urlscan.io logo urlscan.io
SecurityTrails logo

login.norton.com Open in urlscan Pro
52.168.74.193  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure.norton.com/pub/cc?_ri_=X0Gzc2X=YQpglLjHJlTQGhIvzdR16nhTJwfeSGkawjRcNtfjJDzaSWluzeA3IJezfHgl0fhcwLtmVXtpKX=A...
Effective URL: https://login.norton.com/sso/embedded/update
Submission: On July 04 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 7 domains to perform 26 HTTP transactions. The main IP is 52.168.74.193, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is login.norton.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on March 19th 2019. Valid for: a year.
This is the only time login.norton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 12.130.135.73 21621 (RESPONSYS-2)
2 5 52.168.74.193 8075 (MICROSOFT...)
10 184.50.163.159 16625 (AKAMAI-AS)
5 18.196.132.206 16509 (AMAZON-02)
1 4 34.250.137.90 16509 (AMAZON-02)
1 2.19.180.46 20940 (AKAMAI-ASN1)
2 63.140.40.91 15224 (OMNITURE)
1 1 66.117.28.86 15224 (OMNITURE)
1 66.117.29.4 15224 (OMNITURE)
1 34.243.186.149 16509 (AMAZON-02)
26 8
1    12.130.135.73 (United States)

ASN21621 (RESPONSYS-2 - Responsys Inc., US)
PTR: secure.norton.com
secure.norton.com
5    52.168.74.193 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
login.norton.com
analytics-login.norton.com
10    184.50.163.159 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a184-50-163-159.deploy.static.akamaitechnologies.com
static.nortoncdn.com
5    18.196.132.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-132-206.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
4    34.250.137.90 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-137-90.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2.19.180.46 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-180-46.deploy.static.akamaitechnologies.com
cdn.tt.omtrdc.net
2    63.140.40.91 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: symantec.com.ssl.d1.sc.omtrdc.net
oms.symantec.com
1    66.117.28.86 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net
1    66.117.29.4 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
symantec.tt.omtrdc.net
1    34.243.186.149 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-243-186-149.eu-west-1.compute.amazonaws.com
symantec.demdex.net
Domain Requested by
10 static.nortoncdn.com login.norton.com
5 nexus.ensighten.com analytics-login.norton.com
nexus.ensighten.com
4 dpm.demdex.net 1 redirects analytics-login.norton.com
4 login.norton.com 2 redirects login.norton.com
2 oms.symantec.com nexus.ensighten.com
analytics-login.norton.com
1 symantec.demdex.net nexus.ensighten.com
1 symantec.tt.omtrdc.net nexus.ensighten.com
1 cm.everesttech.net 1 redirects
1 cdn.tt.omtrdc.net nexus.ensighten.com
1 analytics-login.norton.com login.norton.com
1 secure.norton.com 1 redirects
26 11

This site contains links to these domains. Also see Links.

Domain
sitedirector.symantec.com
Subject Issuer Validity Valid
login.norton.com
DigiCert SHA2 Extended Validation Server CA		 2019-03-19 -
2020-05-07		 a year crt.sh
store.norton.com
DigiCert SHA2 Extended Validation Server CA		 2019-05-15 -
2020-06-28		 a year crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2018-10-17 -
2020-01-05		 a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.tt.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2017-10-26 -
2020-11-25		 3 years crt.sh
oms.symantec.com
DigiCert SHA2 Secure Server CA		 2018-11-14 -
2020-02-08		 a year crt.sh

This page contains 3 frames:

Primary Page: https://login.norton.com/sso/embedded/update
Frame ID: ACA5B96BAD22C4F7EDBD28C894092EFA
Requests: 12 HTTP requests in this frame

Frame: https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
Frame ID: 4154D4F30A133FBED0F1E2024AC4600C
Requests: 13 HTTP requests in this frame

Frame: https://symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: 13C09F5268F6C04D2E7836B22F8AC9D3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://secure.norton.com/pub/cc?_ri_=X0Gzc2X=YQpglLjHJlTQGhIvzdR16nhTJwfeSGkawjRcNtfjJDzaSWluzeA3IJez... HTTP 302
    https://login.norton.com/?om_em_cid=hho_email_BE_TRIG_ACT_AR_REOPTIN_T340 Page URL
  2. https://login.norton.com/sso/index.jsp HTTP 302
    https://login.norton.com/sso/embedded/login HTTP 302
    https://login.norton.com/sso/embedded/update Page URL

