBw_sAkOPNDg2ODg4ODbpDQgG6QJhdGlrdG9r6gL3AWFwaS92Mi9waXhlbC9hY3SACHFlbmRCZWFjEw8OzQ4uMzToAAAUAAWECK9TRU5EQkVBQ09O1A47rzMzNTY1NTkyNjAJDgfwBGFzc2V0cy5ib3VuY2VleGNoYW6wDzJvbS8aALMvc21hcnQtdGFnL0YN9yRlZC9vbnNpdGUtdjJfMGU1NmFiNmJhMDA0ZWUwODBjZTNkZWIzZWRhZTM1ZTkuYnIuanMrAQESCg8PAgE_NDgzJwEAFzYPAh9hqwk7nzYyMzUxMTQxOB0Bkg9EAgEIHQEPLANDBCQBHzkkATxRaW5ib3hAAv8QMmFjYTVkZjBlMTc2Yjg4MTBhODZkYTk3YWMwNTQyNEACLR83QAJGjzM3NzMzODEzSAQKD10DIQ8cAUIPPwIBCBwBDz8CQgUjAR82PwIoApoE9xQvbG9jYWxfc3RvcmFnZV9mcmFtZTE3Lm1pbi5odG1sIzIwMBEOEWkgAA9mBAEvNTN1BgAAFAAFjQXyCEhUTUxJRlJBTUVfU0VUQVRUUklCVVRFTQACZgkB5A4PZhQinzU4OTA3NTA3MhIBCLF0ci5zbmFwY2hhdHgGF3A-BQ9pBgsfONwAACc5MAIDD2kGRa80MDkxNTM2Mzcy6QEvwWpxdWVyeS0zLjUuMeABDz8GEy41MzMWKDYwTggPPwY70DM3Mjc2MTIzNTF9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:41 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 02 May 2024 17:47:40 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 120ms
119ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=6&c=21&i=7rfqy7&p=aemprod&s=31349&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiN3JmcXk3IiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8xJodHRwczovL2Fzc2V0cy5ib3VuY2VleGNoYW5nZS5jb20aABIvGgDwHC9qcXVlcnktMy41LjEubWluLmpzIiwidHlwZSI6InNjcmlwdCIsInN0YXKzAMA3MTQ2NzIwNTg1NDChAEVkIjoxFACgNjA1LCJzb3VyYzwAMW11dJQAok9ic2VydmVyQ0xIAKF0dXMiOiJsb2FkyQBAYXNvbsgA1F0sImRhdGFQYXR0ZXISALJsaXN0IjpbXSwiaWoAzzM3Mjc2MTIzNTN9LPoABfEGYml0ZS5hdXN0cmFsaWFyZXZpdmFs-gARbT0BA9wAMnhocpEACtkAPTc2MdkAARQABdkAslhIUl9NQU5BR0VSQQAC0gBvYWxsb3dl1QAhrzYxMTUzNjE2OTHVAPbxAWN0P2lkPTM0ODcwJnVybD3WAtElM0ElMkYlMkZ1cy5uCwMA1gHwEiUyRmJsb2clMkZlbWVyZ2luZy10aHJlYXRzJTJGd2hhbBIA8RphdHRhY2slM0Z1dG1fY2FtcGFpZ24lM0RGWTI1JTI1MjBFbXBsb3llZQ0AYEJlbmVmaUEAEDYwAPFwbWVkaXVtJTNEZW1haWwlMjZfaHNlbmMlM0RwMkFOcXR6LS16SE1qcERvTFRRTUcwVHlGRDJ2WW9zeE9LTmFhTTBHUnNRamNRTmI0U3l1UXlHZDVEV3UxemlraWlZT2R1U3ZvN0ViclZVbXJfRHpMSUJrWklxcXdoQ1p5Njl3JXAA8QFtaSUzRDMwMjY1MDk2MyUymQB_Y29udGVudBoAAAKtArElM0Roc19hdXRvbYsD4iZzZj0wJnRwaT0mY2g9TgSCJnV2aWQ9JnQbAEFzZm1pDQBldT0mY2I93APwRjc4MjQmaGw9MiZvcD0wJmFnPTIxMTU3MDQ5NjYmcmFuZD04NDU1MjE4Njg2NzIyNzAxMjc2MjYwMjcxMjgxMTI4MjkzOTE1MTQ4MTA4NTIxMDUxODBCAPcfMTEyNTcxMzkxNjU2OTcyMDcyMTc5OTgwODAwOTImZnM9MTYwMHgxMjAwJmZzdA4A-BFucD13aW4zMiZudj1nb29nbGUlMjBpbmMuJnJlZj0mczoAIG5jtAD6G3Q9JmRpPVcxc2laV1lpTERreE1EbGRMRnNpWW01amFDSXNNVjBzV3lKaBAA8AUweE9Dd2lXekFzTUN3d0xERmRJbCgAojAwTXl3aU1EQXcEAENFd01UDAAACABQVEV4TUQEABNBCAAURSgA8w1pWFN4YkxUTTNMQ0l0TVRRMExUWTJMVEU0TUMwHADkVTVMQ0prWldaaGRXeDBwAHBPU3dpTFNKtAD1A3RNekFzSWx0Y0luWmNJaXd3WBgAEmsYAGBqSXdNRE2UACAzWNwAsGl4Y0lrZGxZMnR2EADwDlhDSk9aWFJ6WTJGd1pWd2lMRndpVFc5NmFXeHNZEADzD0c1MWJHd3NiblZzYkN4MGNuVmxMRGdzWm1Gc2MyVRgA9Ap3MUxIUnlkV1VzZEhKMVpTeHVkV3hzTERBEAABOAAEnABlTmpnc0lp5AAHDADyAUk0TENKbGJpMVZVeXhsYmnkAPQGTkN3aVBHaDBiV3dnWTJ4aGMzTTlYKACpMXdpSUd4aGJtYxQA8DZQanhvWldGa0lHTnNZWE56UFZ3aVlYUXRaV3hsYldWdWRDMXRZWEpyWlhKY0lqNDhjMk55YVhCMElHRnplVzVqUFZ3aWTMAPB2VndpSUhOeVl6MWNJbWgwZEhCek9pOHZkSEl1YzI1aGNHTm9ZWFF1WTI5dEwyTnZibVpwWnk5amIyMHZNRGhpWldZME9XSXROR0kyWmkwME56UmxMVGsxT0dJdE5XRXdZbVUzWVRBeU1qZGxMbXB6UDNZOU15NHhOaTR3TFRJME1EUXlORMQB8AVOY0lpQmpjbTl6YzI5eWFXZHBiapQA9ANGdWIyNTViVzkxYzF3aVBqd3bMAPEDUGp4elkzSnBjSFFnWVhONWJtOAEASAAiemMMAPMNb2RIUndjem92TDNkaGRtVXViM1YwWW5KaGFXNNQA8CkxMFYyRjJaWE5DZFc1a2JHVnlMMmhoYm1Sc1pYSXZNREF4WmprMk1XSmtPV0l3TlRGaE1qZ3hPR7wA8AFVNE16VXpabVJoT1RKaVpsTAFQUjVjR1WsAcMwWlhoMEwycGhkbUaoABFSjAGnTDNOamNtbHdkRJgBD4QBAP8kWTI5dWJtVmpkQzVtWVdObFltOXZheTV1WlhRdlpXNWZWVk12Wm1KbGRtVnVkSE11YW5OYAAa8wxkM2QzTG1kdmIyZHNaWFJoWjIxaGJtRm5aWEkcAfMaZDBZV2N2YW5NJTJGYVdROVJ5MUdSek5OTWtWVU0wVkVYQ0klMkJQQzngABBRDgCcSE4wZVd4bElICgEhTnrCARFt6gLwGXVaVzR0VlZNZ0kyVnVjMDV2ZEdsbWVVSmhibTVsY2lBalpXNXpRbUYCAUN5UkdWYgDwE1JwYjI0Z2UxeHVJQ0FnSUhSdmNEb2dkVzV6WlhRN1hHNTmOAGhkSGxzWlReAQyMAAuWAXFpQmhjM2x1BgMBxgEOEgPwDWFuTXVZV1J6Y25aeUxtOXlaeTkxY0Y5c2IyRmsyAX9NUzR4TGpBhgEMD4gAL4JZWEJ3TG14bIwAEmeqAa8zWnBjMmwwYjNJgABOsmN5NXdhVzVwYldjfAAwMk4wGgQ_Y21VfAALB3oEcVhDSWdjM0qGBPAVYUhSMGNITTZMeTloTG5GMWIzSmhMbU52YlM5eFpYWmxiblJ6OgQPbAIEAkoDcENCMGVYQmwGBcRkR1Y0ZEM5cVlYWmgqBABwAA8iBA7zBzJGdVlXeDVkR2xqY3k1MGFXdDBiMnPkAOhreE9HNHZjR2w0Wld3dpgA_yVQM05rYTJsa1BVTTBTbE5CVWtwU01sRXpUMGN3U2tGRlZFWXdKbUZ0Y0R0c2FXSTlkSFJ4zAAMD74EAJFNdWVXbHRaeTV6BYNkMmt2ZVhSahgBCv4EP2o0OGIEFQECBPMBbkpsWkdScGRITjBZWFJwWWQAAGACj0wzQnBlR1ZzaAAaD-gBD9MzZDNjdWNHRjVjR0Zz7AHyBjBZV2R0WVc1aFoyVnlMM0J3ZEcwdXoEwGREMTRieVpoYlhBN4YEgWJtOXlkRzl1OgAfVhQGKUVOakxY9gABWAUyYzJOUAUwQzV0JAYPVAUKMEdsa3IC_wFjR1J6ZEMxallYQjBkWEpsbgIT4E5rYmk1d1pITjBMbVp0agGDYm1jdWJXbHVuAQBMBQxaBQTuAg-uBA7xB2QyVmljMlJyTG1Gd2NITm1iSGxsY2k-AoMlMkZjM1E5WVwFE2NaAQ-UAgwPcgADgGk4dllXMXdivAXCUzV2ZFhSaWNtRnBiagDQdlkzQXZiMkowY0M1cfwFDhQGC4gFD7wCBg84BSQAyggP5gYe_wNRVmN0TVRBMk9Ua3lOemsxTkZkAh1FSXZMM1gCxGhaSE10ZEhkcGRIUoQBX3ZkWGQw6AEm8ghpOHZaQzVwYlhCaFkzUnlZV1JwZFhNdJYEA6wJkDBFeU5EYzBOVHwL8hVabFlTMDBObUV4TFdKbU0yVXRNR1E1WlRRMU1UaG1aamxqTVOiAQ9gCQXzB2RIbHdaVDFjSW5SbGVIUXZhbUYyWVjICBBGpAoGWAoAAAME3gVBTHk5aUAKNG1sdb4EP1ltRvwAEQ_SBSQAfAHTZDNkeTVuYjI5bmJHVloEEzR0DPElTXpMQ0piWENKYk16WXlOakl6TkRBek1TeG1kVzVqZEdsdmJpaG9LWHRYS0dRc1puVnVZM3YIABQA8BtpS0MwME55a29hQ2w5S1R0Y1hHNXlaWFIxY200Z1ppNWhjSEJzZVNoM2FMCqEzY3NZWEpuZFcxxgZDS1gxZJQMIGNJqAzobHMwTkRBNU5qVXdNakVsAPAGZ2RHOVRkSEpwYm1jb0tTQjdJRnR1ngX0A2RtVWdZMjlrWlYwZ2ZWMWNJbGgMJE0w2AAQTvQN-A5qVTJNamcwTEdaMWJtTjBhVzl1S0dncGUxY29aQ-wAUGdwZTJJ0w8wNEtT-ADhMHBPM0psZEhWeWJpQm5ABPEER3g1S0hkcGJtUnZkeXhoY21kMWQMMUhNcIQAAcwAAlwNyld6UTBNRGsyTlRBeVQBcUIwYjFOMGMIAvUQZ3BJSHNnVzI1aGRHbDJaU0JqYjJSbFhTQjlYVndpWOQNE1nkDUJRdk0xYAB0TkM4elhDSpwO0DJOaXdpWjJWdmJHOWogAZBiMjRzYzNSdmPICvAiV0ZqWTJWemN5eG5ZVzFsY0dGa0xHTm9aV04wTEcxcFpHa3NaR2x6Y0d4aGVXTmhjSMgBwFVzZFhOaUxIQnBZMxAARFZwYm4MAPABVXNjSFZpYkdsamEyVjVZMzoH4VZ1ZEdsaGJITm5aWFFziADQV3htYjI1MGN5eHZkSNQMQFZrWldSCDBGc2P4DfAQbU55ZVhCMFpXUnRaV1JwWVN4amFITmhkbVZrWVhSaKQAQGRXRm1kDvANZG1WeWMybHZibXhwYzNRc1kyaDFZWGR2ZHpZMCgAQFpHOTMcADBibXMcAPAAd2NtVm1aWEp6WTI5c2IzCABhaGxiV1Vz3gpQM2hvY2lsAJlWaGJXOWtaV3c0AKBjbVZrZFdObFpIVATxBDV6Y0dGeVpXNWplU3h6WlhKcFkwAFFGdFpYSqQAUGNISmxaoAAACAEwSFZq0AASYiwDonNjSEpwZG1GMFpgB_EIbGRHOXJaVzVwYzNOMVlXNWpaU3hwWkc8AYAwZVdOeVpXUiQDgXBZV3h6WjJW3AANBAEQabgCIHhz1glBWldWdQAB8g5IQnlMSFZ1Ykc5aFpDeHJaWGxpYjJGeVpHMWhjQ-wAAOAB8AVkR1p2Y20wc1ozbHliM05qYjNCbEAA8QFkV0Z0YjJKcGJHVXNkMmx1UAEQVwoKE2RIDwJEAMxMSEIxWW14cFkydGywAAAIArBZWFJsTEcxaFoyNewAMHRaWOwFYHhoWTJObFQOUGIyMWxkXA7QSEJ5YVhaaGRHVnpkRyABMFJ2YQINEG0kAiIxd4AEAnQAwFlYSmphQ3g0Y25Od9wCkFlXeDBjbUZqYagAEnkkAHBabTl5YldaCAaQdmNuTXNhV1JzTAEzZEdWzAQCKAAGBAEgMTIgAgAQBAEAAfAHMmxrZEdnc1kyeHBjR0p2WVhKa2NtVkwB42phSFpwWlhkd2IzSjBkKAAAtgkB_AMBXAEGIABxYUdWcFoyaLgB8ARjblIwTEdGMWRHOXdiR0Y1TEdOdAHgemIzSnBaMmx1YVhOdmL8AGFXUXNhR2yUA-BkV0ZpYVhSdVpYTnpMSFgG8gZWbGJuZGhhMlZzYjJOckxHTnNhWELcAUFIZHlhcAGQTm9aR1YyYVdOrAFQdGIzSjXYA7NZM0p2Y0dodmJtVfQFF0WEEZNVekxDSXhNREEcAPR-SXNJak0yTEdWQlNGZFlNUzltTTNGNlEzWmlhM1Y1YlZGM1oyeEpZVVl6Y0VWelVrVkZWSEJ2Vm1SR1ZrSlJVWEJTWTFKQ1JsTkxTVWxuYVZKSmNqQkxhRXBTY1hCVFFYUkRRV3RSU0hCSmVubGlZbGh3YlZweUx6VXZaRGsyWW5wamRWTkJVRW92UjNRlAAQeDQTAxATEHmAEyJLeSwSMk1qVRQFsGxzeE5EVXlNRE0zbAUP6AUXL0l66AUAH2zoBWkQTtQABTATKEUw_AAA4AWAZTF3aWRHcG9CCsBPakkzTVRBNU1qRXrMEyVkVxgAkHdNelk0T1RVMxgA8wlhbWh6YkZ3aU9qUXlPVFEzTURVeE5USjlUARAx7BQFZBRQVEVzSW5kFACgEUJwY0lsbAZQYlZ3aU98FDBtUmx0BABAEwA4AwPEB