us.norton.com Open in urlscan Pro
2a02:26f0:3500:58c::1015 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://us.norton.com/blog/emerging-threats/norton-email-scams
Submission: On November 09 via manual (November 9th 2023, 10:56:15 pm UTC) from CR — Scanned from DE

Summary HTTP 264 Redirects Links 96 Behaviour Indicators

Summary

This website contacted 77 IPs in 7 countries across 60 domains to perform 264 HTTP transactions. The main IP is 2a02:26f0:3500:58c::1015, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is us.norton.com. The Cisco Umbrella rank of the primary domain is 16279.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 27th 2023. Valid for: 7 months.

This is the only time us.norton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	2a02:26f0:350... 2a02:26f0:3500:58c::1015	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	3.124.173.63 3.124.173.63	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:310... 2a02:26f0:3100:782::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	54.194.80.81 54.194.80.81	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:88e::1015	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:350... 2a02:26f0:3500:981::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	52.210.47.152 52.210.47.152	16509 (AMAZON-02) (AMAZON-02)
1	66.235.152.152 66.235.152.152	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:34fc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	63.140.62.108 63.140.62.108	15224 (OMNITURE) (OMNITURE)
1	2600:9000:206... 2600:9000:206f:4800:1:996f:a9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
7	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 7	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2.18.97.54 2.18.97.54	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:780... 2a02:26f0:780::210:a441	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
2	2a02:26f0:780... 2a02:26f0:780::210:a45b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
5	104.126.37.42 104.126.37.42	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223f:9e00:12:1bcc:1d00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:350... 2a02:26f0:3500:88d::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	35.164.125.172 35.164.125.172	16509 (AMAZON-02) (AMAZON-02)
1	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.122.10 18.66.122.10	16509 (AMAZON-02) (AMAZON-02)
2	34.254.6.250 34.254.6.250	16509 (AMAZON-02) (AMAZON-02)
1	34.216.210.54 34.216.210.54	16509 (AMAZON-02) (AMAZON-02)
1 1	216.200.122.11 216.200.122.11	6461 (ZAYO-6461) (ZAYO-6461)
2 3	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1 2	54.156.17.57 54.156.17.57	14618 (AMAZON-AES) (AMAZON-AES)
4	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
1	23.196.247.136 23.196.247.136	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
7	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.253.81.236 34.253.81.236	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.159 70.42.32.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 4	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
2	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	52.45.37.98 52.45.37.98	14618 (AMAZON-AES) (AMAZON-AES)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.222.236.26 52.222.236.26	16509 (AMAZON-02) (AMAZON-02)
1	52.34.72.148 52.34.72.148	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	34.95.127.121 34.95.127.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
34	44.237.206.228 44.237.206.228	16509 (AMAZON-02) (AMAZON-02)
1	3.225.111.63 3.225.111.63	14618 (AMAZON-AES) (AMAZON-AES)
1	193.108.153.24 193.108.153.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.96.126.215 34.96.126.215	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.117.20.67 34.117.20.67	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.149.32.178 34.149.32.178	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:310... 2a02:26f0:3100:795::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	34.30.96.65 34.30.96.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:5... 2600:1901:0:56e0::	15169 (GOOGLE) (GOOGLE)
1	34.102.193.48 34.102.193.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
264	77

48 2a02:26f0:3500:58c::1015 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

us.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com

ensighten.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:782::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.80.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-80-81.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
symantec.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:88e::1015 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.nortonlifelock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:981::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.47.152 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-47-152.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.152 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-66-235-152-152.data.adobedc.net

symantec.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:34fc (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.108 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-108.data.adobedc.net

oms.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4800:1:996f:a9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

spider.australiarevival.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

bite.australiarevival.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.97.54 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-97-54.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a441 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

websdk.appsflyer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:780::210:a45b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.126.37.42 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-42.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (None, )

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:9e00:12:1bcc:1d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.knotch-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:88d::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.164.125.172 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-125-172.us-west-2.compute.amazonaws.com

app.leadsrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-10.fra60.r.cloudfront.net

tag.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.6.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-6-250.eu-west-1.compute.amazonaws.com

enable-eg-ot.egainonetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.analytics-egain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.216.210.54 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-210-54.us-west-2.compute.amazonaws.com

tvspix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.122.11 (Portland, United States) 1 redirects

ASN6461 (ZAYO-6461, US)
PTR: 216.200.122.11.IPYX-141870-ZYO.zip.zayo.com

gwmtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.17.57 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-17-57.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.196.247.136 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-247-136.deploy.static.akamaitechnologies.com

buy.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.81.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-81-236.eu-west-1.compute.amazonaws.com

norton.ow5a.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

8136487.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.37.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-37-98.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-26.fra56.r.cloudfront.net

configs.knotch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.34.72.148 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-72-148.us-west-2.compute.amazonaws.com

event.havasedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 44.237.206.228 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-206-228.us-west-2.compute.amazonaws.com

support-digital.norton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.111.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-111-63.compute-1.amazonaws.com

aq-swa-api.knotch.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-24.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.126.215 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 215.126.96.34.bc.googleusercontent.com

data.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.20.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.20.117.34.bc.googleusercontent.com

page.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.32.178 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 178.32.149.34.bc.googleusercontent.com

view.cdnbasket.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:795::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

684dd325.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.30.96.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.96.30.34.bc.googleusercontent.com

norton-app.quantummetric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:56e0:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

ids.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.193.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.193.102.34.bc.googleusercontent.com

e.cdnwidget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.bouncex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
101	norton.com us.norton.com — Cisco Umbrella Rank: 16279 ensighten.norton.com — Cisco Umbrella Rank: 161016 oms.norton.com — Cisco Umbrella Rank: 77923 lifelock.norton.com Failed buy.norton.com — Cisco Umbrella Rank: 191776 support-digital.norton.com — Cisco Umbrella Rank: 247040	1 MB
15	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 154 8136487.fls.doubleclick.net — Cisco Umbrella Rank: 440041 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	11 KB
11	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 105	3 KB
9	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 2091 api.bounceexchange.com — Cisco Umbrella Rank: 2503	163 KB
9	quantummetric.com cdn.quantummetric.com — Cisco Umbrella Rank: 2468 norton-app.quantummetric.com — Cisco Umbrella Rank: 142146	191 KB
8	google.de www.google.de — Cisco Umbrella Rank: 6862	946 B
8	australiarevival.com spider.australiarevival.com — Cisco Umbrella Rank: 222073 bite.australiarevival.com — Cisco Umbrella Rank: 191944	39 KB
6	bouncex.net events.bouncex.net — Cisco Umbrella Rank: 1954	698 B
6	bing.com bat.bing.com — Cisco Umbrella Rank: 366	15 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	447 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003	5 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 742	148 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462 www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 874	754 B
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 849	2 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3022 tr.outbrain.com — Cisco Umbrella Rank: 2814 wave.outbrain.com — Cisco Umbrella Rank: 3006	9 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	249 B
3	cdnbasket.net data.cdnbasket.net — Cisco Umbrella Rank: 4377 page.cdnbasket.net — Cisco Umbrella Rank: 4382 view.cdnbasket.net — Cisco Umbrella Rank: 4384	1014 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	126 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 228 symantec.demdex.net — Cisco Umbrella Rank: 116740	5 KB
2	cdnwidget.com ids.cdnwidget.com — Cisco Umbrella Rank: 3501 e.cdnwidget.com — Cisco Umbrella Rank: 13451	330 B
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 2957	123 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 747	611 B
2	t.co t.co — Cisco Umbrella Rank: 607	604 B
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2412	1 KB
2	havasedge.com tag.havasedge.com — Cisco Umbrella Rank: 38356 event.havasedge.com — Cisco Umbrella Rank: 19768	23 KB
2	leadsrx.com app.leadsrx.com — Cisco Umbrella Rank: 9605	19 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 847	21 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 5077 q.quora.com — Cisco Umbrella Rank: 3698	15 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 648	7 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
2	paypal.com www.paypal.com — Cisco Umbrella Rank: 2811 t.paypal.com — Cisco Umbrella Rank: 3468	7 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	4 KB
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1444 c.go-mpulse.net — Cisco Umbrella Rank: 654	41 KB
1	akstat.io 684dd325.akstat.io — Cisco Umbrella Rank: 69515	354 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2858	18 B
1	knotch.it aq-swa-api.knotch.it — Cisco Umbrella Rank: 7759	198 B
1	analytics-egain.com analytics.analytics-egain.com — Cisco Umbrella Rank: 26665	5 KB
1	ojrq.net www.ojrq.net — Cisco Umbrella Rank: 5839	466 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1417	632 B
1	knotch.com configs.knotch.com — Cisco Umbrella Rank: 13061	444 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1452	637 B
1	ow5a.net norton.ow5a.net — Cisco Umbrella Rank: 396409	1010 B
1	ispot.tv pt.ispot.tv — Cisco Umbrella Rank: 2651	314 B
1	gwmtracking.com 1 redirects gwmtracking.com — Cisco Umbrella Rank: 24605	388 B
1	tvspix.com tvspix.com — Cisco Umbrella Rank: 19700	194 B
1	egainonetag.com enable-eg-ot.egainonetag.com — Cisco Umbrella Rank: 385671	18 KB
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4323	447 B
1	knotch-cdn.com www.knotch-cdn.com — Cisco Umbrella Rank: 9710	25 KB
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4420	15 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1333	8 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1161	17 KB
1	pdst.fm cdn.pdst.fm — Cisco Umbrella Rank: 2918	6 KB
1	appsflyer.com websdk.appsflyer.com — Cisco Umbrella Rank: 4680	12 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 3721	14 KB
1	omtrdc.net symantec.tt.omtrdc.net — Cisco Umbrella Rank: 155829	2 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1275	517 B
1	nortonlifelock.com www.nortonlifelock.com — Cisco Umbrella Rank: 41900	26 KB
1	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 466	61 KB
264	60

	Domain	Requested by
48	us.norton.com	us.norton.com
34	support-digital.norton.com	ensighten.norton.com support-digital.norton.com cdn.quantummetric.com
17	ensighten.norton.com	us.norton.com ensighten.norton.com
8	www.google.de	us.norton.com
8	www.google.com	2 redirects us.norton.com
7	assets.bounceexchange.com	ensighten.norton.com
7	googleads.g.doubleclick.net	2 redirects ensighten.norton.com
7	bite.australiarevival.com	ensighten.norton.com us.norton.com
6	events.bouncex.net
6	norton-app.quantummetric.com	cdn.quantummetric.com
6	bat.bing.com	ensighten.norton.com us.norton.com
6	www.googletagmanager.com	ensighten.norton.com
5	analytics.tiktok.com	ensighten.norton.com
4	tr.snapchat.com	ensighten.norton.com
4	8136487.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	ct.pinterest.com	ensighten.norton.com
4	www.facebook.com	us.norton.com
3	px.ads.linkedin.com	3 redirects
3	www.google-analytics.com	ensighten.norton.com
3	adservice.google.com	8136487.fls.doubleclick.net
3	ad.doubleclick.net	2 redirects
3	connect.facebook.net	ensighten.norton.com
3	cdn.quantummetric.com	ensighten.norton.com support-digital.norton.com
2	api.bounceexchange.com	ensighten.norton.com
2	us-central1-adaptive-growth.cloudfunctions.net	ensighten.norton.com
2	analytics.twitter.com
2	t.co
2	tr.outbrain.com	ensighten.norton.com
2	trkn.us	1 redirects
2	app.leadsrx.com	ensighten.norton.com
2	s.pinimg.com	ensighten.norton.com
2	s.yimg.com	ensighten.norton.com
2	snap.licdn.com	ensighten.norton.com
2	www.googleadservices.com	ensighten.norton.com
2	region1.google-analytics.com	us.norton.com
2	dpm.demdex.net	assets.adobedtm.com us.norton.com
1	e.cdnwidget.com
1	ids.cdnwidget.com	ensighten.norton.com
1	684dd325.akstat.io	ensighten.norton.com
1	stats.g.doubleclick.net	ensighten.norton.com
1	view.cdnbasket.net	ensighten.norton.com
1	page.cdnbasket.net	ensighten.norton.com
1	data.cdnbasket.net	ensighten.norton.com
1	analytics.pangle-ads.com
1	aq-swa-api.knotch.it
1	analytics.analytics-egain.com	enable-eg-ot.egainonetag.com
1	www.ojrq.net
1	sp.analytics.yahoo.com
1	event.havasedge.com
1	configs.knotch.com	ensighten.norton.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	q.quora.com
1	alb.reddit.com
1	t.paypal.com
1	wave.outbrain.com	ensighten.norton.com
1	norton.ow5a.net	ensighten.norton.com
1	buy.norton.com	ensighten.norton.com
1	pt.ispot.tv
1	gwmtracking.com	1 redirects
1	tvspix.com
1	enable-eg-ot.egainonetag.com	ensighten.norton.com
1	tag.havasedge.com	ensighten.norton.com
1	tag.simpli.fi	ensighten.norton.com
1	www.knotch-cdn.com	ensighten.norton.com
1	a.quora.com	ensighten.norton.com
1	tag.wknd.ai	ensighten.norton.com
1	www.redditstatic.com	ensighten.norton.com
1	www.paypal.com	ensighten.norton.com
1	sc-static.net	ensighten.norton.com
1	cdn.pdst.fm	ensighten.norton.com
1	websdk.appsflyer.com	ensighten.norton.com
1	amplify.outbrain.com	ensighten.norton.com
1	static.ads-twitter.com	ensighten.norton.com
1	d.impactradius-event.com	ensighten.norton.com
1	spider.australiarevival.com	ensighten.norton.com
1	oms.norton.com	us.norton.com
1	symantec.tt.omtrdc.net	ensighten.norton.com
1	cm.everesttech.net	1 redirects
1	symantec.demdex.net	ensighten.norton.com
1	c.go-mpulse.net	ensighten.norton.com
1	www.nortonlifelock.com	assets.adobedtm.com
1	s.go-mpulse.net	us.norton.com
1	assets.adobedtm.com	us.norton.com
0	lifelock.norton.com Failed	ensighten.norton.com
264	85

This site contains links to these domains. Also see Links.

Domain
my.norton.com
lifelock.norton.com
www.gendigital.com
genie.norton.com
support.norton.com
community.norton.com
buy.norton.com
ar.norton.com
br.norton.com
ca.norton.com
ca-fr.norton.com
pr.norton.com
lam.norton.com
cl.norton.com
co.norton.com
mx.norton.com
be-nl.norton.com
be.norton.com
cz.norton.com
dk.norton.com
de.norton.com
es.norton.com
ie.norton.com
fr.norton.com
il.norton.com
it.norton.com
hu.norton.com
nl.norton.com
no.norton.com
at.norton.com
pl.norton.com
pt.norton.com
ro.norton.com
ch.norton.com
ch-fr.norton.com
ch-it.norton.com
za.norton.com
fi.norton.com
se.norton.com
tr.norton.com
ae.norton.com
uk.norton.com
gr.norton.com
ru.norton.com
au.norton.com
asia.norton.com
hk-en.norton.com
hk.norton.com
in.norton.com
malaysia.norton.com
nz.norton.com
sg.norton.com
kr.norton.com
cn.norton.com
tw.norton.com
jp.norton.com
www.nortonlifelock.com
login.norton.com
twitter.com
www.instagram.com
www.facebook.com
www.youtube.com
updatecenter.norton.com
www.reputationdefender.com
status.norton.com

Subject Issuer	Validity	Valid
www.norton.com DigiCert SHA2 Extended Validation Server CA	`2023-09-27` - `2024-04-18`	7 months	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-11` - `2024-08-10`	a year	crt.sh
ensighten.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-12` - `2024-07-30`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-17` - `2024-05-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-19` - `2023-11-17`	3 months	crt.sh
oms.norton.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-03` - `2024-10-03`	a year	crt.sh
*.australiarevival.com Amazon RSA 2048 M02	`2023-02-24` - `2024-01-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2024-01-06`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.appsflyer.com DigiCert TLS RSA SHA256 2020 CA1	`2023-07-27` - `2024-07-27`	a year	crt.sh
cdn.pdst.fm GTS CA 1D4	`2023-09-22` - `2023-12-21`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-13` - `2024-08-20`	10 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-25` - `2024-02-21`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-11-06` - `2023-12-27`	2 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
tag.wknd.ai R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
quora.com R3	`2023-09-24` - `2023-12-23`	3 months	crt.sh
www.knotch-cdn.com Amazon RSA 2048 M02	`2023-07-17` - `2024-08-15`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.leadsrx.com GeoTrust TLS ECC CA G1	`2023-05-02` - `2024-06-01`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.havasedge.com Go Daddy Secure Certificate Authority - G2	`2023-08-09` - `2024-08-30`	a year	crt.sh
*.egainonetag.com Amazon RSA 2048 M02	`2023-08-28` - `2024-09-25`	a year	crt.sh
tvspix.com Amazon RSA 2048 M01	`2023-04-25` - `2024-05-23`	a year	crt.sh
*.ispot.tv R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
buy.norton.com DigiCert SHA2 Extended Validation Server CA	`2023-07-19` - `2024-01-25`	6 months	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2023-09-22` - `2023-12-21`	3 months	crt.sh
pkof.net Amazon RSA 2048 M01	`2023-01-24` - `2024-02-22`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
t.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-02-28`	6 months	crt.sh
misc.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.quora.com R3	`2023-11-05` - `2024-02-03`	3 months	crt.sh
*.knotch.com Amazon RSA 2048 M02	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
*.ojrq.net Sectigo RSA Domain Validation Secure Server CA	`2022-12-09` - `2024-01-07`	a year	crt.sh
support-digital.norton.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-02` - `2024-05-21`	a year	crt.sh
*.analytics-egain.com Amazon RSA 2048 M03	`2023-08-07` - `2024-09-04`	a year	crt.sh
*.knotch.it Amazon RSA 2048 M01	`2023-06-25` - `2024-07-24`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
data.cdnbasket.net GTS CA 1D4	`2023-09-14` - `2023-12-13`	3 months	crt.sh
page.cdnbasket.net GTS CA 1D4	`2023-09-16` - `2023-12-15`	3 months	crt.sh
view.cdnbasket.net GTS CA 1D4	`2023-09-22` - `2023-12-21`	3 months	crt.sh
*.quantummetric.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-18` - `2024-02-13`	a year	crt.sh
ids.cdnwidget.com R3	`2023-09-14` - `2023-12-13`	3 months	crt.sh
e.cdnwidget.com R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
*.wunderkind.co R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://us.norton.com/blog/emerging-threats/norton-email-scams
Frame ID: 8CDC8A1515FC92B3D81C3A8985EB5D92
Requests: 213 HTTP requests in this frame