Page Statistics

26
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

8
IPs

5
Countries

3074 kB
Transfer

4157 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure.norton.com/pub/cc?_ri_=X0Gzc2X=YQpglLjHJlTQGhIvzdR16nhTJwfeSGkawjRcNtfjJDzaSWluzeA3IJezfHgl0fhcwLtmVXtpKX=ARAYBRRT&_ei_=EuMCYf_PiqA7CuxDEXZnZ18ReVCA9g9REfeTtCEp0Z1kXWx9CeE5J6_cBbuWLAXwqr_L9rhaonkvOoIYxkuaCbgrsn5cxuAEqebV_9Efteo3sBLyNcVOQtgmGy2p5GdUw7cwkWD6LhxEzbI1qjozT8AvFVkCIeY4_a3LIuXZ5Y83ITn15wcPD5wK5NfANPVtYzVoqY3A613Ehl9YFMaQ0VKdo4sryHK86vg. HTTP 302
    https://login.norton.com/?om_em_cid=hho_email_BE_TRIG_ACT_AR_REOPTIN_T340 Page URL
  2. https://login.norton.com/sso/index.jsp HTTP 302
    https://login.norton.com/sso/embedded/login HTTP 302
    https://login.norton.com/sso/embedded/update Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://secure.norton.com/pub/cc?_ri_=X0Gzc2X=YQpglLjHJlTQGhIvzdR16nhTJwfeSGkawjRcNtfjJDzaSWluzeA3IJezfHgl0fhcwLtmVXtpKX=ARAYBRRT&_ei_=EuMCYf_PiqA7CuxDEXZnZ18ReVCA9g9REfeTtCEp0Z1kXWx9CeE5J6_cBbuWLAXwqr_L9rhaonkvOoIYxkuaCbgrsn5cxuAEqebV_9Efteo3sBLyNcVOQtgmGy2p5GdUw7cwkWD6LhxEzbI1qjozT8AvFVkCIeY4_a3LIuXZ5Y83ITn15wcPD5wK5NfANPVtYzVoqY3A613Ehl9YFMaQ0VKdo4sryHK86vg. HTTP 302
  • https://login.norton.com/?om_em_cid=hho_email_BE_TRIG_ACT_AR_REOPTIN_T340
Request Chain 15
  • https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1562247249702 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1562247249702
Request Chain 21
  • https://cm.everesttech.net/cm/dd?d_uuid=46013287181975080993403871564371201214 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XR4AUgAAE4n8xxKk

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
login.norton.com/
Redirect Chain
  • https://secure.norton.com/pub/cc?_ri_=X0Gzc2X=YQpglLjHJlTQGhIvzdR16nhTJwfeSGkawjRcNtfjJDzaSWluzeA3IJezfHgl0fhcwLtmVXtpKX=ARAYBRRT&_ei_=EuMCYf_PiqA7CuxDEXZnZ18ReVCA9g9REfeTtCEp0Z1kXWx9CeE5J6_cBb...
  • https://login.norton.com/?om_em_cid=hho_email_BE_TRIG_ACT_AR_REOPTIN_T340
85 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://login.norton.com/?om_em_cid=hho_email_BE_TRIG_ACT_AR_REOPTIN_T340
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.168.74.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
sso /
Resource Hash
e4ff1eeda191f191030ef3713aba2271feb75d68588410693531ba4ec6d77c84

Request headers

Host
login.norton.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 13:34:07 GMT
Server
sso
Content-Type
text/html;charset=ISO-8859-1
Set-Cookie
JSESSIONID=36AAFA17CAF55211CBA4833368A186F1.jvmroute8081; Path=/; Secure; HttpOnly
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
95
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive

Redirect headers

Date
Thu, 04 Jul 2019 13:34:07 GMT
Server
Apache
P3P
policyref="http://policy2.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma
no-cache
Cache-Control
no-store, no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://login.norton.com?om_em_cid=hho_email_BE_TRIG_ACT_AR_REOPTIN_T340
Connection
close
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Primary Request Cookie set update
login.norton.com/sso/embedded/
Redirect Chain
  • https://login.norton.com/sso/index.jsp
  • https://login.norton.com/sso/embedded/login
  • https://login.norton.com/sso/embedded/update
172 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.norton.com/sso/embedded/update
Requested by
Host: login.norton.com
URL: https://login.norton.com/?om_em_cid=hho_email_BE_TRIG_ACT_AR_REOPTIN_T340
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.168.74.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
sso /
Resource Hash
483f6157fa2a5fffe93b130ca76ebf0db9224dd0e961c0b15e429a638b4f2cb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Host
login.norton.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://login.norton.com/?om_em_cid=hho_email_BE_TRIG_ACT_AR_REOPTIN_T340
Accept-Encoding
gzip, deflate, br
Cookie
JSESSIONID=36AAFA17CAF55211CBA4833368A186F1.jvmroute8081
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://login.norton.com/?om_em_cid=hho_email_BE_TRIG_ACT_AR_REOPTIN_T340

Response headers

Date
Thu, 04 Jul 2019 13:34:07 GMT
Server
sso
Strict-Transport-Security
max-age=31536000
P3P
CP="IDC DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-store
X-Frame-Options
SAMEORIGIN
Content-Type
text/html;charset=UTF-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
JSESSIONID=387B6DF816053717DDE2388D42C8CA75.jvmroute8081; Path=/sso; Secure; HttpOnly
Keep-Alive
timeout=15, max=97
Connection
Keep-Alive
Transfer-Encoding
chunked

Redirect headers

Date
Thu, 04 Jul 2019 13:34:07 GMT
Server
sso
Strict-Transport-Security
max-age=31536000
P3P
CP="IDC DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-store
Location
/sso/embedded/update
Content-Length
0
Keep-Alive
timeout=15, max=98
Connection
Keep-Alive
nsl-web-2019-06-19-08-35-18.css
static.nortoncdn.com/static/sso/2019.2.4/44/css/ 		270 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/sso/2019.2.4/44/css/nsl-web-2019-06-19-08-35-18.css
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/update
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.50.163.159 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a184-50-163-159.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
6b961894896fbeef5efb5f1306d38b8989d3557ff310155dda42fb4723c5a96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.norton.com/sso/embedded/update
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Thu, 27 Jun 2019 18:47:08 GMT
Server
Apache/2.4.6 (CentOS)
ETag
"4385d-58c5296c4c380"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
text/css
Access-Control-Allow-Origin
*
Date
Thu, 04 Jul 2019 13:34:08 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38603
sso-default-2019-06-19-08-35-18.js
static.nortoncdn.com/static/sso/2019.2.4/44/js/ 		171 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/sso/2019.2.4/44/js/sso-default-2019-06-19-08-35-18.js
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/update
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.50.163.159 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a184-50-163-159.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
ca5cc3254b9d082c196a28e72855a8bc5ff58a44fc2d87b158b67cd2d28ddc27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.norton.com/sso/embedded/update
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Thu, 27 Jun 2019 18:47:09 GMT
Server
Apache/2.4.6 (CentOS)
ETag
"2ad30-58c5296dbf505"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Date
Thu, 04 Jul 2019 13:34:08 GMT
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Transfer-Encoding
chunked
zxcvbn-2019-06-19-08-35-18.js
static.nortoncdn.com/static/sso/2019.2.4/44/js/ 		801 KB
390 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/sso/2019.2.4/44/js/zxcvbn-2019-06-19-08-35-18.js
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/update
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.50.163.159 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a184-50-163-159.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
5b9ecbb26fc1d1925baeb2a5fff83ab59fd3717ff199758f2bb01fea8aff376a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.norton.com/sso/embedded/update
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Thu, 27 Jun 2019 18:47:10 GMT
Server
Apache/2.4.6 (CentOS)
ETag
"c8271-58c5296e1adde"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Date
Thu, 04 Jul 2019 13:34:08 GMT
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Transfer-Encoding
chunked
loading_animation.gif
static.nortoncdn.com/static/sso/longlived/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nortoncdn.com/static/sso/longlived/images/loading_animation.gif
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/update
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.50.163.159 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a184-50-163-159.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
2fbdc600988b0c0deb30d8e6877917a845a2f404781a088d0913cdd6021cdc2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://login.norton.com/sso/embedded/update
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 15 Nov 2018 00:53:25 GMT
Server
Apache/2.4.6 (CentOS)
ETag
"17fd-57aa97a642b40"
Access-Control-Allow-Methods
GET,POST
Content-Type
image/gif
Access-Control-Allow-Origin
*
Date
Thu, 04 Jul 2019 13:34:08 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6141
norton-ui-sprite.png
static.nortoncdn.com/static/sso/2019.2.4/44/images/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nortoncdn.com/static/sso/2019.2.4/44/images/norton-ui-sprite.png
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/update
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.50.163.159 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a184-50-163-159.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
e283c397fd65f429abbfa95959be6b297b49ad5df760bee88af1464d4ddc0dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static.nortoncdn.com/static/sso/2019.2.4/44/css/nsl-web-2019-06-19-08-35-18.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 27 Jun 2019 18:47:08 GMT
Server
Apache/2.4.6 (CentOS)
ETag
"2f851-58c5296cb7272"
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Date
Thu, 04 Jul 2019 13:34:08 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
194641
bg-sso-ap.png
static.nortoncdn.com/static/sso/longlived/images/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nortoncdn.com/static/sso/longlived/images/bg-sso-ap.png
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/update
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.50.163.159 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a184-50-163-159.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
ad86a6a31138bcbcc5a9c97d4e502df5c981359da1707903c9f60fcfb7ce9ff6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://static.nortoncdn.com/static/sso/2019.2.4/44/css/nsl-web-2019-06-19-08-35-18.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 15 Nov 2018 00:53:25 GMT
Server
Apache/2.4.6 (CentOS)
ETag
"23350e-57aa97a642b40"
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Date
Thu, 04 Jul 2019 13:34:08 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2307342
X-XSS-Protection
1; mode=block
symantec-sans_regular.woff
static.nortoncdn.com/static/ngp/static/ngp.main.4.0.101/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngp/static/ngp.main.4.0.101/fonts/symantec-sans_regular.woff
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/update
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.50.163.159 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a184-50-163-159.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
ea93edf14f7d8332f7173253d6709de07967039085aa10cca972e75f9d8b3454
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://login.norton.com/sso/embedded/update
Origin
https://login.norton.com