5R2WnpwMGFYUnNYFFliMmM2WqoQEjXoB_0DblIzYVhSMFpYSTZkR2wwYkdWGAANOAAlbDGsAAAEAXBiR0Z1WkhOZAzDbExYQnlhVzFoY25rMAIQWdQCE3TcABB63ABhWXl3dE1TBAAACAoA1BUweU5p2BWjQXNNVEl4TERFeSAA8AgxTVN3eE9UWTBMalVzTVRrMk5DNDFMROASdEVzTWpRd02QBydqQUgDIFF5SAPDTnpJME1qazNOalV6gACDME1Dd2lNek2cABRJmAiQelpXNWtRbVZo2BIARAEwTUN3iAAAkBYDLAAnRTH8AZEwTnl3aVJYVnmsBfYQMEpsY214cGJpeGtaUzFFUlN4c1lYUnVMR2R5WldkdgwBCHwVEEV8FiN4TjwDcU5UVXNJakVsAOBNemNzSWxzek16RTJNauwAKlE1RAOgNWxkMVpoYkhWbIAJQVhHNGdyEgB2EgQEAJFHRmtaRU52Ym68BhJY9AnzAWRRY205NGVTaDBhR2x6S1aqEgQ0AAIIAPAPdkx5QlNaWE5sZENCd2NtOXdaWEowZVN3Z2RHaGxJvATwAjJzZ2FYTWdiMjVzZVNCdVpXIAYQURAAL2paVAAC8AVCUFltcGxZM1F1WkdWbWFXNWxVSAgFoFZ5ZEhrb2FXWnkECUBMQ0FunAt2Wkc5akp5d0oTApgABuQAIkdO7BW0M1Z5WVdKc1pUb2cUFw8MAQLwAkNBZ2QzSnBkR0ZpYkdVNklHPAFPTmxMRgABAjBnSUggAGRWbE9pQmaQAA9YAAI_SDBwGAACtEY5cFpuSmhiV1V1QAD2BElEMGdibVYzVm1Gc2RXVmNiaUHQAADgACRIMTgKEDGkAgQABABoAgUMACJUUQwEYG1oY0lqcCgMMmZNVhAEwE16STVPVGt4TXpZNcACRFhDSmaYCgocAACsBTB3aVqABABABCBsOPIR8AJzWENJeU1URTFPVGMyTkRrMsgKAKwEI1lsaAQGKADVeE5EZzFNVFU1TkRnemwAE0aIAMNqazNPVGMwTVRRNE2sBNNNVGc1TmpFd05URXpPKACwT0RFNU5UazJNVGgoDEBzWENKTAA0Nk1YNAzx_8NVM0xDSlhSVEJhVmpGNFQyTldhRmhZVmxaalUzaGpSbGRzV2xWVFZYaE9XRVl3U0VkWFNsbFRhR3haVTFWc1ZsRkhVVnBGVm5oUVYwWlZXbGRGTUZwQ1ZtaFlWbXhrUVZaR1drMVRaMk5hUlZGTlQwRjNaMDFEVVc5S1FWSkJWa2RSVmxsV01WcFlVVVpTVjFSRmIwaEJkMmRDUVhkdlNrVkNWbGxVVW13MFV6QjBXVkZDWkZCWVFtdFNWVlV4VGxOVmIwUkdhRnBMVTFaQ1pGaEZjMWhYUlhoTFZGVjBXVlpXUWxsVE1YaFFWVVU1V1ZaU1pHRldiRkZYVlVKWlFsaFJhMEpYZDJoaFdIZG5URmQzT1dSWVJqRmtSRkU1WVVSM1JVcFhkelZrUTBaNFlWZEJRVWxEUW1SVVUyZE5TVUYzT0U5RFFXdEtSVUpXV1ZSU2JGSlVWVEZLVTJkTlYwWnJjRXBWUmpGalUzaGtXVlJGY0U1VE1XaFdWVVpvVEZoRk9WRlVNV2hXUmpGd1YxWkNXbEZHWjBaa1ExRkdZa05HY0daRFFYUmlSREV4WTFoV01FNUVNVzlRUVZGc1lrUnNNRWxZUm5CWlFVRTlQU0o0GzBOalHcBBB3XAJwVjJsdU16SnAGEGJIBwJsAvQDd2lSMjl2WjJ4bElFTm9jbTl0xAYRZIwC8AF3aU1USTBYQ0o5TEh0Y0ltRBrzA3BjSWs1dmREcEJMVUp5WVc1a5gCnjJYQ0k2WENJNDAAAlwAS2FYVnQsAJR4TWpSY0luMWTsDQDkBgWEA1REWXNJaqAJEFloBjA0TUNUAxBzmBEHhAYgTTH0DvACTVRjeE5EWTNNakExTnpRME_4BgUYDxBFZBxQYk1URTNwBqBOREF3TERFeE56CAciUXfsHIBBc01Td3lOQwQAUHhjSWkxbBwxeE5qLAAweU1ELAAQWSwAInhNFAASMhQAWkk0TlN3KAABPB0ARB0ESAAECAAIKAAUQogEUDJNU3dpmAEyZDJksAhwbHdpTkR0edwbAfwFIFY5jBoRZpQLA_gKQFgzTjAmF0FaMlZm7haQSFZ5WlhNN2NHHAygVmtYelI0T0Y5cJgGAE4VcFgyUnZkRjloBgDgDZAwTzNWdWNtVnpgEMBZM1JsWkY5d2IybHWgDGBYM0JoY23kDUBSbGNuVAACSAAgY2z0G-Axd2IzTnBkR1ZmWVdOaqwLE0-YD0JjR05tCAJwSmlaM0poT5QNMDNKdBQCAxgIGDJoBShNVOQBGVXwCggAHjBORFEMAgDACDR3TETQCxBZxAExMU9GoB4E0BEB8ADzBWNtNWhiQzF3WkdZdGRtbGxkMlZ5fAIPIABoBbAQEDDwAQboAhdVzAIQVegCBMQJo3lNaXdpVzF3aWLgBQAIAAUsAyNEZxQBBBQDQUlzSW3IHgHcCDBMVEnYBRBiqB9ATERFd6geUFhDSTBarAEB8B4UeIACEHpoAASQAAB4AQVoDCVUTZwAM01USRQHMU4wZdQGIHdpYBYgWjLcAhJ4nB9RanBjSW1EAnRzSUdsdVl5_AoDPAQGHAARedgIsDNCbGJtZHNJR1Z1FA4EgAQzYzJ4UATQSjNaV0puYkNCbmJITigAkHpJREV1TUNBbxAKAzwA9gR6SUdkc2Myd2daWE1nTVM0d0lHdAQTS7gHU1ozWmxj2AQCuAASdywAQUNodmOAAANAAB9pQAAHAIABIk9s-ABDYTJsMFQCwGlaVzVjSWpvek5EY2AHACwOABAAEHh8BUxaM0psOABwSUhkbFltZAwIADAAQXpaV1owAMBPVE13T0RJd01qYzU8AENjMlZqUAM0Y0lusAdhTXhMQ0ptJBEClAvSaVpHUmlJaXdpTUN3euALE00sAwCEBAPwCwWUBCB3MAwCBfQEAYALAfwEASQCACAFCyAAAGgDCFAAFnggADRFc01QDAFgAB9FKAAEEFUYADQxTEQgAAQIAACgAAHAAoRpWTJJaUxDSYQADAgAE3l0AEB6TlRJTAAMIAAPEAADEVR4AA8cAAMBsAAAgAANIAFDd0xEWWQAEE0UBgdAABtFEAAPQAAAMFN3eqwAL05TWAABADAA0EpkWFElM0QlM0QmZGViJPY8cHJlPTAmc2RkPSU3QiU3RCZjcmk9b2hVQnVBak5pYSZwdG89Mjg5OSZ2ZXI9NTkmZ2FjPS0mbWVpPSZhcD0mZmU9MSZkdWlkPTEuxST9BC54QmZkTmJDOXpDV1NPeWhsJnMjAP0DSHVoYnBjODJvUmVab3FwSSZ0IwDwBGszSk80cnYyVmFkV2NyU3omZmJ9ALVndG09V3lKamIyNUoSMElsMNQA0Gl0PTEwNyUyQzIwMzYHACA1MTUAMGw9LbkAAwcAgHNkPS0mcnRpTADwIGJnYz0xMDQwNjU1MDA4YWMxMWVmODJlZmEzNWZhNzc2Nzc4MiZzcGE9MSZ1cmlk3ySPYj0mc2NrPS2-KRBONzgyOeUoJzkwvimgYXBwZW5kQ2hpbNIoMnN0YeUoH2y3KSSfNDE0MzkzMDQ04ighDw0o____________________________________________________dC81Nw0oDA_LUUMDFCgvNzIUKAcPxVIV8QZsb2NhbF9zdG9yYWdlX2ZyYW1lMTfOUpZodG1sIzIwMDQXKRFpIAACu1EK_FEfNtVSAD84MDQXKUavNTg5MDc1MDgyNwMBeA7_UgoDAQ8NAkIFCgEfOAoBB5FiYXQuYmluZy7FVBBj8FTwNC8wP3RpPTE4NzAxMDU3NyZWZXI9MiZtaWQ9ZWUxZWQxOTYtMjMxZC00MGM3LWFiMjctNTRmY2VjZDhkNDUzJnNpZD1mKzUyYmVmK_ACOWI0NWI1N2M0NmQ2MGNiNyYfUQAlAA-LKwrxGnZpZHM9MCZtc2Nsa2lkPU4mcGk9OTE4NjM5ODMxJmxnPWRlLURFJnN3wlBBJnNoPdNQonNjPTI0JnRsPVeoUjQlMjCqUqBBJTIwRGVmaW5p6QDzDSUyMCUyQiUyMHRpcHMlMjBmb3IlMjBwcmV2ZW4gAEMtJTIw01EfcDBT_zZgcj0mbHQ9llL3DSZldnQ9cGFnZUxvYWQmc3Y9MSZybj05NDU3ODhbBC9tZ1gEAQ9vLQEBFAACp1OQIjoiSFRNTEltvQTCU0VUQVRUUklCVVRFTAACei0PX1YoAHstXzcxMjY5XAO0_BFlYz1DSEVRJmVsPUludmFsaWRfVXNlcnMmZXY9MCZlYRYAT249WSYTAzUPwwMEAB4CYGN1c3RvbRcCbzU0ODQyMxcCDy0zM3kHEDgUAA8XAlKvMzg2MDU5MTQyMRcCFACABQ8dWhM_NzY12QAACEgHyGluc2VydEJlZm9yZeYCD2AwJCE0NQQGD0kHCgC_AAU_BgANAA_MABQvODjMAAwPEQdCBNIALzUwngEHAf0Fgy5oYXZhc2Vk3VthdHJhY2stGgD3AD9lbWV0YT1leUp3SWpvaU9QUDFjeTV1vUQkYjLtU3BKc2IyY3ZaDUggbWRdSUB0ZEdobTnwAzBjeTkzYUdGc2FXNW5MV0YwZE058ER6OTFkRzFmWTJGdGNHRnBaMjQ5UmxreU5TVXlNRVZ0Y0d4dmVXVmxKVEl3UW1WdVpXWnBkSE1tZFhSdFgyMWxaR2wxYlQxbGJXRnBiQ1pmYUhObKVU8IRjREpCVG5GMGVpMHRla2hOYW5CRWIweFVVVTFITUZSNVJrUXlkbGx2YzNoUFMwNWhZVTB3UjFKelVXcGpVVTVpTkZONWRWRjVSMlExUkZkMU1YcHBhMmxwV1U5a2RWTjJiemRGWW5KV1ZXMXlYMFI2VEVsQ2ExcEpjWEYzYUVOYWVUWTVkeVpmYUhOdGFUMHpNREmxSTQ1Tmq8AATVQGBROU16QXmhStBPVFl6Sm5WMGJWOXpiFUDgMlU5YUhOZllYVjBiMjHJSTB2YmmJOFc4aU9pSnlVo1Z6TG01dmNuUnYXTvAAaUxDSmhieUk2VzEwc0lucTpyMXpJanA3SWAAEGpTTvEOWVdsbmJpSTZJa1paTWpVbE1qQkZiWEJzYjNsbFqAAaBKbGJtVm1hWFJ6ATcJdAGwU0k2SW1WdFlXbHMcADBYMmh9QhBqIAIPfAFzoElzSWw5b2MyMXCUAAhkAQCwAALMAAWEAUhpT2lJpAEAQAEBmAKAYzI5MWNtTmxEAA6MAXBKOUxDSndjRAEBmAFkbHVaaUk2xUEwSW14SUgQazwA8CtOakkwWkRsaU9ETXROak5rTVMwNVpHRmpMVGxoTnpFdE1UTXhOMlV3TldFNVl6ZzNYekUzTVRRMk56EVcQZ5AABBQCAPwBEUl7U4IwVmtaMlV1UsNTQFVZV2MoAFhpZENJNrE9EE-JRKBpd2lZbm9pT2kwYT0AFAIgc1ogAoN5SlFSRVlnVsk7ABwB8AdRMmh5YjIxbElGQkVSaUJXYVdWM1pYQTjdSkRhSEp2YldsMWJTQjgAQFRXbGpdWGFiMlowSUWcAHFnVUVSR0lGxUggbGMkAfEGbGRsWWt0cGRDQmlkV2xzZEMxcGJpTACQaVhTd2ljR3gwMAECVT8BdABSamF5STYVWoB3aWRISWlPbdlCkE5sTENKb0lqb9AAUHdMQ0ozDAABUT5AQ0pqWgQBgGpSOSZ0cmtHeDfwFTBkMjRkMzYyLTkxMzMtNGNmMC04ZTdlLWJlODc2MmYwNTEwYZsJAS0A8BE1Y2YyN2JhNS05ZWE4LTQwMTQtOTllYS1lYzc3NWQyYToAECZlYBAtoGFAdWN0X2Bggj1taXNzaW5nGgCKb3JkZXJfaWQWAIpzdWJ0b3RhbBYAr2NvdW50cnk9VVPrBw4vMTLrBwEXNVoOD0YGC0BlcnJvr2AvcmUwYRyPNjc4NTI5NzJHBv______uh80jQwAD0cGCRhBXg0PRgYuDysOCAKEY_AHYWRzLmcuZG91YmxlY2xpY2submV0LzgR8wJhZC92aWV3dGhyb3VnaGNvbmlp0C8xMDQzMzMwNjg1Lz9KZCZvbXdkojg3NjYmY3Y9MTH-YwVraAAYAEFiZz1mAQAgJmcrCLBPTiZhc3luYz0xJoo_8AU0NWJlNDR0MHY4Nzg0MTI4NjR6YUZkcGdjZD0xM3QCAPADMnQ1JmRtYV9jcHM9c3lwaGFtDwAAUz8TX6gTI3VfqRMPhGb_OXVobj13d3cuMAJwZXJ2aWNlc9YVQCZmcm2hZj9pYmESFTzwBG5wYT0wJnBzY2RsPW5vYXBpJmE0AngyNjM1NDUzJELxDCZ1YWE9eDg2JnVhYj02NCZ1YWZ2bD1DaHJvbQVo8wRCMTI0LjAuNjM2Ny4xMTglN0NHfmYxNTIwJwA-ZSUzJQBwTm90LUEuQuECUCUzQjk5XGyBLjAmdWFtYj0HAHE9JnVhcD1X02ZwdWFwdj0xMCQA0SZ1YXc9MCZmZHI9UUGjChE93Q9gJTNEZ3RhDBfAbmZpZyZyZm10PTMmBgAH6hgPv2sHLzc31hABFziQCg8BQjuvMjcyNzE0MjQ2Nc8QBwUSAg9CBP___5YPGBUCCEIED9IOCw_qFSQESQQfN0kECA9fBgUEiAgPfQgWLzgwfQgDPzgwJn0IJX9zPUcxMTEmhgj_b_8MbGFiZWw9MjNLekNKai1qWU1ZRVAzc3ZfRUQmoQhin2d0bV9lZT0xJqoIwQZxAw-pCB8fODkTAC80MakIRp81OTI2MDMyODEtHQgPYAT___--DwkNAAlgBA_HCELQNTkyNjAzMjgyNH1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 02 May 2024 17:47:41 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 02 May 2024 17:47:40 GMT

