sg.norton.com Open in urlscan Pro
2a02:26f0:7100:493::1015 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sg.norton.com/
Submission Tags: falconsandbox
Submission: On November 19 via api (November 19th 2021, 3:58:13 pm UTC) from US — Scanned from DE

Summary HTTP 148 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 67 IPs in 8 countries across 57 domains to perform 148 HTTP transactions. The main IP is 2a02:26f0:7100:493::1015, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is sg.norton.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 18th 2021. Valid for: 5 months.

This is the only time sg.norton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2a02:26f0:710... 2a02:26f0:7100:493::1015	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:710... 2a02:26f0:7100:487::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	3.124.173.63 3.124.173.63	16509 (AMAZON-02) (AMAZON-02)
3	34.248.116.162 34.248.116.162	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b9::1015	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:35fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
1	52.18.150.20 52.18.150.20	16509 (AMAZON-02) (AMAZON-02)
1	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
2	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	23.100.48.86 23.100.48.86	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	3.11.233.241 3.11.233.241	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.53 143.204.98.53	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	35.168.179.4 35.168.179.4	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	151.101.65.175 151.101.65.175	54113 (FASTLY) (FASTLY)
12	184.30.20.207 184.30.20.207	16625 (AKAMAI-AS) (AKAMAI-AS)
7	35.222.211.90 35.222.211.90	15169 (GOOGLE) (GOOGLE)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	2600:9000:215... 2600:9000:2156:3400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	52.16.149.121 52.16.149.121	16509 (AMAZON-02) (AMAZON-02)
5 7	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	44.236.15.248 44.236.15.248	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:b4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	67.231.154.66 67.231.154.66	22843 (PROOFPOIN...) (PROOFPOINT-ASN-US-EAST)
1	23.58.216.7 23.58.216.7	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 2	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
3	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 6	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	54.184.150.70 54.184.150.70	16509 (AMAZON-02) (AMAZON-02)
1 1	185.33.223.38 185.33.223.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 2	184.30.24.241 184.30.24.241	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.157.131.22 18.157.131.22	16509 (AMAZON-02) (AMAZON-02)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	104.75.88.210 104.75.88.210	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.126.38.41 3.126.38.41	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	184.30.21.112 184.30.21.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.52.2.48 216.52.2.48	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
2 3	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
148	67

20 2a02:26f0:7100:493::1015 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

sg.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
now.symassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:487::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com

ensighten.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.248.116.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-116-162.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
symantec.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b9::1015 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.nortonlifelock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.191.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.150.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-150-20.eu-west-1.compute.amazonaws.com

symantec.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

oms.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.100.48.86 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

buy.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.11.233.241 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-233-241.eu-west-2.compute.amazonaws.com

www.tag4arm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-53.fra50.r.cloudfront.net

tag.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.168.179.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-179-4.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.222.211.90 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 90.211.222.35.bc.googleusercontent.com

norton-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.149.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-149-121.eu-west-1.compute.amazonaws.com

norton.ow5a.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.70 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

8136487.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.236.15.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-15-248.us-west-2.compute.amazonaws.com

event.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:b4f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.231.154.66 (United States) 2 redirects

ASN22843 (PROOFPOINT-ASN-US-EAST, US)
PTR: urldefense.proofpoint.com

urldefense.proofpoint.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.58.216.7 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-58-216-7.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.52 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.184.150.70 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-150-70.us-west-2.compute.amazonaws.com

cookie.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.38 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.241 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-241.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.131.22 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-131-22.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.88.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-210.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.38.41 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-38-41.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.21.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.243.60.138 (Ballerup Municipality, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uip.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	doubleclick.net 9 redirects stats.g.doubleclick.net 8136487.fls.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	7 KB
15	symassets.com now.symassets.com	216 KB
14	mathtag.com 1 redirects pixel.mathtag.com sync.mathtag.com	13 KB
14	norton.com sg.norton.com ensighten.norton.com oms.norton.com buy.norton.com	221 KB
9	google.com 1 redirects analytics.google.com www.google.com adservice.google.com	2 KB
8	quantummetric.com cdn.quantummetric.com norton-app.quantummetric.com	75 KB
7	googletagmanager.com www.googletagmanager.com	292 KB
6	google.de www.google.de	863 B
5	google-analytics.com www.google-analytics.com	41 KB
4	kampyle.com nebula-cdn.kampyle.com udc-neb.kampyle.com	104 KB
3	semasio.net 2 redirects uip.semasio.net uipglob.semasio.net	2 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com	1 KB
3	yahoo.com sp.analytics.yahoo.com ups.analytics.yahoo.com	2 KB
3	googleadservices.com www.googleadservices.com	30 KB
3	adnxs.com 2 redirects secure.adnxs.com ib.adnxs.com	3 KB
3	facebook.net connect.facebook.net	201 KB
3	facebook.com www.facebook.com	474 B
3	bing.com bat.bing.com	11 KB
3	havasedge.com tag.havasedge.com event.havasedge.com cookie.havasedge.com	25 KB
3	tag4arm.com www.tag4arm.com	24 KB
3	demdex.net dpm.demdex.net symantec.demdex.net	5 KB
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org	989 B
2	tapad.com 1 redirects pixel.tapad.com	888 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	703 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	openx.net 1 redirects eu-u.openx.net	396 B
2	yimg.com s.yimg.com	7 KB
2	proofpoint.com 2 redirects urldefense.proofpoint.com	600 B
2	quantserve.com secure.quantserve.com pixel.quantserve.com	10 KB
1	zeotap.com mwzeom.zeotap.com	456 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	lijit.com ce.lijit.com	348 B
1	stickyadstv.com ads.stickyadstv.com	730 B
1	sonobi.com sync.go.sonobi.com	513 B
1	adform.net cm.adform.net	163 B
1	bluekai.com stags.bluekai.com	607 B
1	pubmatic.com simage2.pubmatic.com	651 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	turn.com r.turn.com	407 B
1	teads.tv t.teads.tv	143 B
1	media6degrees.com action.media6degrees.com	254 B
1	dstillery.com 1 redirects action.dstillery.com	292 B
1	ow5a.net norton.ow5a.net	813 B
1	quantcount.com rules.quantcount.com	1 KB
1	t.co t.co	471 B
1	twitter.com analytics.twitter.com	674 B
1	ispot.tv pt.ispot.tv	314 B
1	adxcel-ec2.com data.adxcel-ec2.com	131 B
1	ads-twitter.com static.ads-twitter.com	6 KB
1	impactradius-event.com d.impactradius-event.com	13 KB
1	omtrdc.net symantec.tt.omtrdc.net	1 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	nortonlifelock.com www.nortonlifelock.com	22 KB
1	adobedtm.com assets.adobedtm.com	61 KB
148	57

	Domain	Requested by
15	now.symassets.com	sg.norton.com now.symassets.com
12	pixel.mathtag.com	ensighten.norton.com now.symassets.com pixel.mathtag.com
7	norton-app.quantummetric.com	cdn.quantummetric.com
7	www.googletagmanager.com	now.symassets.com ensighten.norton.com www.googletagmanager.com 8136487.fls.doubleclick.net
7	ensighten.norton.com	sg.norton.com ensighten.norton.com
6	www.google.de	sg.norton.com 8136487.fls.doubleclick.net
5	www.google.com	1 redirects 8136487.fls.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com now.symassets.com www.google-analytics.com ensighten.norton.com
5	sg.norton.com	sg.norton.com now.symassets.com
4	cm.g.doubleclick.net	3 redirects
4	ad.doubleclick.net	4 redirects
3	idsync.rlcdn.com	2 redirects
3	googleads.g.doubleclick.net	1 redirects now.symassets.com www.googleadservices.com
3	www.googleadservices.com	www.googletagmanager.com urldefense.proofpoint.com www.googleadservices.com
3	adservice.google.com	8136487.fls.doubleclick.net
3	8136487.fls.doubleclick.net	1 redirects www.googletagmanager.com
3	nebula-cdn.kampyle.com	ensighten.norton.com now.symassets.com nebula-cdn.kampyle.com
3	connect.facebook.net	ensighten.norton.com connect.facebook.net
3	www.facebook.com
3	bat.bing.com	ensighten.norton.com now.symassets.com
3	www.tag4arm.com	ensighten.norton.com now.symassets.com
3	stats.g.doubleclick.net	www.googletagmanager.com now.symassets.com
2	loadm.exelator.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	match.adsrvr.org	2 redirects
2	uip.semasio.net	2 redirects
2	pixel.tapad.com	1 redirects
2	x.bidswitch.net	2 redirects
2	pixel.advertising.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	eu-u.openx.net	1 redirects
2	sp.analytics.yahoo.com	8136487.fls.doubleclick.net
2	s.yimg.com	8136487.fls.doubleclick.net s.yimg.com
2	sync.mathtag.com	1 redirects
2	secure.adnxs.com	1 redirects 8136487.fls.doubleclick.net
2	urldefense.proofpoint.com	2 redirects
2	dpm.demdex.net	assets.adobedtm.com sg.norton.com
1	mwzeom.zeotap.com
1	uipglob.semasio.net
1	rtb-csync.smartadserver.com
1	ce.lijit.com
1	ads.stickyadstv.com
1	sync.go.sonobi.com
1	cm.adform.net
1	stags.bluekai.com
1	ups.analytics.yahoo.com
1	simage2.pubmatic.com
1	ib.adnxs.com	1 redirects
1	cookie.havasedge.com	now.symassets.com
1	pixel.rubiconproject.com
1	r.turn.com	8136487.fls.doubleclick.net
1	t.teads.tv	8136487.fls.doubleclick.net
1	action.media6degrees.com	8136487.fls.doubleclick.net
1	action.dstillery.com	1 redirects
1	udc-neb.kampyle.com
1	pixel.quantserve.com
1	event.havasedge.com
1	norton.ow5a.net	now.symassets.com
1	rules.quantcount.com	secure.quantserve.com
1	t.co
1	analytics.twitter.com	now.symassets.com
1	pt.ispot.tv
1	data.adxcel-ec2.com
1	static.ads-twitter.com	ensighten.norton.com
1	d.impactradius-event.com	ensighten.norton.com
1	tag.havasedge.com	now.symassets.com
1	secure.quantserve.com	ensighten.norton.com
1	buy.norton.com	now.symassets.com
1	analytics.google.com	www.googletagmanager.com
1	oms.norton.com	sg.norton.com
1	symantec.tt.omtrdc.net	now.symassets.com
1	cm.everesttech.net	1 redirects
1	symantec.demdex.net	now.symassets.com
1	cdn.quantummetric.com	ensighten.norton.com
1	www.nortonlifelock.com	assets.adobedtm.com
1	assets.adobedtm.com	sg.norton.com
148	76

This site contains links to these domains. Also see Links.

Domain
community.norton.com
support.norton.com
buy.norton.com
my.norton.com
www.facebook.com
twitter.com
www.youtube.com
updatecenter.norton.com
login.norton.com
www.nortonlifelock.com
status.norton.com

Subject Issuer	Validity	Valid
www.norton.com DigiCert SHA2 Extended Validation Server CA	`2021-11-18` - `2022-04-20`	5 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
ensighten.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-28` - `2022-07-28`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-11` - `2022-10-12`	a year	crt.sh
oms.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-30` - `2022-09-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
buy.norton.com DigiCert SHA2 Extended Validation Server CA	`2021-03-23` - `2022-03-28`	a year	crt.sh
tag4arm.com Amazon	`2021-01-22` - `2022-02-20`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.havasedge.com Go Daddy Secure Certificate Authority - G2	`2020-08-20` - `2022-08-30`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-06` - `2022-01-06`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
adxcel-ec2.com Amazon	`2021-11-17` - `2022-12-16`	a year	crt.sh
*.ispot.tv R3	`2021-09-21` - `2021-12-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-28` - `2021-11-26`	3 months	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-18` - `2022-02-13`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
pkof.net Amazon	`2021-03-25` - `2022-04-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-11-08` - `2021-12-29`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://sg.norton.com/
Frame ID: 457356455775C38FB0E4443ED6064C3C
Requests: 93 HTTP requests in this frame

Frame: https://symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: B2C244E608D435AEF928D2DB2D37F589
Requests: 1 HTTP requests in this frame

Frame: https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fsg.norton.com%2F&t=1637337480987&v=1637337481019&z=1&S=0&N=0&P=0
Frame ID: F9BF0644CF73F67CCB3A0E938D440B02
Requests: 7 HTTP requests in this frame

Frame: https://8136487.fls.doubleclick.net/activityi;dc_pre=CMmnyLflpPQCFUrtUQodoloACA;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;u8=en;u9=home;ps=1;~oref=https%3A%2F%2Fsg.norton.com%2F
Frame ID: 271E80A1FFBF434D65E2D89D32FC1436
Requests: 19 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3c86197-c989-4000-87da-545acf8e8e2d&no_iframe=1&mt_adid=174308&mt_lim=20&source=mathtag
Frame ID: 629BF78C0B6FCD99AC08D655EEAAF2BE
Requests: 27 HTTP requests in this frame

Frame: https://cookie.havasedge.com/bsync?guid=0d24d362-9133-4cf0-8e7e-be8762f0510a
Frame ID: 657200A84D3149BA0002E47D3F324FF9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Official Site | Norton™ - Antivirus & Anti-Malware Software

Page Statistics

148
Requests

86 %
HTTPS

28 %
IPv6

57
Domains

76
Subdomains

67
IPs

8
Countries

1401 kB
Transfer

4826 kB
Size

97
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://community.norton.com/en/forums?inid=nortoncom_nav_forums_homepage:home
Title: Forum Self Help

Search URL Search Domain Scan URL

URL: https://support.norton.com/sp/en/in/home/current/info?inid=nortoncom_nav_info_homepage:home
Title: Member Services & Support

Search URL Search Domain Scan URL

URL: https://community.norton.com/?inid=nortoncom_nav_community.norton_homepage:home
Title: Community

Search URL Search Domain Scan URL

URL: https://buy.norton.com/estore/landingPage?inid=nortoncom_nav_landingPage_homepage:home
Title: Cart

Search URL Search Domain Scan URL

URL: https://my.norton.com/onboard/home/download?inid=nortoncom_nav_download_homepage%3Ahome
Title: Go to Account

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/personalinformation?inid=nortoncom_nav_personalinformation_homepage:home
Title: Account Information

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_home_homepage:home
Title: Preferences

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/billinginformation?inid=nortoncom_nav_billinginformation_homepage:home
Title: Billing Information

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/orders?inid=nortoncom_nav_orders_homepage:home
Title: Order History

Search URL Search Domain Scan URL

URL: https://my.norton.com/onboard/home/setup?inid=nortoncom_nav_setup_homepage%3Ahome
Title: Enter Your Product Key

Search URL Search Domain Scan URL

URL: https://buy.norton.com/estore/landingPage

Search URL Search Domain Scan URL

URL: https://my.norton.com/extspa/dashboard?inid=nortoncom_nav_dashboard_homepage%3Ahome
Title: My Account

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Norton

Search URL Search Domain Scan URL

URL: https://twitter.com/norton

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/norton

Search URL Search Domain Scan URL

URL: https://support.norton.com/
Title: Norton Support

Search URL Search Domain Scan URL

URL: http://updatecenter.norton.com/
Title: Norton Update Center

Search URL Search Domain Scan URL

URL: https://community.norton.com/en
Title: Community

Search URL Search Domain Scan URL

URL: https://login.norton.com/
Title: Sign In

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/
Title: NortonLifeLock

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/about/legal
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/about/legal/terms-of-use
Title: Website Terms of Use

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/about/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/accessibility-policy/
Title: Accessibility Policy

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/sitemap
Title: Site Map

Search URL Search Domain Scan URL

URL: https://status.norton.com/
Title: System Status

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://cm.everesttech.net/cm/dd?d_uuid=37040516769115198340580189289081866711 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZfJiAAAAGJgsgO1

Request Chain 70

https://8136487.fls.doubleclick.net/activityi;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;u8=en;u9=home;ps=1;~oref=https%3A%2F%2Fsg.norton.com%2F HTTP 302
https://8136487.fls.doubleclick.net/activityi;dc_pre=CMmnyLflpPQCFUrtUQodoloACA;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;u8=en;u9=home;ps=1;~oref=https%3A%2F%2Fsg.norton.com%2F

Request Chain 91

https://action.dstillery.com/orbserv/nsjs?adv=cl1030528&ns=5761&nc=site&ncv=54&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nsjs?adv=cl1030528&ns=5761&nc=site&ncv=54&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 92

https://urldefense.proofpoint.com/v2/url?u=https-3A__www.googletagmanager.com_gtag_js-3Fid-3DAW-2D934126755&d=DwIGAg&c=Ftw_YSVcGmqQBvrGwAZugGylNRkk-uER0-5bY94tjsc&r=XEGBLdvjFZRdqyVrfsrXrtv9QOSFcr-GWeMgGq8tPAg&m=NDgxItqzdGxXPP2RIyarUP300CUBlNMJSDbtsXU8Zm4&s=62KWN6o7ZHKJk3Inasw17XwASueYgs_spSLv4uFzfmQ&e= HTTP 302
https://www.googletagmanager.com/gtag/js?id=AW-934126755

Request Chain 94

https://ad.doubleclick.net/ddm/activity/src=9338578;type=invmedia;cat=norto007;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9338578;dc_pre=COWF1LflpPQCFY7Msgod9MQK4w;type=invmedia;cat=norto007;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9338578;dc_pre=COWF1LflpPQCFY7Msgod9MQK4w;type=invmedia;cat=norto007;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 95

https://secure.adnxs.com/px?id=1168448&seg=19408169&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1168448%26seg%3D19408169%26t%3D2

Request Chain 96

https://urldefense.proofpoint.com/v2/url?u=https-3A__r.turn.com_r_beacon-3Fb2-3D1X663ZffQgwJNcnRyNbsHb9bsaTW3270MwEjR7ZZqhw-5F5acl4SUVU8zKQjPVdrxKGnVg5CDfhR6IyfOShgI6wA-26cid-3D&d=DwIGAg&c=Ftw_YSVcGmqQBvrGwAZugGylNRkk-uER0-5bY94tjsc&r=VLdfeht7sOSCltGxYoo3k77Eb3OdOQ0bBU3B2eDCQb8&m=Uty-6YNlinVLIWV04QbKxTdGCfZ2KmCjkDw9c6sHlU4&s=RXEDc_jwfYrnnJFMXyVyPrIOrkiIT7EgZO56CwqLZc4&e= HTTP 302
https://r.turn.com/r/beacon?b2=1X663ZffQgwJNcnRyNbsHb9bsaTW3270MwEjR7ZZqhw_5acl4SUVU8zKQjPVdrxKGnVg5CDfhR6IyfOShgI6wA&cid=

Request Chain 98

https://ad.doubleclick.net/ddm/activity/src=9973042;type=invmedia;cat=norto000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9644850868341.514 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9973042;dc_pre=CNn907flpPQCFchJkQUdXrIOkQ;type=invmedia;cat=norto000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9644850868341.514 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9973042;dc_pre=CNn907flpPQCFchJkQUdXrIOkQ;type=invmedia;cat=norto000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9644850868341.514

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=48hhl8mJQACH2lRaz46OLQ HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEL_jJ2Mbpbz3UFYDN_qjJ_I&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=48hhl8mJQACH2lRaz46OLQ

Request Chain 119

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934126755/?random=1366450611&cv=9&fst=1637337483105&num=1&label=nO6rCP2Ok9ABEKPJtr0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8136487.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMmnyLflpPQCFUrtUQodoloACA%3Bsrc%3D8136487%3Btype%3Dlp%3Bcat%3Dlp%3Bord%3D3772222165814%3Bgtm%3D2odba1%3Bauiddc%3D329794195.1637337481%3Bu10%3Dunknown%3Bu11%3Dmissing%3Bu12%3Dundefined%3Bu13%3Dundefined%3Bu14%3Ddirect%3Bu7%3Dsg%3Bu8%3Den%3Bu9%3Dhome%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fsg.norton.com%252F%3F&ref=https%3A%2F%2Fsg.norton.com%2F&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=i8mXYb-3B5aox_APmOyikAY&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/934126755/?random=1366450611&cv=9&fst=1637337483105&num=1&label=nO6rCP2Ok9ABEKPJtr0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8136487.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMmnyLflpPQCFUrtUQodoloACA%3Bsrc%3D8136487%3Btype%3Dlp%3Bcat%3Dlp%3Bord%3D3772222165814%3Bgtm%3D2odba1%3Bauiddc%3D329794195.1637337481%3Bu10%3Dunknown%3Bu11%3Dmissing%3Bu12%3Dundefined%3Bu13%3Dundefined%3Bu14%3Ddirect%3Bu7%3Dsg%3Bu8%3Den%3Bu9%3Dhome%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fsg.norton.com%252F%3F&ref=https%3A%2F%2Fsg.norton.com%2F&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=i8mXYb-3B5aox_APmOyikAY&cid=CAQSKQCNIrLMSrrnzUWNX-Q6uV7y9g0BLBhHoV-f1MQ7l_Lpg84sDK-3pDIH&random=3599844999&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/934126755/?random=1366450611&cv=9&fst=1637337483105&num=1&label=nO6rCP2Ok9ABEKPJtr0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8136487.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMmnyLflpPQCFUrtUQodoloACA%3Bsrc%3D8136487%3Btype%3Dlp%3Bcat%3Dlp%3Bord%3D3772222165814%3Bgtm%3D2odba1%3Bauiddc%3D329794195.1637337481%3Bu10%3Dunknown%3Bu11%3Dmissing%3Bu12%3Dundefined%3Bu13%3Dundefined%3Bu14%3Ddirect%3Bu7%3Dsg%3Bu8%3Den%3Bu9%3Dhome%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fsg.norton.com%252F%3F&ref=https%3A%2F%2Fsg.norton.com%2F&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=i8mXYb-3B5aox_APmOyikAY&cid=CAQSKQCNIrLMSrrnzUWNX-Q6uV7y9g0BLBhHoV-f1MQ7l_Lpg84sDK-3pDIH&random=3599844999&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 122

https://ib.adnxs.com/getuid?https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=$UID HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=274589600160796694

Request Chain 124

https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e3c86197-c989-4000-87da-545acf8e8e2d HTTP 302
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=e3c86197-c989-4000-87da-545acf8e8e2d

Request Chain 125

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=e3c86197-c989-4000-87da-545acf8e8e2d HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=e3c86197-c989-4000-87da-545acf8e8e2d&C=1

Request Chain 126

https://pixel.advertising.com/ups/55938/sync?uid=e3c86197-c989-4000-87da-545acf8e8e2d&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55938/sync?uid=e3c86197-c989-4000-87da-545acf8e8e2d&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55938/sync?uid=e3c86197-c989-4000-87da-545acf8e8e2d&_origin=1&apid=UP7acd345b-4951-11ec-ba59-029d755ba876

Request Chain 128

https://x.bidswitch.net/sync?dsp_id=80&user_id=e3c86197-c989-4000-87da-545acf8e8e2d&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=e3c86197-c989-4000-87da-545acf8e8e2d&expires=30 HTTP 302
https://cm.adform.net/pixel?adform_pid=3&adform_pc=49fd437b-d042-40be-9411-98ba117280da&adform_v=1

Request Chain 129

https://idsync.rlcdn.com/361087.gif?partner_uid=e3c86197-c989-4000-87da-545acf8e8e2d HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CP-EFhIvCisIARDlDRokZTNjODYxOTctYzk4OS00MDAwLTg3ZGEtNTQ1YWNmOGU4ZTJkEAAaDQiMk9-MBhIFCOgHEABCAEoA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECjlHjolwxoRCzXVpAXdceg&google_cver=1

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=mediamath_dmp&google_cm HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEMbvtCe4fUKnGJA7i-vXepY&google_cver=1

Request Chain 132

https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=e3c86197-c989-4000-87da-545acf8e8e2d HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=e3c86197-c989-4000-87da-545acf8e8e2d

Request Chain 137

https://uip.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=e3c86197-c989-4000-87da-545acf8e8e2d&sInitiator=external HTTP 302
https://uip.semasio.net/mediamath/1/info2?sType=sync&sExtCookieId=e3c86197-c989-4000-87da-545acf8e8e2d&sInitiator=external HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=44319397-a4f7-4208-bb61-3be0292fbaf3

Request Chain 138

https://sync.search.spotxchange.com/partner?adv_id=6653&uid=e3c86197-c989-4000-87da-545acf8e8e2d HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6653&uid=e3c86197-c989-4000-87da-545acf8e8e2d&__user_check__=1&sync_id=7ae04131-4951-11ec-a61b-1ac054420406

Request Chain 140

https://loadm.exelator.com/load/?p=204&g=101&buid=e3c86197-c989-4000-87da-545acf8e8e2d&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=101&buid=e3c86197-c989-4000-87da-545acf8e8e2d&j=0&xl8blockcheck=1

148 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sg.norton.com/ 123 KB
16 KB 76ms
18ms Document
text/html 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sg.norton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

0cd99a05bb36d156974c867a488d4b1b5b5c101ed440c7321fef5360618847d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-length: 15994
server: Apache
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
last-modified: Thu, 18 Nov 2021 21:20:19 GMT
etag: "1ec70-5d116b9c87291-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Nov 2021 15:57:59 GMT

GET
H2 200 roboto-v20-latin-regular.woff2
sg.norton.com/etc/designs/global/libs-global/head/styles/fonts/roboto-v20-latin/ 15 KB
16 KB 19ms
19ms Font
application/octet-stream 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sg.norton.com/etc/designs/global/libs-global/head/styles/fonts/roboto-v20-latin/roboto-v20-latin-regular.woff2

Requested by

Host: sg.norton.com
URL: https://sg.norton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sg.norton.com/
Origin: https://sg.norton.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Jan 2021 19:22:25 GMT
server: Apache
etag: "3d78-5b8b8f14914d3"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: https://sg.norton.com
cache-control: max-age=31477115
date: Fri, 19 Nov 2021 15:57:59 GMT
accept-ranges: bytes
content-length: 15759
x-xss-protection: 1; mode=block
expires: Fri, 18 Nov 2022 23:36:34 GMT

GET
H2 200 SSV-Latin.woff2
sg.norton.com/etc/designs/global/libs-global/head/styles/fonts/source-sans-variable/ 61 KB
61 KB 22ms
21ms Font
application/octet-stream 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sg.norton.com/etc/designs/global/libs-global/head/styles/fonts/source-sans-variable/SSV-Latin.woff2

Requested by

Host: sg.norton.com
URL: https://sg.norton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

da23a7c47865d7cf47ef0d8d1931c45d02a56bdcfaf2549fed8aeb7924458990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sg.norton.com/
Origin: https://sg.norton.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Oct 2021 04:48:28 GMT
server: Apache
etag: "f2c0-5cdbbf9507afd"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: https://sg.norton.com
cache-control: max-age=31484508
date: Fri, 19 Nov 2021 15:57:59 GMT
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Sat, 19 Nov 2022 01:39:47 GMT

GET
H2 200 head.min.qG9Kb_x4EvcFDwp_CD1KVA==.css
now.symassets.com/etc/designs/norton/libs-rebranding/ 396 KB
58 KB 42ms
7ms Stylesheet
text/css 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://now.symassets.com/etc/designs/norton/libs-rebranding/head.min.qG9Kb_x4EvcFDwp_CD1KVA==.css

Requested by

Host: sg.norton.com
URL: https://sg.norton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2f6ff41b6dd01edaf1a5ac5e825d5433343c5fb9f49b7099e29b1d33882d97c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Nov 2021 16:50:00 GMT
server: Apache
etag: "62e31-5d112f30cc928-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1137385
date: Fri, 19 Nov 2021 15:57:59 GMT
accept-ranges: bytes
content-length: 59207
x-xss-protection: 1; mode=block
expires: Thu, 02 Dec 2021 19:54:24 GMT

GET
H2 200 launch-EN1cc7556280444b10a3c687a73ed01baa.min.js Show response
assets.adobedtm.com/ 183 KB
61 KB 32ms
7ms Script
application/x-javascript 2a02:26f0:7100:487::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
Requested by: Host: sg.norton.com
URL: https://sg.norton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:487::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 5dab510f2cd0771500da16c040d18f0675d620b3ccc789a6765b6d88e3d58e3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 21:01:33 GMT
server: AkamaiNetStorage
etag: "421a422dec9ae3e01e66fc6c769281b3:1634245293.428407"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://sg.norton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 61870
expires: Fri, 19 Nov 2021 16:57:59 GMT

GET
H2 200 Bootstrap.js Show response
ensighten.norton.com/symantec/aemprod/ 499 KB
103 KB 47ms
15ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Requested by: Host: sg.norton.com
URL: https://sg.norton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bd49e3b627bc43be3df4d1b88506fafd0753e4379977e227b4e85ad8e88fef01

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 18:08:27 GMT
server: nginx
etag: W/"6196969b-7ca26"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H2 200 logo_norton_LL_91x37_white.png
now.symassets.com/content/dam/norton/global/images/non-product/logos/ 1 KB
1 KB 22ms
21ms Image
image/webp 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/logos/logo_norton_LL_91x37_white.png
Requested by: Host: sg.norton.com
URL: https://sg.norton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: f15aaec51e7eaa62bb5aea8e935e24d0249736c3774a40a2de4da2cb9ae94993

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
content-encoding: gzip
last-modified: Wed, 10 Nov 2021 11:31:36 GMT
server: Akamai Image Manager
etag: W/"66c-5d06d91929c55"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=30742406
content-length: 1287
expires: Thu, 10 Nov 2022 11:31:25 GMT

GET
H2 200 download_icon_black_52x45.png
now.symassets.com/content/dam/norton/global/images/non-product/icons/ 410 B
603 B 16ms
15ms Image
image/webp 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/icons/download_icon_black_52x45.png
Requested by: Host: sg.norton.com
URL: https://sg.norton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: fff910bd5993f0e348642e9fa41a5d5355af7d0f5f217ef96fbff6dee82120e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
last-modified: Thu, 11 Mar 2021 17:36:26 GMT
server: Akamai Image Manager
etag: "28b-5b91c44004baf"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=9691847
content-length: 410
expires: Fri, 11 Mar 2022 20:08:46 GMT

GET
H2 200 logo_norton_LL_91x28_white.png
now.symassets.com/content/dam/norton/global/images/non-product/logos/ 1 KB
1 KB 34ms
33ms Image
image/webp 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/logos/logo_norton_LL_91x28_white.png
Requested by: Host: sg.norton.com
URL: https://sg.norton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 7929994b9dd8e9ac5a3f5eb10de5dcb745d373a28ac7d180f66b6d3824e8fcc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
content-encoding: gzip
last-modified: Wed, 10 Nov 2021 11:31:37 GMT
server: Akamai Image Manager
etag: W/"502-5d06d918ae3c4"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=30742489
content-length: 1063
expires: Thu, 10 Nov 2022 11:32:48 GMT

GET
H2 200 bnr_hero_black_friday_2021_1800x690.jpg
now.symassets.com/content/dam/norton/en/images/promotions/2021/bf-cm/ 22 KB
20 KB 55ms
54ms Image
image/jpeg 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/en/images/promotions/2021/bf-cm/bnr_hero_black_friday_2021_1800x690.jpg
Requested by: Host: sg.norton.com
URL: https://sg.norton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 1557c217057a6e34ebae21ded90df8bd4bd7ae34707b43f751c3636d8fba7dba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
content-encoding: gzip
x-check-cacheable: YES
x-serial: 1581
etag: W/"13af5-5d0fb7759928d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31351725
last-modified: Wed, 17 Nov 2021 12:49:01 GMT
content-length: 19741
server: Akamai Image Manager
expires: Thu, 17 Nov 2022 12:46:44 GMT

GET
H2 200 logo_NLOK_132x26.svg
now.symassets.com/content/dam/norton/global/images/non-product/logos/light/ 11 KB
5 KB 52ms
51ms Image
image/svg+xml 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://now.symassets.com/content/dam/norton/global/images/non-product/logos/light/logo_NLOK_132x26.svg

Requested by

Host: sg.norton.com
URL: https://sg.norton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

8938fd9f2420a578d2674545a50e25ce83374f378b5987ea83343d035faa79a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Jan 2021 19:22:25 GMT
server: Apache
etag: "2d3c-5b8b8f14d4edc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=9692522
date: Fri, 19 Nov 2021 15:57:59 GMT
accept-ranges: bytes
content-length: 4905
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 20:20:01 GMT

GET
H2 200 footer.min._WaEphKz7ipGidL3zI1AYg==.js Show response
now.symassets.com/etc/designs/norton/libs-rebranding/ 341 KB
94 KB 40ms
40ms Script
application/javascript 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js

Requested by

Host: sg.norton.com
URL: https://sg.norton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

810efbd4141180f1a3f3d73aa7eb75c2994e846e4c4656d8904b05777db76328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Nov 2021 16:50:02 GMT
server: Apache
etag: "5558a-5d112f328952d-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1137433
date: Fri, 19 Nov 2021 15:57:59 GMT
accept-ranges: bytes
content-length: 95976
x-xss-protection: 1; mode=block
expires: Thu, 02 Dec 2021 19:55:12 GMT

GET
H2 200 libs-lazyload.min.5_hChE9n6j5UKLtzm4Vtpw==.js Show response
now.symassets.com/etc/designs/norton/ 14 KB
5 KB 39ms
39ms Script
application/javascript 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://now.symassets.com/etc/designs/norton/libs-lazyload.min.5_hChE9n6j5UKLtzm4Vtpw==.js

Requested by

Host: sg.norton.com
URL: https://sg.norton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

bbf50c1bdaa0d0e9a28c6035f638c690525d3cc5550e55ed838a86748509fc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Nov 2021 16:05:54 GMT
server: Apache
etag: "3680-5cff8b3893147-gzip"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=856008
date: Fri, 19 Nov 2021 15:57:59 GMT
accept-ranges: bytes
content-length: 4830
x-xss-protection: 1; mode=block
expires: Mon, 29 Nov 2021 13:44:47 GMT

GET
H2 200 head Show response
sg.norton.com/service/norton/ 0
462 B 84ms
84ms XHR
text/plain 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sg.norton.com/service/norton/head?ct=SG&lg=en&ref=&

Requested by

Host: sg.norton.com
URL: https://sg.norton.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache / Jetty(9.2.9.v20150224)

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
server: Apache
x-powered-by: Jetty(9.2.9.v20150224)
x-frame-options: SAMEORIGIN
content-type: text/plain
date: Fri, 19 Nov 2021 15:57:59 GMT
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 icon_close_x_white_19x18.png
now.symassets.com/content/dam/cb/icons/ 174 B
368 B 40ms
40ms Image
image/png 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/cb/icons/icon_close_x_white_19x18.png
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/head.min.qG9Kb_x4EvcFDwp_CD1KVA==.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 7d04858b628981ed0e44e955dc3adfddced66bc961b426da51d784d526c9fd5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://now.symassets.com/etc/designs/norton/libs-rebranding/head.min.qG9Kb_x4EvcFDwp_CD1KVA==.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
last-modified: Tue, 18 May 2021 22:17:48 GMT
server: Akamai Image Manager
etag: W/"ae-5c2a2147abca4"
content-type: image/png
access-control-allow-origin: *
cache-control: private, no-transform, max-age=15574802
content-length: 174
expires: Wed, 18 May 2022 22:18:01 GMT