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Wed, 01 Aug 2018 18:51:31 GMT
Server
Apache/2.4.6 (CentOS)
ETag
"6dfc-572642ecc72c0"
Access-Control-Allow-Methods
GET,POST
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Date
Thu, 04 Jul 2019 13:34:08 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28156
corporate-sign-off-white.png
static.nortoncdn.com/static/sso/2019.2.4/44/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.nortoncdn.com/static/sso/2019.2.4/44/images/corporate-sign-off-white.png
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/update
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.50.163.159 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a184-50-163-159.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
c056e9b3a0eb2520094a3b0a5e6e73ab1e9457b349d302103bed607de43af138
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://static.nortoncdn.com/static/sso/2019.2.4/44/css/nsl-web-2019-06-19-08-35-18.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Last-Modified
Thu, 27 Jun 2019 18:47:08 GMT
Server
Apache/2.4.6 (CentOS)
ETag
"5f4-58c5296c7c509"
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Date
Thu, 04 Jul 2019 13:34:08 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1524
SourceSansPro-Regular.woff
static.nortoncdn.com/static/ngp/static/ngp.main.4.0.101/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngp/static/ngp.main.4.0.101/fonts/SourceSansPro-Regular.woff
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/update
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.50.163.159 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a184-50-163-159.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://login.norton.com/sso/embedded/update
Origin
https://login.norton.com

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Apache/2.4.6 (CentOS)
Date
Thu, 04 Jul 2019 13:34:08 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
text/html; charset=iso-8859-1
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
265
SourceSansPro-Regular.ttf
static.nortoncdn.com/static/ngp/static/ngp.main.4.0.101/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://static.nortoncdn.com/static/ngp/static/ngp.main.4.0.101/fonts/SourceSansPro-Regular.ttf
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/update
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.50.163.159 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a184-50-163-159.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://login.norton.com/sso/embedded/update
Origin
https://login.norton.com