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
39 B 119ms
119ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://us.norton.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Thu, 02 May 2024 17:47:41 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST norton
ingest.quantummetric.com/horizon/ Frame A6FA 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: frontdoor.knotch.it
URL: https://frontdoor.knotch.it/ingress?browser_url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&root_browser_url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack&canonical_url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack&referrer_url=&account_id=68c7d46d-4f53-496f-99ba-ec17ab2c1f6c&cs_render_id=6990dfd7-8910-476f-97ec-a6cf4f3497b9&cs_visitor_id=8f1b08e3-f94a-4ead-a208-9349479b88b4&time_stamp=1714672058260&session_time_stamp=1714672057988&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F124.0.0.0%20Safari%2F537.36&ktag_version=v2.5.0&platform=Win32&language=de-DE&color_depth=24&screen_resolution=1600x1200&time_zone=Europe%2FBerlin&privacy_mode=false&content_height=16680&content_width=1600&type=page_view&load_data=%257B%2522load_time%2522%253A411.7%252C%2522time_to_page_view%2522%253A146.5%257D&set_cookie=true

Domain: ingest.quantummetric.com
URL: https://ingest.quantummetric.com/horizon/norton?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fwhaling-attack%3Futm_campaign%3DFY25%2520Employee%2520Benefits%26utm_medium%3Demail%26_hsenc%3Dp2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w%26_hsmi%3D302650963%26utm_content%3D302650963%26utm_source%3Dhs_automation&t=1714672057074&v=1714672062975&H=bad13366b22059b800d15cd6&s=e906c57345f1ee21e69889e7341e8092&S=102163&N=151&P=2&z=1