Frame: https://symantec.demdex.net/dest5.html?d_nsid=0
Frame ID: 54861A40248A4B2792156DDB9F3118C9
Requests: 1 HTTP requests in this frame

Frame: https://lifelock.norton.com/
Frame ID: 89EAAB9EEC0F01AEEBE74A02599892A4
Requests: 2 HTTP requests in this frame

Frame: https://8136487.fls.doubleclick.net/activityi;dc_pre=CJfSsuCBuIIDFU7IOwIdSAYCyw;src=8136487;type=lp;cat=unive0;ord=1;num=4771508230273;auiddc=2086481629.1699570569;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams
Frame ID: 0505BA704B2168F967299AC4A4A38443
Requests: 2 HTTP requests in this frame

Frame: https://8136487.fls.doubleclick.net/activityi;dc_pre=CPjJsuCBuIIDFQXjmgodEUAD5Q;src=8136487;type=lp;cat=blogp0;ord=369987896567;auiddc=2086481629.1699570569;u10=unknown;u14=direct;u16=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams
Frame ID: 6A047B4420E8C2226958FA92D02B0713
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=08bef49b-4b6f-474e-958b-5a0be7a0227e&u_scsid=c06d4650-0902-4358-9df5-f305bdae18f9&u_sclid=6dcf49ee-4ff8-4fd8-8da6-c3438d5d07e3
Frame ID: CB2878FFBA372D117B842CE87A8819FF
Requests: 1 HTTP requests in this frame

Frame: https://analytics.analytics-egain.com/iframe/EG94020756
Frame ID: 4A1EB19B3CFDC8587263B69D46BA390C
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: F2C1C1738C2CECF6C91EDC9E563560DE
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: D6BA73828A15F16D0B2B8486595645A5
Requests: 1 HTTP requests in this frame

Frame: https://support-digital.norton.com/system/templates/chat/egain-docked-chat.js
Frame ID: 64B988C3F78A5DB0315366CD55B2562C
Requests: 1 HTTP requests in this frame

Frame: https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&t=1699570569783&v=1699570570496&z=1&S=0&N=0&P=0
Frame ID: C451547713D51292F2AB76AEEC51D542
Requests: 7 HTTP requests in this frame

Frame: https://support-digital.norton.com/system/cb/cs/checkSession.html?wsname=https://us.norton.com
Frame ID: 272AE7869681939DAB4A10BF7DC5B2F6
Requests: 1 HTTP requests in this frame

Frame: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
Frame ID: 134FE52C91787D951F8B2323D9572C12
Requests: 29 HTTP requests in this frame

Frame: https://cdn.quantummetric.com/helpers/blank
Frame ID: AC633984AF9E766D290E19FFF8B2F401
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Norton email scams: Answers to Your Frequently Asked Questions (FAQs) - Norton

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

/etc\.clientlibs/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

264
Requests

95 %
HTTPS

37 %
IPv6

60
Domains

85
Subdomains

77
IPs

7
Countries

2667 kB
Transfer

8884 kB
Size

92
Cookies

96 Outgoing links

These are links going to different origins than the main page.

URL: https://my.norton.com/extspa/dashboard/Home?inid=nortoncom_nav_mynorton_home_blog:norton-email-scams
Title: Go to account

Search URL Search Domain Scan URL

URL: https://my.norton.com/extspa/dashboard/Home?inid=nortoncom_nav_mynorton_home2_blog:norton-email-scams
Title: Sign In

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home_blog:norton-email-scams
Title: Account info

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home2_blog:norton-email-scams
Title: Preferences

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/billinginformation?inid=nortoncom_nav_mynorton_billinginformation_blog:norton-email-scams
Title: Billing info

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home3_blog:norton-email-scams
Title: Renew

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/orders?inid=nortoncom_nav_mynorton_orders_blog:norton-email-scams
Title: Order history

Search URL Search Domain Scan URL

URL: https://my.norton.com/onboard/home/setup?inid=nortoncom_nav_mynorton_setup_blog:norton-email-scams
Title: Enter your Product Key

Search URL Search Domain Scan URL

URL: https://lifelock.norton.com/?inid=nortoncom_nav_lifelock.norton.com_blog:norton-email-scams
Title: LifeLock Identity Protection

Search URL Search Domain Scan URL

URL: https://www.gendigital.com/us/en/partner/?inid=nortoncom_nav_logo_blog:norton-email-scams
Title: Partner with Us

Search URL Search Domain Scan URL

URL: https://genie.norton.com/?inid=nortoncom_nav_logo_blog:norton-email-scams
Title: Genie Scam Detector NEW

Search URL Search Domain Scan URL

URL: https://support.norton.com/?inid=nortoncom_nav_support_blog:norton-email-scams
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://community.norton.com/en?inid=nortoncom_nav_community_blog:norton-email-scams
Title: Community

Search URL Search Domain Scan URL

URL: https://buy.norton.com/ps?multipage=true&inid=nortoncom_nav_store_blog:norton-email-scams&tfflag=bfc

Search URL Search Domain Scan URL

URL: https://my.norton.com/extspa/dashboard/Home?inid=nortoncom_nav_mynorton_home3_blog:norton-email-scams
Title: Go to account

Search URL Search Domain Scan URL

URL: https://my.norton.com/extspa/dashboard/Home?inid=nortoncom_nav_mynorton_home4_blog:norton-email-scams
Title: Sign In

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home4_blog:norton-email-scams
Title: Account info

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home5_blog:norton-email-scams
Title: Preferences

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/billinginformation?inid=nortoncom_nav_mynorton_billinginformation2_blog:norton-email-scams
Title: Billing info

Search URL Search Domain Scan URL

URL: https://my.norton.com/account/home?inid=nortoncom_nav_mynorton_home6_blog:norton-email-scams
Title: Renew

Search URL Search Domain Scan URL

URL: https://my.norton.com/Account/orders?inid=nortoncom_nav_mynorton_orders2_blog:norton-email-scams
Title: Order history

Search URL Search Domain Scan URL

URL: https://my.norton.com/onboard/home/setup?inid=nortoncom_nav_mynorton_setup2_blog:norton-email-scams
Title: Enter your Product Key

Search URL Search Domain Scan URL

URL: https://ar.norton.com/
Title: Argentina

Search URL Search Domain Scan URL

URL: https://br.norton.com/
Title: Brasil

Search URL Search Domain Scan URL

URL: https://ca.norton.com/
Title: Canada (English)

Search URL Search Domain Scan URL

URL: https://ca-fr.norton.com/
Title: Canada (Français)

Search URL Search Domain Scan URL

URL: https://pr.norton.com/
Title: Caribbean (English)

Search URL Search Domain Scan URL

URL: https://lam.norton.com/
Title: Caribe (Español)

Search URL Search Domain Scan URL

URL: https://cl.norton.com/
Title: Chile

Search URL Search Domain Scan URL

URL: https://co.norton.com/
Title: Colombia

Search URL Search Domain Scan URL

URL: https://mx.norton.com/
Title: México

Search URL Search Domain Scan URL

URL: https://be-nl.norton.com/
Title: België (Nederlands)

Search URL Search Domain Scan URL

URL: https://be.norton.com/
Title: Belgique (Français)

Search URL Search Domain Scan URL

URL: https://cz.norton.com/
Title: Česko

Search URL Search Domain Scan URL

URL: https://dk.norton.com/
Title: Danmark

Search URL Search Domain Scan URL

URL: https://de.norton.com/
Title: Deutschland

Search URL Search Domain Scan URL

URL: https://es.norton.com/
Title: España

Search URL Search Domain Scan URL

URL: https://ie.norton.com/
Title: Estonia (English)

Search URL Search Domain Scan URL

URL: https://fr.norton.com/
Title: France

Search URL Search Domain Scan URL

URL: https://il.norton.com/
Title: Israel (English)

Search URL Search Domain Scan URL

URL: https://it.norton.com/
Title: Italia

Search URL Search Domain Scan URL

URL: https://hu.norton.com/
Title: Magyarország

Search URL Search Domain Scan URL

URL: https://nl.norton.com/
Title: Nederland

Search URL Search Domain Scan URL

URL: https://no.norton.com/
Title: Norge

Search URL Search Domain Scan URL

URL: https://at.norton.com/
Title: Österreich

Search URL Search Domain Scan URL

URL: https://pl.norton.com/
Title: Polska

Search URL Search Domain Scan URL

URL: https://pt.norton.com/
Title: Portugal

Search URL Search Domain Scan URL

URL: https://ro.norton.com/
Title: România

Search URL Search Domain Scan URL

URL: https://ch.norton.com/
Title: Schweiz (Deutsch)

Search URL Search Domain Scan URL

URL: https://ch-fr.norton.com/
Title: Suisse (Français)

Search URL Search Domain Scan URL

URL: https://ch-it.norton.com/
Title: Svizzera (Italiano)

Search URL Search Domain Scan URL

URL: https://za.norton.com/
Title: South Africa

Search URL Search Domain Scan URL

URL: https://fi.norton.com/
Title: Suomi

Search URL Search Domain Scan URL

URL: https://se.norton.com/
Title: Sverige

Search URL Search Domain Scan URL

URL: https://tr.norton.com/
Title: Türkiye

Search URL Search Domain Scan URL

URL: https://ae.norton.com/
Title: United Arab Emirates (English)

Search URL Search Domain Scan URL

URL: https://uk.norton.com/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://gr.norton.com/
Title: Ελλάδα

Search URL Search Domain Scan URL

URL: https://ru.norton.com/
Title: Россия

Search URL Search Domain Scan URL

URL: https://au.norton.com/
Title: Australia

Search URL Search Domain Scan URL

URL: https://asia.norton.com/
Title: Cambodia (English)

Search URL Search Domain Scan URL

URL: https://hk-en.norton.com/
Title: Hong Kong (English)

Search URL Search Domain Scan URL

URL: https://hk.norton.com/
Title: 香港

Search URL Search Domain Scan URL

URL: https://in.norton.com/
Title: India (English)

Search URL Search Domain Scan URL

URL: https://malaysia.norton.com/
Title: Malaysia (English)

Search URL Search Domain Scan URL

URL: https://nz.norton.com/
Title: New Zealand

Search URL Search Domain Scan URL

URL: https://sg.norton.com/
Title: Singapore (English)

Search URL Search Domain Scan URL

URL: https://kr.norton.com/
Title: 대한민국

Search URL Search Domain Scan URL

URL: https://cn.norton.com/
Title: 中国

Search URL Search Domain Scan URL

URL: https://tw.norton.com/
Title: 台灣

Search URL Search Domain Scan URL

URL: https://jp.norton.com/
Title: 日本

Search URL Search Domain Scan URL

URL: https://support.norton.com/sp/en/us/home/current/solutions/v71088498
Title: this verification link

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/blogs/feature-stories/fraudulent-use-nortonlifelock-brand
Title: this article

Search URL Search Domain Scan URL

URL: https://login.norton.com/sso/idp/OIDC?client_id=YK73XHSPCM%2Fmy.norton.com%2Fnortonlifelock&redirect_uri=https%3A%2F%2Fmy.norton.com%2Fsignin-norton&response_type=code&scope=openid%20profile%20email%20address%20phone%20spa_auth%20session_state%20device_all%20ngp_ncs_read%20ngp_ncs_write%20nf_ncs_read%20nf_ncs_write%20cloudconnect&code_challenge=nwYIjDH0F25cSxfdMYbMOSQi2K_xCq2iquJfBbdTR90&code_challenge_method=S256&response_mode=form_post&nonce=637849461454472776.NzBjZDAzNDYtZDI5MC00ODA3LWFjNTItZTk1ODcxYTQ0MWM5MWY2ZDZiYWMtMmYxZS00MjFhLWI4NTktYzZkYjMwOWM2YmU5&acr_values=&state=CfDJ8J-OdNvQpylAmih5fFP_k2bWwVkuMcDhZ2tVDHeOwg3jkOVOU4U9XdJyjIguBIoIJxwJw-THCan--_lafDnggVTjU4ioXGidxbeCxmMkKStQ0iIIx3T3h4JLlMSgu3ik_MdzpKRLpgFodR5-IR22MI89VJYDd_td8mqKkAuNYtYWKJ9PW1C7WhFpFtPnb1xnh8fBXngSJNTFBBbqOQk95dTVoQjk0KxmS-jymF9tJMsCabzhhfTTdfbD2VgTnTs7fL9IN2laub-pmEhxcAYm6vy5HE2uW7b3swIK2u_DV22tjaDiNMc9LU_iINLu6K2Bi7HvHtXVPizT4XPeDI-kd90fr-z7AZ1qYKii2_QoHlB3H8td_PQtEXOsDchRbGZbICD31-r8yog1YuHqJvUGXKmjxMnWtKXgcxEnjYCTFP2m2M6yJ6TL6yiSd570lL1mZDQNvOvN_N3zR3Nsi5dx_xm8-dBGtUpg8_WjWfYkWHnJJVEOSZLF33kN9SsIjpe4_qQELsyhg-MnxAH0NrMxbeEGdtVRQCgoHVgWQ480ESwAnrB2-1d9yyo5Q7N8yoOaARs_ScVPOlP6f6EAULQWTg0&x-client-SKU=ID_NETSTANDARD2_0&x-client-ver=5.5.0.0
Title: membership portal

Search URL Search Domain Scan URL

URL: http://support.norton.com/
Title: support.norton.com

Search URL Search Domain Scan URL

URL: https://twitter.com/norton

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nortonsecurity/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/Norton

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/norton

Search URL Search Domain Scan URL

URL: https://genie.norton.com/
Title: Genie Scam Detector

Search URL Search Domain Scan URL

URL: https://support.norton.com/
Title: Norton Support

Search URL Search Domain Scan URL

URL: http://updatecenter.norton.com/
Title: Norton Update Center

Search URL Search Domain Scan URL

URL: https://community.norton.com/en
Title: Community

Search URL Search Domain Scan URL

URL: https://login.norton.com/
Title: Sign In

Search URL Search Domain Scan URL

URL: https://lifelock.norton.com/
Title: LifeLock by Norton

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/
Title: NortonLifeLock

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/us/en/partner/
Title: NortonLifeLock Partners

Search URL Search Domain Scan URL

URL: https://www.reputationdefender.com/
Title: ReputationDefender by Norton

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/about/legal
Title: Legal

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/about/legal/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/us/en/privacy/do-not-sell/
Title: Do Not Sell or Share My Personal Data

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/accessibility-policy
Title: Accessibility Policy

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/sitemap
Title: Site Map

Search URL Search Domain Scan URL

URL: https://status.norton.com/
Title: System Status

Search URL Search Domain Scan URL

URL: https://www.nortonlifelock.com/us/en/privacy/cookies-and-analytics/
Title: Learn more

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://cm.everesttech.net/cm/dd?d_uuid=63820116808020953260580728026514357913 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZU1jiAAAAJ-v9AO-

Request Chain 90

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1947650366&cv=11&fst=1699570568749&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&ocp_id=iGNNZdDNMKG3gAf7uaLADg&sscte=1&crd=&pscrd=Ek9DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUkltQUFqNmo2aFh6a0xwdFc0Y1FIV19kVE5VMXVjWG1NeHhiM1hLS2NyNVdFMU5YX0hWY2pzGlhDaEFJZ0tPeXFnWVE3dlBkeU1XNnpwRkZFaTRBcEc4cG9GRWk1Nl80dmpXam1wbS1VeHp0Z1ZaVlRrcnVabzhvZWQtS2NTVmRXWF9NSDRDN3V4Z2ljZWZFIhMI0LGY4IG4ggMVoRvgCh37nAjo HTTP 302
https://www.google.com/pagead/1p-conversion/1043330685/?random=1947650366&cv=11&fst=1699570568749&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUkltQUFqNmo2aFh6a0xwdFc0Y1FIV19kVE5VMXVjWG1NeHhiM1hLS2NyNVdFMU5YX0hWY2pzGlhDaEFJZ0tPeXFnWVE3dlBkeU1XNnpwRkZFaTRBcEc4cG9GRWk1Nl80dmpXam1wbS1VeHp0Z1ZaVlRrcnVabzhvZWQtS2NTVmRXWF9NSDRDN3V4Z2ljZWZFIhMI0LGY4IG4ggMVoRvgCh37nAjo&is_vtc=1&ocp_id=iGNNZdDNMKG3gAf7uaLADg&cid=CAQSKQDICaaNWpJhGvY8yb-7irrTKTPSbBMJNvg5MGM8NCSzPUvq19MQhiwR&random=4223873952 HTTP 302
https://www.google.de/pagead/1p-conversion/1043330685/?random=1947650366&cv=11&fst=1699570568749&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUkltQUFqNmo2aFh6a0xwdFc0Y1FIV19kVE5VMXVjWG1NeHhiM1hLS2NyNVdFMU5YX0hWY2pzGlhDaEFJZ0tPeXFnWVE3dlBkeU1XNnpwRkZFaTRBcEc4cG9GRWk1Nl80dmpXam1wbS1VeHp0Z1ZaVlRrcnVabzhvZWQtS2NTVmRXWF9NSDRDN3V4Z2ljZWZFIhMI0LGY4IG4ggMVoRvgCh37nAjo&is_vtc=1&ocp_id=iGNNZdDNMKG3gAf7uaLADg&cid=CAQSKQDICaaNWpJhGvY8yb-7irrTKTPSbBMJNvg5MGM8NCSzPUvq19MQhiwR&random=4223873952&ipr=y

Request Chain 116

https://gwmtracking.com/p/v/1/59bc0993f8708105b27e9bf1/format/img HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9309239;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=9309239;dc_pre=CLeZ2-CBuIIDFQjYOwIdZsUE5A;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CLeZ2-CBuIIDFQjYOwIdZsUE5A;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 118

https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=900170343 HTTP 302
https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=900170343&ip=81.95.5.39&cuidchk=1

Request Chain 132

https://8136487.fls.doubleclick.net/activityi;src=8136487;type=lp;cat=unive0;ord=1;num=4771508230273;auiddc=2086481629.1699570569;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams HTTP 302
https://8136487.fls.doubleclick.net/activityi;dc_pre=CJfSsuCBuIIDFU7IOwIdSAYCyw;src=8136487;type=lp;cat=unive0;ord=1;num=4771508230273;auiddc=2086481629.1699570569;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams

Request Chain 133

https://8136487.fls.doubleclick.net/activityi;src=8136487;type=lp;cat=blogp0;ord=369987896567;auiddc=2086481629.1699570569;u10=unknown;u14=direct;u16=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams HTTP 302
https://8136487.fls.doubleclick.net/activityi;dc_pre=CPjJsuCBuIIDFQXjmgodEUAD5Q;src=8136487;type=lp;cat=blogp0;ord=369987896567;auiddc=2086481629.1699570569;u10=unknown;u14=direct;u16=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams

Request Chain 139

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1437148428&cv=11&fst=1699570568949&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=sale&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dnorton-email-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&ocp_id=iGNNZem9OsK01PIPgv20gAk&sscte=1&crd=&pscrd=Ek9DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUkltQUFqNmo2aFh6a0xwdFc0Y1FIV19kVE5VMXVjWG1NeHhiM1hLS2NyNVdFMU5YX0hWY2pzGlhDaEFJZ0tPeXFnWVE3dlBkeU1XNnpwRkZFaTRBcEc4cG9FaWloVmRpWTdmMWNXdFRKTnBUREw5S2JyOU5tNzRpQklYX0xrQnJraXFVR2tTQ2oxVHMwNHo5IhMI6aGi4IG4ggMVQhpVCB2CPg2Q HTTP 302
https://www.google.com/pagead/1p-conversion/1043330685/?random=1437148428&cv=11&fst=1699570568949&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=sale&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dnorton-email-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUkltQUFqNmo2aFh6a0xwdFc0Y1FIV19kVE5VMXVjWG1NeHhiM1hLS2NyNVdFMU5YX0hWY2pzGlhDaEFJZ0tPeXFnWVE3dlBkeU1XNnpwRkZFaTRBcEc4cG9FaWloVmRpWTdmMWNXdFRKTnBUREw5S2JyOU5tNzRpQklYX0xrQnJraXFVR2tTQ2oxVHMwNHo5IhMI6aGi4IG4ggMVQhpVCB2CPg2Q&is_vtc=1&ocp_id=iGNNZem9OsK01PIPgv20gAk&cid=CAQSKQDICaaNwsPCwk1D06nwahaVSPty5wY0O2Gx0GsA8L_JYiJ92X4EuuZq&random=654959544 HTTP 302
https://www.google.de/pagead/1p-conversion/1043330685/?random=1437148428&cv=11&fst=1699570568949&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=sale&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dnorton-email-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUkltQUFqNmo2aFh6a0xwdFc0Y1FIV19kVE5VMXVjWG1NeHhiM1hLS2NyNVdFMU5YX0hWY2pzGlhDaEFJZ0tPeXFnWVE3dlBkeU1XNnpwRkZFaTRBcEc4cG9FaWloVmRpWTdmMWNXdFRKTnBUREw5S2JyOU5tNzRpQklYX0xrQnJraXFVR2tTQ2oxVHMwNHo5IhMI6aGi4IG4ggMVQhpVCB2CPg2Q&is_vtc=1&ocp_id=iGNNZem9OsK01PIPgv20gAk&cid=CAQSKQDICaaNwsPCwk1D06nwahaVSPty5wY0O2Gx0GsA8L_JYiJ92X4EuuZq&random=654959544&ipr=y

Request Chain 152

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1699570569313&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1699570569313&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2504060%26time%3D1699570569313%26url%3Dhttps%253A%252F%252Fus.norton.com%252Fblog%252Femerging-threats%252Fnorton-email-scams%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1699570569313&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1699570569313&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true&liSync=true&e_ipv6=AQKWeHNe0nXTRAAAAYu2TNM3ibMrouxYwnevWGc0Zp8z9HW7h5bbR8GHoKeTpmSq

264 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request norton-email-scams Show response
us.norton.com/blog/emerging-threats/ 152 KB
28 KB 161ms
17ms Document
text/html 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e963d10033c76c9c8c3f1083d576ba24f505b511fe009c8c538d414a3047fa55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 27137
content-type: text/html;charset=utf-8
date: Thu, 09 Nov 2023 22:56:07 GMT
etag: W/"23bba-609a7356af533-gzip"
last-modified: Wed, 08 Nov 2023 17:13:40 GMT
link: <https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-700.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-800.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-500.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://assets.adobedtm.com>;rel="preconnect",<https://www.nortonlifelock.com>;rel="preconnect",<https://symantec.demdex.net>;rel="preconnect",<https://cdn.quantummetric.com>;rel="preconnect",<https://spider.australiarevival.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://bite.australiarevival.com>;rel="preconnect" <https://ensighten.norton.com>;rel="preconnect"
server: Apache
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1699570567431_388276368_613049425_111_5013_6_96_255";dur=1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-akam-sw-version: 0.5.0
x-akamai-transformed: 9 - 0 pmb=mNONE,1mRUM,2
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 inter-latin-700.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 37 KB
37 KB 32ms
31ms Font
application/octet-stream 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-700.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
Origin: https://us.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Tue, 03 May 2022 19:44:04 GMT
server: Apache
etag: "9394-5de20bb2a8900"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31429974
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567550_388276368_613049483_21_3574_6_0_219";dur=1
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Thu, 07 Nov 2024 17:29:01 GMT

GET
H2 200 inter-latin-800.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 37 KB
37 KB 32ms
31ms Font
application/octet-stream 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-800.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
Origin: https://us.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Tue, 03 May 2022 19:44:04 GMT
server: Apache
etag: "9394-5de20bb2a8900"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31430038
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567554_388276368_613049490_26_3017_6_0_219";dur=1
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Thu, 07 Nov 2024 17:30:05 GMT

GET
H2 200 inter-latin-400.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 37 KB
37 KB 18ms
18ms Font
application/octet-stream 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-400.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
Origin: https://us.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Tue, 03 May 2022 19:44:04 GMT
server: Apache
etag: "9394-5de20bb2a8900"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31429969
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567554_388276368_613049491_25_2994_6_0_219";dur=1
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Thu, 07 Nov 2024 17:28:56 GMT

GET
H2 200 inter-latin-500.woff2
us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/ 37 KB
37 KB 19ms
18ms Font
application/octet-stream 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/resources/inter-latin-500.woff2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
Origin: https://us.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Tue, 03 May 2022 19:44:04 GMT
server: Apache
etag: "9394-5de20bb2a8900"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=31429854
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567554_388276368_613049492_28_3018_6_0_219";dur=1
accept-ranges: bytes
x-xss-protection: 1; mode=block
expires: Thu, 07 Nov 2024 17:27:01 GMT

GET
H2 200 t-base-critical.min.5d4850a91539a500c130d934603e51d2.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/ 108 KB
9 KB 13ms
11ms Stylesheet
text/css 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/t-base-critical.min.5d4850a91539a500c130d934603e51d2.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

c4d358d143dced2dd0f6d45dd9e8af45c87f9272b91e871b33e69688bf14bfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567554_388276368_613049493_33_2922_6_0_255";dur=1
content-length: 9175
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Nov 2023 22:43:06 GMT
server: Akamai Resource Optimizer
etag: "1b06f-6087c21111b00-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31432222
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:06:29 GMT

GET
H2 200 runtime.min.3e509b6fbb60e3bacdc070373e53e258.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/ 1 KB
1 KB 15ms
13ms Script
application/javascript 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/runtime.min.3e509b6fbb60e3bacdc070373e53e258.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

7e549f1fcfab734025757f85babfcf8a8f2eef7e88aae11c61d5b4900f2fa166

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567554_388276368_613049496_40_2912_6_0_219";dur=1
content-length: 643
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 05:01:05 GMT
server: Akamai Resource Optimizer
etag: "5d4-5dc842f3eec80-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31432221
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:06:28 GMT

GET
H2 200 launch-EN1cc7556280444b10a3c687a73ed01baa.min.js Show response
assets.adobedtm.com/ 184 KB
61 KB 58ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b305b33d6add58c9c895b0c20f97d3085b4c11b8d6856d76e762699f29627a6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:07 GMT
content-encoding: gzip
last-modified: Wed, 30 Aug 2023 19:38:00 GMT
server: AkamaiNetStorage
etag: "09fa8dc3a98f1a874a908517f84d8cfa:1693424280.731046"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://us.norton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 61911
expires: Thu, 09 Nov 2023 23:56:07 GMT

GET
H2 200 Bootstrap.js Show response
ensighten.norton.com/symantec/aemprod/ 615 KB
103 KB 129ms
36ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 84fdc47a610d3f34cbc9c7e4d7dc5d1087ce455961d823c0fe990dfa2ea240f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:07 GMT
x-amz-version-id: C.ydmykw_i76CBGspUTmi6cKTW_qWYkK
content-encoding: br
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 543105
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 03 Nov 2023 16:03:59 GMT
server: CloudFront
etag: W/"73de10f8367413361d2b2bf05d333239"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: gV1qsRSOdYmBFnjNkY2YASxdgnoGlAnSJbJZphjjtOC-29qR7T3C7A==

GET
H2 200 stickybanner.min.efc144216219e5a0aa5884f27c8bcd1a.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 3 KB
994 B 13ms
12ms Stylesheet
text/css 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/stickybanner.min.efc144216219e5a0aa5884f27c8bcd1a.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

43f80764e0d9752a9552f8183c96c294ef1676e4e81e116103c5c2583558b819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567554_388276368_613049494_41_2894_6_0_255";dur=1
content-length: 574
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 01:58:46 GMT
server: Akamai Resource Optimizer
etag: "c29-5e42c309f6640-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31455797
accept-ranges: bytes
expires: Fri, 08 Nov 2024 00:39:24 GMT

GET
H2 200 stickybanner.min.4303bf537312913152388a4a5e9415aa.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 2 KB
1 KB 29ms
22ms Script
application/javascript 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/stickybanner.min.4303bf537312913152388a4a5e9415aa.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

013bf59b8f0226c32593d1ecdc756b9cda5d1cc729e2d27f640b1731d69d525f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049776_99_3017_10_0_146";dur=1
content-length: 605
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Nov 2023 21:23:36 GMT
server: Akamai Resource Optimizer
etag: "605-6087c21111b00-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31455797
accept-ranges: bytes
expires: Fri, 08 Nov 2024 00:39:24 GMT

GET
H2 200 topnav.min.d8d162235186b8652dca48d1064e73ac.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 21 KB
3 KB 14ms
13ms Stylesheet
text/css 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/topnav.min.d8d162235186b8652dca48d1064e73ac.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

fdb3f80ad6876da45ed4e07db6bdb29b314f2a272ff97bfa9889e4b6e4740f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567555_388276368_613049495_121_2376_6_0_255";dur=1
content-length: 2664
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Nov 2023 13:08:59 GMT
server: Akamai Resource Optimizer
etag: "5291-602953ed82800-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31510987
accept-ranges: bytes
expires: Fri, 08 Nov 2024 15:59:14 GMT

GET
H2 200 icon_myaccount.svg
us.norton.com/content/dam/norton/icon/ 2 KB
1 KB 35ms
35ms Image
image/svg+xml 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_myaccount.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

9cae17c82ee21eebeb7713ea50198ae11522924f892e3ea70d0e38ae84a70f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
content-disposition: attachment; filename="icon_myaccount.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1699570567554_388276368_613049497_757_3013_6_0_182";dur=1
content-length: 851
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 13:38:13 GMT
server: Akamai Resource Optimizer
etag: "929-5d76cef225e00"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=900
accept-ranges: bytes

GET
H2 200 icon_flag_united_states.svg
us.norton.com/content/dam/norton/icon/flag/ 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/flag/icon_flag_united_states.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

7adb2fbfe7954dc15cd52b3fd050b57f65d2cd79987544247664929134329f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Mon, 06 Nov 2023 21:23:43 GMT
server: Akamai Resource Optimizer
etag: "914-5fc895e938ac0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_flag_united_states.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567554_388276368_613049498_38_3014_6_0_182";dur=1
accept-ranges: bytes
content-length: 932
x-xss-protection: 1; mode=block

GET
H2 200 logo_norton_d.svg
us.norton.com/content/dam/norton/logo/ 7 KB
3 KB 19ms
11ms Image
image/svg+xml 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/logo/logo_norton_d.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

d92510e1217668642bc5364d01f23adc6a2462587993f16a0eb3e58678902165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Mon, 06 Nov 2023 21:43:12 GMT
server: Akamai Resource Optimizer
etag: "1dfd-5d76cef6ea940"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="logo_norton_d.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567588_388276368_613049577_21_4643_7_0_182";dur=1
accept-ranges: bytes
content-length: 2312
x-xss-protection: 1; mode=block

GET
H2 200 icon_ui_cart_empty_m_2x.png
us.norton.com/content/dam/norton/cb/ 684 B
1001 B 34ms
27ms Image
image/png 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/cb/icon_ui_cart_empty_m_2x.png

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

ebdf93991a2ed22745d06711d88be171680e237cc52491457833f82fc4639937

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Wed, 19 Jul 2023 18:41:13 GMT
server: Akamai Image Manager
etag: "2ac-5dada4b52da40"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: private, no-transform, max-age=2144628
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049777_103_4393_8_0_146";dur=1
content-length: 684
expires: Mon, 04 Dec 2023 18:39:55 GMT

GET
H2 200 icon_ui_search_m_2x.png
us.norton.com/content/dam/norton/cb/ 700 B
1 KB 34ms
27ms Image
image/png 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/cb/icon_ui_search_m_2x.png

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

963adb4be5eee8f53bd330e7a6b03749ffb2de194b69705b25c0be94b86aa1b7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Wed, 19 Jul 2023 18:16:01 GMT
server: Akamai Image Manager
x-serial: 948
x-check-cacheable: YES
etag: "2bc-5dada4b068f00"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: private, no-transform, max-age=1531871
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049778_103_4433_8_0_146";dur=1
content-length: 700
expires: Mon, 27 Nov 2023 16:27:18 GMT

GET
H2 200 country-selector.min.5d85ae94786b6a7c5d3798c94fd577bf.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 6 KB
1 KB 10ms
10ms Stylesheet
text/css 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/country-selector.min.5d85ae94786b6a7c5d3798c94fd577bf.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

01a35bb43d6af1d38f1240aa5e4935892e9feb2888813b1f41bea599be833f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567594_388276368_613049583_83_3086_7_0_182";dur=1
content-length: 963
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Nov 2023 18:53:11 GMT
server: Akamai Resource Optimizer
etag: "1892-5fbc0f3cacc80-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31535965
accept-ranges: bytes
expires: Fri, 08 Nov 2024 22:55:32 GMT

GET
H2 200 icon_close.svg
us.norton.com/content/dam/norton/icon/ 2 KB
856 B 30ms
24ms Image
image/svg+xml 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_close.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

047326738d40c8e278c7e117df1ae29260ccb40ea994b650075a3c669f85046d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Wed, 08 Nov 2023 17:14:21 GMT
server: Akamai Resource Optimizer
etag: "677-5fca0275e1f40"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_close.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049779_98_3462_10_0_146";dur=1
accept-ranges: bytes
content-length: 454
x-xss-protection: 1; mode=block

GET
H2 200 icon_chevrondown.svg
us.norton.com/content/dam/norton/icon/ 644 B
704 B 31ms
25ms Image
image/svg+xml 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_chevrondown.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

0afb5adee300f91b2ac3acb6feab6c55078727db7612d20fa5f5542640637d4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Wed, 08 Nov 2023 13:35:26 GMT
server: Akamai Resource Optimizer
etag: "284-5fca01f42ed40"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_chevrondown.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049780_98_3085_10_0_146";dur=1
accept-ranges: bytes
content-length: 297
x-xss-protection: 1; mode=block

GET
H2 200 country-selector.min.d0a5df0b8e47e4c0a9697643c1a05546.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 5 KB
2 KB 21ms
10ms Script
application/javascript 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/country-selector.min.d0a5df0b8e47e4c0a9697643c1a05546.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

024d76e626c9bfa1da2e801dac27cf2dcbe4413dd5ae9335db82970cfd077bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567666_388276368_613049753_25_3738_10_0_182";dur=1
content-length: 1635
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Nov 2023 21:27:59 GMT
server: Akamai Resource Optimizer
etag: "15f1-6087c21205d40-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31432222
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:06:29 GMT

GET
H2 200 topnav.min.e93b8212f23c94f85661469fc7ebad94.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 8 KB
2 KB 31ms
25ms Script
application/javascript 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/topnav.min.e93b8212f23c94f85661469fc7ebad94.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

96fda31febd88d147ae655146776c335eb2e72257ee130e4b44f429eacfa1115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049781_98_2698_10_0_146";dur=1
content-length: 1913
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 15:02:34 GMT
server: Akamai Resource Optimizer
etag: "1e12-6087a8c3b6900-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31446830
accept-ranges: bytes
expires: Thu, 07 Nov 2024 22:09:57 GMT

GET
H2 200 blogsecondarynav.min.e911c416b0b02c52b973615dae33fadf.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 4 KB
1 KB 22ms
11ms Stylesheet
text/css 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/blogsecondarynav.min.e911c416b0b02c52b973615dae33fadf.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

3cfad2c28fe50f641c4a891d158cd951206ebfc4438cf7d5827e2b3d7a68435e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567666_388276368_613049754_36_3729_10_0_182";dur=1
content-length: 667
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 17:35:14 GMT
server: Akamai Resource Optimizer
etag: "eb2-5f2900afb3140-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31432221
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:06:28 GMT

GET
H2 200 blogsecondarynav.min.e3d0138c73e40cce94efef12f81ae2e6.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 4 KB
1 KB 32ms
26ms Script
application/javascript 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/blogsecondarynav.min.e3d0138c73e40cce94efef12f81ae2e6.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

90fffaaefc4b81b319bef8c9a9c5f8c2c56e85a1ab3d82339b2158b69c682ccc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049783_115_2839_10_0_146";dur=1
content-length: 823
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Nov 2023 22:54:17 GMT
server: Akamai Resource Optimizer
etag: "e64-6087c21111b00-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31432222
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:06:29 GMT

GET
H2 200 blogarticle.min.5c4c38e53191d80af63ea3e711205ebb.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 10 KB
2 KB 26ms
16ms Stylesheet
text/css 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/blogarticle.min.5c4c38e53191d80af63ea3e711205ebb.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

ff0f4e4f7dcaac0334ec00e1a654bce5aee589c1208d30872ce5061568975b02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049766_82_2962_10_0_182";dur=1
content-length: 1547
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Nov 2023 21:29:28 GMT
server: Akamai Resource Optimizer
etag: "2752-5fbc0f3cacc80-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31446830
accept-ranges: bytes
expires: Thu, 07 Nov 2024 22:09:57 GMT

GET
H2 200 breadcrumb.min.cce01bed5fa9e61960c13d1940f696ea.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 725 B
647 B 27ms
17ms Stylesheet
text/css 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/breadcrumb.min.cce01bed5fa9e61960c13d1940f696ea.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

bce657f4cccebf522c57d100dd000580e9d540711cab1b9c014a0e8854251f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049767_95_2731_10_0_182";dur=1
content-length: 227
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 01:58:29 GMT
server: Akamai Resource Optimizer
etag: "2d5-5dc842f3eec80-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31432221
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:06:28 GMT