GET
H2 200 icon_world_map_gray_52x31.png
now.symassets.com/content/dam/cb/icons/ 746 B
942 B 42ms
41ms Image
image/webp 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/cb/icons/icon_world_map_gray_52x31.png
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/head.min.qG9Kb_x4EvcFDwp_CD1KVA==.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 583ec79ba694a882662f117f6e4d0a2ae5e274ba5e86d5acc661c14154e5b43d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://now.symassets.com/etc/designs/norton/libs-rebranding/head.min.qG9Kb_x4EvcFDwp_CD1KVA==.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
last-modified: Wed, 19 May 2021 00:17:05 GMT
server: Akamai Image Manager
etag: W/"3bf-5c2a3bf0bd325"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=15582026
content-length: 746
expires: Thu, 19 May 2022 00:18:25 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 367 B
1 KB 113ms
29ms XHR
application/json 34.248.116.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1637337479819

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.116.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-116-162.eu-west-1.compute.amazonaws.com

Software

Resource Hash

54acf6628787a228b9f579ccf01af7e53ee95b8eb87a03d0cadc8b1467987780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://sg.norton.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v019-0d891b5f4.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: ABApgJgyRYM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://sg.norton.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 308
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 s_code_norton_min.js Show response
www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/ 67 KB
22 KB 63ms
10ms Script
application/javascript 2a02:26f0:6c00:2b9::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/s_code_norton_min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2b9::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

87d3d56392bef5bea359c24c64dfc2c8da467042f12458ee25797f4868dd5273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-disposition: attachment
content-length: 21883
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Oct 2021 16:25:25 GMT
server: Apache
x-frame-options: SAMEORIGIN
date: Fri, 19 Nov 2021 15:57:59 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=76760
etag: "10b43-5cedf57864740-gzip"
accept-ranges: bytes
expires: Sat, 20 Nov 2021 13:17:19 GMT

GET
H2 200 token.json Show response
sg.norton.com/libs/granite/csrf/ 2 B
262 B 15ms
15ms XHR
application/json 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sg.norton.com/libs/granite/csrf/token.json

Requested by

Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache / Jetty(9.2.9.v20150224)

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
server: Apache
x-powered-by: Jetty(9.2.9.v20150224)
x-frame-options: SAMEORIGIN
content-type: application/json; charset=ISO-8859-1
cache-control: no-cache
date: Fri, 19 Nov 2021 15:57:59 GMT
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 bnr_2-1_couple_laptop_AM_735x400.jpg
now.symassets.com/content/dam/norton/global/images/non-product/banners/ 14 KB
14 KB 68ms
66ms Image
image/webp 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/banners/bnr_2-1_couple_laptop_AM_735x400.jpg
Requested by: Host: sg.norton.com
URL: https://sg.norton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 8bcb19234551a857a14391f1aa69f0bbc7bd981f3b54ae886aada2012af87da9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 18:05:49 GMT
server: Akamai Image Manager
etag: "4e9c-5b8bd4ee05076"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=9691968
content-length: 14181
expires: Fri, 11 Mar 2022 20:10:47 GMT

GET
H2 200 bnr_2-2_woman_mobile_1035x400.jpg
now.symassets.com/content/dam/norton/global/images/non-product/banners/ 14 KB
14 KB 75ms
74ms Image
image/webp 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/banners/bnr_2-2_woman_mobile_1035x400.jpg
Requested by: Host: sg.norton.com
URL: https://sg.norton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 60300f9ea89476a46b88c9c7e731cbc873b7a64b3d491e41688c566677a003e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 18:37:50 GMT
server: Akamai Image Manager
etag: "67f5-5b8c0065e9221"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=9692449
content-length: 14410
expires: Fri, 11 Mar 2022 20:18:48 GMT

GET
H2 200 icon_new_facebook_13x26.png
now.symassets.com/content/dam/norton/global/images/non-product/icons/ 136 B
330 B 54ms
53ms Image
image/webp 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/icons/icon_new_facebook_13x26.png
Requested by: Host: sg.norton.com
URL: https://sg.norton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: d1b4c17fa17d281a4e578b2b43cc09729ec576261f2cace4bc10a46414df2b83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
last-modified: Thu, 11 Mar 2021 17:28:56 GMT
server: Akamai Image Manager
etag: "50d-5b8c16bf5770e"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=9691680
content-length: 136
expires: Fri, 11 Mar 2022 20:05:59 GMT

GET
H2 200 icon_new_twitter_24x20.png
now.symassets.com/content/dam/norton/global/images/non-product/icons/ 198 B
393 B 67ms
67ms Image
image/webp 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/icons/icon_new_twitter_24x20.png
Requested by: Host: sg.norton.com
URL: https://sg.norton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 537579543ea6198e0455c6252ee3af371c194afed63592454225eedfc83d84e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
last-modified: Thu, 11 Mar 2021 17:28:55 GMT
server: Akamai Image Manager
etag: "667-5b8d3654a785b"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=9691896
content-length: 198
expires: Fri, 11 Mar 2022 20:09:35 GMT

GET
H2 200 icon_new_youtube_30x22.png
now.symassets.com/content/dam/norton/global/images/non-product/icons/ 224 B
417 B 93ms
92ms Image
image/webp 2a02:26f0:7100:493::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.symassets.com/content/dam/norton/global/images/non-product/icons/icon_new_youtube_30x22.png
Requested by: Host: sg.norton.com
URL: https://sg.norton.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:493::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: d5b7136f3130f402212fa85a0c7e57e72c3f9d572ccca61f1cb75e2dfc66cba1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
last-modified: Thu, 11 Mar 2021 17:28:56 GMT
server: Akamai Image Manager
etag: "5e9-5b8d365d0888f"
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=9691995
content-length: 224
expires: Fri, 11 Mar 2022 20:11:14 GMT

GET
H2 200 serverComponent.php Show response
ensighten.norton.com/symantec/aemprod/ 861 B
563 B 13ms
12ms Script
text/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=/symantec/aemprod/code/&publishedOn=Thu%20Nov%2018%2018:08:26%20GMT%202021&ClientID=21&PageID=https%3A%2F%2Fsg.norton.com%2F%3F_COUNTRY%3Dsg%26_LANGUAGE%3Den%26_TRAFFIC_SOURCE%3Ddirect%26_PGM_ID%3Dmissing%26_PGM_TYPE%3Dunknown%26_IPF%3Dmissing%26_IPD%3Dmissing%26_PSN%3Dmissing%26_SUBCHANNEL%3Dmissing%26_ORIG_SUB%3Dmissing%26_PIFCAM%3Dmissing%26_I_SKU%3Dmissing%26_DEX%3Dmissing%26_INID%3Dmissing%26_IPV%3Dmissing%26_IPC%3Dmissing%26_IUC%3Dmissing%26_IPL%3Dmissing%26_ENP%3Dmissing%26_SKT%3Dmissing%26_ITD%3Dmissing%26now_site_country%3Dsg%26now_site_language%3Den%26now_site_content_title%3Dhome%26now_site_sub_section%3Dhomepage%26now_site_section%3Dnorton.com%26now_trafficsource_cookie_name%3Ddirect%26now_program_type%3Dunknown%26now_current_subchannel%3Dmissing%26now_original_subchannel%3Dmissing%26product_name%3Dhome%26vendor_type%3Dnone%26isMobile%3Dfalse%26viewCampaigns%3Dmissing%26path%3D%2F%26siteCode%3Dnortoncom&custDomain=ensighten.norton.com
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 05be31851490173114cd213ffcff9b436f2c988a87d4e9c09c648013af258028

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
cache-control: no-cache, no-store
content-type: text/javascript
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Fri, 19 Nov 2021 15:57:58 GMT

GET
H2 200 430b53c914df66a9feb571462a0fbac7.js Show response
ensighten.norton.com/symantec/aemprod/code/ 73 KB
18 KB 8ms
7ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/430b53c914df66a9feb571462a0fbac7.js?conditionId0=423130
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0413445ef56c11ac26448cc8d81f315560d916b007280a165d15affaf8d32cc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 20:07:43 GMT
server: nginx
etag: W/"61157f8f-124cd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 879b1a59ff64243d05256a6c75358f3c.js Show response
ensighten.norton.com/symantec/aemprod/code/ 408 B
582 B 8ms
8ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/879b1a59ff64243d05256a6c75358f3c.js?conditionId0=4884823
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e86dd0c8e62e6d9dc5b63918ce00e1d64eb9ba1d74c8e761301b948997a45abe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
last-modified: Tue, 20 Apr 2021 21:31:49 GMT
server: nginx
etag: "607f4845-198"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 408

GET
H2 200 08737c1b11d757851e49a84dda8d71e5.js Show response
ensighten.norton.com/symantec/aemprod/code/ 2 KB
1 KB 8ms
7ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/08737c1b11d757851e49a84dda8d71e5.js?conditionId0=650959
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: aa7e677f90075c01274ce67b73de69b50325aca47850e6d57b5eade131e13e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
content-encoding: gzip
last-modified: Tue, 11 May 2021 16:42:14 GMT
server: nginx
etag: W/"609ab3e6-6e6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 7d7b1a1d66266352d0485173c62fc979.js Show response
ensighten.norton.com/symantec/aemprod/code/ 8 KB
3 KB 9ms
9ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/7d7b1a1d66266352d0485173c62fc979.js?conditionId0=649166
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 48bc305beafb9b4bc2589dab72e9e8285cb3c9a08e89597739f5aab9fe988431

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 23:22:33 GMT
server: nginx
etag: W/"610b2139-202a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 31efe044a7e13842b352ffea3b106b5e.js Show response
ensighten.norton.com/symantec/aemprod/code/ 271 B
445 B 8ms
8ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/31efe044a7e13842b352ffea3b106b5e.js?conditionId0=4827561
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5512c28cd25c166d8c37331fe635b82e44832d8813e9f317bed00c2b0fef644f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:59 GMT
last-modified: Tue, 20 Apr 2021 21:31:49 GMT
server: nginx
etag: "607f4845-10f"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 271

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 169 KB
62 KB 435ms
47ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FG3M2ET3ED

Requested by

Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

22d5bae4f502a6d3f7a3db5475f532960932d6d075e5baf648dae5c10ea7c6de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62716
x-xss-protection: 0
expires: Fri, 19 Nov 2021 15:58:00 GMT

GET
H2 200 quantum-norton.js Show response
cdn.quantummetric.com/qscripts/ 248 KB
71 KB 62ms
30ms Script
text/javascript 2606:4700:10::6816:35fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-norton.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/code/7d7b1a1d66266352d0485173c62fc979.js?conditionId0=649166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:35fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f0539ea7f9211a5277c39f82e1b95d1324d739efb4b4cebf56df2f64e2fbe31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:00 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 93
etag: W/"163733436347316365810289581637312404398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=31536000
cf-ray: 6b0aa331ee735be1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK dest5.html Show response
symantec.demdex.net/ Frame B2C2 7 KB
3 KB 128ms
31ms Document
text/html 34.248.116.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://symantec.demdex.net/dest5.html?d_nsid=0

Requested by

Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.116.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-116-162.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Fri, 19 Nov 2021 15:58:00 GMT
DCS: dcs-prod-irl1-1-v019-0a22ddc4b.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 1 Nov 2021 10:01:09 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: OFh5nfFaSf4=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YZfJiAAAAGJgsgO1
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=37040516769115198340580189289081866711
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZfJiAAAAGJgsgO1

42 B
945 B

29ms
29ms

Image
image/gif

34.248.116.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZfJiAAAAGJgsgO1

Requested by

Host: sg.norton.com
URL: https://sg.norton.com/

Protocol

HTTP/1.1

Server

34.248.116.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-116-162.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0724f3096.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Hydf3GyHTI8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZfJiAAAAGJgsgO1
Date: Fri, 19 Nov 2021 15:58:00 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 json Show response
symantec.tt.omtrdc.net/m2/symantec/mbox/ 1 KB
1 KB 100ms
36ms XHR
application/json 52.18.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://symantec.tt.omtrdc.net/m2/symantec/mbox/json?mbox=sym_global_mbox&mboxSession=9323fc1cf79545f5be8585c4d6cd037d&mboxPC=&mboxPage=2142b707e91f4a51b5f6c42b87ed8347&mboxRid=f4825f32098346aaa10ea904d720f0f7&mboxVersion=1.8.2&mboxCount=1&mboxTime=1637337479830&mboxHost=sg.norton.com&mboxURL=https%3A%2F%2Fsg.norton.com%2F&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&profile.TCG=8&vendor_type=none&program_type=unknown&site_country=sg&site_section=norton.com&content_title=home&site_language=en&traffic_source=direct&ExistingCustomer=existing_customer%3A%20No&site_sub_section=homepage&current_subchannel=&site_content_title=home&original_subchannel=&profile.vendor_type=none&profile.program_type=unknown&profile.site_country=sg&site_sub_sub_section=missing&%20profile.site_section=norton.com&profile.site_language=en&profile.%20traffic_source=direct&profile.ExistingCustomer=existing_customer%3A%20No&profile.%20site_sub_section=homepage&profile.current_subchannel=&profile.site_content_title=home&profile.original_subchannel=&mboxMCSDID=3C13383DC3F6FCF2-7A46DF2B8CC2AC0D&mboxMCGVID=36874519511798755630596206291912983910&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.150.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-150-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 852f9d9b6d14568303f35011ec882a7c3465639d541a837eb66b52b40c0b1318

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:00 GMT
content-encoding: gzip
timing-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://sg.norton.com
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
x-request-id: f4825f32098346aaa10ea904d720f0f7

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 499ms
123ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1304930-30

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fb7bc48b8f84b04c695abb55f130de3f238ea8cabae7b7154a5478eaefdaa9cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36179
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 15:58:00 GMT

GET
H2 200 s5208423812985
oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/ 43 B
421 B 61ms
18ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/s5208423812985?AQB=1&ndh=1&pf=1&t=19%2F10%2F2021%2015%3A58%3A0%205%200&sdid=3C13383DC3F6FCF2-7A46DF2B8CC2AC0D&mid=36874519511798755630596206291912983910&aamlh=6&ce=UTF-8&pageName=norton.com%3Asg%3Ahomepage%3Ahome&g=https%3A%2F%2Fsg.norton.com%2F&server=norton&events=event79%3D4%2Cevent69&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=sg&c3=en&v5=none&c14=D%3Dv16&v16=norton%3Adirect&v18=D%3DpageName&v21=D%3Dc21&v27=D%3Dc2&v28=D%3Dc3&c35=D%3DpageName&c41=norton.com&v41=D%3Dc41&c46=html&c47=page&v47=s_code_norton&c48=home&v48=D%3Dc49&c49=homepage&v49=D%3Dc48&v57=36874519511798755630596206291912983910&c59=norton.com%3Ahomepage%3Ahome&v59=D%3Dc59&v66=unknown&v72=norton.com&c75=D%3Dv57&v90=existing_customer%3A%20No&v96=https%3A%2F%2Fsg.norton.com%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1

Requested by

Host: sg.norton.com
URL: https://sg.norton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:00 GMT
x-content-type-options: nosniff
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sat, 20 Nov 2021 15:58:00 GMT
server: jag
xserver: anedge-6988cccb6f-wtvkn
etag: 3516155465742450688-4619733623201242963
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 18 Nov 2021 15:58:00 GMT

GET
BLOB 200
OK 5a7f4d76-5944-4df4-99b7-6fec61763ef8
https://sg.norton.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://sg.norton.com/5a7f4d76-5944-4df4-99b7-6fec61763ef8
Requested by: Host: sg.norton.com
URL: https://sg.norton.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80001c402149eff011b5e7e87c3dd72dc2de45d3d430d98418eb62c2ec5ad596

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 17224
Content-Type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
35 KB 50ms
49ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1304930-30&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FG3M2ET3ED