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Apache/2.4.6 (CentOS)
Date
Thu, 04 Jul 2019 13:34:08 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
text/html; charset=iso-8859-1
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
264
Cookie set adobeAnalytics
analytics-login.norton.com/sso/ Frame 4154 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
Requested by
Host: login.norton.com
URL: https://login.norton.com/sso/embedded/update
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.168.74.193 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
sso /
Resource Hash
021291c612fdf4562f49d4dcc8a02a64bfc4a1941673b3570c1cb19ad0e68a73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
analytics-login.norton.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://login.norton.com/sso/embedded/update
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://login.norton.com/sso/embedded/update

Response headers

Date
Thu, 04 Jul 2019 13:34:08 GMT
Server
sso
Strict-Transport-Security
max-age=31536000
P3P
CP="IDC DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
max-age=5184000
Expires
Mon, 02 Sep 2019 13:34:09 GMT
Content-Type
text/html;charset=UTF-8
Content-Language
en-US
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
JSESSIONID=6B6B8749AE969E15D6C048C986654695.jvmroute8081; Path=/sso; Secure; HttpOnly
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Bootstrap.js
nexus.ensighten.com/symantec/cp1/ Frame 4154 		151 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Requested by
Host: analytics-login.norton.com
URL: https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.132.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-132-206.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
393420f14a4cae4638273f95c24a766549e05622bbc5071fab52bfe711c5b6f3

Request headers

Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 13:34:09 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Apr 2019 21:19:28 GMT
Server
nginx
ETag
W/"5cb4f560-25a5c"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
om_code_min.js
nexus.ensighten.com/symantec/scode/ Frame 4154 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/scode/om_code_min.js
Requested by
Host: analytics-login.norton.com
URL: https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.132.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-132-206.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ec96e0b16c87910af4640fa6125252c0e14f553a750a32769fa3ffa978812bb9

Request headers

Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 13:34:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Sep 2015 17:02:07 GMT
Server
nginx
ETag
W/"560ac40f-5e8"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
s_code_min.js
nexus.ensighten.com/symantec/scode/ Frame 4154 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/scode/s_code_min.js
Requested by
Host: analytics-login.norton.com
URL: https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.132.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-132-206.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d9e62951487dd278213f305f897e3bdb27b8630fe1a89c0a79ea13a28d1c3554

Request headers

Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 13:34:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Mar 2019 17:57:39 GMT
Server
nginx
ETag
W/"5c912d93-fbcc"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
rd
dpm.demdex.net/id/ Frame 4154
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1562247249702
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1562247249702
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1562247249702
Requested by
Host: analytics-login.norton.com
URL: https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.137.90 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-250-137-90.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1562247249702
X-TID
VN5KVokKRFE=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://analytics-login.norton.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Access-Control-Allow-Origin
https://analytics-login.norton.com
X-TID
VN5KVokKRFE=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1562247249702
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
target.js
cdn.tt.omtrdc.net/cdn/ Frame 4154 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tt.omtrdc.net/cdn/target.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.180.46 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-180-46.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
87f70030c765d667a92965b924c9e0ba77b5b76b25eed1e6bd06cfcf646aa8c2

Request headers

Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 13:34:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jun 2019 04:10:39 GMT
Server
Apache
ETag
"1fc4e-aa3e-58c4658398ea8"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
must-revalidate, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14199
serverComponent.php
nexus.ensighten.com/symantec/cp1/ Frame 4154 		273 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/serverComponent.php?r=42883.84917860988&ClientID=21&PageID=https%3A%2F%2Fanalytics-login.norton.com%2Fsso%2FadobeAnalytics%3FlanguageCode%3DEN%26reportSuite%3Dsymanteccom%26pageName%3Dlogin%26isMobile%3Dfalse%26events%3D%26formErrors%3D%26taggedAt%3D2019.2.4_2019-06-19-08-35-18
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.132.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-132-206.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7944670fcea340088256ea334a6dbd27d429469aff9c661af9fddbf5fbc219b7