GET
H2 200 breadcrumb.min.46ede505d6f7111a4534dc6199d596d3.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 1 KB
1 KB 32ms
26ms Script
application/javascript 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/breadcrumb.min.46ede505d6f7111a4534dc6199d596d3.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

e581dd5a912f0d3c081b82b3a8b25c95c6838077449ad63f43519f3cab54bd16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049784_104_2647_10_0_146";dur=1
content-length: 612
x-xss-protection: 1; mode=block
last-modified: Mon, 06 Nov 2023 18:56:02 GMT
server: Akamai Resource Optimizer
etag: "5e2-602953ed82800-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31432222
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:06:29 GMT

GET
H2 200 clare-stouffer.png
us.norton.com/content/dam/blogs/images/norton/as/ 2 KB
2 KB 45ms
40ms Image
image/avif 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/as/clare-stouffer.png

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a1a7069365ef1fa15bd89c341e44edb807bec4e6006c3f6cc2eede1df5868531

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:07 GMT
content-encoding: gzip
last-modified: Wed, 19 Jul 2023 18:08:50 GMT
server: Akamai Image Manager
etag: "6396-5fc145dee5840"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/avif
cache-control: private, no-transform, max-age=2040907
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="1699570567671_388276368_613049785_278_4142_6_0_146";dur=1
content-length: 2002
expires: Sun, 03 Dec 2023 13:51:14 GMT

GET
H2 200 norton-email-scams-hero.png
us.norton.com/content/dam/blogs/images/norton/am/ 44 KB
44 KB 269ms
264ms Image
image/avif 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/am/norton-email-scams-hero.png

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6fe26570fa6f95a827697ee1d70234115679a607cb6f65a38a8ba0ac784f757f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:07 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 16:30:18 GMT
server: Akamai Image Manager
x-serial: 1116
x-check-cacheable: YES
etag: "fa86-5fc1458dd5900"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/avif
cache-control: private, no-transform, max-age=2068763
server-timing: cdn-cache; desc=HIT, edge; dur=230, origin; dur=0, ak_p; desc="1699570567678_388276368_613049801_23076_4108_9_0_146";dur=1
expires: Sun, 03 Dec 2023 21:35:30 GMT

GET
H2 200 button.min.df409ee89cb46656cd08d135043e7eac.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 3 KB
1 KB 33ms
28ms Script
application/javascript 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/button.min.df409ee89cb46656cd08d135043e7eac.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

ada825f777baefed28ce1b8618d0d6ac616f02fff5ac3869350022bb738d7b64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567678_388276368_613049802_86_2817_8_0_146";dur=1
content-length: 999
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Nov 2023 22:52:20 GMT
server: Akamai Resource Optimizer
etag: "b0f-6087c21205d40-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31441045
accept-ranges: bytes
expires: Thu, 07 Nov 2024 20:33:32 GMT

GET
H2 200 text.min.7d2c876a8cd18892408c7a306e517b0a.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 2 KB
938 B 38ms
28ms Stylesheet
text/css 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/text.min.7d2c876a8cd18892408c7a306e517b0a.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

3af99c9e152eb6a388574c6cbd1df620882f99b486c542360b84eeea25923d04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1699570567671_388276368_613049768_608_2962_8_0_182";dur=1
content-length: 495
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 15:07:46 GMT
server: Akamai Resource Optimizer
etag: "96f-5e07a914e1a00-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=30774918
accept-ranges: bytes
expires: Thu, 31 Oct 2024 03:31:25 GMT

GET
H2 200 text.min.43b08d18fd35b61cec33493ab4c1b531.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 2 KB
1 KB 34ms
29ms Script
application/javascript 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/text.min.43b08d18fd35b61cec33493ab4c1b531.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

ea2566e46783fedce851cc101cd35ba6042d847f61a9ebc49c5afb480aa4f534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567678_388276368_613049803_108_2685_8_0_146";dur=1
content-length: 710
x-xss-protection: 1; mode=block
last-modified: Sun, 05 Nov 2023 17:55:34 GMT
server: Akamai Resource Optimizer
etag: "7b6-6087a8c3b6900-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31440108
accept-ranges: bytes
expires: Thu, 07 Nov 2024 20:17:55 GMT

GET
H2 200 blogarticle.min.7bf74a7e3759bf0eb36af14485f4d562.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 4 KB
2 KB 35ms
30ms Script
application/javascript 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/blogarticle.min.7bf74a7e3759bf0eb36af14485f4d562.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

5296e1972bf6b473bf0f6b806ec251345e39bc0d6211853048fdcb671a9c3e69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567678_388276368_613049804_92_2759_8_0_146";dur=1
content-length: 1273
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 14:58:48 GMT
server: Akamai Resource Optimizer
etag: "1039-6087c21205d40-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31446830
accept-ranges: bytes
expires: Thu, 07 Nov 2024 22:09:57 GMT

GET
H2 200 list.min.5fd11e79d98a89cff653f321356cc9fb.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 14 KB
3 KB 27ms
17ms Stylesheet
text/css 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/list.min.5fd11e79d98a89cff653f321356cc9fb.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

021c5fc6030190f968031644cc8a81738766d504ef2c6f351a642d1eabe90ed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049769_85_2861_10_0_182";dur=1
content-length: 2265
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 06:10:55 GMT
server: Akamai Resource Optimizer
etag: "3849-5eeb8ab300f40-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31432221
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:06:28 GMT

GET
H2 200 img_family-home-work_thumb2x.jpg
us.norton.com/content/dam/blogs/images/norton/tn/ 43 KB
44 KB 35ms
31ms Image
image/avif 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/tn/img_family-home-work_thumb2x.jpg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

37d36a2bd7502379676527d1514f1e169528ffc1f04e1b66887ffab34236c735

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Wed, 19 Jul 2023 18:44:00 GMT
server: Akamai Image Manager
x-serial: 4
x-check-cacheable: YES
etag: "206c8-5fc1455a55f80"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2144958
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567678_388276368_613049805_147_3801_6_0_146";dur=1
content-length: 44506
expires: Mon, 04 Dec 2023 18:45:25 GMT

GET
H2 200 img_woman-laptop-overview_thumb2x.jpg
us.norton.com/content/dam/blogs/images/norton/tn/ 74 KB
75 KB 37ms
33ms Image
image/avif 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/tn/img_woman-laptop-overview_thumb2x.jpg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

52a9c1e985fb4de9c75c6cc17a88f0bbe1d6fd298c3582c2b73890580852ac40

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Wed, 19 Jul 2023 18:35:38 GMT
server: Akamai Image Manager
x-serial: 1408
x-check-cacheable: YES
etag: "29c3c-5fc14557798c0"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=2144624
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567678_388276368_613049806_164_3759_6_0_146";dur=1
content-length: 76252
expires: Mon, 04 Dec 2023 18:39:51 GMT

GET
H2 200 man-earphone-tablet_190x190.jpg
us.norton.com/content/dam/blogs/images/norton/tn/ 5 KB
6 KB 38ms
34ms Image
image/avif 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/tn/man-earphone-tablet_190x190.jpg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

b1ab7f60896733bcc2a64777ff4f43ffcdc9c12605260980557798b67ba292ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Wed, 19 Jul 2023 18:44:28 GMT
server: Akamai Image Manager
x-serial: 77
x-check-cacheable: YES
etag: "4abd-5fc145464f040"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=1894393
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567678_388276368_613049807_140_3796_6_0_146";dur=1
content-length: 5383
expires: Fri, 01 Dec 2023 21:09:20 GMT

GET
H2 200 img_laptops-back-to-back_thumb2x.jpg
us.norton.com/content/dam/blogs/images/norton/tn/ 13 KB
13 KB 39ms
35ms Image
image/avif 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/blogs/images/norton/tn/img_laptops-back-to-back_thumb2x.jpg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

68f203e55e482507ae7cbb5b047aae6add3797b76f0ab6ffe4a65b6f8deb6875

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Wed, 19 Jul 2023 18:16:06 GMT
server: Akamai Image Manager
etag: "14174-5fc1455685680"
x-frame-options: SAMEORIGIN
content-type: image/avif
cache-control: private, no-transform, max-age=1991636
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567678_388276368_613049808_158_3769_6_0_146";dur=1
content-length: 13051
expires: Sun, 03 Dec 2023 00:10:03 GMT

GET
H2 200 list.min.cb972d428d35f969c8cfa6a32ff59352.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 6 KB
2 KB 40ms
36ms Script
application/javascript 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/list.min.cb972d428d35f969c8cfa6a32ff59352.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

c81ab91c780c257b541589f6059ed82a861f77363676b31aedf18a7773ce42d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567678_388276368_613049809_102_2666_8_0_146";dur=1
content-length: 1713
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 17:22:01 GMT
server: Akamai Resource Optimizer
etag: "18d1-6087c21205d40-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31432221
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:06:28 GMT

GET
H2 200 socialmediabanner.min.3731a4cc58e589c439fe1d43dd8a4768.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 1 KB
757 B 27ms
18ms Stylesheet
text/css 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/socialmediabanner.min.3731a4cc58e589c439fe1d43dd8a4768.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

9be9d584d9718fb12864ee91ea739e931ec9a2cbd66594b6654888b6f5c469b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049770_89_2935_10_0_182";dur=1
content-length: 337
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 04:13:22 GMT
server: Akamai Resource Optimizer
etag: "4ae-5e07a914e1a00-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31432222
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:06:29 GMT

GET
H2 200 icon_twitter1.svg
us.norton.com/content/dam/norton/icon/ 330 B
617 B 40ms
37ms Image
image/svg+xml 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_twitter1.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

ff5738e7904810d00e0c2a81fb10db7dab8e4c69e8df3582dcd0764ee15a5715

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Wed, 08 Nov 2023 16:56:25 GMT
server: Akamai Resource Optimizer
etag: "14a-609a6ba0e89c0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_twitter1.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567678_388276368_613049810_104_2869_8_0_146";dur=1
accept-ranges: bytes
content-length: 214
x-xss-protection: 1; mode=block

GET
H2 200 icon_instagram1.svg
us.norton.com/content/dam/norton/icon/ 3 KB
1 KB 41ms
38ms Image
image/svg+xml 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_instagram1.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

e3ffc0b66d8feace6bbb5bf4db49d7d2f5d9a0516965b93dff62c180317740ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Wed, 08 Nov 2023 17:16:05 GMT
server: Akamai Resource Optimizer
etag: "bb9-5d76cef5f6700"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_instagram1.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567678_388276368_613049811_107_2989_8_0_146";dur=1
accept-ranges: bytes
content-length: 901
x-xss-protection: 1; mode=block

GET
H2 200 icon_facebook1.svg
us.norton.com/content/dam/norton/icon/ 2 KB
1 KB 41ms
38ms Image
image/svg+xml 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_facebook1.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

7f60b70cd0914dab4dbb9f4e2f97e3e8b2784c500ec236e68adb2956bff893ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Thu, 02 Nov 2023 23:15:09 GMT
server: Akamai Resource Optimizer
etag: "751-5d76cef5f6700"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
content-disposition: attachment; filename="icon_facebook1.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567678_388276368_613049812_106_2824_8_0_146";dur=1
accept-ranges: bytes
content-length: 632
x-xss-protection: 1; mode=block

GET
H2 200 icon_youtube-dark.svg
us.norton.com/content/dam/norton/icon/ 697 B
1 KB 43ms
40ms Image
image/svg+xml 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://us.norton.com/content/dam/norton/icon/icon_youtube-dark.svg

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

22c66cd15f32e15c9373fc199c95f3dd381435590e5592f1b93ad971491b7172

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Nov 2023 22:56:07 GMT
x-content-type-options: nosniff, nosniff
last-modified: Tue, 10 Jan 2023 11:18:02 GMT
server: Apache
etag: "2b9-5f1e70975ae80"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=900
content-disposition: attachment; filename="icon_youtube-dark.svg"
server-timing: cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1699570567681_388276368_613049813_1042_2629_7_0_146";dur=1
accept-ranges: bytes
content-length: 697
x-xss-protection: 1; mode=block

GET
H2 200 spacer.min.94a76473d368b52fba594239c1580199.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 2 KB
745 B 27ms
19ms Stylesheet
text/css 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/spacer.min.94a76473d368b52fba594239c1580199.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

df1c84b7b7dc39655db2bd72f4f17cefd065d4140ba2bf771f6d35a18f9b1ec8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049771_84_2891_10_0_182";dur=1
content-length: 325
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 13:42:11 GMT
server: Akamai Resource Optimizer
etag: "84f-5dc83ba3debc0-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31440108
accept-ranges: bytes
expires: Thu, 07 Nov 2024 20:17:55 GMT

GET
H2 200 footer.min.bf2f3a7b6716c365bb104cb6451d9ef4.css
us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/ 3 KB
1 KB 28ms
19ms Stylesheet
text/css 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/components/footer.min.bf2f3a7b6716c365bb104cb6451d9ef4.css

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

23cbdb9898337abd7b695077d28d5ce16d5c77228c3da33e6c40b9b4ff9d49ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049772_83_2829_10_0_182";dur=1
content-length: 727
x-xss-protection: 1; mode=block
last-modified: Thu, 02 Nov 2023 22:46:04 GMT
server: Akamai Resource Optimizer
etag: "cfe-6013fb9616840-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
cache-control: max-age=31432222
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:06:29 GMT

GET
H2 200 t-base-component-util.min.ba0d38d87c8c6665e0241365c3d1ff3b.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/ 49 KB
13 KB 28ms
20ms Script
application/javascript 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/t-base-component-util.min.ba0d38d87c8c6665e0241365c3d1ff3b.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

1493d3c7a39e8fc469215c2e23344bdb88118e5497d5dc7d1059ed60642ec511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049773_85_2846_10_0_182";dur=1
content-length: 12511
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 17:42:06 GMT
server: Akamai Resource Optimizer
etag: "c4ca-6087a8c3b6900-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31432221
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:06:28 GMT

GET
H2 200 t-base-defer.min.64693bcba6972552c29411ab151df06e.js Show response
us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/ 31 KB
7 KB 41ms
39ms Script
application/javascript 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/norton/clientlibs/generated/templates/t-base-defer.min.64693bcba6972552c29411ab151df06e.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

6f4c7a851816abcb573f1b9c33d7a08d2b5b87761db0c81dc6f633fe50ac4637

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567678_388276368_613049814_106_2584_8_0_146";dur=1
content-length: 6870
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Nov 2023 16:51:04 GMT
server: Akamai Resource Optimizer
etag: "7cc8-6087c21205d40-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31432221
accept-ranges: bytes
expires: Thu, 07 Nov 2024 18:06:28 GMT

GET
H2 200 core.wcm.components.commons.datalayer.v1.min.904d3c2f1e821ab45124d66de422b409.js Show response
us.norton.com/etc.clientlibs/core/wcm/components/commons/datalayer/v1/clientlibs/ 35 KB
11 KB 29ms
21ms Script
application/javascript 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/etc.clientlibs/core/wcm/components/commons/datalayer/v1/clientlibs/core.wcm.components.commons.datalayer.v1.min.904d3c2f1e821ab45124d66de422b409.js

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

5e303e88b8398f416f84591973b2dc5df6d02746f782fc367368e3f6fbfae6ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1699570567671_388276368_613049774_88_2738_10_0_182";dur=1
content-length: 11018
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Nov 2023 07:04:46 GMT
server: Akamai Resource Optimizer
etag: "8a54-5efb9ce8eb340-gzip"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: max-age=31510988
accept-ranges: bytes
expires: Fri, 08 Nov 2024 15:59:15 GMT

GET
H2 200 cookies Show response
us.norton.com/bin/norton/ 0
649 B 51ms
50ms XHR
text/plain 2a02:26f0:3500:58c::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://us.norton.com/bin/norton/cookies

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:58c::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/blog/emerging-threats/norton-email-scams
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Nov 2023 22:56:07 GMT
x-content-type-options: nosniff, nosniff
server: Apache
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/plain; charset=UTF-8
server-timing: cdn-cache; desc=MISS, edge; dur=22, origin; dur=6, ak_p; desc="1699570567612_388276368_613049627_2821_3672_7_0_255";dur=1
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 MDDJR-3RVW8-S3M46-HL4QS-RLVQ4 Show response
s.go-mpulse.net/boomerang/ 156 KB
40 KB 83ms
21ms Script
application/javascript 2a02:26f0:3100:782::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/MDDJR-3RVW8-S3M46-HL4QS-RLVQ4
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3100:782::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 8b912949753e4876dcc1242255b958c1cf74cfc84859fae7e44c698b02ce2f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:07 GMT
content-encoding: br
customappheader: mpulse-ab-boomr__git__2226cf4__git__2226cf4__p19.alsi10-lite
last-modified: Mon, 16 Oct 2023 00:31:09 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 40263

GET
H2 200 id Show response
dpm.demdex.net/ 367 B
910 B 121ms
30ms XHR
application/json 54.194.80.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1699570567847

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.194.80.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-80-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f5068854282a0146198b3c1733ba8491b4ca4c2497a2229d0681179fc9512a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

dcs: dcs-prod-irl1-1-v054-01242649c.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Thu, 09 Nov 2023 22:56:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: fOYQr8SNQKw=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://us.norton.com
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 308
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 s_code_norton_min.js Show response
www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/ 79 KB
26 KB 71ms
22ms Script
application/javascript 2a02:26f0:3500:88e::1015
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/s_code_norton_min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN1cc7556280444b10a3c687a73ed01baa.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::1015 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

bc8f490b0781f5646e96ecd80e0d5b3a7f93ddefd39ec1af514d0187a3101999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff
date: Thu, 09 Nov 2023 22:56:07 GMT
content-disposition: attachment
content-length: 26521
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Oct 2023 15:42:53 GMT
server: Apache
etag: "13dc8-607d7425cb940-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=20093
accept-ranges: bytes
expires: Fri, 10 Nov 2023 04:31:00 GMT