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3e981892ad4a682e2463b58d027e7cf7f90e0f892cf0f89ef54c6b58cab345b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36203
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 15:58:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 422ms
39ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1304930-30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3413
date: Fri, 19 Nov 2021 15:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 19 Nov 2021 17:01:07 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
345 B 607ms
332ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FG3M2ET3ED&gtm=2oeba1&_p=1414202085&sr=1600x1200&_gaz=1&ul=en-us&cid=-MosunfwdA1eF2_sDqbY&_s=1&dl=https%3A%2F%2Fsg.norton.com%2F&dt=Official%20Site%20%7C%20Norton%E2%84%A2%20-%20Antivirus%20%26%20Anti-Malware%20Software&sid=1637337480&sct=1&seg=0&en=page_view&_fv=2&_ss=1&ep.instanceId=-MosunfwdA1eF2_sDqbY&ep.measurementId=G-FG3M2ET3ED&ep.streamId=2427862270&ep.streamDomain=norton.com&ep.streamName=Norton%20Web&epn.instanceTime=1637337479932&ep.novaClientId=-MosunfwdA1eF2_sDqbY&epn.novaClientBin=96&epn.novaClientTime=1637337479932&ep.novaId=-MosunfwdA1eF2_sDqbY.96.-MosunfwdA1eF2_sDqbY.1...AHsG&ep.novaHitId=-MosunfwdA1eF2_sDqbY&epn.novaHitTime=1637337479932&epn.novaHitNumber=1&ep.cookieKeys=AMCV_67C716D751E567F70A490D4C%40AdobeOrg%3Bat_check%3Bes%3Bmbox%3Bpromocode%3Btp%3BttControl&epn.cookieCount=7&epn.cookieCountPressure=14&epn.cookieBytesPressure=9&epn.cookieBytes=363&ep.siteCountry=SG&ep.siteCountry3=SGP&ep.siteLanguage=en&ep.siteCurrency=SGD&ep.siteProgramType=unknown&ep.siteSection=norton.com&ep.siteSectionName=home&ep.siteSubSection=homepage&ep.sitePageName=home&ep.siteChannelTrafficSource=direct&epn.pageTextHashId=7156745080920981&ep.pageURL=https%3A%2F%2Fsg.norton.com%2F&ep.pageURLHashId=6128561047006025&ep.pageDomain=sg.norton.com&ep.pageDomainRoot=norton.com&ep.pagePath=%2F&epn.perfNovaStart=457&epn.perfNovaCookies=0&epn.perfNovaId=2&epn.perfNovaAdobe=0&epn.perfPage=1&epn.perfNova=17&epn.perfGtagDownload=510&epn.perfGtagConfig=1006.0999994277954&up.instanceId=-MosunfwdA1eF2_sDqbY&up.novaClientId=-MosunfwdA1eF2_sDqbY&upn.novaClientBin=96&upn.novaClientTime=1637337479932&up.novaId=-MosunfwdA1eF2_sDqbY.96.-MosunfwdA1eF2_sDqbY.1...AHsG&up.novaHitId=-MosunfwdA1eF2_sDqbY&upn.novaHitTime=1637337479932&upn.novaHitNumber=1&upn.instanceTime=1637337479932&up.cookieKeys=AMCV_67C716D751E567F70A490D4C%40AdobeOrg%3Bat_check%3Bes%3Bmbox%3Bpromocode%3Btp%3BttControl&upn.cookieCount=7&upn.cookieCountPressure=14&upn.cookieBytesPressure=9&upn.cookieBytes=363
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FG3M2ET3ED
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sg.norton.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sg.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
345 B 55ms
18ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FG3M2ET3ED&cid=-MosunfwdA1eF2_sDqbY&gtm=2oeba1&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FG3M2ET3ED
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sg.norton.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sg.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 445ms
60ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FG3M2ET3ED&cid=-MosunfwdA1eF2_sDqbY&gtm=2oeba1&aip=1&z=572070548

Requested by

Host: sg.norton.com
URL: https://sg.norton.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 50ms
50ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1414202085&t=pageview&_s=1&dl=https%3A%2F%2Fsg.norton.com%2F&ul=en-us&de=UTF-8&dt=Official%20Site%20%7C%20Norton%E2%84%A2%20-%20Antivirus%20%26%20Anti-Malware%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=908089303&gjid=1551247091&cid=1132071583.1637337481&tid=UA-1304930-30&_gid=512469642.1637337481&_r=1&gtm=2ouba1&z=1224966145

Requested by

Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sg.norton.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sg.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 seo Show response
buy.norton.com/redirector/ 65 B
596 B 198ms
54ms Script
text/javascript 23.100.48.86
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.norton.com/redirector/seo?callback=jQuery311036326642917045904_1637337479849&ptype=cartpopover&trf_id=symcom&scsguid=0&COUNTRY=SG&LANGUAGE=en&_=1637337479850

Requested by

Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.100.48.86 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7e7bfde081dee6d9cd6e69843ed10f31909ccdd789dcf4278114d450c6d94eca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-oneagent-js-injection: true
date: Fri, 19 Nov 2021 15:58:01 GMT
server-timing: dtRpid;desc="342388407", dtSInfo;desc="0"
content-length: 65
requestid: ca58823ea4e60000
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript;charset=utf-8

GET
H2 200 tag4arm.js Show response
www.tag4arm.com/tags4arm/ 69 KB
24 KB 92ms
39ms Script
application/javascript 3.11.233.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tag4arm.com/tags4arm/tag4arm.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/code/08737c1b11d757851e49a84dda8d71e5.js?conditionId0=650959
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.233.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-233-241.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2231582d65dac7e03f2bdc05be35ff373ca893111098cbd87b56adbb91d33faf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: public
date: Fri, 19 Nov 2021 15:58:01 GMT
content-encoding: gzip
last-modified: Wed, 16 Sep 2020 10:21:00 GMT
server: nginx
etag: W/"5f61e70c-1149f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200, public
expires: Fri, 19 Nov 2021 17:58:01 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 68ms
9ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/code/879b1a59ff64243d05256a6c75358f3c.js?conditionId0=4884823
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 26 Nov 2021 15:58:01 GMT

GET
H2 200 evt.js Show response
tag.havasedge.com/js/ 24 KB
24 KB 82ms
9ms Script
application/javascript 143.204.98.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.havasedge.com/js/evt.js
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-53.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5a403cde94489fbabee50920863e89754a03cdee36a56293a98849f4575131c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:15:18 GMT
via: 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
etag: "8b0265db8f45d7b712c79ce5fd2fff2d"
last-modified: Wed, 05 Aug 2020 20:27:36 GMT
server: AmazonS3
age: 3772
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 24685
x-amz-cf-id: dLqBiFQHlBC5kFbO3QTFqtmIkVPRrjrIHUB071OzAQh3VLBPfZCpKQ==

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
2 KB 40ms
40ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2883
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 Nov 2021 16:09:57 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 36 KB
11 KB 50ms
27ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:00 GMT
content-encoding: gzip
last-modified: Sat, 13 Nov 2021 03:55:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F6146ED6AC294D8FBE0A1342246F27D8 Ref B: FRAEDGE1318 Ref C: 2021-11-19T15:58:00Z
etag: "80dc6f5342d8d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10442

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 51ms
51ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8136487

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bbeeb62f26a07ace61ffaa24667d91c0069318ce5647298f776f9cdcb9be01d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35970
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 15:58:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 48ms
47ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8136487&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FG3M2ET3ED

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

287e2bf744323ef156beb3d763a497384872f3d22e0c5708e496518249c97cc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35977
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 15:58:00 GMT

GET
H2 200 A247452-16ea-46a1-bf3e-0d9e4518ff9c1.js Show response
d.impactradius-event.com/ 41 KB
13 KB 57ms
15ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A247452-16ea-46a1-bf3e-0d9e4518ff9c1.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/code/7d7b1a1d66266352d0485173c62fc979.js?conditionId0=649166
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9c5dfd2c1e67bb7dd989e4a7485cd7f458d18ac763ad96e52cf3f7c7617f1981

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:57:20 GMT
content-encoding: gzip
age: 41
x-guploader-uploadid: ADPycdtCdBtDe9TRgnvW0ZUg1Rs9Zw2qvQnnEx7-RMgEFa8ykSOx2Sm-DPn83_0uU0aFLDK9SbWteAQjEq-imW3G08c
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 13041
last-modified: Mon, 25 Oct 2021 19:54:53 GMT
server: UploadServer
etag: "d856b2e19a700621b43ad5f6869bc58c"
vary: Accept-Encoding
x-goog-hash: crc32c=htUM+A==, md5=2Fay4ZpwBiG0OtX2hpvFjA==
x-goog-generation: 1635191693530102
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13041
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Fri, 19 Nov 2021 16:02:20 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 38ms
11ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/code/7d7b1a1d66266352d0485173c62fc979.js?conditionId0=649166
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kiad7000104-IAD, cache-hhn11537-HHN

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ 43 B
131 B 402ms
98ms Image
image/gif 35.168.179.4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=lead&content_id=sg&pixid=39d22f07-d8d0-45a7-a066-108db0a14293
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.179.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-179-4.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 TC-3086-2.gif
pt.ispot.tv/v2/ 43 B
314 B 48ms
7ms Image
image/gif 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3086-2.gif?app=web&type=Visit&customdata=sg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:01 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 tr
www.facebook.com/ 44 B
295 B 26ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=2010787619164716&ev=ViewContent&cd[content_name]=home&eid=e227080d-e003-45b2-b03b-8306f6e39f14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 19 Nov 2021 15:58:01 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 27ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: Ioel5COyKIypmVZgks8C9fa7r+MNPhBSQnMG6WL7ErkhafP9z9/FdSkkBCCoddXDzzRE4Mf8Qc+nl1l1kfZU+A==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 19 Nov 2021 15:58:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 39ms
39ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3414
date: Fri, 19 Nov 2021 15:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 19 Nov 2021 17:01:07 GMT

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/wu/458056/onsite/ 2 KB
1 KB 40ms
6ms Script
application/javascript 151.101.65.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/wu/458056/onsite/embed.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9d90ed85d419c84172366a6d1e2baacb40f90181ff9435aa02098a5c5205cda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: IZBiQOoiKDAkLdlKDHOnhi8FNL7FIcks
content-encoding: gzip
etag: "9601b6e83ac6e4e1d67d18bf6b66d20a"
age: 154226
via: 1.1 varnish
x-cache: HIT
content-length: 665
x-amz-id-2: 1lXBsezeZKlmKKFKBYkBMCwjxEDTy7cO7dAQ1mALHmBEZUgbgsZlatLdRm9vTGUjiynLH46vr2Q=
x-served-by: cache-hhn4041-HHN
last-modified: Wed, 17 Nov 2021 21:07:33 GMT
server: AmazonS3
x-timer: S1637337481.065662,VS0,VE0
date: Fri, 19 Nov 2021 15:58:01 GMT
vary: Accept-Encoding
x-amz-request-id: VT2W7DVDHZRQZAG7
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 5932

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 3 KB
3 KB 64ms
20ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_pp=1&event_type=catchall&industry=retail&mt_id=1080302&mt_adid=174308&page_name=norton.com:sg:homepage:home&s1=missing
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master zrh-pixel-x14 config:1.0.0 /
Resource Hash: 93f17cc28027b8f9e4283b81e7db6c792191c5240b1b5c29d1a9e15c89ffac13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:01 GMT
Server: MT3 4103 f8fad19 master zrh-pixel-x14 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 2625
Expires: Fri, 19 Nov 2021 15:58:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 21ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1304930-30&cid=1132071583.1637337481&jid=908089303&gjid=1551247091&_gid=512469642.1637337481&_u=YEBAAUAAAAAAAC~&z=824826373

Requested by

Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sg.norton.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Nov 2021 15:58:01 GMT
content-type: text/plain
access-control-allow-origin: https://sg.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame F9BF 90 B
891 B 366ms
118ms XHR
application/json 35.222.211.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fsg.norton.com%2F&t=1637337480987&v=1637337481019&z=1&S=0&N=0&P=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

f8cac67255a4596da33ea89fce39829246b3e10c1fa4613f95a60731ab325495

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sg.norton.com
access-control-allow-credentials: true
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
strict-transport-security: max-age=31536000; includeSubDomains;

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
674 B 131ms
114ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuzip&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=84127ef7-190f-4c47-8455-e3277187b41b&tw_document_href=https%3A%2F%2Fsg.norton.com%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Fri, 19 Nov 2021 15:58:01 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 1de93bca74a2ac70f3b8dec8bae35bdfc885c27481dea7d478c2e2233e58807b
x-transaction: 7d6cdeca7f30d210
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
471 B 139ms
119ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=nuzip&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=84127ef7-190f-4c47-8455-e3277187b41b&tw_document_href=https%3A%2F%2Fsg.norton.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Fri, 19 Nov 2021 15:58:01 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 4106a9af9f296045a45fe4eb9aaf70d8091d42aae59f36f00f9b839f87398fe0
x-transaction: f21d997f903b6280
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 204 5441611.js Show response
bat.bing.com/p/action/ 0
110 B 32ms
30ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5441611.js
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Nov 2021 15:58:00 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8F42A7DC849A42A285F1DC2122508C28 Ref B: FRAEDGE1318 Ref C: 2021-11-19T15:58:01Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
150 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5441611&Ver=2&mid=714d5a29-7af7-4424-a804-1f4a0960893f&sid=78d9d8e0495111ec874c9726e71b3b25&vid=78da06f0495111ecbfe8ff8f97a6a1e6&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Official%20Site%20%7C%20Norton%E2%84%A2%20-%20Antivirus%20%26%20Anti-Malware%20Software&p=https%3A%2F%2Fsg.norton.com%2F&r=&lt=1509&evt=pageLoad&msclkid=N&sv=1&rn=1509
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8B04822EF7D6442D94801B5D2D9D5AB2 Ref B: FRAEDGE1318 Ref C: 2021-11-19T15:58:01Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-fETBw9dnXJkCC.js Show response
rules.quantcount.com/ 2 KB
1 KB 58ms
13ms Script
application/javascript 2600:9000:2156:3400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-fETBw9dnXJkCC.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92b2a1721ce3ea4700cbfd81d372fc683a8b103a75480cc348f977d17fba52ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:24:35 GMT
content-encoding: gzip
age: 2007
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Tue, 11 May 2021 01:09:39 GMT
server: AmazonS3
etag: W/"ab0cddbfbcc6eb11f728243acbff2ccd"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Ro9jV9pBfipTcagjPjrA7nedYhAfUsgXWJ9AO-mPzJb1AhJ2v9AnuQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 629ms
101ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1304930-30&cid=1132071583.1637337481&jid=908089303&_u=YEBAAUAAAAAAAC~&z=494188432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 364ms
62ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1304930-30&cid=1132071583.1637337481&jid=908089303&_u=YEBAAUAAAAAAAC~&z=494188432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 4405 Show response
norton.ow5a.net/xur/ 46 B
813 B 96ms
28ms XHR
application/json 52.16.149.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://norton.ow5a.net/xur/4405
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.149.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-149-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 14adab71f395781be331ba1654563ab2a4ddeadb20eca24f73ff1d887ba6c602

Request headers

Referer: https://sg.norton.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:01 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin: https://sg.norton.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
expires: Fri, 19 Nov 2021 15:58:01 GMT

GET
H3

200

activityi;dc_pre=CMmnyLflpPQCFUrtUQodoloACA;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;... Show response
8136487.fls.doubleclick.net/ Frame 271E
Redirect Chain

https://8136487.fls.doubleclick.net/activityi;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=s...
https://8136487.fls.doubleclick.net/activityi;dc_pre=CMmnyLflpPQCFUrtUQodoloACA;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undef...

4 KB
2 KB

109ms
61ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8136487.fls.doubleclick.net/activityi;dc_pre=CMmnyLflpPQCFUrtUQodoloACA;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;u8=en;u9=home;ps=1;~oref=https%3A%2F%2Fsg.norton.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8136487&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

005be3486072ddcb0567cf26d557f33f361d27531818d878321254d4afdf827b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Nov 2021 15:58:01 GMT
expires: Fri, 19 Nov 2021 15:58:01 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1999
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 19 Nov 2021 15:58:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8136487.fls.doubleclick.net/activityi;dc_pre=CMmnyLflpPQCFUrtUQodoloACA;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;u8=en;u9=home;ps=1;~oref=https%3A%2F%2Fsg.norton.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 activityi;register_conversion=1;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;u8=en;u9=hom...
8136487.fls.doubleclick.net/ 0
0 133ms
50ms Image
text/html 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8136487.fls.doubleclick.net/activityi;register_conversion=1;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;u8=en;u9=home;ps=1;~oref=https%3A%2F%2Fsg.norton.com%2F?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
50 KB 351ms
49ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1043330685&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FG3M2ET3ED

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c1a812a6dd5ce7a656f05bd7cce94ab77d7a4b31ea08f09bd8ad54e97a70e066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50821
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 15:58:01 GMT

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame F9BF 0
627 B 380ms
234ms XHR
application/json 35.222.211.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fsg.norton.com%2F&t=1637337480987&v=1637337481025&z=1&Q=1&Y=1&X=48d68d8d9d4841652e32e525899bfb13

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
date: Fri, 19 Nov 2021 15:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/json
access-control-allow-origin: https://sg.norton.com
access-control-allow-credentials: true
content-length: 0

GET
H2 200 track-event
event.havasedge.com/ 0
38 B 564ms
170ms Image
text/plain 44.236.15.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.havasedge.com/track-event?emeta=eyJwIjoiaHR0cHM6Ly9zZy5ub3J0b24uY29tLyIsIm8iOiJodHRwczovL3NnLm5vcnRvbi5jb20iLCJhbyI6W10sInBhcm1zIjp7fSwicHIiOiIiLCJpbmYiOmZhbHNlLCJsY2tpZCI6ImJhMWQ2OGU4LWUwM2ItYjI4My00OWYwLTJkMDg2NzhhNTM5YyIsInNvdXJjZSI6IkhhdmFzRWRnZS5FdmVudFRhZyIsImJ0IjoxNjM3MzM3NDgxMTMyLCJieiI6MCwicGxnIjpbIkNocm9tZSBQREYgUGx1Z2luIiwiQ2hyb21lIFBERiBWaWV3ZXIiLCJOYXRpdmUgQ2xpZW50Il0sInBsdCI6IkxpbnV4IHg4Nl82NCIsImNrIjp0cnVlLCJ0ciI6ZmFsc2UsImgiOjEyMDAsInciOjE2MDAsImNkIjoyNH0%3D&trkGuid=0d24d362-9133-4cf0-8e7e-be8762f0510a&evtGuid=5cf27ba5-9ea8-4014-99ea-ec775d2a8e7e&data-country=sg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.15.248 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-15-248.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
content-length: 0