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

89 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 20:19:18	Name: X-AB Value: 24b5be485c2747719f2dadcc8288a94b
.bizemail.gendigital.com/	1970-01-20 20:17:53	Name: __cf_bm Value: iDJhc7.Tz8xxFhKqyFtgrIbM0gZBWvsdKxMDZ3.zN2k-1714672054-1.0.1.1-pDcILkjzvtFRYTqJeWmWSqcUBDJ0MDXroWKtkN2jT95nYTwacjBhLMBAzzFTNNqL2nqOhel8gSfbtSljEnNOpg
.bizemail.gendigital.com/	1969-12-31 23:59:59	Name: __cfruid Value: 993ff8f8ece620c53642270eeebf50daeb7da6aa-1714672054
.norton.com/	1970-01-20 20:17:55	Name: AKA_A2 Value: A
.norton.com/	1970-01-20 20:17:55	Name: qs Value: 75746d5f63616d706169676e3d465932352b456d706c6f7965652b42656e65666974732675746d5f6d656469756d3d656d61696c265f6873656e633d7032414e71747a2d2d7a484d6a70446f4c54514d4730547946443276596f73784f4b4e61614d30475273516a63514e62345379755179476435445775317a696b6969594f647553766f3745627256556d725f447a4c49426b5a4971717768435a79363977265f68736d693d3330323635303936332675746d5f636f6e74656e743d3330323635303936332675746d5f736f757263653d68735f6175746f6d6174696f6e
.norton.com/	1970-01-21 05:03:28	Name: es Value: 4e56533d317c5054523d6e6f6e657c4643443d4d61792d30322d323032342031303a34373a33357c4c43443d4d61792d30322d323032342031303a34373a3335
.norton.com/	1970-01-21 05:03:28	Name: tp Value: 5452533d646972656374
.norton.com/	1970-01-20 21:44:16	Name: ttControl Value: 5443473d35
.norton.com/	1970-01-20 20:17:55	Name: promocode Value: defaultweb
.norton.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-21 00:37:04	Name: demdex Value: 40930319706279316162824264558932328777
.norton.com/	1969-12-31 23:59:59	Name: AMCVS_67C716D751E567F70A490D4C%40AdobeOrg Value: 1
.norton.com/	1970-01-21 02:03:28	Name: s_nr Value: 1714672056514-New
.norton.com/	1970-01-21 02:03:28	Name: event69 Value: event69
.norton.com/	1970-01-21 05:03:28	Name: channelStack Value: s_eVar72~norton.com
.norton.com/	1970-01-20 20:17:53	Name: s_tbm Value: true
.norton.com/	1970-01-20 20:17:53	Name: s_gpv Value: norton.com%3Aus%3Ablog%3Aemerging-threats%3Awhaling-attack
.norton.com/	1970-01-20 20:17:53	Name: s_gpv_custom Value: norton.com%3Ablog%3Aemerging-threats%3Awhaling-attack
.norton.com/	1969-12-31 23:59:59	Name: s_cc Value: true
us.norton.com/	1970-01-20 22:27:28	Name: 53038 Value:
.everesttech.net/	1970-01-21 05:03:28	Name: everest_g_v2 Value: g_surferid~ZjPRuAAAAH3ZNgNe
.symantec.tt.omtrdc.net/	1970-01-20 20:17:53	Name: symantec!mboxSession Value: 66e965a0fefe4474a47f1a8e0023a24f
.symantec.tt.omtrdc.net/	1970-01-21 05:53:52	Name: symantec!mboxPC Value: 66e965a0fefe4474a47f1a8e0023a24f.37_0
.dpm.demdex.net/	1970-01-21 00:37:04	Name: dpm Value: 40930319706279316162824264558932328777
.norton.com/	1970-01-21 05:53:52	Name: mbox Value: session#66e965a0fefe4474a47f1a8e0023a24f#1714673917\|PC#66e965a0fefe4474a47f1a8e0023a24f.37_0#1777916857
.norton.com/	1970-01-21 05:53:52	Name: AMCV_67C716D751E567F70A490D4C%40AdobeOrg Value: 179643557%7CMCIDTS%7C19846%7CMCMID%7C40730215586189643052844820053831355896%7CMCAAMLH-1715276856%7C6%7CMCAAMB-1715276856%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1714679256s%7CNONE%7CMCSYNCSOP%7C411-19853%7CvVersion%7C5.5.0
.norton.com/	1970-01-21 05:03:28	Name: SYMANTEC_ENSIGHTEN_PRIVACY_BANNER_LOADED Value: 1
.norton.com/	1970-01-20 20:27:56	Name: RT Value: "z=1&dm=norton.com&si=cb7d6359-a80c-4aef-934c-b0ed496b299a&ss=lvpjgx3i&sl=1&tt=1lk&bcn=%2F%2F02179916.akstat.io%2F&ld=1lm"
us.norton.com/	1970-01-21 05:03:28	Name: __pdst Value: 49423ac83e784226a11d2fa21a18b550
.norton.com/	1970-01-21 05:53:52	Name: uuid Value: 556e03b7-6ad1-41d5-9119-fcda8717a6b7
.norton.com/	1969-12-31 23:59:59	Name: IR_gbd Value: norton.com
.norton.com/	1969-12-31 23:59:59	Name: IR_4405 Value: 1714672057136%7C0%7C1714672057136%7C%7C
.norton.com/	1970-01-21 05:47:38	Name: _scid Value: 88690f6f-8b59-4fb6-80a2-e2053b551ba2
.norton.com/	1970-01-21 05:47:38	Name: _scid_r Value: 88690f6f-8b59-4fb6-80a2-e2053b551ba2
.bing.com/	1970-01-21 05:39:28	Name: MUID Value: 0CF2549167B06B33089540E2661C6A0B
.norton.com/	1970-01-20 22:27:28	Name: _gcl_au Value: 1.1.26354531.1714672057
norton.ow5a.net/	1970-01-20 20:27:56	Name: AWSALBCORS Value: x18KCv05KG0zKsvBLty81eo0e672D1jozYv4glfgOwBYI602UqDImLqdBvTQUZophG2bV3rnuSqBs+XQeYG29zswBKYvFTIL4Zabs8X1j0s41THHjX+zicoooDFy
.ow5a.net/	1970-01-21 05:53:52	Name: brwsr Value: e007c577-08ab-11ef-ac4e-b1fcf1bdb378
.ow5a.net/	1970-01-20 20:19:18	Name: irtps Value: 1
.tiktok.com/	1970-01-21 05:39:28	Name: _ttp Value: 2fvCF4snbWBfaDmRvGgUIstVD4P
.simpli.fi/	1970-01-21 05:04:54	Name: suid Value: E4D4D4949C864073A63D59D46B23A2D7
.ispot.tv/	1970-01-21 05:53:52	Name: pt Value: v2:90395e635ed8e05b1c60f369acf1d336c106130a5c00c0c8e020902c7770b979\|ba6ec63183364499cffc14d56118253daf5edd9cfb71190b8aa8395443f3302e
.pinterest.com/	1970-01-21 05:03:28	Name: ar_debug Value: 1
.ct.pinterest.com/	1970-01-21 05:03:28	Name: _pinterest_ct_ua Value: "TWc9PSZUMm5zUFlEMlJLRGQrb1k2WmZPNHBPckhIS1lRTXpCVW9kSFZQcnQycDA3c2QrT3FUQjVRM2o3UFVlZUlwNG5lNUxoWEZpMzJCZURPT29QU29McFBMUnltbnZkRnF3NXZXalVPenVvWVp3UT0mNDdnaGJmN01FK0xobkd3TEJBMHFyc2dzZjh3PQ=="
.trkn.us/	1970-01-21 05:03:28	Name: barometric[cuid] Value: cuid_6633d1b9-9cd0-4170-9211-372aec53d290
.doubleclick.net/	1970-01-21 00:37:04	Name: receive-cookie-deprecation Value: 1
.norton.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_3_sn_E462410C7813E2E22D1BFAD6BA03882D_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0
buy.norton.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: CC27A718E759639C892C5899C860C1A7
.buy.norton.com/	1969-12-31 23:59:59	Name: X-CSRF-TOKEN Value: crBofWbaku/2bSmNq2A_LGxnwiREGBwyi1W5N3mzSuo_
buy.norton.com/	1969-12-31 23:59:59	Name: ESID Value: 02c2c74f54-6981-42DNq32C2coYqNYnQh7DS1qcLYLc2ts5NwPbbPQYH99Dyvt2Fdj44cvQd_MZReCeNdjXU
.twitter.com/	1970-01-21 05:53:52	Name: personalization_id Value: "v1_wviphPG4Y+INsNRkNYZiPA=="
.t.co/	1970-01-21 05:53:52	Name: muc_ads Value: 65d0d20e-b997-4861-bcd0-e2db8196ade5
.norton.com/	1970-01-20 22:29:16	Name: _cq_duid Value: 1.1714672057.xBfdNbC9zCWSOyhl
.norton.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1714672057.Huhbpc82oReZoqpI
.norton.com/	1970-01-21 05:53:52	Name: IR_PI Value: e007c577-08ab-11ef-ac4e-b1fcf1bdb378%7C1714672057136
.norton.com/	1970-01-20 22:27:28	Name: _rdt_uuid Value: 1714672057901.b4bd02b4-a788-4049-b41c-965ec796bb93
.doubleclick.net/	1970-01-21 05:39:28	Name: IDE Value: AHWqTUmQO8eiU-Jz_Px37RB5POwMzyGYDJf_Fq53wRuTYyoVVsjIahmFGdWbQmsIIxo
us.norton.com/	1970-01-21 05:03:28	Name: kn_cs_visitor_id Value: 8f1b08e3-f94a-4ead-a208-9349479b88b4
us.norton.com/	1970-01-21 05:53:52	Name: __helocckid Value: 624d9b83-63d1-9dac-9a71-1317e05a9c87_1714672058
.ojrq.net/	1970-01-21 05:53:52	Name: brwsr Value: 10d27632-08ac-11ef-b851-7541df943219
.norton.com/	1970-01-21 05:53:52	Name: _ga_FG3M2ET3ED Value: GS1.1.1714672058.1.0.1714672058.60.0.1574759666
.norton.com/	1970-01-21 05:53:52	Name: _ga Value: GA1.1.610907757.1714672058
us.norton.com/	1970-01-20 20:17:52	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1714672058256%7D
.linkedin.com/	1970-01-20 22:27:28	Name: li_sugr Value: 4380a9f4-17e7-4fe9-b5b7-45f9ae032654
.linkedin.com/	1970-01-21 05:03:28	Name: bcookie Value: "v=2&6a5319d5-5c80-4fb0-8e1a-e0383f1030af"
.linkedin.com/	1970-01-20 20:19:18	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3224:u=1:x=1:i=1714672058:t=1714758458:v=2:sig=AQGBbdOtOUN2MvP18gQXerJQzhkKAsFq"
.norton.com/	1970-01-20 22:27:28	Name: _fbp Value: fb.1.1714672058267.1461888165
gwmtracking.com/	1970-01-21 05:53:52	Name: kwsu Value: 6633d1ba0e618b647b3fff74
.norton.com/	1970-01-21 05:39:28	Name: _tt_enable_cookie Value: 1
.norton.com/	1970-01-21 05:39:28	Name: _ttp Value: WuThL_Zw6XaquThuyLty6xxVdOk
.us.norton.com/	1970-01-21 05:03:28	Name: _pin_unauth Value: dWlkPU4ySXhZekppWTJNdE9HSXpPQzAwTnpSbExUZzFabVl0TkRBd05USmxabVUxTTJJNA
.linkedin.com/	1970-01-20 21:01:04	Name: UserMatchHistory Value: AQI7JTaYdJbnzgAAAY86az_d8vHG4FuCkciIGXPSWCv51Vrd6xH5u-pDxIzUbWIB8Lb3PTokC0eNBA
.linkedin.com/	1970-01-20 21:01:04	Name: AnalyticsSyncHistory Value: AQLBRJEJbsDxJgAAAY86az_d4dB55Qfb2jcWpSQnvtLHPb7vtNCWoFYBFDqWxW6fFQJ7eiY99pYtC1uGSC8yNw
.leadsrx.com/	1970-01-21 05:03:28	Name: _lab Value: 2251801102620071
.leadsrx.com/	1970-01-21 05:03:28	Name: _lab_lastTouch Value: direct
.doubleclick.net/	1970-01-20 21:01:04	Name: ar_debug Value: 1
.norton.com/	1970-01-21 05:03:28	Name: _lab Value: 2251801102620071
.www.linkedin.com/	1970-01-21 05:03:28	Name: bscookie Value: "v=1&20240502174738d5f33791-f191-4458-8a87-82bc78ba614cAQGpRr89kkPb1ikgdnjfMmh7fe4H3oIZ"
.linkedin.com/	1970-01-21 00:37:04	Name: li_gc Value: MTswOzE3MTQ2NzIwNTg7MjswMjGfL2TxBJbfQTujElM7B0tCQ7oo8mospAv8iwkdNUCJpw==
.norton.com/	1970-01-20 20:17:53	Name: QuantumMetricSessionID Value: e906c57345f1ee21e69889e7341e8092
.norton.com/	1970-01-21 05:03:28	Name: QuantumMetricUserID Value: 1892915f0150cc547bb6b42d4711eae3
bite.australiarevival.com/	1970-01-21 04:21:42	Name: cg_uuid Value: 5b7ee2f550a5a79feb3a3163c4e90074
.knotch.it/	1970-01-21 05:03:28	Name: visitor_id Value:
.knotch.it/	1970-01-21 05:03:28	Name: optout Value: 1
.norton.com/	1970-01-20 20:19:18	Name: _uetsid Value: 10402be008ac11ef9b45b57c46d60cb7
.norton.com/	1970-01-21 05:39:28	Name: _uetvid Value: 1040655008ac11ef82efa35fa7767782
.bing.com/	1970-01-21 05:39:28	Name: MSPTC Value: Ngh5ZeiGMgPmzglhIl9bQnvxUVe_TEj8PoSaoz5FOeE
.bounceexchange.com/	1970-01-20 20:17:53	Name: bounceClientVisit2004c Value: %7B%22vid%22%3A1714672060233043%2C%22did%22%3A%228661204614664747757%22%7D
.norton.com/	1970-01-20 20:17:53	Name: bounceClientVisit2004v Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgK4oB0AdgPYBOCVFZAxlQLZEBGYVA5kQKat+NHgEsKPALQI4NfgEME6AgHc48sOKmKE8pgGtMJBKwD6TeawjzRPCpgAi+AJq4ArHje4ADAFEr3ACe-PyePgBC-BT8AGaiSngAbMQmpkIAJqLE7BgOgjZgSaZwKFFMjhC4WAByAI4IAF6Skg0AEgCyAFYQDlQAMgAqAIrtAOLeA4H4DrgAbs5UKAAeAPIA0tXy8u3eowBKKEOdTEPVHAAsAMqBxEOBo+luDgDqxACMDaL6oqLOK+nES6zKgAdl8HBoADUAKqsGimBwNPoASXC+gAWsjarU1ABhdGBRIAThURRKrFEjgw3lwiTc3iJiQwSRSZhYFAQUQQVJpdIZTJZqRQVGINCYoVyJVM8hSbEUogYIAANCAaDAQMqQKIUKYeFRTKUUCgFRQYDENKUVdrdRADfwjSazRb+ABfIA