GET
H2 200 serverComponent.php Show response
ensighten.norton.com/symantec/aemprod/ 990 B
784 B 39ms
37ms Script
text/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/serverComponent.php?namespace=Bootstrapper&staticJsPath=/symantec/aemprod/code/&publishedOn=Fri%20Nov%2003%2016:03:56%20GMT%202023&ClientID=21&PageID=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3F_COUNTRY%3Dus%26_LANGUAGE%3Den%26_TRAFFIC_SOURCE%3Ddirect%26_PGM_ID%3Dmissing%26_PGM_TYPE%3Dunknown%26_IPF%3Dmissing%26_IPD%3Dmissing%26_PSN%3Dmissing%26_SUBCHANNEL%3Dmissing%26_ORIG_SUB%3Dmissing%26_PIFCAM%3Dmissing%26_I_SKU%3Dmissing%26_DEX%3Dmissing%26_INID%3Dmissing%26_IPV%3Dmissing%26_IPC%3Dmissing%26_IUC%3Dmissing%26_IPL%3Dmissing%26_ENP%3Dmissing%26_SKT%3Dmissing%26_ITD%3Dmissing%26now_site_country%3Dus%26now_site_language%3Den%26now_site_content_title%3Dnorton-email-scams%26now_site_sub_section%3Dblog%26now_site_section%3Dnorton.com%26now_trafficsource_cookie_name%3Ddirect%26now_program_type%3Dunknown%26now_current_subchannel%3Dmissing%26now_original_subchannel%3Dmissing%26product_name%3Dnorton-email-scams%26vendor_type%3Dnone%26isMobile%3Dfalse%26viewCampaigns%3Dmissing%26path%3D%2Fblog%2Femerging-threats%2Fnorton-email-scams%26siteCode%3Dnortoncom&custDomain=ensighten.norton.com
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: ef21d6af9c6fa5e9c79ab7093ed00273b5ca8361cb9d30cd4e9e9c9f910b693a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:07 GMT
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: BBKw2RR0rVSu_RPQ4V8X9E1Ikjv1AovmoOxSS1UOiyrFX9dJdkz2-A==
expires: Thu, 09 Nov 2023 22:56:06 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 4 KB
1 KB 78ms
37ms XHR
application/json 2a02:26f0:3500:981::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=MDDJR-3RVW8-S3M46-HL4QS-RLVQ4&d=us.norton.com&t=5665235&v=1.766.70&sl=0&si=b70a6b18-d97f-4aff-8fbd-20fe8afddd96-s3vp1j&plugins=AK,ConfigOverride,Continuity,PageParams,RT,PaintTiming,NavigationTiming,ResourceTiming,Memory,Errors,Akamai,EventTiming,LOGN&acao=&ak.ai=181220
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:981::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b1c0aab682f27831a816a840a77b12e1ebaf47fd1b8a97ccc037b3bbe787d262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 22:56:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1106

GET
H2 200 dest5.html Show response
symantec.demdex.net/ Frame 5486 7 KB
3 KB 59ms
28ms Document
text/html 54.194.80.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://symantec.demdex.net/dest5.html?d_nsid=0

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.194.80.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-80-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 09 Nov 2023 22:56:08 GMT
dcs: dcs-prod-irl1-1-v054-04590bf15.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 8 Nov 2023 21:01:03 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: d+OsvBcJTVk=

GET
H2

200

ibs:dpid=411&dpuuid=ZU1jiAAAAJ-v9AO-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=63820116808020953260580728026514357913
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZU1jiAAAAJ-v9AO-

42 B
715 B

30ms
29ms

Image
image/gif

54.194.80.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZU1jiAAAAJ-v9AO-

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Server

54.194.80.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-80-81.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-083ffdefc.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Thu, 09 Nov 2023 22:56:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 9Xbriw6PQdc=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZU1jiAAAAJ-v9AO-
Date: Thu, 09 Nov 2023 22:56:08 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 json Show response
symantec.tt.omtrdc.net/m2/symantec/mbox/ 4 KB
2 KB 135ms
53ms XHR
application/json 66.235.152.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://symantec.tt.omtrdc.net/m2/symantec/mbox/json?mbox=sym_global_mbox&mboxSession=88acc9ca64d84054aae09030f8d8a82d&mboxPC=&mboxPage=1044cb05ba1c4e9090d03661e4ff095d&mboxRid=ca3364d588734f4bb85361928483449b&mboxVersion=1.8.3&mboxCount=1&mboxTime=1699574167864&mboxHost=us.norton.com&mboxURL=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&mboxReferrer=&mboxXDomain=enabled&browserHeight=1200&browserWidth=1600&browserTimeOffset=60&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&Promocode=defaultweb&profile.TCG=9&vendor_type=none&program_type=unknown&site_country=us&site_section=norton.com&content_title=norton-email-scams&site_language=en&traffic_source=direct&ExistingCustomer=existing_customer%3A%20No&site_sub_section=blog&profile.promocode=defaultweb&current_subchannel=&site_content_title=norton-email-scams&original_subchannel=&profile.vendor_type=none&profile.program_type=unknown&profile.site_country=us&site_sub_sub_section=emerging-threats&%20profile.site_section=norton.com&profile.site_language=en&profile.%20traffic_source=direct&profile.ExistingCustomer=existing_customer%3A%20No&profile.%20site_sub_section=blog&profile.current_subchannel=&profile.site_content_title=norton-email-scams&profile.original_subchannel=&mboxMCSDID=1787D141AAFC8F51-68361F70C4AB85D9&mboxMCGVID=64025493078445784150595654321734283816&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.152 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-66-235-152-152.data.adobedc.net

Software

jag /

Resource Hash

be16daeb16bbf4342b02187a456212365092fc705c23c3274ab81d110195cfcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
x-xss-protection: 1; mode=block
x-request-id: ca3364d588734f4bb85361928483449b
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: jag
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 8f1dd496722b3a6c706ff460131abcbb.js Show response
ensighten.norton.com/symantec/aemprod/code/ 6 KB
3 KB 38ms
37ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/8f1dd496722b3a6c706ff460131abcbb.js?conditionId0=649166
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 6382bce54e2b1f583841046c9ab00b9de06412061f1512bc0896288edc4725af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
x-amz-version-id: iw7OEp2OUT7RErnvuhmYudv68LWoMUZQ
content-encoding: gzip
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 2121967
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Sep 2023 16:23:39 GMT
server: CloudFront
etag: W/"137159d4d38cda0ea759f45ddf9bda86"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: LyeomYkx5VAsyna2Yl9jopLcXEXZkAn2gh9rWw8V6sWVi3SuEESk5A==

GET
H2 200 ec846810a059d195479e14b9713d4f92.js Show response
ensighten.norton.com/symantec/aemprod/code/ 14 KB
3 KB 38ms
38ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/ec846810a059d195479e14b9713d4f92.js?conditionId0=423130
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: f81bb666cdf7001d0a30371d83d4533dd593f85ea01bbb959c812c8b6974e6ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
x-amz-version-id: 4lZc4OSDqm7Pfrliarb6jG7q80gccHH6
content-encoding: gzip
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 3770995
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 22 Aug 2023 18:21:36 GMT
server: CloudFront
etag: W/"149c0e45b422080c50c2e68e4a3d9a12"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: a5yCgiOUScXnJnLZdhjqMg00jN7jnG16qZUna_osTkx6GeF1AFh5RA==

GET
H2 200 e94fb9d7d7096377224ea020f78c342f.js Show response
ensighten.norton.com/symantec/aemprod/code/ 14 KB
5 KB 39ms
38ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/e94fb9d7d7096377224ea020f78c342f.js?conditionId0=473910
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 26821fcabd9f233365066ecaf07ef42395c30f78a4bdcca9ea952b9898d22cf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
x-amz-version-id: gmomsZ5ABKjUsGWR6BSzO51c2kzh_.2K
content-encoding: br
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 811851
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 11 Oct 2023 18:36:58 GMT
server: CloudFront
etag: W/"208ffcec04d49ba5a1dfc852d543eb6c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: rO1JiaauKwwIRe1NnGx9OUwbw3taIed3Vrxo0czJfyP1IrB95r_1Xw==

GET
H2 200 c0051f28a1c7170a2df1d05ae80aeb3e.js Show response
ensighten.norton.com/symantec/aemprod/code/ 582 B
1 KB 39ms
39ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/c0051f28a1c7170a2df1d05ae80aeb3e.js?conditionId0=4955795&conditionId1=4937810
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 143c3c521650191adbeac3fd532b7174d90f4f14902899a517926eddaf7793f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
x-amz-version-id: k1d5yW1aESMM2QIfFof02eJFBdVicUOl
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 610767
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 582
last-modified: Thu, 02 Nov 2023 21:15:53 GMT
server: CloudFront
etag: "ae4bdf4e01857e284e02a87864525329"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 4SMUv-J-XzD-v1A1rXa-R0h4mloB56z5xKfPU6CkreTd1hPF22nyQA==

GET
H2 200 6e246484d45c474a8c87c8b7ef93038f.js Show response
ensighten.norton.com/symantec/aemprod/code/ 494 B
972 B 40ms
39ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/6e246484d45c474a8c87c8b7ef93038f.js?conditionId0=1790211
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 488db805a326a9218cf40ddfdfeffb16f2344ff7061ce17d3dac68ef009d99c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
x-amz-version-id: b_0SKib55B_l2DwzAU24FYCOeclclPrK
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 17558072
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
content-length: 494
last-modified: Thu, 20 Apr 2023 17:37:42 GMT
server: CloudFront
etag: "cb62e7ae6a1179ef4e8fc2dc6b1059c6"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Vtu7ps5gX5uLlpjntGngaS1zyvFPFzUBA331OyQP1wT9sFRt5rRtng==

GET
H2 200 d65817e25ccaa928ce871977d19a6f0d.js Show response
ensighten.norton.com/symantec/aemprod/code/ 4 KB
2 KB 40ms
40ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.norton.com/symantec/aemprod/code/d65817e25ccaa928ce871977d19a6f0d.js?conditionId0=4940767
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: CloudFront /
Resource Hash: 66c4aac8d7531a43e502e364d2ff267a560cd3565dc76154fbbe8718f63dee87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
x-amz-version-id: NNLwg5s.hVMHR1hZTr0b.8xBsJP2_x7O
content-encoding: gzip
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 5378373
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Sep 2023 16:51:01 GMT
server: CloudFront
etag: W/"70ea7929a756549133239862b6f67810"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: WwQApAP1psQ3gnpL1-ERBY9JJ7Z5aNFyL-kWgdbTxH4wFfwI1jrLNg==

GET
H2 200 quantum-norton.js Show response
cdn.quantummetric.com/qscripts/ 344 KB
93 KB 845ms
807ms Script
text/javascript 2606:4700:10::6816:34fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-norton.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10ee5dceec424da60cca73a53be7dff3c07fb7c020dcccab6e7a743dc390453c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
strict-transport-security: max-age=31536000
x-content-type-options: no-sniff
cf-cache-status: EXPIRED
content-encoding: br
server: cloudflare
etag: W/"169342180800116986872540001691740804464"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=86400
cf-ray: 8239a5b27bd4bbaf-FRA

GET
H2 204 sst
ensighten.norton.com/pc/symantec/ 0
319 B 119ms
119ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/pc/symantec/sst?sstVersion=1.0.0&sstData=%7B%22virtualBrowser%22%3A%7B%22page%22%3A%22https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%22%2C%22language%22%3A%22en-US%2Cen%22%2C%22screenDepth%22%3A24%2C%22height%22%3A1200%2C%22width%22%3A1600%2C%22title%22%3A%22Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton%22%2C%22timezone%22%3A%22Europe%2FBerlin%22%2C%22screenHeight%22%3A1200%2C%22screenWidth%22%3A1600%7D%2C%22events%22%3A%5B%7B%22name%22%3A%22facebook_conversions_api_integration%22%2C%22data%22%3A%7B%22pixel_id%22%3A%222010787619164716%22%2C%22event_data%22%3A%7B%22event_name%22%3A%22PageView%22%2C%22data_processing_options%22%3A%5B%22LDU%22%5D%2C%22data_processing_options_country%22%3A0%2C%22data_processing_options_state%22%3A0%2C%22event_id%22%3A%22bc110ff7-454e-419a-a615-1876e41f6c3d%22%2C%22user_data%22%3A%7B%7D%7D%7D%7D%5D%7D
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:08 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx
x-ens-event-id: c85dae00-5831-4d75-a1ef-621315974d8b
x-offsite-uuid: 4ca9f662-11f6-4c50-993e-eff06f6e913e
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Nov 2023 22:56:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Y3/zmlIqAZRQMqOlY1Rx/mLPnLHpGzNdmIMOTwzjM5fjxt70lf/3ALzF2bn2IyWBpiAUO0+scTROwGHxx3NGTA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 s727971163205
oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/ 43 B
372 B 78ms
20ms Image
image/gif 63.140.62.108
OMNITURE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oms.norton.com/b/ss/symanteccom/1/JS-2.22.0/s727971163205?AQB=1&ndh=1&pf=1&t=9%2F10%2F2023%2023%3A56%3A8%204%20-60&sdid=1787D141AAFC8F51-68361F70C4AB85D9&mid=64025493078445784150595654321734283816&aamlh=6&ce=UTF-8&pageName=norton.com%3Aus%3Ablog%3Aemerging-threats%3Anorton-email-scams&g=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&server=norton&events=event79%3D4%2Cevent69&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=us&c3=en&v5=none&c8=D%3Dv163&c14=D%3Dv16&v16=norton%3Adirect&v18=norton.com%3Aus%3Ablog%3Aemerging-threats%3Anorton-email-scams&v21=D%3Dc21&v27=D%3Dc2&v28=D%3Dc3&c35=D%3DpageName&c41=norton.com&v41=D%3Dc41&c46=html&c47=page&v47=s_code_norton%202023-10-05&c48=norton-email-scams&v48=D%3Dc49&c49=blog&v49=D%3Dc48&v57=64025493078445784150595654321734283816&v58=emerging-threats&c59=norton.com%3Ablog%3Aemerging-threats%3Anorton-email-scams&v59=D%3Dc59&v66=unknown&v72=norton.com&c75=D%3Dv57&v90=existing_customer%3A%20No&v96=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.108 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-108.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 10 Nov 2023 22:56:08 GMT
server: jag
etag: 3649800003569090560-4617828033818663365
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 08 Nov 2023 22:56:08 GMT

GET
H2 200 8d08b1cf12b6dedd46c680b7d1eca911.js Show response
spider.australiarevival.com/i/ 100 KB
37 KB 51ms
9ms Script
text/javascript 2600:9000:206f:4800:1:996f:a9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spider.australiarevival.com/i/8d08b1cf12b6dedd46c680b7d1eca911.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4800:1:996f:a9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: c840c08e01c82ce10be20ec24a7ddf4b22062b8ede756c5a6e0bcadb9274a85e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 21:52:06 GMT
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-C1
age: 3925
etag: "18e69-bHah8crrZIwXMtYbuz2rJEyxy6E"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 37261
x-amz-cf-id: 3pE4sbfthbBVzRErPRqMLOaNGfXQcF-m5QltcQTGLc7_U2jNDBELlA==
expires: Fri, 10 Nov 2023 09:50:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
95 KB 49ms
25ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2M8MHYEY8X

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d5a5ac3763b1ce810f389f3edf136d3903e1e595385bbe350463648ffedc57b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96501
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Nov 2023 22:56:08 GMT

GET
H2 200 2010787619164716 Show response
connect.facebook.net/signals/config/ 147 KB
37 KB 10ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2010787619164716?v=2.9.138&r=stable&domain=us.norton.com