GET
H2 200 generic1637183251563.js Show response
nebula-cdn.kampyle.com/us/wu/458056/onsite/ 804 KB
97 KB 9ms
9ms Script
application/javascript 151.101.65.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/us/wu/458056/onsite/generic1637183251563.js
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4fbba78373de49eba1d7392fb71c6fcfe9665dd7a8d170fb5a4db61cab1051c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: vomCu.wQpXnLqQ.3H6oR0JIt_UT9DpIe
content-encoding: gzip
etag: "b6bd2b311889ba581a949f791b1b6162"
age: 154228
via: 1.1 varnish
x-cache: HIT
content-length: 99311
x-amz-id-2: 05Lwj0HYR2VYqYYT2DUoK8pvwLEtapgYS4DTRe4ZOwHc11rj/kjK+AJpgzONqHJURMS8p3/2AfY=
x-served-by: cache-hhn4041-HHN
last-modified: Wed, 17 Nov 2021 21:07:32 GMT
server: AmazonS3
x-timer: S1637337481.136920,VS0,VE0
date: Fri, 19 Nov 2021 15:58:01 GMT
vary: Accept-Encoding
x-amz-request-id: WA97FGYWR5X4F1FJ
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1396

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 31ms
31ms Script
text/javascript 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_pp=2&mt_adid=174308&page_name=norton.com%3Asg%3Ahomepage%3Ahome&industry=retail&language=de-DE%2Cde%3Bq%3D0.9&mt_lim=20&mt_id=1080302&s1=missing&event_type=catchall&document_title=Official%20Site%20%7C%20Norton%E2%84%A2%20-%20Antivirus%20%26%20Anti-Malware%20Software&location=https%3A%2F%2Fsg.norton.com%2F&document_path=%2F&mt_cb=1637337481134
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0 /
Resource Hash: c43c08ec33c21d1a98280402cda5f3f269227db38ee7e10771a20ba981d297c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:01 GMT
Server: MT3 4133 baa842e master cdg-pixel-x1 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1421
Expires: Fri, 19 Nov 2021 15:58:00 GMT

GET
H2 200 pixel;r=448050433;source=ENS;labels=_fp.channel.SG%2C_fp.event.Sitewide;rf=0;a=p-fETBw9dnXJkCC;url=https%3A%2F%2Fsg.norton.com%2F;uht=2;fpan=1;fpa=P0-2052161937-1637337481136;pbc=;ns=0;ce=1;qjs=1;q...
pixel.quantserve.com/ 35 B
371 B 35ms
17ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=448050433;source=ENS;labels=_fp.channel.SG%2C_fp.event.Sitewide;rf=0;a=p-fETBw9dnXJkCC;url=https%3A%2F%2Fsg.norton.com%2F;uht=2;fpan=1;fpa=P0-2052161937-1637337481136;pbc=;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=norton.com;je=0;sr=1600x1200x24;dst=0;et=1637337481136;tzo=0;ogl=type.website%2Curl.https%3A%2F%2Fsg%252Enorton%252Ecom%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:01 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 2015123092042575 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 73ms
63ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2015123092042575?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b79bb831b17ebe7ebb4c1d424ed6b4f1a59b77801c9b9b6d2609760e488a9f4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: tFp050dfnUMPwACXGmtAv87Cy/6LqJL+okf9w3bg9wZW5maOV5zQvLoXNZBB6ktRoL9DFAQXKjUaM9+QcFzaig==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 19 Nov 2021 15:58:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag4armcheck.php Show response
www.tag4arm.com/tags4arm/scripts/ 1 B
209 B 68ms
20ms XHR
text/html 3.11.233.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tag4arm.com/tags4arm/scripts/tag4armcheck.php?name=449
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.233.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-233-241.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
content-encoding: gzip
referrer-policy: origin
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *

GET
H2 200 tag4arm.php
www.tag4arm.com/tags4arm/ 43 B
153 B 51ms
49ms Image
image/gif 3.11.233.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tag4arm.com/tags4arm/tag4arm.php?action_name=Official%20Site%20%7C%20Norton%E2%84%A2%20-%20Antivirus%20%26%20Anti-Malware%20Software&idsite=449&rec=1&r=365394&h=15&m=58&s=1&url=https%3A%2F%2Fsg.norton.com%2F&_id=c03a4b76b7963d8d&_idts=1637337481&_idvc=1&_idn=0&_refts=0&_viewts=1637337481&send_image=1&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=20&pv_id=zo2JxU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.233.241 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-233-241.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
cache-control: no-store
referrer-policy: origin
server: nginx
content-type: image/gif

GET
H2 200 cool-2.1.15.min.js Show response
nebula-cdn.kampyle.com/resources/onsite/js/ 14 KB
5 KB 9ms
6ms Script
application/javascript 151.101.65.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nebula-cdn.kampyle.com/resources/onsite/js/cool-2.1.15.min.js
Requested by: Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/us/wu/458056/onsite/generic1637183251563.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.175 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 9HCXbKZTbCJZkS8s9IuB.pE0JEvI0TGW
content-encoding: gzip
etag: "80dd5e3be5152c5c72d552c6a26ef6ff"
age: 456006
via: 1.1 varnish
x-cache: HIT
content-length: 5197
x-amz-id-2: bejjwupKEYbEyjVwpacQqqZA3gGOvlXmHw6eHdPi5xUAApmNfTIoKkNQvpWQv4Q5qtHV2+YRRak=
x-served-by: cache-hhn4041-HHN
last-modified: Sun, 24 Jan 2021 11:03:10 GMT
server: AmazonS3
x-timer: S1637337481.192444,VS0,VE0
date: Fri, 19 Nov 2021 15:58:01 GMT
vary: Accept-Encoding
x-amz-request-id: ZRNYTPBBM8YYY8A4
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 239564

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame 629B 5 KB
2 KB 30ms
29ms Document
text/html 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3c86197-c989-4000-87da-545acf8e8e2d&no_iframe=1&mt_adid=174308&mt_lim=20&source=mathtag
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master zrh-pixel-x28 config:1.0.0 /
Resource Hash: 0e2a33fb98e495bcb345964d4ab84024388beeccd920e70a881b01c7adc92c1b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/

Response headers

Content-Type: text/html
Access-Control-Allow-Origin: *
Server: MT3 4103 f8fad19 master zrh-pixel-x28 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Fri, 19 Nov 2021 15:58:00 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Fri, 19 Nov 2021 15:58:01 GMT
Content-Length: 1757
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
524 B 34ms
21ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master cdg-pixel-x6 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:01 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x6 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Nov 2021 15:58:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 131ms
47ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1414202085&t=pageview&_s=1&dl=https%3A%2F%2Fsg.norton.com%2F&ul=en-us&de=UTF-8&dt=Official%20Site%20%7C%20Norton%E2%84%A2%20-%20Antivirus%20%26%20Anti-Malware%20Software&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIJAAAAAC~&jid=782600150&gjid=674793078&cid=1132071583.1637337481&tid=UA-1304930-1&_gid=512469642.1637337481&_r=1&_slc=1&did=dNjIxNT&z=2073828211

Requested by

Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sg.norton.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sg.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 154ms
114ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk2LjAuNDY2NC40NSBTYWZhcmkvNTM3LjM2Iiwic2Vzc2lvbl9wbGF0Zm9ybSI6ICJMaW51eCB4ODZfNjQiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjEuMTUiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTYzNzMzNzQ4MTIzOSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTdkMzhlYjQwMTUyYi0wY2IzMmZiOTE2YmI3LTk3ODE4M2EtMWQ0YzAwLTE3ZDM4ZWI0MDE2YjJmIiwiZW52aXJvbWVudCI6ICJwcm9kVXNPcmVnb24iLCJhY2NvdW50SWQiOiA0NTgwNTQsInVybCI6ICJodHRwczovL3NnLm5vcnRvbi5jb20vIiwid2Vic2l0ZUlkIjogNDU4MDU2LCJmb3JtSWQiOiBudWxsLCJmb3JtVHJpZ2dlclR5cGUiOiBudWxsLCJrYW1weWxlX2RhdGEiOiB7IkxBU1RfSU5WSVRBVElPTl9WSUVXIjogIiIsIkRFQ0xJTkVEX0RBVEUiOiAiIiwia2FtcHlsZUludml0ZVByZXNlbnRlZCI6ICIiLCJrYW1weWxlX3VzZXJpZCI6ICI2MGU1LWQ3YTMtMDA5Ny1hZTQ2LWU3MGUtOGM2NC1mMDQ3LTdiMDAiLCJrYW1weWxlVXNlclNlc3Npb24iOiAiMTYzNzMzNzQ4MTE5MyIsImthbXB5bGVVc2VyUGVyY2VudGlsZSI6ICIiLCJTVUJNSVRURURfREFURSI6ICIifSwiY29va2llX3NpemUiOiAxOTk1LCJrYW1weWxlX3ZlcnNpb24iOiAiMi40Mi4wIiwib25zaXRlX3ZlcnNpb24iOiAiMi40Mi4wIiwiaGlzdG9yeV9sZW5ndGgiOiAyLCJldmVudF9sb2NhbF90aW1lc3RhbXAiOiAxNjM3MzM3NDgxMTk2LCJwb3NpdGlvbiI6IG51bGwsImlzVXNlcklkZW50aWZpZWQiOiBmYWxzZSwiZmVlZGJhY2tfY29ycmVsYXRpb25fdXVpZCI6IG51bGx9Cl19
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-10nl
date: Fri, 19 Nov 2021 15:58:01 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-application-context: application:9090

GET
H3 200 2010787619164716 Show response
connect.facebook.net/signals/config/ 306 KB
88 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2010787619164716?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6f3f729a2d870bacfa397eca172a7aa4bf38dd46fcac0f1847f5826360400ba1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89679
x-xss-protection: 0
pragma: public
x-fb-debug: 1hyvRsVZf3LvWNo8KK5ctbiPGjjRUYxiOgC8Pn1UocY4Znqsprs5yM/noHM1zAVNRSL6qvknHqQ9HnCFf2/1Bg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 19 Nov 2021 15:58:01 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 20ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2015123092042575&ev=PageView&dl=https%3A%2F%2Fsg.norton.com%2F&rl=&if=false&ts=1637337481256&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.1.1637337481254.473136881&it=1637337481142&coo=false&dpo=&eid=957a1bb4-9c2f-4f6d-981f-9290c29da60b&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 19 Nov 2021 15:58:01 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 629B 43 B
517 B 20ms
19ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=0:20&mt_cb=298277&mop_top=
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3c86197-c989-4000-87da-545acf8e8e2d&no_iframe=1&mt_adid=174308&mt_lim=20&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master cdg-pixel-x24 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3c86197-c989-4000-87da-545acf8e8e2d&no_iframe=1&mt_adid=174308&mt_lim=20&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:01 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Nov 2021 15:58:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 629B 43 B
525 B 22ms
22ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3c86197-c989-4000-87da-545acf8e8e2d&no_iframe=1&mt_adid=174308&mt_lim=20&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master cdg-pixel-x11 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3c86197-c989-4000-87da-545acf8e8e2d&no_iframe=1&mt_adid=174308&mt_lim=20&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:01 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x11 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Nov 2021 15:58:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2010787619164716&ev=PageView&dl=https%3A%2F%2Fsg.norton.com%2F&rl=&if=false&ts=1637337481288&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.1.1637337481254.473136881&it=1637337481142&coo=false&dpo=&eid=b1378062-e6f8-4d0e-a061-e7c955b6ef45&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 19 Nov 2021 15:58:01 GMT

GET
H2

200

nsjs Show response
action.media6degrees.com/orbserv/ Frame 271E
Redirect Chain

https://action.dstillery.com/orbserv/nsjs?adv=cl1030528&ns=5761&nc=site&ncv=54&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nsjs?adv=cl1030528&ns=5761&nc=site&ncv=54&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

5 B
254 B

1199ms
1188ms

Script
text/html

2606:4700::6812:b4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://action.media6degrees.com/orbserv/nsjs?adv=cl1030528&ns=5761&nc=site&ncv=54&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: 8136487.fls.doubleclick.net
URL: https://8136487.fls.doubleclick.net/activityi;dc_pre=CMmnyLflpPQCFUrtUQodoloACA;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;u8=en;u9=home;ps=1;~oref=https%3A%2F%2Fsg.norton.com%2F?
Protocol: H2
Server: 2606:4700::6812:b4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:02 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b0aa33d3bf62bad-FRA
content-language: de-DE
p3p: CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html;charset=ISO-8859-1

Redirect headers

date: Fri, 19 Nov 2021 15:58:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1
location: https://action.media6degrees.com/orbserv/nsjs?adv=cl1030528&ns=5761&nc=site&ncv=54&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
cf-ray: 6b0aa33aefbe2bad-FRA

GET
H2

200

js Show response
www.googletagmanager.com/gtag/ Frame 271E
Redirect Chain

https://urldefense.proofpoint.com/v2/url?u=https-3A__www.googletagmanager.com_gtag_js-3Fid-3DAW-2D934126755&d=DwIGAg&c=Ftw_YSVcGmqQBvrGwAZugGylNRkk-uER0-5bY94tjsc&r=XEGBLdvjFZRdqyVrfsrXrtv9QOSFcr-G...
https://www.googletagmanager.com/gtag/js?id=AW-934126755

97 KB
39 KB

345ms
44ms

Script
application/javascript

142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-934126755

Requested by

Host: 8136487.fls.doubleclick.net
URL: https://8136487.fls.doubleclick.net/activityi;dc_pre=CMmnyLflpPQCFUrtUQodoloACA;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;u8=en;u9=home;ps=1;~oref=https%3A%2F%2Fsg.norton.com%2F?

Protocol

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c715f4d3e2c6a12100d510071dc7998e0479f03afb2f12db220cc94d333677fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39542
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Nov 2021 15:58:02 GMT

Redirect headers

location: https://www.googletagmanager.com/gtag/js?id=AW-934126755
date: Fri, 19 Nov 2021 15:58:01 GMT
x-robots-tag: noindex, nofollow
content-length: 0
strict-transport-security: max-age=31536000

GET
H2 200 track
t.teads.tv/ Frame 271E 23 B
143 B 114ms
51ms Image
image/gif 23.58.216.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=conversion&conversion_type=NortonLoginLandingPageTrueVisits&advertiser_id=13314
Requested by: Host: 8136487.fls.doubleclick.net
URL: https://8136487.fls.doubleclick.net/activityi;dc_pre=CMmnyLflpPQCFUrtUQodoloACA;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;u8=en;u9=home;ps=1;~oref=https%3A%2F%2Fsg.norton.com%2F?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.58.216.7 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-58-216-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2

200

src=9338578;dc_pre=COWF1LflpPQCFY7Msgod9MQK4w;type=invmedia;cat=norto007;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/ Frame 271E
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9338578;type=invmedia;cat=norto007;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=9338578;dc_pre=COWF1LflpPQCFY7Msgod9MQK4w;type=invmedia;cat=norto007;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=9338578;dc_pre=COWF1LflpPQCFY7Msgod9MQK4w;type=invmedia;cat=norto007;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
494 B

1626ms
353ms

Image
image/gif

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9338578;dc_pre=COWF1LflpPQCFY7Msgod9MQK4w;type=invmedia;cat=norto007;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9338578;dc_pre=COWF1LflpPQCFY7Msgod9MQK4w;type=invmedia;cat=norto007;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 271E
Redirect Chain

https://secure.adnxs.com/px?id=1168448&seg=19408169&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1168448%26seg%3D19408169%26t%3D2

43 B
1 KB

15ms
15ms

Image
image/gif

185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1168448%26seg%3D19408169%26t%3D2

Requested by

Protocol

HTTP/1.1

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 15:58:01 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 2f5ce4e4-2bf0-4223-a5ad-767ec0e12129
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 15:58:01 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 27bb8380-4df0-4a17-90a1-46e641342a91
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1168448%26seg%3D19408169%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

beacon
r.turn.com/r/ Frame 271E
Redirect Chain

https://urldefense.proofpoint.com/v2/url?u=https-3A__r.turn.com_r_beacon-3Fb2-3D1X663ZffQgwJNcnRyNbsHb9bsaTW3270MwEjR7ZZqhw-5F5acl4SUVU8zKQjPVdrxKGnVg5CDfhR6IyfOShgI6wA-26cid-3D&d=DwIGAg&c=Ftw_YSVc...
https://r.turn.com/r/beacon?b2=1X663ZffQgwJNcnRyNbsHb9bsaTW3270MwEjR7ZZqhw_5acl4SUVU8zKQjPVdrxKGnVg5CDfhR6IyfOShgI6wA&cid=

43 B
407 B

115ms
45ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=1X663ZffQgwJNcnRyNbsHb9bsaTW3270MwEjR7ZZqhw_5acl4SUVU8zKQjPVdrxKGnVg5CDfhR6IyfOShgI6wA&cid=
Requested by: Host: 8136487.fls.doubleclick.net
URL: https://8136487.fls.doubleclick.net/activityi;dc_pre=CMmnyLflpPQCFUrtUQodoloACA;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=329794195.1637337481;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;u8=en;u9=home;ps=1;~oref=https%3A%2F%2Fsg.norton.com%2F?
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

location: https://r.turn.com/r/beacon?b2=1X663ZffQgwJNcnRyNbsHb9bsaTW3270MwEjR7ZZqhw_5acl4SUVU8zKQjPVdrxKGnVg5CDfhR6IyfOShgI6wA&cid=
date: Fri, 19 Nov 2021 15:58:01 GMT
x-robots-tag: noindex, nofollow
content-length: 0
strict-transport-security: max-age=31536000

GET
H2 200 dc_pre=CMmnyLflpPQCFUrtUQodoloACA;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=*;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;u8=en;u9=home;ps=1;~oref=http...
adservice.google.com/ddm/fls/z/ Frame 271E 42 B
107 B 2073ms
633ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMmnyLflpPQCFUrtUQodoloACA;src=8136487;type=lp;cat=lp;ord=3772222165814;gtm=2odba1;auiddc=*;u10=unknown;u11=missing;u12=undefined;u13=undefined;u14=direct;u7=sg;u8=en;u9=home;ps=1;~oref=https%3A%2F%2Fsg.norton.com%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=9973042;dc_pre=CNn907flpPQCFchJkQUdXrIOkQ;type=invmedia;cat=norto000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9644850868341.514
adservice.google.com/ddm/fls/z/ Frame 271E
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=9973042;type=invmedia;cat=norto000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9644850868341.514?
https://ad.doubleclick.net/ddm/activity/src=9973042;dc_pre=CNn907flpPQCFchJkQUdXrIOkQ;type=invmedia;cat=norto000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;or...
https://adservice.google.com/ddm/fls/z/src=9973042;dc_pre=CNn907flpPQCFchJkQUdXrIOkQ;type=invmedia;cat=norto000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord...