Request headers

Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 13:34:09 GMT
Cache-Control
no-cache, no-store
Expires
Thu, 04 Jul 2019 13:34:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
273
Content-Type
text/javascript
902a33578d65cc29f7dfe2a12c357930.js
nexus.ensighten.com/symantec/cp1/code/ Frame 4154 		247 B
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/symantec/cp1/code/902a33578d65cc29f7dfe2a12c357930.js?conditionId0=423130
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.132.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-196-132-206.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
89e2536f63e24e339b8e83ea201af16a264323ee5fc9a8860c39c3f2bc3f99c6

Request headers

Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 13:34:09 GMT
Last-Modified
Wed, 14 Nov 2018 19:01:08 GMT
Server
nginx
ETag
"5bec70f4-f7"
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
247
rd
dpm.demdex.net/id/ Frame 4154 		367 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1562247249702
Requested by
Host: analytics-login.norton.com
URL: https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.137.90 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-250-137-90.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4cd6b059b713b5805c03f6d951f2e75a27b372ebc64746989bccacb3f91e3ee8

Request headers

Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
Origin
https://analytics-login.norton.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v037-04bfa3351.edge-irl1.demdex.com 5.55.3.20190702115514 4ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
9HKCbpc8SOI=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://analytics-login.norton.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
300
Expires
Thu, 01 Jan 1970 00:00:00 GMT
id
oms.symantec.com/ Frame 4154 		49 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://oms.symantec.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&mid=45802107981237300983420451224015831055&ts=1562247249956
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.140.40.91 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
symantec.com.ssl.d1.sc.omtrdc.net
Software
Omniture DC /
Resource Hash
190364ef2ad27c63a03e81cec9811bf8376a2124bfe698f429f73715ed405cbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
Origin
https://analytics-login.norton.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 04 Jul 2019 13:34:10 GMT
X-Content-Type-Options
nosniff
Server
Omniture DC
xserver
www293
Vary
Origin
X-C
ms-6.8.1
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://analytics-login.norton.com
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15
Content-Length
49
X-XSS-Protection
1; mode=block
ibs:dpid=411&dpuuid=XR4AUgAAE4n8xxKk
dpm.demdex.net/ Frame 4154
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=46013287181975080993403871564371201214
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XR4AUgAAE4n8xxKk
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XR4AUgAAE4n8xxKk
Requested by
Host: analytics-login.norton.com
URL: https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.137.90 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-250-137-90.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v037-0ae49ffdf.edge-irl1.demdex.com 5.55.3.20190702115514 4ms
Pragma
no-cache
X-TID
BTJaK8TJQBg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Thu, 04 Jul 2019 13:34:09 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XR4AUgAAE4n8xxKk
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
ajax
symantec.tt.omtrdc.net/m2/symantec/mbox/ Frame 4154 		1 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://symantec.tt.omtrdc.net/m2/symantec/mbox/ajax?mboxHost=analytics-login.norton.com&mboxPage=3fc157e1b0b24bf5832b69f4fdebd9ce&screenHeight=1200&screenWidth=1600&browserWidth=0&browserHeight=0&browserTimeOffset=120&colorDepth=24&mboxSession=3fc157e1b0b24bf5832b69f4fdebd9ce&mboxCount=1&mboxTime=1562254449708&page_name=norton%20login%3Aen%3Alogin&site_country=na&site_language=en&site_section=norton%20login&visitor_segment=missing&mbox=sym_global_mbox&mboxId=0&mboxMCSDID=5D3A9346B6846B39-0BB056990F579655&mboxMCGVID=45802107981237300983420451224015831055&vst.trk=om.symantec.com&vst.trks=oms.symantec.com&mboxURL=https%3A%2F%2Fanalytics-login.norton.com%2Fsso%2FadobeAnalytics%3FlanguageCode%3DEN%26reportSuite%3Dsymanteccom%26pageName%3Dlogin%26isMobile%3Dfalse%26events%3D%26formErrors%3D%26taggedAt%3D2019.2.4_2019-06-19-08-35-18&mboxReferrer=https%3A%2F%2Flogin.norton.com%2Fsso%2Fembedded%2Fupdate&mboxVersion=63
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.117.29.4 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software
/
Resource Hash
00e234365ebf549fa6fefd2def2b4b1759bc330b24d7323b275838d1de9ea669