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c95d6177ef8ebe2052970f47d67a067bbb52084c03643dab48ddd94b66a979c1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Nov 2023 22:56:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37898
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 63yr5xVj0/s2sgbpwx53CZM7uHT+Kzkpd7Z12Ne71cjBviLZsaaK4CHkKnZki2UqnISRNdyUDFYkjxDXoC9hqg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ct Show response
bite.australiarevival.com/ 4 KB
1 KB 338ms
128ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/ct?id=34870&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&sf=0&tpi=&ch=Norton&uvid=&tsf=0&tsfmi=&tsfu=&cb=1699570568288&hl=2&op=0&ag=1115042767&rand=845197778287102717212867108076022310794572655124907212511572546985717180225282529295&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDM4NDhdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbFwiLFwidlwiOlwiaW50ZWwgaW5jLlwiLFwiclwiOlwiaW50ZWwgaXJpcyBvcGVuZ2wgZW5naW5lXCIsXCJzbHZcIjpcIndlYmdsIGdsc2wgZXMgMS4wIChvcGVuZ2wgZXMgZ2xzbCBlcyAxLjAgY2hyb21pdW0pXCIsXCJndmVyXCI6XCJ3ZWJnbCAxLjAgKG9wZW5nbCBlcyAyLjAgY2hyb21pdW0pXCIsXCJndmVuXCI6XCJ3ZWJraXRcIixcImJlblwiOjUsXCJ3Z2xcIjoxLFwiZ3JlblwiOlwid2Via2l0IHdlYmdsXCIsXCJzZWZcIjozNjk4NTE4NzEwLFwic2VjXCI6XCJcIn0iXSxbMzcsIlszMzE2MjI0MDQ5LGZ1bmN0aW9uKG5ld1ZhbHVlKSB7XG4gICAgICAgICAgICAgIGFkZENvbnRlbnRXaW5kb3dQcm94eSh0aGlzKVxuICAgICAgICAgICAgICAvLyBSZXNldCBwcm9wZXJ0eSwgdGhlIGhvb2sgaXMgb25seSBuZWVkZWQgb25jZVxuICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoaWZyYW1lLCAnc3JjZG9jJywge1xuICAgICAgICAgICAgICAgIGNvbmZpZ3VyYWJsZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgd3JpdGFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBfc3JjZG9jXG4gICAgICAgICAgICAgIH0pXG4gICAgICAgICAgICAgIF9pZnJhbWUuc3JjZG9jID0gbmV3VmFsdWVcbiAgICAgICAgICAgIH1dIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDMsMCwwLDYsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMTIsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsNywwLDAsMCwwLDEsMCwwLDIsMCJdLFstMSwiLSJdLFstMiwiNyxlY1hHWDE5bm5ydlZPMkpkbE5oeEJLUWtMdlNGZEFRQkNsaDE0VlVWRkFsRjcrQ0FJcVhSQkZDRTE2Rllrb1ZVcEFXaEFTSUQya1o1TnRVKzY5Yi8xKzU4N2N6V1JKQVBsR2w5Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIixcIm9nOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0aXRsZVwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIiwxNjAwLDEyMDBdIl0sWy0yMCwiLSJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltcInNlbmRCZWFjb25cIiwwLDEsMSwxXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MTAwMDAwMDAsXCJ1amhzXCI6MTAwMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCw5LjYsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJdLFstMjksIi0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0iXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjk5NTcwNTY4MjM2LC0xXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiaSwtMSwtMSwwLDAsNDEsMCwwLDEwMywyNCwtMSwwLCwsODU1LDg1NiJdLFstMzksIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwzLGZhbHNlLHRydWUsbnVsbCwwLHRydWUsdHJ1ZV0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAxMDExMDEwMDAwMDEiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwiNjIwLDY3NywwLDAsMCw1NjIsMCwwLDY0OCwwLDAsMCwwLDAsMCwwLDAsMCwwLDY4NCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJFdXJvcGUvQmVybGluLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIxMDAiXSxbLTU0LCJ7XCJoXCI6W1wiXzFcIixcIjMyOTk5MTM2OVwiLFwiXzNcIixcIjMyOTk5MTM2OVwiXSxcImRcIjpbXCJfMVwiLFwiMjExNTk3NjQ5NlwiXSxcImJcIjpbXCJfMVwiLFwiMTQ4NTE1OTQ4M1wiLFwiXzBcIixcIjM3NTk2NzYwNDhcIixcIjE2MjcyMjUwNjBcIixcIjU4Mjc1NTQyM1wiLFwiMjIyNjMxMjgwM1wiLFwiNjMwMjUwODk5XCIsXCI3MjI2OTg0NjBcIixcIjQxNTY4NzQ1MThcIixcIjE4OTYxMDUxMzhcIixcIjgxOTU5NjE4XCJdLFwic1wiOjF9Il0sWy01NSwiMiJdLFstNTYsImxhbmRzY2FwZS1wcmltYXJ5Il0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1E0SUFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRjWEJrUlVVMU5TVW9ERmhaS1NWQmRYRXNYV0V4S1RVdFlWVkJZUzF4UFVFOVlWUmRhVmxRV1VCWUJYUWtCV3doYVh3Z0xXdzlkWEYxZERROWFEd0VKV3c1ZENGeGFXQUFJQ0JkVFNnTUlBdzhQQ1FFUEVCVllUUmxORjF4QlNWWkxUVW9aRVZGTlRVbEtBeFlXU2tsUVhWeExGMWhNU2sxTFdGVlFXRXRjVDFCUFdGVVhXbFpVRmxBV0FWMEpBVnNJV2w4SUMxc1BYVnhkWFEwUFdnPT0iXSxbLTU4LCItIl0sWy01OSwiZGVmYXVsdCJdLFstNjAsMjE0XSxbLTYxLCJ7XCJ3Z3NsXCI6XCIwO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy02MiwiODAiXSxbLTYzLCIxIl0sWy02NCwiWzAsXCJcIixbXV0iXSxbLTY1LCItIl0sWy02NiwiZ2VvbG9jYXRpb24sc3RvcmFnZWFjY2VzcyxnYW1lcGFkLGNoZWN0LG1pZGksZGlzcGxheWNhcHR1cmUsdXNiLGxvY2FsZm9udHMscGljdHVyZWlucGljdHVyZSxwdWJsaWNrZXljcmVkZW50aWFsc2dldCxvdHBjcmVkZW50aWFscyxjaHVhZm9ybWZhY3RvcixlbmNyeXB0ZWRtZWRpYSxjaHNhdmVkYXRhLGNodWFmdWxsdmVyc2lvbmxpc3QsY2h1YXdvdzY0LGNoZG93bmxpbmssY2hwcmVmZXJzY29sb3JzY2hlbWUsc3luY3hocixjaHVhbW9kZWwsY2hwcmVmZXJzcmVkdWNlZHRyYW5zcGFyZW5jeSxzZXJpYWwsY2FtZXJhLGNocHJlZmVyc3JlZHVjZWRtb3Rpb24scHJpdmF0ZXN0YXRldG9rZW5pc3N1YW5jZSxpZGVudGl0eWNyZWRlbnRpYWxzZ2V0LGNodWFmdWxsdmVyc2lvbixmdWxsc2NyZWVuLGNoZHByLHVubG9hZCxrZXlib2FyZG1hcCxjaHVhcGxhdGZvcm0sZ3lyb3Njb3BlLGNodWFtb2JpbGUsd2luZG93bWFuYWdlbWVudCxjaHVhLG1hZ25ldG9tZXRlcixhY2NlbGVyb21ldGVyLHByaXZhdGVzdGF0ZXRva2VucmVkZW1wdGlvbixjaHVhYXJjaCx4cnNwYXRpYWx0cmFja2luZyxpZGxlZGV0ZWN0aW9uLGNodWFwbGF0Zm9ybXZlcnNpb24sY2h3aWR0aCxjbGlwYm9hcmRyZWFkLGNodmlld3BvcnR3aWR0aCxwYXltZW50LGNodmlld3BvcnRoZWlnaHQsY2hydHQsYXV0b3BsYXksY3Jvc3NvcmlnaW5pc29sYXRlZCxoaWQsY2h1YWJpdG5lc3Msc2NyZWVud2FrZWxvY2ssY2xpcGJvYXJkd3JpdGUsY2hkZXZpY2VtZW1vcnksbWljcm9waG9uZSJdLFstNjcsIjI1MzIzMTI4ODg6MjYiXSxbImRkYiIsIjEsNywwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCwxLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDEsMCwwLDAsMCwwLDEsMiw4LDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCw5LDAsMCwwLDAsMCwwLDI3Il0sWyJibmNoIiw5OF0sWyJhYm5jaCIsOTldXQ%3D%3D&dep=0&pre=0&sdd=%7B%7D&cri=QuuUQOPxWq&pto=908&ver=57&gac=-&mei=&ap=&fe=1&duid=1.1699570568.qZ1LVpzM6q0vvK1m&suid=1.1699570568.qejhcpvSEqIhAnyu&tuid=1.1699570568.f22dzwEAAylab0kn&fbc=-&gtm=W10%3D&it=71%2C702%2C54&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e7ae2f2fb74d8c9c026ca37f76177b96113a4ba89f0c8c34d7ba6c9d07692bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Thu, 09 Nov 2023 22:56:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1287
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 26ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2010787619164716&ev=PageView&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&rl=&if=false&ts=1699570568397&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmensighten&ec=0&o=4125&fbp=fb.1.1699570568394.1912226005&cs_est=true&ler=empty&it=1699570568125&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=bc110ff7-454e-419a-a615-1876e41f6c3d&tm=1&rqm=GET

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Nov 2023 22:56:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 204 collect
region1.google-analytics.com/g/ 0
201 B 57ms
34ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2M8MHYEY8X&gtm=45je3b81v9132306556&_p=1699570568084&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1070155513.1699570568&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699570568&sct=1&seg=0&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&dt=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1065
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2053905694837980 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 79ms
79ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2053905694837980?v=2.9.138&r=stable&domain=us.norton.com

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

614853693f85474a396222a98dbed5da275299ea1af3db27670e565be53ca309

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 09 Nov 2023 22:56:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: z/eEOnJy6eOoC9mY1y1eDvZsypLnbBS6BipsIzOzrEx6rhR5wqw06gtm/6465ifVt3wKHby1lbp8GLlwsN0Jbg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 59ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 09 Nov 2023 22:56:07 GMT
last-modified: Fri, 20 Oct 2023 01:13:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A3C8733112F044899DA939F913708336 Ref B: FRA31EDGE0110 Ref C: 2023-11-09T22:56:08Z
etag: "0125f9ff22da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13079

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
74 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1043330685

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1ba91a2ff8b0b797311821a583f05268d916dd2b76a6a6e8b7cede9e1d969180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75462
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:10:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Nov 2023 22:56:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 206 KB
74 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1043330685&l=dataLayer&cx=c

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4a71648e7c4cc225c37e58d5a19476502ed1363b3e20110690c47a11254b6438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75497
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:10:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Nov 2023 22:56:08 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 9ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2010787619164716&ev=CHEQ&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&rl=&if=false&ts=1699570568673&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmensighten&ec=1&o=4125&fbp=fb.1.1699570568394.1912226005&ler=empty&it=1699570568125&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Nov 2023 22:56:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 tc_imp.gif
bite.australiarevival.com/tracker/ 43 B
79 B 93ms
92ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bite.australiarevival.com/tracker/tc_imp.gif?e=37dfbd8ee84e001363e7c232ea428c959225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5d15856a2717071a10acf9f29f674cd3d5db5325391afd717f518232db30c100645670c6070959335509c2e83f1d77be26bb25cb43e2916af05365ac097c7a1bda53ee14f497d7df3dbb2807ff7ecaa8556d8e0e3143714493d60264fc60b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a49d8677a0dbde5eee489d5a3d72aeb9cce4b46d8fd9e16c893008c3e5db6e4d57e56b7da1904665bcd0aa718607ab45e3851cc34fc2c92ac6393d9f9f228d64c3dbe8fa9df3f1477fe425b2b9fb2f4d26f9913f82be50eb0102419457459a959284cdf19526c5269c9fb88735ee727631c97f24938494452bd5a765a111e0905b873aa370525d59c079b802dfcca030a9863bc80da7c19cdd60ce011723bd4e13506f447287f432e51e9a8c8664fdde43dad0629a82a9a62ec1f0f05c2626dea71e54dcb30e4a12f3fca26cb62886f80fb7f224a002ff73d10c8a06cbba62965c7eb3ffd63f6061720938554e0bb8b6dd1f8e5be21b0a3a7deabe5dc28a041ea8eaace6e5399ca99da894f2bdec59532eb91b94bc32738a43651acb60416c6af77db36b1acae8dd608866cb2688a230d0bb0598671222270b600e9ac0e5c7217d559e045896d5d9a7adcc530782adbc7d96cf7367c5d3123c69fa8dc45721b7278343821be33f9b15c7d512f8ba32ea8795d3984761effc26628276a58cacb6179c6c37141989694350b5a54392ed14ca9d9cd449cc8787360e5a5bac69ee5cfe47b8936888334528483f7a7fe45c869f723fb813a6e7bf48df8e4dca3208ae4c6e308dab94530efc7be78f0edb0138094fbb3b2984a7c9299e0d66c9c555c2aa9c86d8338414103009e033600bc882064ebb22e6f8c8248ad4ec0b5b74bc3c220a5085502597e8a74440c2622a8d859b538b94ecdd5349d72ca9452e0fde442363c7845505daaabc85b3f64abe64c43b827c9ed110ceece43963bac452c89dbdbbd8e19690655086e73947db62d0189700a4b877b4dd929622e394dff9e75424d7b2a4ec499f11d40e0a704b2bb3d04b6a8336b1048bdd24a74179be2e0b83&cri=QuuUQOPxWq&ts=394&cb=1699570568682
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Thu, 09 Nov 2023 22:56:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK 687a50bb-ad9b-46fa-8e61-af54401848a6
https://us.norton.com/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://us.norton.com/687a50bb-ad9b-46fa-8e61-af54401848a6
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dec909b955dfbc24ffa00d217ba622b5c51759f47f955e1421f01fcfca43cdb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK 5fa29abb-6e6e-44fd-ac16-d8d958d09270
https://us.norton.com/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://us.norton.com/5fa29abb-6e6e-44fd-ac16-d8d958d09270
Requested by: Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 26d00575fc18e1968f3a3afffb311b755805ce75bfd149d17bab5dab79933f7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/ 3 KB
2 KB 51ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1699570568732&cv=11&fst=1699570568732&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a7444e0eae3e3e8e8c2b27081db9e13f2f87ac648df018714d0fc87a487f8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1333
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1043330685/ 3 KB
2 KB 59ms
21ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1043330685/?random=1699570568749&cv=11&fst=1699570568749&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e9ea9d0e7b3699572dfd050e1fd109b538ef585670cfd0064f47ee5aebf85b91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1648
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 187010577.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 34ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187010577.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

22f8b5742f36975c1f0d054e483b4ef14eaab3c472c81558115f431dfee721a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 09 Nov 2023 22:56:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C463FA134914F1D80A5C1A1B100A2C9 Ref B: FRA31EDGE0110 Ref C: 2023-11-09T22:56:08Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
286 B 31ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187010577&Ver=2&mid=a71724ed-e1b8-47c0-a6a6-a0512de9a119&sid=2bb9c4f07f5311eebfc55be007fc0fa6&vid=2bb9edf07f5311ee9e9033fb62846287&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&p=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&r=&lt=432&evt=pageLoad&sv=1&rn=592356

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Nov 2023 22:56:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1425E2FCC7924158BAFC000A50D6FD91 Ref B: FRA31EDGE0110 Ref C: 2023-11-09T22:56:08Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
229 B 86ms
85ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187010577&Ver=2&mid=a71724ed-e1b8-47c0-a6a6-a0512de9a119&sid=2bb9c4f07f5311eebfc55be007fc0fa6&vid=2bb9edf07f5311ee9e9033fb62846287&vids=0&msclkid=N&ec=CHEQ&el=Invalid_Users&ev=0&ea=Invalid_Users&en=Y&p=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&sw=1600&sh=1200&sc=24&evt=custom&rn=330127

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Nov 2023 22:56:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CAE7E4218277465C8EDF430D1892E541 Ref B: FRA31EDGE0110 Ref C: 2023-11-09T22:56:08Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2010787619164716&ev=CHEQ&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&rl=&if=false&ts=1699570568780&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmensighten&ec=2&o=4125&fbp=fb.1.1699570568394.1912226005&ler=empty&it=1699570568125&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Nov 2023 22:56:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2053905694837980&ev=CHEQ&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&rl=&if=false&ts=1699570568781&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmensighten&ec=0&o=4126&fbp=fb.1.1699570568394.1912226005&ler=empty&it=1699570568125&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Nov 2023 22:56:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 /
www.google.com/pagead/1p-user-list/1043330685/ 42 B
455 B 45ms
21ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043330685/?random=1699570568732&cv=11&fst=1699567200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN8qop5FokRlAndUC_qTQxJBTmV56obw&random=3183788789&rmt_tld=0&ipr=y

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1043330685/ 42 B
455 B 42ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043330685/?random=1699570568732&cv=11&fst=1699567200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaN8qop5FokRlAndUC_qTQxJBTmV56obw&random=3183788789&rmt_tld=1&ipr=y

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1043330685/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1947650366&cv=11&fst=1699570568749&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham...
https://www.google.com/pagead/1p-conversion/1043330685/?random=1947650366&cv=11&fst=1699570568749&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1...
https://www.google.de/pagead/1p-conversion/1043330685/?random=1947650366&cv=11&fst=1699570568749&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...

42 B
108 B

26ms
25ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1043330685/?random=1947650366&cv=11&fst=1699570568749&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUkltQUFqNmo2aFh6a0xwdFc0Y1FIV19kVE5VMXVjWG1NeHhiM1hLS2NyNVdFMU5YX0hWY2pzGlhDaEFJZ0tPeXFnWVE3dlBkeU1XNnpwRkZFaTRBcEc4cG9GRWk1Nl80dmpXam1wbS1VeHp0Z1ZaVlRrcnVabzhvZWQtS2NTVmRXWF9NSDRDN3V4Z2ljZWZFIhMI0LGY4IG4ggMVoRvgCh37nAjo&is_vtc=1&ocp_id=iGNNZdDNMKG3gAf7uaLADg&cid=CAQSKQDICaaNWpJhGvY8yb-7irrTKTPSbBMJNvg5MGM8NCSzPUvq19MQhiwR&random=4223873952&ipr=y

Requested by

Host: us.norton.com
URL: https://us.norton.com/blog/emerging-threats/norton-email-scams

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:08 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1043330685/?random=1947650366&cv=11&fst=1699570568749&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=23KzCJj-jYMYEP3sv_ED&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUkltQUFqNmo2aFh6a0xwdFc0Y1FIV19kVE5VMXVjWG1NeHhiM1hLS2NyNVdFMU5YX0hWY2pzGlhDaEFJZ0tPeXFnWVE3dlBkeU1XNnpwRkZFaTRBcEc4cG9GRWk1Nl80dmpXam1wbS1VeHp0Z1ZaVlRrcnVabzhvZWQtS2NTVmRXWF9NSDRDN3V4Z2ljZWZFIhMI0LGY4IG4ggMVoRvgCh37nAjo&is_vtc=1&ocp_id=iGNNZdDNMKG3gAf7uaLADg&cid=CAQSKQDICaaNWpJhGvY8yb-7irrTKTPSbBMJNvg5MGM8NCSzPUvq19MQhiwR&random=4223873952&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8136487

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5be295ea3ed71d1afc9a505521c41e8fcf294e5265fa679e92e0bc3775c98e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67281
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:10:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Nov 2023 22:56:08 GMT

GET
H2 200 A247452-16ea-46a1-bf3e-0d9e4518ff9c1.js Show response
d.impactradius-event.com/ 43 KB
14 KB 60ms
6ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A247452-16ea-46a1-bf3e-0d9e4518ff9c1.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 73b85df6290b6add489d085d46527c813406b86d246a352697fdf53f7752be60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:51:32 GMT
content-encoding: gzip
age: 276
x-guploader-uploadid: ABPtcPrEbU5FW4LZ5JGS8CNaMnQFkGqFxDHCWSS6-tUFzQ28Wvifj7swJkxd61tM2CbaCLIKW0fspZE8sEe2euN6RmaN-g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13991
last-modified: Mon, 14 Aug 2023 21:00:02 GMT
server: UploadServer
etag: "a7f282480e61c9405089a5575a446f1f"
vary: Accept-Encoding
x-goog-generation: 1692046801997747
x-goog-hash: crc32c=Ema+bQ==, md5=p/KCSA5hyUBQiaVXWkRvHw==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 13991
accept-ranges: bytes
expires: Thu, 09 Nov 2023 22:56:32 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 58ms
6ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220047-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1069927954

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef3db2e76486ea25d99b18b3103496b619058f1bd77f51b017829264dfb42c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74492
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:10:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Nov 2023 22:56:08 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 25 KB
8 KB 65ms
15ms Script
application/x-javascript 2.18.97.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-54.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 011461c1c6f5df3ae6c896f8337fd8313df8e1cc3138edd02f35616758d0e875

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 22:56:09 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Nov 2023 12:14:17 GMT
Server: AkamaiNetStorage
ETag: "66c44dc573436975fc0e331ffa027e25:1698844090.885364"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7738
Expires: Thu, 09 Nov 2023 23:16:09 GMT

GET
H/1.1 200
OK / Show response
websdk.appsflyer.com/ 38 KB
12 KB 74ms
11ms Script
application/javascript 2a02:26f0:780::210:a441
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://websdk.appsflyer.com/?st=banners&
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:780::210:a441 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 22:56:09 GMT
Content-Encoding: gzip
x-amz-request-id: YNGC7PCXVN28Z00Q
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 11792
x-amz-id-2: vrDln2XCGOFSFkLE6Ln17Y/P092c846kqJOj1nLZLa1T5AvAIx9Wt+4jaFyZJcu85WAzx+0b3iU=
Last-Modified: Wed, 14 Jun 2023 06:58:45 GMT
Server: AmazonS3
ETag: "5a676288bcea03bd05e483bc4ce066ae"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=1545
Accept-Ranges: bytes
X-DataStream-Cache-Status: 1
Expires: Thu, 09 Nov 2023 23:21:54 GMT

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 26 KB
6 KB 59ms
7ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:04:15 GMT
content-encoding: gzip
age: 3114
x-guploader-uploadid: ABPtcPo1Hev4EAcoy9kJ3_I3LnzIHAPYxnVLz2ZzJaCQBGraz8fUOjUr1JR_aD2jx6J5A_djqJAKvGBE8NHjE9c5vOffFWXNqTID
x-goog-storage-class: STANDARD
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5774
last-modified: Fri, 28 May 2021 20:34:03 GMT
server: UploadServer
etag: "d001d1c9f5a942fa5524eeacb047e819"
vary: Accept-Encoding
x-goog-generation: 1622234043862937
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5774
accept-ranges: bytes
content-type: application/javascript;
expires: Thu, 09 Nov 2023 23:04:15 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 39 KB
17 KB 74ms
24ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: e85d000352371d01ec68c35b294c87b928cc6f62ec99cd75a22bb420b00bffa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: gzip
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16941
x-amz-cf-id: kMADQJH1EkEZPINiQNMydaKBjWq07XgIUHxigTb0HFW1B5Icdm5_3g==