42 B
107 B

1902ms
633ms

Image
image/gif

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9973042;dc_pre=CNn907flpPQCFchJkQUdXrIOkQ;type=invmedia;cat=norto000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9644850868341.514

Requested by

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=9973042;dc_pre=CNn907flpPQCFchJkQUdXrIOkQ;type=invmedia;cat=norto000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=9644850868341.514
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
norton-app.quantummetric.com/ Frame F9BF 28 B
713 B 118ms
117ms XHR
application/json 35.222.211.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?s=653200d83f425da1f4501f2aefa7bac5&H=caccf356c997f2c90c0e500d&Q=3

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://sg.norton.com
access-control-allow-credentials: true
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
strict-transport-security: max-age=31536000; includeSubDomains;

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 141ms
51ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1043330685&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14378
x-xss-protection: 0
server: cafe
etag: 684346926396516684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 15:58:01 GMT

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame F9BF 0
627 B 118ms
117ms XHR
application/json 35.222.211.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fsg.norton.com%2F&t=1637337480987&v=1637337481522&H=caccf356c997f2c90c0e500d&s=653200d83f425da1f4501f2aefa7bac5&U=11c55f62ff25c92584a101cb143d473e&z=1&Q=2&S=0&N=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
date: Fri, 19 Nov 2021 15:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/json
access-control-allow-origin: https://sg.norton.com
access-control-allow-credentials: true
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/ 2 KB
2 KB 545ms
100ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1637337481654&cv=9&fst=1637337481654&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsg.norton.com%2F&tiba=Official%20Site%20%7C%20Norton%E2%84%A2%20-%20Antivirus%20%26%20Anti-Malware%20Software&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

012b6766b2612f52533ea4bba26350382413c49828e6a9e169686c66a7b33f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1065
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame F9BF 0
627 B 118ms
118ms XHR
application/json 35.222.211.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fsg.norton.com%2F&t=1637337480987&v=1637337481658&H=caccf356c997f2c90c0e500d&s=653200d83f425da1f4501f2aefa7bac5&z=1&S=1161&N=4&P=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
date: Fri, 19 Nov 2021 15:58:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/json
access-control-allow-origin: https://sg.norton.com
access-control-allow-credentials: true
content-length: 0

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 19ms
19ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1304930-1&cid=1132071583.1637337481&jid=782600150&gjid=674793078&_gid=512469642.1637337481&_u=aGDAAUIJAAAAAC~&z=1374117550

Requested by

Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sg.norton.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Nov 2021 15:58:01 GMT
content-type: text/plain
access-control-allow-origin: https://sg.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 363ms
62ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1304930-1&cid=1132071583.1637337481&jid=782600150&_u=aGDAAUIJAAAAAC~&z=1344589395

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 904ms
904ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1304930-1&cid=1132071583.1637337481&jid=782600150&_u=aGDAAUIJAAAAAC~&z=1344589395

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 629B 0
239 B 39ms
10ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e3c86197-c989-4000-87da-545acf8e8e2d&expires=28
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 629B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_cm&google_hm=48hhl8mJQACH2lRaz46OLQ
https://sync.mathtag.com/sync/img?mt_exid=4&mt_ec=64ws&mt_exuid=&google_gid=CAESEL_jJ2Mbpbz3UFYDN_qjJ_I&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=48hhl8mJQACH2lRaz46OLQ

170 B
188 B

90ms
46ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=48hhl8mJQACH2lRaz46OLQ

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 19 Nov 2021 15:58:02 GMT
Server: MT3 4103 f8fad19 master zrh-pixel-x31 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=48hhl8mJQACH2lRaz46OLQ
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 19 Nov 2021 15:58:01 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1043330685/ 42 B
64 B 143ms
143ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043330685/?random=1637337481654&cv=9&fst=1637334000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsg.norton.com%2F&tiba=Official%20Site%20%7C%20Norton%E2%84%A2%20-%20Antivirus%20%26%20Anti-Malware%20Software&async=1&fmt=3&is_vtc=1&random=3976014659&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1043330685/ 42 B
64 B 173ms
172ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043330685/?random=1637337481654&cv=9&fst=1637334000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsg.norton.com%2F&tiba=Official%20Site%20%7C%20Norton%E2%84%A2%20-%20Antivirus%20%26%20Anti-Malware%20Software&async=1&fmt=3&is_vtc=1&random=3976014659&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 271E 15 KB
6 KB 71ms
21ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 19 Nov 2021 15:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2069
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5652
x-amz-id-2: nb/BCgxbpWL/towwAuao9QzYQ7LNrk5WbrnRACRpMTm9VUsy5yIRf0z+tCLXiCoHTEcCW9+DX8k=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 04 Nov 2021 15:26:13 GMT
server: ATS
etag: "146f99405588b7446958a732612c901d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 6308E1A84N1GMFR9
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 271E 37 KB
14 KB 99ms
50ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: urldefense.proofpoint.com
URL: https://urldefense.proofpoint.com/v2/url?u=https-3A__www.googletagmanager.com_gtag_js-3Fid-3DAW-2D934126755&d=DwIGAg&c=Ftw_YSVcGmqQBvrGwAZugGylNRkk-uER0-5bY94tjsc&r=XEGBLdvjFZRdqyVrfsrXrtv9QOSFcr-GWeMgGq8tPAg&m=NDgxItqzdGxXPP2RIyarUP300CUBlNMJSDbtsXU8Zm4&s=62KWN6o7ZHKJk3Inasw17XwASueYgs_spSLv4uFzfmQ&e=

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14378
x-xss-protection: 0
server: cafe
etag: 684346926396516684
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Nov 2021 15:58:03 GMT

GET
H2 200 10013689.json Show response
s.yimg.com/wi/config/ Frame 271E 46 B
687 B 64ms
23ms XHR
application/octet-stream 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10013689.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

aa0bf17851e073b32a8a6c85c4b41d6ba10c7b3325622c2740b607188d50c3af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 17:44:58 GMT
x-content-type-options: nosniff
age: 79986
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: 41JX88RZWJ4J2X3T
x-amz-id-2: lJZYw9XaRJWxsPMF2YjFEB/mJcBqiMS7VEv8HEqZBNd71R/a9zgWzwJY2d1tXjB1nzYiXndalC4=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 02 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 27 Oct 2021 02:51:43 GMT
server: ATS
etag: "bd2fdbc6288ba19a361454c6be872f97"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: 4.hiYKMWZWZKr8MLemUwknMIVoSMNHuN
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/934126755/ Frame 271E 3 KB
1 KB 105ms
104ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934126755/?random=1637337483104&cv=9&fst=1637337483104&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8136487.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMmnyLflpPQCFUrtUQodoloACA%3Bsrc%3D8136487%3Btype%3Dlp%3Bcat%3Dlp%3Bord%3D3772222165814%3Bgtm%3D2odba1%3Bauiddc%3D329794195.1637337481%3Bu10%3Dunknown%3Bu11%3Dmissing%3Bu12%3Dundefined%3Bu13%3Dundefined%3Bu14%3Ddirect%3Bu7%3Dsg%3Bu8%3Den%3Bu9%3Dhome%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fsg.norton.com%252F%3F&ref=https%3A%2F%2Fsg.norton.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

c0a75cabdbdfb4f0dfd5e3ae4069095f85e06f28f80a226d23ab043c8b9452b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1213
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/934126755/ Frame 271E 2 KB
1 KB 49ms
49ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/934126755/?random=1637337483105&cv=9&fst=1637337483105&num=1&label=nO6rCP2Ok9ABEKPJtr0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8136487.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMmnyLflpPQCFUrtUQodoloACA%3Bsrc%3D8136487%3Btype%3Dlp%3Bcat%3Dlp%3Bord%3D3772222165814%3Bgtm%3D2odba1%3Bauiddc%3D329794195.1637337481%3Bu10%3Dunknown%3Bu11%3Dmissing%3Bu12%3Dundefined%3Bu13%3Dundefined%3Bu14%3Ddirect%3Bu7%3Dsg%3Bu8%3Den%3Bu9%3Dhome%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fsg.norton.com%252F%3F&ref=https%3A%2F%2Fsg.norton.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f56c85694d0eb58a5c8c8dcd66fae895cae97536dfbf7ff3891607ba97fe0d6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame 271E 43 B
716 B 119ms
38ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2019%20Nov%202021%2015%3A58%3A03%20GMT&n=0&.yp=10013689&f=https%3A%2F%2F8136487.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMmnyLflpPQCFUrtUQodoloACA%3Bsrc%3D8136487%3Btype%3Dlp%3Bcat%3Dlp%3Bord%3D3772222165814%3Bgtm%3D2odba1%3Bauiddc%3D329794195.1637337481%3Bu10%3Dunknown%3Bu11%3Dmissing%3Bu12%3Dundefined%3Bu13%3Dundefined%3Bu14%3Ddirect%3Bu7%3Dsg%3Bu8%3Den%3Bu9%3Dhome%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fsg.norton.com%252F%3F&e=https%3A%2F%2Fsg.norton.com%2F&enc=UTF-8&yv=1.10.2&isIframe=1&et=custom&el=landing_page&page_name=home&current_subchannel=undefined&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:03 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 19 Nov 2021 15:58:03 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame 271E 43 B
328 B 119ms
38ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10013689&f=https%3A%2F%2F8136487.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMmnyLflpPQCFUrtUQodoloACA%3Bsrc%3D8136487%3Btype%3Dlp%3Bcat%3Dlp%3Bord%3D3772222165814%3Bgtm%3D2odba1%3Bauiddc%3D329794195.1637337481%3Bu10%3Dunknown%3Bu11%3Dmissing%3Bu12%3Dundefined%3Bu13%3Dundefined%3Bu14%3Ddirect%3Bu7%3Dsg%3Bu8%3Den%3Bu9%3Dhome%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fsg.norton.com%252F%3F&e=https%3A%2F%2Fsg.norton.com%2F&enc=UTF-8&yv=1.10.2&isIframe=1&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:03 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Fri, 19 Nov 2021 15:58:03 GMT

GET
H2 200 bsync Show response
cookie.havasedge.com/ Frame 6572 0
38 B 565ms
169ms Document
text/plain 54.184.150.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cookie.havasedge.com/bsync?guid=0d24d362-9133-4cf0-8e7e-be8762f0510a
Requested by: Host: now.symassets.com
URL: https://now.symassets.com/etc/designs/norton/libs-rebranding/footer.min._WaEphKz7ipGidL3zI1AYg==.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.184.150.70 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-184-150-70.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/

Response headers

date: Fri, 19 Nov 2021 15:58:03 GMT
content-length: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/934126755/ Frame 271E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934126755/?random=1366450611&cv=9&fst=1637337483105&num=1&label=nO6rCP2Ok9ABEKPJtr0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/934126755/?random=1366450611&cv=9&fst=1637337483105&num=1&label=nO6rCP2Ok9ABEKPJtr0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.de/pagead/1p-conversion/934126755/?random=1366450611&cv=9&fst=1637337483105&num=1&label=nO6rCP2Ok9ABEKPJtr0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...

42 B
64 B

56ms
56ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/934126755/?random=1366450611&cv=9&fst=1637337483105&num=1&label=nO6rCP2Ok9ABEKPJtr0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8136487.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMmnyLflpPQCFUrtUQodoloACA%3Bsrc%3D8136487%3Btype%3Dlp%3Bcat%3Dlp%3Bord%3D3772222165814%3Bgtm%3D2odba1%3Bauiddc%3D329794195.1637337481%3Bu10%3Dunknown%3Bu11%3Dmissing%3Bu12%3Dundefined%3Bu13%3Dundefined%3Bu14%3Ddirect%3Bu7%3Dsg%3Bu8%3Den%3Bu9%3Dhome%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fsg.norton.com%252F%3F&ref=https%3A%2F%2Fsg.norton.com%2F&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=i8mXYb-3B5aox_APmOyikAY&cid=CAQSKQCNIrLMSrrnzUWNX-Q6uV7y9g0BLBhHoV-f1MQ7l_Lpg84sDK-3pDIH&random=3599844999&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:03 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/934126755/?random=1366450611&cv=9&fst=1637337483105&num=1&label=nO6rCP2Ok9ABEKPJtr0D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&ig=1&data=event%3Dconversion&frm=2&url=https%3A%2F%2F8136487.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMmnyLflpPQCFUrtUQodoloACA%3Bsrc%3D8136487%3Btype%3Dlp%3Bcat%3Dlp%3Bord%3D3772222165814%3Bgtm%3D2odba1%3Bauiddc%3D329794195.1637337481%3Bu10%3Dunknown%3Bu11%3Dmissing%3Bu12%3Dundefined%3Bu13%3Dundefined%3Bu14%3Ddirect%3Bu7%3Dsg%3Bu8%3Den%3Bu9%3Dhome%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fsg.norton.com%252F%3F&ref=https%3A%2F%2Fsg.norton.com%2F&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=i8mXYb-3B5aox_APmOyikAY&cid=CAQSKQCNIrLMSrrnzUWNX-Q6uV7y9g0BLBhHoV-f1MQ7l_Lpg84sDK-3pDIH&random=3599844999&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/934126755/ Frame 271E 42 B
64 B 144ms
143ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/934126755/?random=1637337483104&cv=9&fst=1637334000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8136487.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMmnyLflpPQCFUrtUQodoloACA%3Bsrc%3D8136487%3Btype%3Dlp%3Bcat%3Dlp%3Bord%3D3772222165814%3Bgtm%3D2odba1%3Bauiddc%3D329794195.1637337481%3Bu10%3Dunknown%3Bu11%3Dmissing%3Bu12%3Dundefined%3Bu13%3Dundefined%3Bu14%3Ddirect%3Bu7%3Dsg%3Bu8%3Den%3Bu9%3Dhome%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fsg.norton.com%252F%3F&ref=https%3A%2F%2Fsg.norton.com%2F&async=1&fmt=3&is_vtc=1&random=1873424823&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/934126755/ Frame 271E 42 B
64 B 132ms
132ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/934126755/?random=1637337483104&cv=9&fst=1637334000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8136487.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMmnyLflpPQCFUrtUQodoloACA%3Bsrc%3D8136487%3Btype%3Dlp%3Bcat%3Dlp%3Bord%3D3772222165814%3Bgtm%3D2odba1%3Bauiddc%3D329794195.1637337481%3Bu10%3Dunknown%3Bu11%3Dmissing%3Bu12%3Dundefined%3Bu13%3Dundefined%3Bu14%3Ddirect%3Bu7%3Dsg%3Bu8%3Den%3Bu9%3Dhome%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fsg.norton.com%252F%3F&ref=https%3A%2F%2Fsg.norton.com%2F&async=1&fmt=3&is_vtc=1&random=1873424823&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

img
sync.mathtag.com/sync/ Frame 629B
Redirect Chain

https://ib.adnxs.com/getuid?https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=$UID
https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=274589600160796694

43 B
430 B

15ms
15ms

Image
image/gif

185.29.132.245
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=274589600160796694
Protocol: HTTP/1.1
Server: 185.29.132.245 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 4103 f8fad19 master zrh-pixel-x28 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:04 GMT
Server: MT3 4103 f8fad19 master zrh-pixel-x28 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 43
Expires: Fri, 19 Nov 2021 15:58:03 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 15:58:04 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3b48580a-719e-4e77-a8f9-53433483ed98
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.mathtag.com/sync/img?mt_exid=13&mt_mminit=1&mt_exuid=274589600160796694
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 629B 42 B
651 B 66ms
16ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:e3c86197-c989-4000-87da-545acf8e8e2d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:04 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug005:0:452
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 629B
Redirect Chain

https://eu-u.openx.net/w/1.0/sd?id=536872786&val=e3c86197-c989-4000-87da-545acf8e8e2d
https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=e3c86197-c989-4000-87da-545acf8e8e2d

43 B
61 B

39ms
22ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=e3c86197-c989-4000-87da-545acf8e8e2d
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:04 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://eu-u.openx.net/w/1.0/sd?cc=1&id=536872786&val=e3c86197-c989-4000-87da-545acf8e8e2d
date: Fri, 19 Nov 2021 15:58:04 GMT
via: 1.1 google
server: OXGW/16.218.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 629B
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=e3c86197-c989-4000-87da-545acf8e8e2d
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=e3c86197-c989-4000-87da-545acf8e8e2d&C=1