126 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/2010787619164716?v=2.9.154&r=stable&domain=us.norton.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
worker	verbose	URL: blob:https://us.norton.com/e7fe62ce-fc02-403b-83b1-6fad3d060a6f(Line 1) Message: Error
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://us.norton.com/blog/emerging-threats/whaling-attack?utm_campaign=FY25%20Employee%20Benefits&utm_medium=email&_hsenc=p2ANqtz--zHMjpDoLTQMG0TyFD2vYosxOKNaaM0GRsQjcQNb4SyuQyGd5DWu1zikiiYOduSvo7EbrVUmr_DzLIBkZIqqwhCZy69w&_hsmi=302650963&utm_content=302650963&utm_source=hs_automation Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179916.akstat.io
8136487.fls.doubleclick.net
a.quora.com
ad.doubleclick.net
adservice.google.com
alb.reddit.com
amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
api.bounceexchange.com
app.leadsrx.com
assets.adobedtm.com
assets.bounceexchange.com
bat.bing.com
bite.australiarevival.com
bizemail.gendigital.com
buy.norton.com
c.go-mpulse.net
cdn.pdst.fm
cdn.quantummetric.com
cm.everesttech.net
configs.knotch.com
connect.facebook.net
ct.pinterest.com
d.impactradius-event.com
data.cdnbasket.net
dpm.demdex.net
e.cdnwidget.com
ensighten.norton.com
event.havasedge.com
events.bouncex.net
frontdoor.knotch.it
googleads.g.doubleclick.net
gwmtracking.com
ids.cdnwidget.com
ingest.quantummetric.com
insight.adsrvr.org
js.adsrvr.org
norton.ow5a.net
oms.norton.com
page.cdnbasket.net
pt.ispot.tv
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
region1.analytics.google.com
s.go-mpulse.net
s.pinimg.com
s.yimg.com
sc-static.net
siteintercept.qualtrics.com
snap.licdn.com
sp.analytics.yahoo.com
spider.australiarevival.com
static.ads-twitter.com
stats.g.doubleclick.net
symantec.demdex.net
symantec.tt.omtrdc.net
t.co
t.paypal.com
tag.havasedge.com
tag.simpli.fi
tag.wknd.ai
tr.outbrain.com
tr.snapchat.com
tr6.snapchat.com
trkn.us
tvspix.com
us-central1-adaptive-growth.cloudfunctions.net
us.norton.com
view.cdnbasket.net
wave.outbrain.com
websdk.appsflyer.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.knotch-cdn.com
www.linkedin.com
www.nortonlifelock.com
www.ojrq.net
www.paypal.com
www.redditstatic.com
zn7ngvh48sidro926-gendigital.siteintercept.qualtrics.com
frontdoor.knotch.it
ingest.quantummetric.com
104.126.37.145
104.17.208.240
104.244.42.133
104.244.42.3
13.107.42.14
142.250.184.198
142.250.185.130
142.250.185.196
142.250.185.226
142.250.186.162
142.250.186.38
143.204.207.250
146.75.120.157
151.101.0.84
151.101.1.140
151.101.128.84
151.101.129.35
151.101.130.132
151.101.65.21
157.240.252.13
157.240.252.35
162.159.152.17
172.217.16.195
172.67.20.158
18.172.103.101
18.245.31.105
2001:4860:4802:32::36
2001:4860:4802:36::36
216.200.122.11
23.35.237.86
23.37.34.49
2600:1901:0:56e0::
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:206f:5a00:1:996f:a9c0:93a1
2600:9000:26e8:e600:12:1bcc:1d00:93a1
2606:2c40::c73c:671d
2620:1ec:21::14
2620:1ec:c11::237
2a00:1288:80:807::1
2a00:1450:4001:80f::2008
2a00:1450:400c:c1f::9c
2a02:26f0:3100:782::11a6
2a02:26f0:3100:795::11a6
2a02:26f0:3500:11::215:14d5
2a02:26f0:3500:16::215:149b
2a02:26f0:3500:588::1e80
2a02:26f0:3500:88e::1015
2a02:26f0:3500:991::11a6
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::396
2a04:4e42:8e::84
3.124.173.63
3.255.41.64
34.102.193.48
34.111.8.32
34.120.253.250
34.149.235.45
34.149.44.52
34.149.56.191
34.208.11.252
34.246.26.134
34.251.169.192
34.252.79.101
34.95.127.121
34.98.72.95
35.186.249.72
35.190.43.134
35.234.162.151
35.239.153.217
35.244.142.80
35.71.131.137
52.2.7.148
52.222.236.68
52.35.126.167
52.48.221.63
54.218.116.186
63.140.62.27
66.235.152.225
70.42.32.127
95.101.111.156
01a35bb43d6af1d38f1240aa5e4935892e9feb2888813b1f41bea599be833f53
021c5fc6030190f968031644cc8a81738766d504ef2c6f351a642d1eabe90ed3
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
03dbf9dc05fa84370cbdfb363a10855e9fd035a833cd83b67e14cdb975882bed
047326738d40c8e278c7e117df1ae29260ccb40ea994b650075a3c669f85046d
05dce95eaa2457f1ed9076e0d32b59680b654cf7ca6a4e35f3fe682c78f460b0
0882be2bb685d64ae46b56574b330fb1afe5dfef39f940d12ca776475248eaa8
089f367698a85197af062d060fdbcd91d5b3d90b35f94498542c9bf7eab0090f
08bf9e4793d975969d1e3a4c7bba6196e3164a4ff40d6dbd0dc8ae2c4654ff15
095d8250a2bb5d0bd8d571e028cf271ff02fa05e0c1435a81a48344e8b828027
097fc701a3c28095c30fbd1ed5c268bd7c5598eac0be99e63c21aa534b54e131
0afb5adee300f91b2ac3acb6feab6c55078727db7612d20fa5f5542640637d4f
0c8437e08f14b097573421577ae242e6e483cff52889c0dcbfd7088e57ad575a
0cadebb1c13e97b954b5695b97ec7729bc1ccf9e2684d7bd78fa54dc3984399d
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ff9152a3dd6c8041b96dde9366c8ed3753c87219bc5ed07f4e4f377578d5f7d
10d8b3ff7850f2970b02368006230ce7d0be3d17d869b0cdf66de92305dea88a
131aa7c9845bb29260758b95fd4e71090a661de130569036181ddbbd09c93382
187bd24e7f4c07a7f3e9898f0719ed419c0f15476e4c1efb3e0241ea59e99e4a
19cba53f17f49486691bccffeed3cd45d9de5416d1d5f43c1f937b62c3fbd390
19cc1cced30687035cb740cbbf86a4c2d7c5085ca95e3fdef76d7e28d35af57d
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
22c66cd15f32e15c9373fc199c95f3dd381435590e5592f1b93ad971491b7172
22f8b5742f36975c1f0d054e483b4ef14eaab3c472c81558115f431dfee721a1
23cbdb9898337abd7b695077d28d5ce16d5c77228c3da33e6c40b9b4ff9d49ef
2656179397f3a526d5f9661b73e8f867d7b5b82d74d479918c355e27254b5588
279da263227d9bda0a877ba42501841d604bde5056790db3869d909891276b7e
2865b3e23715c80fdfedbe5766a9dddffb4bb69cc73d2ea8ae6708ccf3aed8aa
2c63ca2fdd4c7f1f7cfa97c4b4c0b0df6ee8b77841ad7da2a3f4d1ef6cc5367b
2cb058bb56808e629a3c76ee922baf9344c280b867dd0e6c29d6b1bbe0080294
2ce0526436c8329fbad37c4bab39f5cacba0bd54f70fb2fb01dacb803101cd78
319f990aafde19439e1b244bff353227271dc51864212810c9662ab725da4cc1
32d720cede6dadc60f848ff6670b767292e508c5ec392ef64ffd4fd46982e565
3543e8116e63866bf68a357dbbea9e8c5cd07c635955666f6db2329b95b8330c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a95689e90e588b166f7b3ecd334959a2d6a3da1d73d557c8fb72fa10cf465dd
3af99c9e152eb6a388574c6cbd1df620882f99b486c542360b84eeea25923d04
3cfad2c28fe50f641c4a891d158cd951206ebfc4438cf7d5827e2b3d7a68435e
3cfb91118d5642a4749b8759fd312ad0bced370be64b704aabad72f3d2fe2dc7
3f54cc213dd270b7b7f66e7167c234e76cde1ff02a19923f299c82731fd8d2b9
3ff57d5e8dd2a502f0280fc4009e13534ab6105734a9116ef379ddc5e0a1dc2c
4013c59455800a51f0516969f19b7e3caf9e3e82860541b85f76b1fafa6b5ea1
4018d7f0a983131974acbea85f1be1a84c2cca541c584f98b5c5c83413913695
43f80764e0d9752a9552f8183c96c294ef1676e4e81e116103c5c2583558b819
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46b355413fae37112947fa2f5604e3efe8316000ea62ed2e034aca633ed52638
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