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1043330685/ 3 KB
2 KB 19ms
18ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1043330685/?random=1699570568949&cv=11&fst=1699570568949&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=sale&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dnorton-email-scams%3Becomm_traffic_source%3Ddirect&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5ebe136517c22c2aef18ccc3b46eb3620d437e7844f1f42650c1b57e25f4aa86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1667
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 16 KB
7 KB 73ms
12ms Script
application/x-javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?t=xo&id=norton.com

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f994ebe7d11961a6561a9c910fcaa828ed4e88c70f02958894f4ebd4945ff69

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-IH8k1SpybhMNV5QDZPZa3SNWxSWVWOn8CpSu3w9k3obTGANW' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-IH8k1SpybhMNV5QDZPZa3SNWxSWVWOn8CpSu3w9k3obTGANW' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 22:56:09 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 79586
x-cache: HIT, MISS
paypal-debug-id: f8614547964b5
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 5113
x-xss-protection: 1; mode=block
x-served-by: cache-fra-eddf8230086-FRA, cache-fra-eddf8230086-FRA
accept-ch: sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent: 00-0000000000000000000f8614547964b5-c43064f5234cad92-01
x-timer: S1699570569.016275,VS0,VE4
etag: W/"3e33-1YlODVWBaUMKKyWsaBq8dTiFoWg"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=3600
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy: ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-8136487&l=dataLayer&cx=c

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6da11fa7f0ad8c94c90620537fc56a0635b41d6aeb6b984b3e1fcacce4ec5460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67369
x-xss-protection: 0
last-modified: Thu, 09 Nov 2023 22:10:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 09 Nov 2023 22:56:08 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 66ms
7ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 92ms
21ms Script
application/javascript 2a02:26f0:780::210:a45b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a45b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c6d603c605c9e07062ffeba7c47a81e19c4f8c05604c6474371f4ad8b654c758

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 641
date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 07:18:39 GMT
x-cdn: AKAM
x-edgeconnect-midmile-rtt: 0
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=21520
accept-ranges: bytes
content-length: 3840

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 161ms
104ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 5JWK2KMTNH76P4AS
age: 1
x-amz-server-side-encryption: AES256
x-amz-id-2: XA/7hIgPlNEt50m7EzXKSSq25oPd28j8wrdFqzuLkkUMfKaqQh0UHNSyNFPRZl1FV+lbBBg0XIwM0eWbWp2BUt+YBXLaP5FV
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 192ms
113ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C4JSARJR2Q3OG0JAETF0&lib=ttq
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6c05346d91edf55c95883dc5901e8575bedf83a793a114b2f080403b582657aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: d4982a4
date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=101
content-length: 1742
pragma: no-cache
server: nginx
x-tt-logid: 2023110922560976BD18621A1BF8372D30
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 102,104.126.37.38
x-tt-trace-host: 01c2db648dbd6911270b9690979c13c7562aaf27636d102132961ff97f9f211d04038313caf6038ad6cd7644d311d957ddf87e4d464cc4a11071c13789f39dcdb7e5aac6597650991068c061c808aa90a65c637edd798bf586bbc0fb9073a37828
expires: Thu, 09 Nov 2023 22:56:09 GMT

GET
H2 200 i.js Show response
tag.wknd.ai/2004/ 66 KB
15 KB 45ms
9ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/2004/i.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: f65842920103eb32e8925e3d7c4b65999ed9c6cc60ce0912658de5235e1a5950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:42:30 GMT
content-encoding: gzip
via: 1.1 google
age: 819
x-envoy-upstream-service-time: 1
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14909
server: istio-envoy
etag: 3d696588ea8e49
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://u.cdnwidget.com>; rel=dns-prefetch, <https://pix.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect

GET
H2 200 qevents.js Show response
a.quora.com/ 41 KB
14 KB 73ms
23ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.152.17 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
x-amz-version-id: DENAuZi5jc6G3XAf0_byr8vJzUcVnf.F
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 5K57PBR2A0025GG8
age: 2001387
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: rvPsThAgQkJShQQ2J7UMgDJ+mUUBMPz6v4o52Qjy3F2U8CcHm7z1WCN2wGkAgqOAkDHbpFzSZ2Y=
last-modified: Tue, 17 Oct 2023 18:57:21 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: md5:5defc3f1c55a0cb9cbca8c06fbabaf65
etag: W/"5defc3f1c55a0cb9cbca8c06fbabaf65"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 8239a5b8a90b65ce-FRA
expires: Fri, 10 Nov 2023 02:56:09 GMT

GET
H2 200 ktag.min.js Show response
www.knotch-cdn.com/ktag/latest/ 84 KB
25 KB 79ms
9ms Script
text/javascript 2600:9000:223f:9e00:12:1bcc:1d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.knotch-cdn.com/ktag/latest/ktag.min.js?accountId=68c7d46d-4f53-496f-99ba-ec17ab2c1f6c

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:9e00:12:1bcc:1d00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

703cbf55721fa95e15c143a375f1116b2b97c329117af56eb5e5c2ce9546e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 15:53:26 GMT
content-encoding: gzip
via: 1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P5
age: 25364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: same-origin
last-modified: Tue, 07 Nov 2023 15:53:22 GMT
server: AmazonS3
etag: W/"253c2a35067811fd54a603df61f44136"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: lVi0SMbaU2IyG7EvwZ9wYzvQb_ta9HI8PbOTR_zitFQ5GgdpUsuywQ==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 4 KB
2 KB 59ms
8ms Script
application/javascript 2a02:26f0:3500:88d::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88d::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "8d7d8ce32aa2a45d64e9f04a9a5cb1c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1793

GET
H2 200 visitor.js Show response
app.leadsrx.com/ 18 KB
19 KB 758ms
345ms Script
application/javascript 35.164.125.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.leadsrx.com/visitor.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 35.164.125.172 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-125-172.us-west-2.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
last-modified: Thu, 09 Nov 2023 16:12:22 GMT
server: nginx/1.20.1
etag: "654d04e6-492f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 18735

GET
H2 200 ae8f1a90-7a0c-0139-4083-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ 0
447 B 63ms
15ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/ae8f1a90-7a0c-0139-4083-06abc14c0bc6
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
server: openresty
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
x-request-id: F5YWbYiT5AkKnjlFQNJB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 evtnc.js Show response
tag.havasedge.com/js/ 23 KB
23 KB 97ms
9ms Script
application/javascript 18.66.122.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.havasedge.com/js/evtnc.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-10.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a8046ae76f3c2fa5def7d0153cdb57e8d97c88ccb913dcb4209e3a9f001a36f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:31:24 GMT
via: 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
last-modified: Wed, 18 Jan 2023 23:02:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1490
x-amz-server-side-encryption: AES256
etag: "bb282c181bffec3889d3030dd6e067ea"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 23382
x-amz-cf-id: FOBxPJL2Xmx-I_lpC0Z2GyQjR7ni_Z5H1pts7ON2nVwPa0qQ3LZafA==

GET /
lifelock.norton.com/ Frame 89EA 0
0

GET
H2 200 EG94020756 Show response
enable-eg-ot.egainonetag.com/onetag/ Frame 89EA 18 KB
18 KB 312ms
64ms Script
text/javascript 34.254.6.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://enable-eg-ot.egainonetag.com/onetag/EG94020756
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/code/d65817e25ccaa928ce871977d19a6f0d.js?conditionId0=4940767
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.6.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-6-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e85cfa2b997618fa9592dbd38e35e59b0d80e157ab4f13faa193c86b201d9ae5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: text/javascript;charset=utf-8
date: Thu, 09 Nov 2023 22:56:09 GMT
cache-control: max-age=86400
server
expires: Fri, 10 Nov 2023 22:56:09 GMT

GET
H2 200 t.png
tvspix.com/ 68 B
194 B 871ms
188ms Image
image/png 34.216.210.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tvspix.com/t.png?t=1699570568948&l=tvscientific-pix-o-eb001251-d952-4b93-b92d-f7ac10d97dab&u3=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.216.210.54 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-210-54.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 68
expires: 0

GET
H2

200

src=9309239;dc_pre=CLeZ2-CBuIIDFQjYOwIdZsUE5A;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/
Redirect Chain

https://gwmtracking.com/p/v/1/59bc0993f8708105b27e9bf1/format/img
https://ad.doubleclick.net/ddm/activity/src=9309239;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=9309239;dc_pre=CLeZ2-CBuIIDFQjYOwIdZsUE5A;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CLeZ2-CBuIIDFQjYOwIdZsUE5A;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
107 B

45ms
44ms

Image
image/gif

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CLeZ2-CBuIIDFQjYOwIdZsUE5A;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Protocol

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=9309239;dc_pre=CLeZ2-CBuIIDFQjYOwIdZsUE5A;type=invmedia;cat=norto00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 TC-3086-2.gif
pt.ispot.tv/v2/ 43 B
314 B 43ms
8ms Image
image/gif 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-3086-2.gif?app=web&type=visit
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H/1.1

200
OK

c
trkn.us/pixel/
Redirect Chain

https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=900170343
https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=900170343&ip=81.95.5.39&cuidchk=1

42 B
780 B

599ms
598ms

Image
image/gif

54.156.17.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=900170343&ip=81.95.5.39&cuidchk=1

Protocol

HTTP/1.1

Server

54.156.17.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-17-57.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Nov 2023 22:56:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Thu, 09 Nov 2023 22:56:09 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/c?ppt=22243&g=norton_visits&gid=51843&ord=900170343&ip=81.95.5.39&cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
643 B 84ms
36ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613158642812&event=pageVisit&productName=norton-email-scams
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 1fef48513e05cc1d59174982d738969837dfe163
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
alt-svc: h3=":443";ma=600
x-pinterest-rid: 6436986393711102
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 13ms
11ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=0&c=21&i=575ofv&p=aemprod&s=330&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiNTc1b2Z2IiwicGFja2V0IjowLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8BkiLCJ0eXBlIjoiYmlsbGluZyIsInN0YXJ0IjoxNjk5NTcwNTY4OTk0XwDAZCI6LTEsInNvdXJjMgACKwBhdHVzIjoiZgBAYXNvbmUA1F0sImRhdGFQYXR0ZXISAMJsaXN0IjpbXSwiaWRdAMA1NzA1Njg5OTR9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 09 Nov 2023 22:56:08 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/c/ 0
106 B 8ms
8ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/c/r.rnc?n=0&c=21&i=4m0aw9&p=aemprod&s=428&d=9CV7InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxDgDwHk5hbWUiOiJzeW1hbnRlYyIsInB1Ymxpc2hQYXRoIjoiYWVtcHJvZCIsIm1vZCoAkHdoaXRlbGlzdFEA8CNvb2tpZXMiOnsiU1lNQU5URUNfRU5TSUdIVEVOX1BSSVZBQ1lfQkFOTkVSX0xPQURFRKMA8Q8ifSwiZHQiOjE2OTk1NzA1NjkwMTQsInNldHRpbmdPAPEnbW9kYWwiOiJlbnRlcnByaXNlIiwiZW52aXJvbm1lbnQiOiJVUyBOb3J0b24iLCJkZWZhdWx0OwDxH1NvY2lhbCBNZWRpYSI6MSwiUGVyZm9ybWFuY2UgYW5kIEZ1bmN0aW9uYWxpdHkiALJBZHZlcnRpc2luZxAA8ARuYWx5dGljcyI6MX19LCJldmVuXQAiW3sLAEEiOiJj-wBgQ2hhbmdlHgEP0AAABfgAwEFERUQiOiIxIn1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 09 Nov 2023 22:56:08 GMT

GET
H2 200 seo Show response
buy.norton.com/redirector/ 43 B
625 B 133ms
58ms Script
text/javascript 23.196.247.136
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.norton.com/redirector/seo?callback=cartFn1699570569016

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.196.247.136 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-196-247-136.deploy.static.akamaitechnologies.com

Software

Resource Hash

c2e494aaae9b6e8ecc6f031c8da5fc8f4abcb004cb94acb3777d0d34a9340c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Nov 2023 22:56:09 GMT
requestid: 1044e087ff559000
content-type: text/javascript;charset=utf-8
x-oneagent-js-injection: true
cache-control: max-age=0, no-cache, no-store
server-timing: dtRpid;desc="190926840", dtSInfo;desc="0"
content-length: 43
expires: Thu, 09 Nov 2023 22:56:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Nov 2023 21:51:31 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3878
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 09 Nov 2023 23:51:31 GMT

GET
H2 204 5441611.js Show response
bat.bing.com/p/action/ 0
118 B 32ms
31ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5441611.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 09 Nov 2023 22:56:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 05B27CE914C94C259A3DFC498B3F2DAA Ref B: FRA31EDGE0110 Ref C: 2023-11-09T22:56:09Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
121 B 43ms
41ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5441611&Ver=2&mid=09d16359-b454-4a50-a5b8-b601d609245c&sid=2bb9c4f07f5311eebfc55be007fc0fa6&vid=2bb9edf07f5311ee9e9033fb62846287&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&p=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&r=&lt=1634&evt=pageLoad&sv=1&rn=455997

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 09 Nov 2023 22:56:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BF0EB04FE7784B3298B59A23879C01D7 Ref B: FRA31EDGE0110 Ref C: 2023-11-09T22:56:09Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 22ms
22ms Script
application/x-javascript 2a02:26f0:780::210:a45b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a45b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=52876
accept-ranges: bytes
content-length: 3272

GET
H2 200 runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 3 KB
2 KB 57ms
7ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 15:24:16 GMT
content-encoding: br
age: 1927913
x-guploader-uploadid: ABPtcPoV7A_98p1Dfqe9sTqRYb9ALjlXBtnZCbj100xvlQJyZpC2BSz9hQuKKuzvZ5xQ7KgVZc_Hbq39u4NH37iufb-WYQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1317
last-modified: Tue, 17 Oct 2023 15:39:33 GMT
server: UploadServer
etag: "dbc90523c425a5d782995c1a39051881"
x-goog-generation: 1695050642582474
x-goog-hash: crc32c=Xs/EYg==, md5=28kFI8QlpdeCmVwaOQUYgQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1317
accept-ranges: bytes
content-type: text/javascript

POST
H2 200 4405 Show response
norton.ow5a.net/xur/ 119 B
1010 B 318ms
39ms XHR
application/json 34.253.81.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://norton.ow5a.net/xur/4405
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.81.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-81-236.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ece926ff412528eddc574ba2722df91995fc1e8a29e452766f00b1c1edb8afec

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin: https://us.norton.com
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 09 Nov 2023 22:55:16 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 169ms
89ms Ping
image/gif 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=06416075864884381&referrer=&marketerId=001f961bd9b051a2818b4058353fda92bf&name=PAGE_VIEW&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&g=0&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 22:56:09 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 99bdec5ea45a04565e872faf3868d25d
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 368ms
90ms Script
application/javascript 70.42.32.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=001f961bd9b051a2818b4058353fda92bf
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: br
X-TraceId: 3ec7ed683b7b58da94d24c6fa575b6f7
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 001f961bd9b051a2818b4058353fda92bf Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 44ms
11ms Script
text/html 2.18.97.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/001f961bd9b051a2818b4058353fda92bf
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.54 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 22:56:09 GMT
Content-Encoding: gzip
ob-sent-time: 1699536278016
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: e80dad4f6f349ac10aa5a2fac8e3395f
Content-Length: 22
Expires: Thu, 09 Nov 2023 22:57:09 GMT

GET
H2

200

activityi;dc_pre=CJfSsuCBuIIDFU7IOwIdSAYCyw;src=8136487;type=lp;cat=unive0;ord=1;num=4771508230273;auiddc=2086481629.1699570569;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=unde... Show response
8136487.fls.doubleclick.net/ Frame 0505
Redirect Chain

https://8136487.fls.doubleclick.net/activityi;src=8136487;type=lp;cat=unive0;ord=1;num=4771508230273;auiddc=2086481629.1699570569;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=un...
https://8136487.fls.doubleclick.net/activityi;dc_pre=CJfSsuCBuIIDFU7IOwIdSAYCyw;src=8136487;type=lp;cat=unive0;ord=1;num=4771508230273;auiddc=2086481629.1699570569;u10=unknown;u11=missing;u14=direc...

602 B
460 B

52ms
51ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8136487.fls.doubleclick.net/activityi;dc_pre=CJfSsuCBuIIDFU7IOwIdSAYCyw;src=8136487;type=lp;cat=unive0;ord=1;num=4771508230273;auiddc=2086481629.1699570569;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8136487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

bf7b49d31e8844ad66f4cf5741d9421ed071aef8fc5653d3941b8e9e1f8a93ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 350
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 22:56:09 GMT
expires: Thu, 09 Nov 2023 22:56:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 22:56:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8136487.fls.doubleclick.net/activityi;dc_pre=CJfSsuCBuIIDFU7IOwIdSAYCyw;src=8136487;type=lp;cat=unive0;ord=1;num=4771508230273;auiddc=2086481629.1699570569;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CPjJsuCBuIIDFQXjmgodEUAD5Q;src=8136487;type=lp;cat=blogp0;ord=369987896567;auiddc=2086481629.1699570569;u10=unknown;u14=direct;u16=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=syp... Show response
8136487.fls.doubleclick.net/ Frame 6A04
Redirect Chain

https://8136487.fls.doubleclick.net/activityi;src=8136487;type=lp;cat=blogp0;ord=369987896567;auiddc=2086481629.1699570569;u10=unknown;u14=direct;u16=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=s...
https://8136487.fls.doubleclick.net/activityi;dc_pre=CPjJsuCBuIIDFQXjmgodEUAD5Q;src=8136487;type=lp;cat=blogp0;ord=369987896567;auiddc=2086481629.1699570569;u10=unknown;u14=direct;u16=undefined;gtm...