43 B
1023 B

17ms
17ms

Image
image/gif

184.30.24.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=e3c86197-c989-4000-87da-545acf8e8e2d&C=1
Protocol: HTTP/1.1
Server: 184.30.24.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 15:58:04 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Nov 2021 15:58:04 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 15:58:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=3&external_user_id=e3c86197-c989-4000-87da-545acf8e8e2d&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 298
Expires: Fri, 19 Nov 2021 15:58:04 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55938/ Frame 629B
Redirect Chain

https://pixel.advertising.com/ups/55938/sync?uid=e3c86197-c989-4000-87da-545acf8e8e2d&_origin=1
https://pixel.advertising.com/ups/55938/sync?uid=e3c86197-c989-4000-87da-545acf8e8e2d&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55938/sync?uid=e3c86197-c989-4000-87da-545acf8e8e2d&_origin=1&apid=UP7acd345b-4951-11ec-ba59-029d755ba876

0
691 B

47ms
11ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55938/sync?uid=e3c86197-c989-4000-87da-545acf8e8e2d&_origin=1&apid=UP7acd345b-4951-11ec-ba59-029d755ba876

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:04 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55938/sync?uid=e3c86197-c989-4000-87da-545acf8e8e2d&_origin=1&apid=UP7acd345b-4951-11ec-ba59-029d755ba876
date: Fri, 19 Nov 2021 15:58:04 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK 4448
stags.bluekai.com/site/ Frame 629B 62 B
607 B 215ms
161ms Image
image/gif 104.75.88.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/4448?id=e3c86197-c989-4000-87da-545acf8e8e2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-210.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:04 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2

200

pixel
cm.adform.net/ Frame 629B
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=80&user_id=e3c86197-c989-4000-87da-545acf8e8e2d&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=80&user_id=e3c86197-c989-4000-87da-545acf8e8e2d&expires=30
https://cm.adform.net/pixel?adform_pid=3&adform_pc=49fd437b-d042-40be-9411-98ba117280da&adform_v=1

43 B
163 B

69ms
17ms

Image
image/gif

37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=3&adform_pc=49fd437b-d042-40be-9411-98ba117280da&adform_v=1
Protocol: H2
Server: 37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:04 GMT
last-modified: Fri, 07 Feb 2020 08:03:24 GMT
server: nginx
accept-ranges: bytes
etag: "5e3d19cc-2b"
content-length: 43
content-type: image/gif

Redirect headers

Location: //cm.adform.net/pixel?adform_pid=3&adform_pc=49fd437b-d042-40be-9411-98ba117280da&adform_v=1
Date: Fri, 19 Nov 2021 15:58:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame 629B
Redirect Chain

https://idsync.rlcdn.com/361087.gif?partner_uid=e3c86197-c989-4000-87da-545acf8e8e2d
https://idsync.rlcdn.com/1000.gif?memo=CP-EFhIvCisIARDlDRokZTNjODYxOTctYzk4OS00MDAwLTg3ZGEtNTQ1YWNmOGU4ZTJkEAAaDQiMk9-MBhIFCOgHEABCAEoA
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECjlHjolwxoRCzXVpAXdceg&google_cver=1

42 B
318 B

21ms
20ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECjlHjolwxoRCzXVpAXdceg&google_cver=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Nov 2021 15:58:04 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECjlHjolwxoRCzXVpAXdceg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 629B 43 B
658 B 17ms
16ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=10:20&mt_cb=128689&mop_top=9:1637335868|4:1637335868|13:1637335868|3:1637335868|5:1637335868|15:1637335868|21:1637335868|10010:1637335868|46:1637335868|10017:1637335868|
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master cdg-pixel-x25 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3c86197-c989-4000-87da-545acf8e8e2d&no_iframe=1&mt_adid=174308&mt_lim=20&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:04 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Nov 2021 15:58:03 GMT

GET
H/1.1

200
OK

img
pixel.mathtag.com/sync/ Frame 629B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=mediamath_dmp&google_cm
https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEMbvtCe4fUKnGJA7i-vXepY&google_cver=1

43 B
404 B

22ms
22ms

Image
image/gif

184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEMbvtCe4fUKnGJA7i-vXepY&google_cver=1
Protocol: HTTP/1.1
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master cdg-pixel-x8 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:04 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x8 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Nov 2021 15:58:03 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.mathtag.com/sync/img?mt_exid=10074&google_gid=CAESEMbvtCe4fUKnGJA7i-vXepY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 629B
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=e3c86197-c989-4000-87da-545acf8e8e2d
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=e3c86197-c989-4000-87da-545acf8e8e2d

95 B
425 B

20ms
20ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=e3c86197-c989-4000-87da-545acf8e8e2d

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:04 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2989&partner_device_id=e3c86197-c989-4000-87da-545acf8e8e2d
date: Fri, 19 Nov 2021 15:58:04 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1 200
OK us.gif
sync.go.sonobi.com/ Frame 629B 49 B
513 B 59ms
14ms Image
image/gif 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=e3c86197-c989-4000-87da-545acf8e8e2d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 15:58:04 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: image/gif
Content-Length: 49
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 629B 43 B
730 B 106ms
15ms Image
image/gif 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=e3c86197-c989-4000-87da-545acf8e8e2d&redirectId=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 15:58:04 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1637337484489095-604
Expires: Fri, 19 Nov 2021 15:58:04 GMT

GET
H/1.1 204
No Content merge
ce.lijit.com/ Frame 629B 0
348 B 61ms
17ms Image
text/plain 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=3&3pid=e3c86197-c989-4000-87da-545acf8e8e2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 19 Nov 2021 15:58:04 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 629B 43 B
163 B 69ms
16ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=25&partneruserid=e3c86197-c989-4000-87da-545acf8e8e2d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:03 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

info
uipglob.semasio.net/tradedesk/1/ Frame 629B
Redirect Chain

https://uip.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=e3c86197-c989-4000-87da-545acf8e8e2d&sInitiator=external
https://uip.semasio.net/mediamath/1/info2?sType=sync&sExtCookieId=e3c86197-c989-4000-87da-545acf8e8e2d&sInitiator=external
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=44319397-a4f7-4208-bb61-3be0292fbaf3

42 B
604 B

93ms
24ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=44319397-a4f7-4208-bb61-3be0292fbaf3
Protocol: HTTP/1.1
Server: 77.243.60.138 Ballerup Municipality, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:02 GMT
frontend-id: 10
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Nov 2021 15:58:04 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=44319397-a4f7-4208-bb61-3be0292fbaf3
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 629B
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=6653&uid=e3c86197-c989-4000-87da-545acf8e8e2d
https://sync.search.spotxchange.com/partner?adv_id=6653&uid=e3c86197-c989-4000-87da-545acf8e8e2d&__user_check__=1&sync_id=7ae04131-4951-11ec-a61b-1ac054420406

43 B
548 B

17ms
17ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6653&uid=e3c86197-c989-4000-87da-545acf8e8e2d&__user_check__=1&sync_id=7ae04131-4951-11ec-a61b-1ac054420406
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:04 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 38
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 19 Nov 2021 15:58:04 GMT
Server: nginx
Location: /partner?adv_id=6653&uid=e3c86197-c989-4000-87da-545acf8e8e2d&__user_check__=1&sync_id=7ae04131-4951-11ec-a61b-1ac054420406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 125
Connection: keep-alive
Content-Length: 0

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 629B 95 B
456 B 46ms
22ms Image
image/png 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?cid=e3c86197-c989-4000-87da-545acf8e8e2d&env=mWeb&zpartnerid=979&zdid=979
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://pixel.mathtag.com
access-control-allow-credentials: true
cf-ray: 6b0aa34d7ee14dee-FRA
access-control-allow-headers: *
content-length: 95

GET
H2

204

/
loadm.exelator.com/load/ Frame 629B
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=101&buid=e3c86197-c989-4000-87da-545acf8e8e2d&j=0
https://loadm.exelator.com/load/?p=204&g=101&buid=e3c86197-c989-4000-87da-545acf8e8e2d&j=0&xl8blockcheck=1

0
751 B

27ms
27ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=101&buid=e3c86197-c989-4000-87da-545acf8e8e2d&j=0&xl8blockcheck=1
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:58:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Fri, 19 Nov 2021 15:58:04 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=101&buid=e3c86197-c989-4000-87da-545acf8e8e2d&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 629B 43 B
812 B 16ms
15ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=20:20&mt_cb=916864&check=e3c86197-c989-4000-87da-545acf8e8e2d&mop_top=9:1637335868|4:1637335868|13:1637335868|3:1637335868|5:1637335868|15:1637335868|21:1637335868|10010:1637335868|46:1637335868|10017:1637335868|10074:1637335868|10072:1637335868|42:1637335868|44:1637335868|17:1637335868|39:1637335868|10041:1637335868|30:1637335868|10092:1637335868|10008:1637335868|
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master cdg-pixel-x4 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3c86197-c989-4000-87da-545acf8e8e2d&no_iframe=1&mt_adid=174308&mt_lim=20&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:04 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x4 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Nov 2021 15:58:03 GMT

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame F9BF 0
627 B 119ms
119ms XHR
application/json 35.222.211.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fsg.norton.com%2F&t=1637337480987&v=1637337486019&H=caccf356c997f2c90c0e500d&s=653200d83f425da1f4501f2aefa7bac5&z=1&S=8070&N=35&P=2

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
date: Fri, 19 Nov 2021 15:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/json
access-control-allow-origin: https://sg.norton.com
access-control-allow-credentials: true
content-length: 0

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame F9BF 0
627 B 118ms
117ms XHR
application/json 35.222.211.90
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fsg.norton.com%2F&t=1637337480987&v=1637337486144&H=caccf356c997f2c90c0e500d&s=653200d83f425da1f4501f2aefa7bac5&z=1&Q=2&S=937&N=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.211.90 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

90.211.222.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
date: Fri, 19 Nov 2021 15:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: application/json
access-control-allow-origin: https://sg.norton.com
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
533 B 22ms
21ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master cdg-pixel-x2 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sg.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:11 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x2 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Nov 2021 15:58:10 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 629B 43 B
533 B 20ms
19ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3c86197-c989-4000-87da-545acf8e8e2d&no_iframe=1&mt_adid=174308&mt_lim=20&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master cdg-pixel-x6 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3c86197-c989-4000-87da-545acf8e8e2d&no_iframe=1&mt_adid=174308&mt_lim=20&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:11 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x6 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Nov 2021 15:58:10 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame 629B 43 B
813 B 18ms
18ms Image
image/gif 184.30.20.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mop_seq=20:20&mt_cb=916864&check=e3c86197-c989-4000-87da-545acf8e8e2d&mop_top=9:1637335868|4:1637335868|13:1637335868|3:1637335868|5:1637335868|15:1637335868|21:1637335868|10010:1637335868|46:1637335868|10017:1637335868|10074:1637335868|10072:1637335868|42:1637335868|44:1637335868|17:1637335868|39:1637335868|10041:1637335868|30:1637335868|10092:1637335868|10008:1637335868|&final&timings=0:23|4:298|0:20|13:61|15:65|3:68|10074:74|42:80|10072:85|5:99|39:137|0:143|10092:145|10017:159|46:161|44:168|30:192|10010:218|10041:421|&errors=9:40|21:102|17:126|10008:209|
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-207.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master cdg-pixel-x11 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=e3c86197-c989-4000-87da-545acf8e8e2d&no_iframe=1&mt_adid=174308&mt_lim=20&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 19 Nov 2021 15:58:11 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x11 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 19 Nov 2021 15:58:10 GMT