Request headers

Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jul 2019 13:34:12 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache
timing-allow-origin
*
x-request-id
fe7fd283-da29-4bdf-8d99-85e7b86e474d
s24001349180825
oms.symantec.com/b/ss/symanteccom/1/JS-2.10.0/ Frame 4154 		43 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oms.symantec.com/b/ss/symanteccom/1/JS-2.10.0/s24001349180825?AQB=1&ndh=1&pf=1&t=4%2F6%2F2019%2015%3A34%3A12%204%20-120&sdid=5D3A9346B6846B39-0BB056990F579655&mid=45802107981237300983420451224015831055&aamlh=6&ce=UTF-8&pageName=norton%20login%3Aen%3Alogin&g=https%3A%2F%2Fanalytics-login.norton.com%2Fsso%2FadobeAnalytics%3FlanguageCode%3DEN%26reportSuite%3Dsymanteccom%26pageName%3Dlogin%26isMobile%3Dfalse%26events%3D%26formErrors%3D%26taggedAt%3D2019.2.4_2019-06-19-08-35-18&r=https%3A%2F%2Flogin.norton.com%2Fsso%2Fembedded%2Fupdate&server=symantec&events=event69%2Cevent79%3D37&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=na&c3=en&v18=D%3DpageName&v27=na&v28=en&c35=norton%20login%3Aen%3Alogin&c41=Norton%20Login&v41=Norton%20Login&c46=html&c47=page&v47=s_code&v48=none&c49=none&v57=45802107981237300983420451224015831055&v72=Norton%20Login&c75=D%3Dv57&v96=https%3A%2F%2Fanalytics-login.norton.com%2Fsso%2FadobeAnalytics&s=1600x1200&c=24&j=1.6&v=N&k=Y&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1
Requested by
Host: analytics-login.norton.com
URL: https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.140.40.91 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
symantec.com.ssl.d1.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 04 Jul 2019 13:34:12 GMT
X-Content-Type-Options
nosniff
X-C
ms-6.8.1
P3P
CP="This is not a P3P policy"
Connection
Keep-Alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Fri, 05 Jul 2019 13:34:12 GMT
Server
Omniture DC/2.0.0
xserver
www18
ETag
"3354900427890032640-5151415395445430885"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Keep-Alive
timeout=15
Expires
Wed, 03 Jul 2019 13:34:12 GMT
Cookie set dest5.html
symantec.demdex.net/ Frame 13C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://symantec.demdex.net/dest5.html?d_nsid=0
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/symantec/cp1/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.186.149 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-186-149.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
symantec.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18
Accept-Encoding
gzip, deflate, br
Cookie
demdex=46013287181975080993403871564371201214
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://analytics-login.norton.com/sso/adobeAnalytics?languageCode=EN&reportSuite=symanteccom&pageName=login&isMobile=false&events=&formErrors=&taggedAt=2019.2.4_2019-06-19-08-35-18