488db805a326a9218cf40ddfdfeffb16f2344ff7061ce17d3dac68ef009d99c9
4ccf7294fc7d14755d2ff24b6d01612d53de53abaa48c16334143177eea7cadf
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e3ed2afa5d960b8c49dfbb89134265d6e39f67f320920db5e0ea2df102ee358
519c5c52de1e6e974ec1b3afc82b30c4986ccccbfa3e836e7568b5afebea9db1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56a91178be19c73d3cd57f522c0c8dc23246780057acf2a768f0fd7b12bf492a
56cf42dde34910d2c64688d31d7c5608af764352d9fe475ff31835ee7e2e4305
57bd3463acfad02c222f7beac208f69df5507f7de42fa38b18a1e1e48df2a44a
598e85c4fb1f9e5269de4955cc9d9e3b7301122eaba31a2b7885d3f784a1ab25
59f1b7d93f47fcc926143154888aa471910eaf81c3c41270b61cfe012dda08df
5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427
5af5ee0b37b1f0ef31c42932bbf81424e4bb53e95e87a47e058625c1af2245db
5e303e88b8398f416f84591973b2dc5df6d02746f782fc367368e3f6fbfae6ad
63bd113ca7d4f8a07a66f85015c9b878735c3c669f9e4db1d59b167c9f6ac51e
6471f0b9ad6556620ed186647dae62daac7f7d8cd9e14a7af524db1f50a38c47
65919c22e02d065710e6458265be840309aa2e68fc4420e790b4215ecc9a83e3
65b95f1cfd39f04681add711717f57b8380173a02c65f18bc2fce1d0a27f4e7a
681fcc3a0b865502154efd54bb593f187f0f1c3c339de0f1a46ef5d65286ddc3
699f851d058da8710b22c397fa96aac5422a4b48a44c7021e7e397254903b754
6b7c15ba709a6100aeb73c2a6337d4f39c3b91127c6e84498e178ea0302b4196
6c58f061a49641f54723faab57ad0bdb49a95619e86c90dad9a3ed630ffb3780
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6dca3cda351266b457f2ae9cd563ad3379fe41a9d5e2f8c49a3602a47f247293
70192e1fb00626e113a419bd9edbc3a7666ccafb49d6bc95681dfce09d8aabee
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
765bcc5c747a0e4c9bce94f6132561e4d81ca391be2bf5d8080c3c04a85cba08
799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b
7adb2fbfe7954dc15cd52b3fd050b57f65d2cd79987544247664929134329f25
7c3ffee5bcd22c88b35273b0e47553373564c519031afac4fdd45cea71107e4f
7e8f70f86d34990e70e0b696310775bc5c4327110a78a08cebf21fc072cab1b2
7f60b70cd0914dab4dbb9f4e2f97e3e8b2784c500ec236e68adb2956bff893ba
8140d06b0dac3aba3cf4a2686e54209ee4cdc24202405da7a5986ef38e3cefa9
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8a78c85e56bc02bedda2ac52ef9787d843c550a1bb4e5763b9de26be89640f33
8ad3e9cd041964b09acb85f6e9d0c1b260413ce28844c35c421d4a09f13f0c31
8b63551250b638b8a14fc8e2d7584b280217efca2a2880cefa680cce24cb2b6a
8b912949753e4876dcc1242255b958c1cf74cfc84859fae7e44c698b02ce2f43
917aa1c6fe42f8b54acfb06b75ebc9f106f1ebe9133b34bc791f2d265272a774
9220b770c3024f3fb68151593f77e58465e67fcbb479e7acafd10f66b2c5f8bb
9356c1d2df35e0cccffe18122bb542072a507edf0892146830eb6af86b8a54bf
945cf787eed6276cc645158b724919f242f595e046f45f17bf6fa1ac63b7a691
950cbbd2a8f2a1dbfac2c7e25471dbf0904ec5015d686aacdbe1970f4bc117ee
963adb4be5eee8f53bd330e7a6b03749ffb2de194b69705b25c0be94b86aa1b7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
990690dac3475c73a58cbda78a333c12b99080066f9624fc8945ac0e42d61474
993dd58982b1ac8d552faf847ad5613219cdeca250c46a2d6e4e7616afb64a7d
9a8046ae76f3c2fa5def7d0153cdb57e8d97c88ccb913dcb4209e3a9f001a36f
9be9d584d9718fb12864ee91ea739e931ec9a2cbd66594b6654888b6f5c469b8
9cae17c82ee21eebeb7713ea50198ae11522924f892e3ea70d0e38ae84a70f1a
9d3c45f5b6d5ab662c80a2f1b399e7663ccccb307415edfa29fb0edb9145e85b
9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4
a1a49d11608caeef00569d70f10439a0669819e55f0676327e9759ac37bc7349
a1a7069365ef1fa15bd89c341e44edb807bec4e6006c3f6cc2eede1df5868531
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a234eb641f1d5e20a5c4c22c13403467cf0e8f140bed15a9c768783b3b08b349
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0d59e6793fe0753b08ca807791faf4b84909d00eb0ea9eee991bfd961065402
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b91e17bd69d5b70daa2a376dc99dedf80adb25bfe58516e045b97140aa4c30f4
bce657f4cccebf522c57d100dd000580e9d540711cab1b9c014a0e8854251f4c
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
bf8e90f6783d986a0bd1b31cd3979b0a1310848515e2fb2629ef9085c3ec19c1
c18c5c1ac5e5e3acc90c054fad1285ec55f67b9839b7476b3c5943075cd7bf79
c28de7c229644b119a9247e281ce9e7dbe58fd5075f66493b7e744096443f2d7
c56ee754a0d6974b3c0e1f60a9466fce375eeecb3baaa9b6e66d9ee7a9d30129
c898aac83b1f69c83051ae3a6edf082e2753657151fc8298d433d2774fc97093
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
ccd7e9557cd9db88268e80255b101f1f48d4d150dbcf036b661aa99099f43500
cd33ca26e810e13f4112a54d10d4f85d12ebb98a5f977af67ca9442e68d86f80
cd3521e9b79712590c50523ef00789c637324afa1c8987bf5b773c5d3a66fb3d
cd56592299c1c670fb97ef28bcb50048508c01879ecb23b71364aecc0483e202
cddedd8608723d22a8931d30e123bc6fe3d2657e9567997c2b4434361a04e3fa
cf612aee71a7ff956265aa283e46f1d6af53e8d888951ae2546ca53a0987ea1a
d10120e8049800e3274fe1301cef6bdda830c1ba4f9d666ab447fd8b10266aff
d7af9603418d193066b7c1b3dcc3ce7d4ca0def800c32e02aff5a9be9ea9a4b3
d92510e1217668642bc5364d01f23adc6a2462587993f16a0eb3e58678902165
d9980934f596e8d33c9874e3a451ae10ded9b7715ea4e0911a66396bd674c620
d9e3d43df088484bb1906f19520256905295bc1e59b27c17d1a1d0095f1f9fb2
dac99c71e943d58b4fac29e7bed45da2fc55ceec4d6627ecce863dec95a520aa
df1c84b7b7dc39655db2bd72f4f17cefd065d4140ba2bf771f6d35a18f9b1ec8
e0ff71bdb1ab7cb99acd4e67f23558566173715a539990dc40f98ab3b58a2b44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ffc0b66d8feace6bbb5bf4db49d7d2f5d9a0516965b93dff62c180317740ca
e685d0570b5f2a53386b284e5cbd16cd863d6d8724ce847b5858ef3344e68cd2
ebdf93991a2ed22745d06711d88be171680e237cc52491457833f82fc4639937
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f10699f59e4285b87af5097e4ba9e470ee29b4f3487fa767f2818bdbbdd6bb14
f4d1d59032f0f9c315e32cbec848aee3f61480dacb58f3e624a0825a23328fbe
f607d2985f3fd420844ab40e87858dd70276c9ba9791a9e6c429b7f800998419
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa55872ee4912961cf72a0e39cfe69cc03d36961bb5e5931e8fd0c48af5171c4
fdb3f80ad6876da45ed4e07db6bdb29b314f2a272ff97bfa9889e4b6e4740f52
ff0f4e4f7dcaac0334ec00e1a654bce5aee589c1208d30872ce5061568975b02
ff5738e7904810d00e0c2a81fb10db7dab8e4c69e8df3582dcd0764ee15a5715

us.norton.com Open in urlscan Pro 2a02:26f0:3500:88e::1015 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

227 Requests

95 %HTTPS

28 %IPv6

59 Domains

85 Subdomains

80 IPs

7 Countries

2004 kBTransfer

6067 kBSize

89 Cookies

93 Outgoing links

Page URL History

Redirected requests

227 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

us.norton.com Open in urlscan Pro
2a02:26f0:3500:88e::1015 Public Scan

Screenshot
Live screenshot

Full Image

227
Requests

95 %
HTTPS

28 %
IPv6

59
Domains

85
Subdomains

80
IPs

7
Countries

2004 kB
Transfer

6067 kB
Size

89
Cookies

227 HTTP transactions
0 data transactions