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

97 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.norton.com/	1970-01-20 07:34:33	Name: es Value: 4e56533d317c5054523d6e6f6e657c4643443d4e6f762d31392d323032312030373a35373a35397c4c43443d4e6f762d31392d323032312030373a35373a3539
.norton.com/	1970-01-20 07:34:33	Name: tp Value: 5452533d73796d636f6d
.norton.com/	1970-01-20 00:15:21	Name: ttControl Value: 5443473d38
.norton.com/	1969-12-31 23:59:59	Name: at_check Value: true
.norton.com/	1970-01-19 22:50:23	Name: promocode Value: DEFAULTWEB
.demdex.net/	1970-01-20 03:08:09	Name: demdex Value: 37040516769115198340580189289081866711
.norton.com/	1970-01-20 07:34:33	Name: nova Value: -MosunfwdA1eF2_sDqbY.96.-MosunfwdA1eF2_sDqbY.1...AHsG
.norton.com/	1969-12-31 23:59:59	Name: AMCVS_67C716D751E567F70A490D4C%40AdobeOrg Value: 1
sg.norton.com/	1970-01-20 00:58:33	Name: 53038 Value:
.norton.com/	1970-01-20 04:34:33	Name: s_nr Value: 1637337480018-New
.norton.com/	1970-01-20 04:34:33	Name: event69 Value: event69
.norton.com/	1970-01-20 07:34:33	Name: channelStack Value: s_eVar72~norton.com
.norton.com/	1970-01-19 22:48:59	Name: s_gpv Value: norton.com%3Asg%3Ahomepage%3Ahome
.norton.com/	1970-01-19 22:48:59	Name: s_gpv_custom Value: norton.com%3Ahomepage%3Ahome
.norton.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-20 07:34:33	Name: everest_g_v2 Value: g_surferid~YZfJiAAAAGJgsgO1
.symantec.tt.omtrdc.net/	1970-01-19 22:48:59	Name: symantec!mboxSession Value: 9323fc1cf79545f5be8585c4d6cd037d
.symantec.tt.omtrdc.net/	1970-01-20 16:23:02	Name: symantec!mboxPC Value: 9323fc1cf79545f5be8585c4d6cd037d.37_0
.norton.com/	1970-01-20 16:23:02	Name: mbox Value: session#9323fc1cf79545f5be8585c4d6cd037d#1637339341\|PC#9323fc1cf79545f5be8585c4d6cd037d.37_0#1700582281
.dpm.demdex.net/	1970-01-20 03:08:09	Name: dpm Value: 37040516769115198340580189289081866711
.norton.com/	1970-01-20 16:20:09	Name: AMCV_67C716D751E567F70A490D4C%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18951%7CMCMID%7C36874519511798755630596206291912983910%7CMCAAMLH-1637942279%7C6%7CMCAAMB-1637942279%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1637344679s%7CNONE%7CMCSYNCSOP%7C411-18958%7CvVersion%7C5.2.0
.norton.com/	1970-01-20 07:34:33	Name: _ga4_ga_FG3M2ET3ED Value: GS1.1.1637337480.1.0.1637337480.60
.norton.com/	1970-01-20 07:34:33	Name: _ga4_ga Value: GA1.1.-MosunfwdA1eF2_sDqbY
.norton.com/	1970-01-20 16:20:09	Name: _ga Value: GA1.2.1132071583.1637337481
.norton.com/	1970-01-19 22:50:23	Name: _gid Value: GA1.2.512469642.1637337481
.norton.com/	1970-01-19 22:48:57	Name: _gat_gtag_UA_1304930_30 Value: 1
.bing.com/	1970-01-20 08:10:33	Name: MUID Value: 1103DA9B602762772EC8CA6F61F563BC
.ispot.tv/	1970-01-20 16:20:09	Name: pt Value: v2:62e791b4660ccf95e7aef40698a351dc6c2ac5b6d52924735bf9088b04a0f299\|171752349f8568d11f0f87e0667634b10f8bf2cee3e80f1ccc1ace40594bccf1
.norton.com/	1970-01-19 22:50:23	Name: _uetsid Value: 78d9d8e0495111ec874c9726e71b3b25
.norton.com/	1970-01-20 08:10:33	Name: _uetvid Value: 78da06f0495111ecbfe8ff8f97a6a1e6
.norton.com/	1969-12-31 23:59:59	Name: IR_gbd Value: norton.com
.norton.com/	1969-12-31 23:59:59	Name: IR_4405 Value: 1637337481051%7C0%7C1637337481051%7C%7C
.norton.com/	1970-01-20 00:58:33	Name: _gcl_au Value: 1.1.329794195.1637337481
.mathtag.com/	1970-01-20 08:14:52	Name: uuid Value: e3c86197-c989-4000-87da-545acf8e8e2d
sg.norton.com/	1977-02-23 22:48:57	Name: __helocckid Value: ba1d68e8-e03b-b283-49f0-2d08678a539c
sg.norton.com/	1970-01-20 08:14:52	Name: _pk_id.449.bad4 Value: c03a4b76b7963d8d.1637337481.1.1637337481.1637337481.
sg.norton.com/	1970-01-19 22:48:59	Name: _pk_ses.449.bad4 Value: 1
norton.ow5a.net/	1970-01-19 22:59:02	Name: AWSALBCORS Value: zoMQehld2WZ9RK3FroTvjm47cjVWyOirOQb3EtkhE7kc+Rhhj8BoudDBSkrBKlbBjFI4Ww/PtlFhAVMenxtTEuNjhkRSvGKeT3EXaW9xou1a49HzbphJ5BjhTB25
.ow5a.net/	1970-01-20 16:05:45	Name: brwsr Value: 78e95999-4951-11ec-b06d-5311c353892d
.norton.com/	1970-01-20 16:05:45	Name: IR_PI Value: 78e95999-4951-11ec-b06d-5311c353892d%7C1637423881051
.norton.com/	1969-12-31 23:59:59	Name: dtCookie Value: 4$9347101C7CCD40773DDDEBB494F8E62E\|8eab1c7fef283cee\|0
buy.norton.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: C2BC053A2B1D2BE974D0F5B4A50509AE
.buy.norton.com/	1969-12-31 23:59:59	Name: X-CSRF-TOKEN Value: WbkWvkL4XThhihHcwbORxPDSv0/vtVHQgUUiNUyWHNk_
buy.norton.com/	1969-12-31 23:59:59	Name: ESID Value: 02c2c74f54-6981-42YUoS47iBkcGcMXZ7rAzosq0uXUiEFJI_r9tb9WRZK9odhiZSdjs4aGCkEXY564I1tZk
.twitter.com/	1970-01-20 16:20:09	Name: personalization_id Value: "v1_AK4XMBm/k1dMWNBLAh2UTQ=="
.quantserve.com/	1970-01-20 08:19:11	Name: mc Value: 6197c989-285da-c1e3a-99921
sg.norton.com/	1970-01-20 07:34:33	Name: mdLogger Value: false
sg.norton.com/	1970-01-20 07:34:33	Name: kampyle_userid Value: 60e5-d7a3-0097-ae46-e70e-8c64-f047-7b00
sg.norton.com/	1970-01-20 07:34:33	Name: kampyleUserSession Value: 1637337481193
sg.norton.com/	1970-01-20 07:34:33	Name: kampyleUserSessionsCount Value: 1
sg.norton.com/	1970-01-20 07:34:33	Name: kampyleSessionPageCounter Value: 1
.norton.com/	1970-01-20 08:13:26	Name: __qca Value: P0-2052161937-1637337481136
.norton.com/	1970-01-19 22:48:57	Name: _gat Value: 1
.norton.com/	1970-01-20 07:34:33	Name: cd_user_id Value: 17d38eb40152b-0cb32fb916bb7-978183a-1d4c00-17d38eb4016b2f
.norton.com/	1970-01-20 00:58:33	Name: _fbp Value: fb.1.1637337481254.473136881
.mathtag.com/	1970-01-19 23:32:09	Name: mt_misc Value: mt_bt:1
.doubleclick.net/	1970-01-20 08:10:33	Name: IDE Value: AHWqTUkCn0Ts1ydS_T6MoJmvFeuinohYWbOvq5c_RYUzpORONGSJNIQVT10uh767qnQ
norton-app.quantummetric.com/	1969-12-31 23:59:59	Name: s Value: 653200d83f425da1f4501f2aefa7bac5
norton-app.quantummetric.com/	1970-01-20 07:34:33	Name: U Value: 11c55f62ff25c92584a101cb143d473e
.norton.com/	1970-01-19 22:48:59	Name: QuantumMetricSessionID Value: 653200d83f425da1f4501f2aefa7bac5
.norton.com/	1970-01-20 07:34:33	Name: QuantumMetricUserID Value: 11c55f62ff25c92584a101cb143d473e
.adnxs.com/	1970-01-20 00:58:33	Name: uuid2 Value: 274589600160796694
.adnxs.com/	1970-01-20 00:58:33	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2C$OkyRp>!]tbP6j2F-XstGt!@D4q$Rh!i
.turn.com/	1970-01-20 03:08:09	Name: uid Value: 8019317986452126182
.yahoo.com/	1970-01-20 07:34:55	Name: A3 Value: d=AQABBIvJl2ECELuxTyqYe-GYy2SmzP56nZgFEgEBAQEbmWGhYQAAAAAA_eMAAA&S=AQAAAlWw1oWdccIL35eld5EI7gc
.advertising.com/	1970-01-20 07:35:59	Name: APID Value: UP7acd345b-4951-11ec-ba59-029d755ba876
.casalemedia.com/	1970-01-20 07:34:33	Name: CMID Value: YZfJjDTinzuibPF1HhsarwAA
.casalemedia.com/	1970-01-20 00:58:33	Name: CMPS Value: 3270
.openx.net/	1970-01-20 07:34:33	Name: i Value: 6dcea333-757a-4616-af88-835392d90c48\|1637337484
.casalemedia.com/	1970-01-20 00:58:33	Name: CMPRO Value: 1165
.casalemedia.com/	1970-01-19 22:50:23	Name: CMST Value: YZfJjGGXyYwA
.casalemedia.com/	1970-01-20 07:34:33	Name: CMRUM3 Value: 036197c98c2760e3c86197-c989-4000-87da-545acf8e8e2d
.tapad.com/	1970-01-20 00:15:21	Name: TapAd_TS Value: 1637337484322
.tapad.com/	1970-01-20 00:15:21	Name: TapAd_DID Value: c445a8fc-e785-4e57-9899-88131b70aba2
.pubmatic.com/	1970-01-20 07:34:33	Name: KRTBCOOKIE_27 Value: 16735-uid:e3c86197-c989-4000-87da-545acf8e8e2d&KRTB&16736-uid:e3c86197-c989-4000-87da-545acf8e8e2d&KRTB&23019-uid:e3c86197-c989-4000-87da-545acf8e8e2d&KRTB&23114-uid:e3c86197-c989-4000-87da-545acf8e8e2d
.pubmatic.com/	1970-01-19 23:32:09	Name: PugT Value: 1637337484
.pubmatic.com/	1970-01-20 00:58:33	Name: PUBMDCID Value: 3
.bidswitch.net/	1970-01-20 07:34:33	Name: tuuid Value: 49fd437b-d042-40be-9411-98ba117280da
.bidswitch.net/	1970-01-20 07:34:33	Name: c Value: 1637337484
.bidswitch.net/	1970-01-20 07:34:33	Name: tuuid_lu Value: 1637337484
.rlcdn.com/	1970-01-20 07:34:33	Name: rlas3 Value: wmmJqCcLg45sB9DcBJNVLHtMyCklKZpFDaoC9oWb4jE=
.tapad.com/	1970-01-20 00:15:21	Name: TapAd_3WAY_SYNCS Value:
.rlcdn.com/	1970-01-20 00:15:21	Name: pxrc Value: CIyT34wGEgUI6AcQABIGCLrqARAA
.analytics.yahoo.com/	1970-01-20 07:35:59	Name: IDSYNC Value: 175u~21mf
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP7acd345b-4951-11ec-ba59-029d755ba876
.yahoo.com/	1970-01-19 22:50:23	Name: APIDTS Value: 1637337484
.mathtag.com/	1970-01-19 23:32:09	Name: mt_mop Value: 4:1637335868\|5:1637335868\|10008:1637335868\|10010:1637335868\|39:1637335868\|44:1637335868\|10017:1637335868\|10074:1637335868\|9:1637335868\|15:1637335868\|10092:1637335868\|13:1637335868\|10041:1637335868\|10072:1637335868\|3:1637335868\|17:1637335868\|30:1637335868\|21:1637335868\|42:1637335868\|46:1637335868
.zeotap.com/	1970-01-20 07:34:33	Name: zc Value: 1374deb4-ab63-4e49-6cd2-c75b281f9d47
.semasio.net/	1970-01-20 07:34:33	Name: SEUNCY Value: A7345A67F9FD1549
ads.stickyadstv.com/	1970-01-20 00:15:21	Name: uid-bp-529 Value: e3c86197-c989-4000-87da-545acf8e8e2d
ads.stickyadstv.com/	1970-01-19 23:32:09	Name: UID Value: 200d85f7dd639b96e99bee5d14ae2c
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 7132fe3ce14c8bd853fd477184d1e5ab
.spotxchange.com/	1970-01-20 07:34:37	Name: audience Value: 7ae040fc-4951-11ec-a61b-1ac054420406
.exelator.com/	1970-01-20 01:41:45	Name: EE Value: "400d82c2b2b0f55b3668e76b07050fde"
.exelator.com/	1970-01-20 01:41:45	Name: ud Value: "eJxrXxzq6XKLQcHEwCDFwijZKMkoySDN1DTJ2MzMItXcLMnA3MDUIC0ldXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F75tTBgBmaSoA"
.adsrvr.org/	1970-01-20 07:34:33	Name: TDID Value: 44319397-a4f7-4208-bb61-3be0292fbaf3
.adsrvr.org/	1970-01-20 07:34:33	Name: TDCPM Value: CAESFgoHc2VtYXNpbxILCILmgPfs35U6EAUYBSABKAIyCwiK1f2jg-CVOhAFOAE.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://sg.norton.com/(Line 459) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 22) Message: Unrecognized feature: 'conversion-measurement'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8136487.fls.doubleclick.net
action.dstillery.com
action.media6degrees.com
ad.doubleclick.net
ads.stickyadstv.com
adservice.google.com
analytics.google.com
analytics.twitter.com
assets.adobedtm.com
bat.bing.com
buy.norton.com
cdn.quantummetric.com
ce.lijit.com
cm.adform.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
cookie.havasedge.com
d.impactradius-event.com
data.adxcel-ec2.com
dpm.demdex.net
dsum-sec.casalemedia.com
ensighten.norton.com
eu-u.openx.net
event.havasedge.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
match.adsrvr.org
mwzeom.zeotap.com
nebula-cdn.kampyle.com
norton-app.quantummetric.com
norton.ow5a.net
now.symassets.com
oms.norton.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pt.ispot.tv
r.turn.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.yimg.com
secure.adnxs.com
secure.quantserve.com
sg.norton.com
simage2.pubmatic.com
sp.analytics.yahoo.com
stags.bluekai.com
static.ads-twitter.com
stats.g.doubleclick.net
symantec.demdex.net
symantec.tt.omtrdc.net
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
t.co
t.teads.tv
tag.havasedge.com
udc-neb.kampyle.com
uip.semasio.net
uipglob.semasio.net
ups.analytics.yahoo.com
urldefense.proofpoint.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.nortonlifelock.com
www.tag4arm.com
x.bidswitch.net
104.244.42.131
104.244.42.197
104.75.88.210
142.250.184.194
142.250.185.194
142.250.185.67
142.250.186.104
142.250.186.142
142.250.186.70
143.204.98.53
15.197.193.217
15.236.176.210
151.101.194.132
151.101.65.175
178.162.133.149
18.157.131.22
184.30.20.207
184.30.21.112
184.30.24.241
185.29.132.245
185.33.221.52
185.33.223.38
185.64.190.80
185.86.137.133
185.94.180.126
199.232.136.157
2001:678:cb4:bbbb::11
212.82.100.181
216.52.2.48
23.100.48.86
23.58.216.7
2600:9000:2156:3400:6:44e3:f8c0:93a1
2606:4700:10::6816:35fc
2606:4700:10::ac43:db6
2606:4700::6812:b4f
2620:116:800d:21:51e4:db4b:4436:b305
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9c
2a02:26f0:6c00:2b9::1015
2a02:26f0:7100:487::1e80
2a02:26f0:7100:493::1015
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.11.233.241
3.124.173.63
3.126.38.41
3.126.56.137
34.248.116.162
34.254.143.3
34.98.64.218
35.168.179.4
35.186.249.72
35.222.211.90
35.227.248.159
35.241.45.82
35.244.174.68
37.157.3.30
44.236.15.248
52.16.149.121
52.18.150.20
54.184.150.70
54.194.191.134
67.231.154.66
69.173.144.138
77.243.60.138
005be3486072ddcb0567cf26d557f33f361d27531818d878321254d4afdf827b
012b6766b2612f52533ea4bba26350382413c49828e6a9e169686c66a7b33f20
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
0413445ef56c11ac26448cc8d81f315560d916b007280a165d15affaf8d32cc9
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05be31851490173114cd213ffcff9b436f2c988a87d4e9c09c648013af258028
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd99a05bb36d156974c867a488d4b1b5b5c101ed440c7321fef5360618847d6
0e2a33fb98e495bcb345964d4ab84024388beeccd920e70a881b01c7adc92c1b
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
14adab71f395781be331ba1654563ab2a4ddeadb20eca24f73ff1d887ba6c602
1557c217057a6e34ebae21ded90df8bd4bd7ae34707b43f751c3636d8fba7dba
2231582d65dac7e03f2bdc05be35ff373ca893111098cbd87b56adbb91d33faf
22d5bae4f502a6d3f7a3db5475f532960932d6d075e5baf648dae5c10ea7c6de
287e2bf744323ef156beb3d763a497384872f3d22e0c5708e496518249c97cc3
2e8548e063ae8b8f6225ac344af4bb535397ebd3003665e27e8d4b2716770db9
2f6ff41b6dd01edaf1a5ac5e825d5433343c5fb9f49b7099e29b1d33882d97c1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3e72de5de67d6d80b65a114af684eaf880c53c250155a663cb17d677ff064bc1
3e981892ad4a682e2463b58d027e7cf7f90e0f892cf0f89ef54c6b58cab345b9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f0539ea7f9211a5277c39f82e1b95d1324d739efb4b4cebf56df2f64e2fbe31
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48bc305beafb9b4bc2589dab72e9e8285cb3c9a08e89597739f5aab9fe988431
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fbba78373de49eba1d7392fb71c6fcfe9665dd7a8d170fb5a4db61cab1051c8
537579543ea6198e0455c6252ee3af371c194afed63592454225eedfc83d84e0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54acf6628787a228b9f579ccf01af7e53ee95b8eb87a03d0cadc8b1467987780
5512c28cd25c166d8c37331fe635b82e44832d8813e9f317bed00c2b0fef644f
583ec79ba694a882662f117f6e4d0a2ae5e274ba5e86d5acc661c14154e5b43d
5dab510f2cd0771500da16c040d18f0675d620b3ccc789a6765b6d88e3d58e3e
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60300f9ea89476a46b88c9c7e731cbc873b7a64b3d491e41688c566677a003e4
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6f3f729a2d870bacfa397eca172a7aa4bf38dd46fcac0f1847f5826360400ba1
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
7929994b9dd8e9ac5a3f5eb10de5dcb745d373a28ac7d180f66b6d3824e8fcc3
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c370d9536d7d0d6a0f7cd7f9826692acd93e4fb05ba46f7b630b879740343d3
7d04858b628981ed0e44e955dc3adfddced66bc961b426da51d784d526c9fd5d
7e7bfde081dee6d9cd6e69843ed10f31909ccdd789dcf4278114d450c6d94eca
80001c402149eff011b5e7e87c3dd72dc2de45d3d430d98418eb62c2ec5ad596
810efbd4141180f1a3f3d73aa7eb75c2994e846e4c4656d8904b05777db76328
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852f9d9b6d14568303f35011ec882a7c3465639d541a837eb66b52b40c0b1318
87d3d56392bef5bea359c24c64dfc2c8da467042f12458ee25797f4868dd5273
8938fd9f2420a578d2674545a50e25ce83374f378b5987ea83343d035faa79a4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b79bb831b17ebe7ebb4c1d424ed6b4f1a59b77801c9b9b6d2609760e488a9f4
8bcb19234551a857a14391f1aa69f0bbc7bd981f3b54ae886aada2012af87da9
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
9223e6eb171099c0a8d26458e61a9219ebacc0107853337cac5a69dd821d819b
92b2a1721ce3ea4700cbfd81d372fc683a8b103a75480cc348f977d17fba52ac
93f17cc28027b8f9e4283b81e7db6c792191c5240b1b5c29d1a9e15c89ffac13
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c5dfd2c1e67bb7dd989e4a7485cd7f458d18ac763ad96e52cf3f7c7617f1981
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aa0bf17851e073b32a8a6c85c4b41d6ba10c7b3325622c2740b607188d50c3af
aa7e677f90075c01274ce67b73de69b50325aca47850e6d57b5eade131e13e32
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b9d90ed85d419c84172366a6d1e2baacb40f90181ff9435aa02098a5c5205cda
bbeeb62f26a07ace61ffaa24667d91c0069318ce5647298f776f9cdcb9be01d9
bbf50c1bdaa0d0e9a28c6035f638c690525d3cc5550e55ed838a86748509fc3f
bd49e3b627bc43be3df4d1b88506fafd0753e4379977e227b4e85ad8e88fef01
c0a75cabdbdfb4f0dfd5e3ae4069095f85e06f28f80a226d23ab043c8b9452b2
c1a812a6dd5ce7a656f05bd7cce94ab77d7a4b31ea08f09bd8ad54e97a70e066
c43c08ec33c21d1a98280402cda5f3f269227db38ee7e10771a20ba981d297c1
c715f4d3e2c6a12100d510071dc7998e0479f03afb2f12db220cc94d333677fc
d1b4c17fa17d281a4e578b2b43cc09729ec576261f2cace4bc10a46414df2b83
d5a403cde94489fbabee50920863e89754a03cdee36a56293a98849f4575131c
d5b7136f3130f402212fa85a0c7e57e72c3f9d572ccca61f1cb75e2dfc66cba1
da23a7c47865d7cf47ef0d8d1931c45d02a56bdcfaf2549fed8aeb7924458990
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e86dd0c8e62e6d9dc5b63918ce00e1d64eb9ba1d74c8e761301b948997a45abe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15aaec51e7eaa62bb5aea8e935e24d0249736c3774a40a2de4da2cb9ae94993
f56c85694d0eb58a5c8c8dcd66fae895cae97536dfbf7ff3891607ba97fe0d6c
f8cac67255a4596da33ea89fce39829246b3e10c1fa4613f95a60731ab325495
fb7bc48b8f84b04c695abb55f130de3f238ea8cabae7b7154a5478eaefdaa9cb
fff910bd5993f0e348642e9fa41a5d5355af7d0f5f217ef96fbff6dee82120e9

sg.norton.com Open in urlscan Pro 2a02:26f0:7100:493::1015 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

148 Requests

86 %HTTPS

28 %IPv6

57 Domains

76 Subdomains

67 IPs

8 Countries

1401 kBTransfer

4826 kBSize

97 Cookies

27 Outgoing links

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sg.norton.com Open in urlscan Pro
2a02:26f0:7100:493::1015 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

86 %
HTTPS

28 %
IPv6

57
Domains

76
Subdomains

67
IPs

8
Countries

1401 kB
Transfer

4826 kB
Size

97
Cookies

148 HTTP transactions
0 data transactions