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 03 Jul 2019 08:23:01 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=46013287181975080993403871564371201214;Path=/;Domain=.demdex.net;Expires=Tue, 31-Dec-2019 13:34:13 GMT;Max-Age=15552000
Vary
Accept-Encoding, User-Agent
X-TID
xYTYsQ/nTrU=
Content-Length
2764
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| RecaptchaOptions object| $jscomp object| CustomSubmit object| BlockFalseSubmit boolean| analyticsEventRecorded function| trackEvent function| showFocusOutlineOnKeyBoardTab function| getCookie function| deleteCookie function| thirdPartyIdpSelect function| hideScrollbar function| detectCookie function| detectEmbeddedIFrame object| HASH_FUNCTIONS function| obfuscateFields function| submitFormWithAjax function| submitFormPreventDefault function| submitForm function| obfuscateAndSubmitForm function| ToggleText boolean| isValueChanged function| registerChangeProfileHandler function| updateTrustedFormValues function| submitTrustForm function| fndisableTFA function| showDiv function| showDialog function| hideDialog function| showConfirmDialog function| showDeleteConfirmationDialog function| showEditAccountDialog function| showCountryCodePhone function| showCountryCode function| disableButton function| enableButton function| selectedCountryIDP function| selectedCountry function| selectedCountryChange function| setFlag function| displayMessageStyleBlock function| displayMessageStyleNone function| onClickTab function| show2SVText function| getWrapMessage function| svgSupported function| togglePopover function| bindCheckInput function| checkInput function| getVipPushResult function| checkSecureKeyBrowserSupported function| Cryptography function| pad function| checkSessionTimeout object| module object| pwScores number| minChar string| pwStrengthClasses function| initPasswordStrength function| initValidateRegisterForm function| setupSubmitToggle object| TooltipFactory object| Border function| transition function| eventResponse function| resizeAnimatedBorder function| animatedBorder function| toggleUsernameField function| $ function| jQuery object| imgPreload string| knownCountry function| handleGkremCookie function| ssoPageLoad string| isRegister string| isUserFromUS object| obfkey object| countryFormat function| loadPlaceHolderbasedOnCountryCode4countryCodeSelect function| analyticsPageLoad function| sendPageNameEvent function| marketlincLoad function| uglipop function| removeuglipop boolean| html function| zxcvbn

2 Cookies

Domain/Path Name / Value
login.norton.com/ Name: JSESSIONID
Value: 36AAFA17CAF55211CBA4833368A186F1.jvmroute8081
login.norton.com/sso Name: JSESSIONID
Value: 387B6DF816053717DDE2388D42C8CA75.jvmroute8081

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics-login.norton.com
cdn.tt.omtrdc.net
cm.everesttech.net
dpm.demdex.net
login.norton.com
nexus.ensighten.com
oms.symantec.com
secure.norton.com
static.nortoncdn.com
symantec.demdex.net
symantec.tt.omtrdc.net
12.130.135.73
18.196.132.206
184.50.163.159
2.19.180.46
34.243.186.149
34.250.137.90
52.168.74.193
63.140.40.91
66.117.28.86
66.117.29.4
00e234365ebf549fa6fefd2def2b4b1759bc330b24d7323b275838d1de9ea669
021291c612fdf4562f49d4dcc8a02a64bfc4a1941673b3570c1cb19ad0e68a73
190364ef2ad27c63a03e81cec9811bf8376a2124bfe698f429f73715ed405cbd
2fbdc600988b0c0deb30d8e6877917a845a2f404781a088d0913cdd6021cdc2f
393420f14a4cae4638273f95c24a766549e05622bbc5071fab52bfe711c5b6f3
483f6157fa2a5fffe93b130ca76ebf0db9224dd0e961c0b15e429a638b4f2cb1
4cd6b059b713b5805c03f6d951f2e75a27b372ebc64746989bccacb3f91e3ee8
5b9ecbb26fc1d1925baeb2a5fff83ab59fd3717ff199758f2bb01fea8aff376a
6b961894896fbeef5efb5f1306d38b8989d3557ff310155dda42fb4723c5a96f
7944670fcea340088256ea334a6dbd27d429469aff9c661af9fddbf5fbc219b7
87f70030c765d667a92965b924c9e0ba77b5b76b25eed1e6bd06cfcf646aa8c2
89e2536f63e24e339b8e83ea201af16a264323ee5fc9a8860c39c3f2bc3f99c6
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ad86a6a31138bcbcc5a9c97d4e502df5c981359da1707903c9f60fcfb7ce9ff6
c056e9b3a0eb2520094a3b0a5e6e73ab1e9457b349d302103bed607de43af138
ca5cc3254b9d082c196a28e72855a8bc5ff58a44fc2d87b158b67cd2d28ddc27
d9e62951487dd278213f305f897e3bdb27b8630fe1a89c0a79ea13a28d1c3554
e283c397fd65f429abbfa95959be6b297b49ad5df760bee88af1464d4ddc0dc4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ff1eeda191f191030ef3713aba2271feb75d68588410693531ba4ec6d77c84
ea93edf14f7d8332f7173253d6709de07967039085aa10cca972e75f9d8b3454
ec96e0b16c87910af4640fa6125252c0e14f553a750a32769fa3ffa978812bb9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629