557 B
400 B

54ms
53ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8136487.fls.doubleclick.net/activityi;dc_pre=CPjJsuCBuIIDFQXjmgodEUAD5Q;src=8136487;type=lp;cat=blogp0;ord=369987896567;auiddc=2086481629.1699570569;u10=unknown;u14=direct;u16=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-8136487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

9384281638d8ffb1eb59fbd8d8f9dd956dfc1a3a90fdd7e36f776578ceb6c143

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 330
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 22:56:09 GMT
expires: Thu, 09 Nov 2023 22:56:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Nov 2023 22:56:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8136487.fls.doubleclick.net/activityi;dc_pre=CPjJsuCBuIIDFQXjmgodEUAD5Q;src=8136487;type=lp;cat=blogp0;ord=369987896567;auiddc=2086481629.1699570569;u10=unknown;u14=direct;u16=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/ 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1699570569145&cv=11&fst=1699570569145&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17e1d88908f1e95e04559f930009dc55eb04010b75424d84322a5e78187d6fff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1351
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 160ms
135ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=7a5db9f3-a057-49b8-9d42-a279c7fa0392&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=52b2641b-ca57-4d09-a2ca-7f0e76f836a0&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuzip&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 110
date: Thu, 09 Nov 2023 22:56:08 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 136b91579a8f16a6
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 1315ddd08f3e7e80a143704bb114ed455bd61e5e1277150b20c1feaa388a1adc
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 166ms
126ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=7a5db9f3-a057-49b8-9d42-a279c7fa0392&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=52b2641b-ca57-4d09-a2ca-7f0e76f836a0&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuzip&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 116
date: Thu, 09 Nov 2023 22:56:09 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c6573bb908eab450
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 04a6ae5103842e16a2923217fbc17547cb027052ec56ef842bc7b4c76615cf8e
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
227 B 177ms
176ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=e355ff90-cdf8-4af4-9153-5b136526177b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=52b2641b-ca57-4d09-a2ca-7f0e76f836a0&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5fum&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 168
date: Thu, 09 Nov 2023 22:56:09 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 58ae4c29f58369f5
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 1315ddd08f3e7e80a143704bb114ed455bd61e5e1277150b20c1feaa388a1adc
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
216 B 207ms
195ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=e355ff90-cdf8-4af4-9153-5b136526177b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=52b2641b-ca57-4d09-a2ca-7f0e76f836a0&tw_document_href=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o5fum&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-response-time: 188
date: Thu, 09 Nov 2023 22:56:09 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 340f96baa7ec1bcb
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 04a6ae5103842e16a2923217fbc17547cb027052ec56ef842bc7b4c76615cf8e
content-length: 43

GET
H3

200

/
www.google.de/pagead/1p-conversion/1043330685/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1437148428&cv=11&fst=1699570568949&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham...
https://www.google.com/pagead/1p-conversion/1043330685/?random=1437148428&cv=11&fst=1699570568949&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1...
https://www.google.de/pagead/1p-conversion/1043330685/?random=1437148428&cv=11&fst=1699570568949&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...

42 B
64 B

21ms
21ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1043330685/?random=1437148428&cv=11&fst=1699570568949&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=sale&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dnorton-email-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUkltQUFqNmo2aFh6a0xwdFc0Y1FIV19kVE5VMXVjWG1NeHhiM1hLS2NyNVdFMU5YX0hWY2pzGlhDaEFJZ0tPeXFnWVE3dlBkeU1XNnpwRkZFaTRBcEc4cG9FaWloVmRpWTdmMWNXdFRKTnBUREw5S2JyOU5tNzRpQklYX0xrQnJraXFVR2tTQ2oxVHMwNHo5IhMI6aGi4IG4ggMVQhpVCB2CPg2Q&is_vtc=1&ocp_id=iGNNZem9OsK01PIPgv20gAk&cid=CAQSKQDICaaNwsPCwk1D06nwahaVSPty5wY0O2Gx0GsA8L_JYiJ92X4EuuZq&random=654959544&ipr=y

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1043330685/?random=1437148428&cv=11&fst=1699570568949&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&label=sale&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&gtm_ee=1&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion%3Ballow_custom_scripts%3Dtrue%3Becomm_pagename%3Dnorton-email-scams%3Becomm_traffic_source%3Ddirect&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJZ0tPeXFnWVE3X242NU5mR3ZaXzZBUkltQUFqNmo2aFh6a0xwdFc0Y1FIV19kVE5VMXVjWG1NeHhiM1hLS2NyNVdFMU5YX0hWY2pzGlhDaEFJZ0tPeXFnWVE3dlBkeU1XNnpwRkZFaTRBcEc4cG9FaWloVmRpWTdmMWNXdFRKTnBUREw5S2JyOU5tNzRpQklYX0xrQnJraXFVR2tTQ2oxVHMwNHo5IhMI6aGi4IG4ggMVQhpVCB2CPg2Q&is_vtc=1&ocp_id=iGNNZem9OsK01PIPgv20gAk&cid=CAQSKQDICaaNwsPCwk1D06nwahaVSPty5wY0O2Gx0GsA8L_JYiJ92X4EuuZq&random=654959544&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts
t.paypal.com/ 42 B
511 B 197ms
151ms Image
image/gif 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3ADC854CZKCW2SE-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3ADC854CZKCW2SE-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=3acffdcb-c025-475c-ba85-3218f5e08f49&fltp=analytics&mrid=DC854CZKCW2SE&code=MUSE_ADMIN_TOOL&partner_name=MUSE_ADMIN_TOOL&flag_consume=yes&pt=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1699570569170&g=-60&completeurl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&disableSetCookie=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 09 Nov 2023 22:56:09 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 72c259071ef43
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230086-FRA
pragma: no-cache
correlation-id: 72c259071ef43
traceparent: 00-000000000000000000072c259071ef43-849b7f1a298fd9de-01
x-timer: S1699570569.300138,VS0,VE144
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Nov 2023 22:56:09 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 49ms
7ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1699570569178&id=t2_cxz0s4qa&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=23190a42-8e64-4e15-a1e3-e967dbded4f2&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 200 pdst-events-prod-sink Show response
us-central1-adaptive-growth.cloudfunctions.net/ 2 B
123 B 241ms
241ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json
Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-methods: GET, POST
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 93e2e26d64ed9b823268e5a73a982cd4
cache-control: private
function-execution-id: jrqz4z8stc37
access-control-allow-headers: Content-Type, Accept
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 171ms
127ms Preflight
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://us.norton.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Thu, 09 Nov 2023 22:56:09 GMT
function-execution-id: 43ggi78m26ou
server: Google Frontend
x-cloud-trace-context: d7179dc9d6ddbcf2b9daa15d666fa325

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/ 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/?random=1699570569237&cv=11&fst=1699570569237&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9166610413&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6e6c14be0d01479c414a63caa9875e7df8e2d8124037b91bb9fe6b7cf0bf77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1351
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/ 3 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1043330685/?random=1699570569267&cv=11&fst=1699570569267&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3Bu2%3Dblog%3Bu3%3Dnorton-email-scams%3Bu4%3Dmissing&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa7dd416279275bb61bc907e2afe2dfcab65654fc5213be8d74969a22450ed39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1381
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/ 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1069927954/?random=1699570569282&cv=11&fst=1699570569282&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9166610413&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&hn=www.googleadservices.com&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&auid=2086481629.1699570569&uamb=0&uaw=0&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3Bu2%3Dblog%3Bu3%3Dnorton-email-scams%3Bu4%3Dmissing&rfmt=3&fmt=4

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32f9f9cf1979bfb6df6ff106f5d66cd87b9beb9afc6587471ae7e39502b7dac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1383
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activity;src=8136487;auiddc=2086481629.1699570569;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams;u2=blog;u3=norton-email-scams;u4=missing;gtm=45fe3b81;gcd=11l1l1l1l1;...
ad.doubleclick.net/ 42 B
440 B 87ms
45ms Image
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;src=8136487;auiddc=2086481629.1699570569;u1=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams;u2=blog;u3=norton-email-scams;u4=missing;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 08bef49b-4b6f-474e-958b-5a0be7a0227e.js Show response
tr.snapchat.com/config/com/ 173 B
448 B 35ms
18ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/08bef49b-4b6f-474e-958b-5a0be7a0227e.js?v=3.4.17-2311092202

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

d6a8bd71e378685139a7b4e7e3b3bd82adc87ea2546e0720704e0e57ffb5c61e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
Origin: https://us.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://us.norton.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame CB28 0
201 B 95ms
17ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=08bef49b-4b6f-474e-958b-5a0be7a0227e&u_scsid=c06d4650-0902-4358-9df5-f305bdae18f9&u_sclid=6dcf49ee-4ff8-4fd8-8da6-c3438d5d07e3

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 09 Nov 2023 22:56:09 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 main.74d80534.js Show response
s.pinimg.com/ct/lib/ 65 KB
19 KB 9ms
7ms Script
application/javascript 2a02:26f0:3500:88d::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.74d80534.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:88d::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "cb251578b1e91b3cc440fd1521770cc5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18895

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/105830223f174e668d8cfee6991bcb40/ 43 B
418 B 407ms
93ms Image
image/gif 52.45.37.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/105830223f174e668d8cfee6991bcb40/pixel?j=1&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&tag=ViewContent&ts=1699570569311

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.37.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-37-98.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Thu, 09 Nov 2023 22:56:09 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,a868b4b9aafdd6f2ab84c36d0a610fa6,10.0.0.20,41216,81.95.5.39,,174013031762,1,1699570569.767,0.002,,.,0,0,0.000,0.004,-,0,0,203,173,86,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1699570569313&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1699570569313&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2504060%26time%3D1699570569313%26url%3Dhttps%253A%252F%252Fus.norton.com%252Fblog...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1699570569313&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1699570569313&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true&liSync=true&e_ipv6=AQK...

0
481 B

205ms
160ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1699570569313&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true&liSync=true&e_ipv6=AQKWeHNe0nXTRAAAAYu2TNM3ibMrouxYwnevWGc0Zp8z9HW7h5bbR8GHoKeTpmSq
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9E1C4DEA44BF4643ABE8724D656A2141 Ref B: FRAEDGE1418 Ref C: 2023-11-09T22:56:10Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-ltx1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJwBwcFkS4B7iqbdH5+Q==

Redirect headers

date: Thu, 09 Nov 2023 22:56:09 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: EE6AE65D35BC4D56836AD2A8EFC80246 Ref B: DUS30EDGE0917 Ref C: 2023-11-09T22:56:09Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2504060&time=1699570569313&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&cookiesTest=true&liSync=true&e_ipv6=AQKWeHNe0nXTRAAAAYu2TNM3ibMrouxYwnevWGc0Zp8z9HW7h5bbR8GHoKeTpmSq
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJwBwY6YlGNBvolkiSDQ==

GET
H2 200 68c7d46d-4f53-496f-99ba-ec17ab2c1f6c Show response
configs.knotch.com/v1/ 28 B
444 B 54ms
7ms Fetch
application/octet-stream 52.222.236.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://configs.knotch.com/v1/68c7d46d-4f53-496f-99ba-ec17ab2c1f6c
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e34f0e5c02869c7af0877fc891d549baf7038110147953de90ab21b217e7493

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 18:40:49 GMT
via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2023 03:39:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 15321
etag: "ceb16ae4eeafd95e97144fc875ad6a29"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
access-control-expose-headers: ETag
content-length: 28
x-amz-cf-id: 1y8xtgsXHzLKBpDUPZCPcdVJnfDI1FP3o16S2crvgu35nfAQGVsBQQ==

GET
H2 200 11548.json Show response
s.yimg.com/wi/config/ 43 B
683 B 28ms
8ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/11548.json

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b0d59e6793fe0753b08ca807791faf4b84909d00eb0ea9eee991bfd961065402

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:49:18 GMT
x-amz-version-id: QsHhqbaG1Hs4m06OSO8WySBx1nj_0KS_
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: M8V9N3D7V5K6H7D0
age: 412
x-amz-server-side-encryption: AES256
content-length: 43
x-amz-id-2: DMrUOmJSrj/AzxkX3fYQZbirZgBVEGvMkIqDunSnoKiBAi2T22JmfrxeLjQjJoI5o4wKkM8HQAd/vPC2hrbN9Q==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 14 Dec 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 09 Nov 2023 22:39:11 GMT
server: ATS
etag: "ee67895e23e55fb16238fcc20064cdd0"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 track-event
event.havasedge.com/ 0
38 B 565ms
177ms Image
text/plain 52.34.72.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://event.havasedge.com/track-event?emeta=eyJwIjoiaHR0cHM6Ly91cy5ub3J0b24uY29tL2Jsb2cvZW1lcmdpbmctdGhyZWF0cy9ub3J0b24tZW1haWwtc2NhbXMiLCJvIjoiaHR0cHM6Ly91cy5ub3J0b24uY29tIiwiYW8iOltdLCJwYXJtcyI6e30sInByIjoiIiwiaW5mIjpmYWxzZSwibGNraWQiOiI5YjE3YjIzMy0yMGQ4LWY5ZDAtMGRhYi04MDA2NmQ4OTg0ZTRfMTY5OTU3MDU2OSIsInNvdXJjZSI6IkhhdmFzRWRnZS5FdmVudFRhZyIsImJ0IjoxNjk5NTcwNTY5Mzg1LCJieiI6LTYwLCJwbGciOlsiQ2hyb21lIFBERiBQbHVnaW4iLCJDaHJvbWUgUERGIFZpZXdlciIsIk5hdGl2ZSBDbGllbnQiXSwicGx0IjoiV2luMzIiLCJjayI6dHJ1ZSwidHIiOmZhbHNlLCJoIjoxMjAwLCJ3IjoxNjAwLCJjZCI6MjR9&trkGuid=0d24d362-9133-4cf0-8e7e-be8762f0510a&evtGuid=5cf27ba5-9ea8-4014-99ea-ec775d2a8e7e&data-product_list=missing&data-order_id=missing&data-subtotal=missing&data-country=US
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.34.72.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-72-148.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/1043330685/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043330685/?random=1699570569145&cv=11&fst=1699567200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNf-yrEFlg8M3nI97EUMpYqm7sDwh73LPHrGBDbQYhVPKDA6S2&random=2377942539&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1043330685/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043330685/?random=1699570569145&cv=11&fst=1699567200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNf-yrEFlg8M3nI97EUMpYqm7sDwh73LPHrGBDbQYhVPKDA6S2&random=2377942539&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 17:28:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 09 Nov 2023 23:39:21 GMT

GET
H2 200 dc_pre=CJfSsuCBuIIDFU7IOwIdSAYCyw;src=8136487;type=lp;cat=unive0;ord=1;num=4771508230273;auiddc=*;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3b81;gcd=11l1l1l...
adservice.google.com/ddm/fls/z/ Frame 0505 42 B
401 B 79ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJfSsuCBuIIDFU7IOwIdSAYCyw;src=8136487;type=lp;cat=unive0;ord=1;num=4771508230273;auiddc=*;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams

Requested by

Host: 8136487.fls.doubleclick.net
URL: https://8136487.fls.doubleclick.net/activityi;dc_pre=CJfSsuCBuIIDFU7IOwIdSAYCyw;src=8136487;type=lp;cat=unive0;ord=1;num=4771508230273;auiddc=2086481629.1699570569;u10=unknown;u11=missing;u14=direct;u16=undefined;u3=undefined;u9=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPjJsuCBuIIDFQXjmgodEUAD5Q;src=8136487;type=lp;cat=blogp0;ord=369987896567;auiddc=*;u10=unknown;u14=direct;u16=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uam...
adservice.google.com/ddm/fls/z/ Frame 6A04 42 B
107 B 73ms
48ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPjJsuCBuIIDFQXjmgodEUAD5Q;src=8136487;type=lp;cat=blogp0;ord=369987896567;auiddc=*;u10=unknown;u14=direct;u16=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams

Requested by

Host: 8136487.fls.doubleclick.net
URL: https://8136487.fls.doubleclick.net/activityi;dc_pre=CPjJsuCBuIIDFQXjmgodEUAD5Q;src=8136487;type=lp;cat=blogp0;ord=369987896567;auiddc=2086481629.1699570569;u10=unknown;u14=direct;u16=undefined;gtm=45fe3b81;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8136487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main-v2_2065c951520baf0746b2b6a717bdb1a1.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 452 KB
101 KB 12ms
9ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_2065c951520baf0746b2b6a717bdb1a1.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: fc98884df9e5a3ee3c10dde2122e1040769319dd430320f1e8631c848a1d8cd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 21:35:40 GMT
content-encoding: br
age: 609629
x-guploader-uploadid: ABPtcPrpJhk4PUpLrGHaD6uF_MvGXyIxs9FD3UqjKq8mOs-qa7S3R5j8BSWxnArVjeIOlK1MnrMh5viO3jPVslNvxqXAQpm_7M-U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103026
last-modified: Thu, 02 Nov 2023 21:35:30 GMT
server: UploadServer
etag: "1a2025f29360d6497dc0028a8ac464b3"
x-goog-generation: 1698960930446632
x-goog-hash: crc32c=oqSFBA==, md5=GiAl8pNg1kl9wAKKisRksw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 103026
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 cjs_min_e56025bf788e01599545a68c3c69921e.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 48 KB
15 KB 18ms
16ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_e56025bf788e01599545a68c3c69921e.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ab972f6a39ea0cc174d842ee8e05040126ae6ff7a9cb1ba71832891f65b777c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 15:16:39 GMT
content-encoding: gzip
age: 891570
x-guploader-uploadid: ABPtcPotyywmCVnoTJphb1bQWwVLxuxGZPvAZzW6TjwIHtJNOz3lf8E6NCdLH1trXwc0_SDI2eE5zllt7OrLT6zIkwo_wkuR1zJU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15456
last-modified: Mon, 30 Oct 2023 15:16:33 GMT
server: UploadServer
etag: "26c0a67ac86badefc2bd96cdcdb2c5d8"
x-goog-generation: 1698678993576874
x-goog-hash: crc32c=yJ1HXQ==, md5=JsCmeshrre/CvZbNzbLF2A==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000,no-transform
x-goog-stored-content-length: 15456
accept-ranges: bytes
content-type: text/javascript; charset=utf-8

GET
H2 200 main.MTdjYzNiZDU2MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 417 KB
109 KB 10ms
9ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: d49856a
date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073127C5408F83BB8B7FE31D61
vary: Accept-Encoding
x-cache: TCP_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 019857fd5ab27fffbc6b7fb69364fa2ff22d729e86d3c43a4d86bf7ea8a3dd405b41e58b606145186abd153ccb662ddc4eddac580e282051f7d4de566e96f44c056cf2b42db92f1621a8f400f62f6ff1518bf5fedf521ccd3bec7a35d58d743cf8
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=19
content-length: 110599

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 109ms
31ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2009%20Nov%202023%2022%3A56%3A09%20GMT&n=-1&b=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&.yp=11548&f=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&enc=UTF-8&yv=1.15.1&tagmgr=gtm%2Cadobe%2Censighten

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 09 Nov 2023 22:56:09 GMT

GET
H2 200 /
www.ojrq.net/p/ 50 B
466 B 45ms
16ms Image
image/gif 34.95.127.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ojrq.net/p/?return=&cid=4405&tpsync=no&auth=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.127.121 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.127.95.34.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
via: 1.1 google
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
expires: Thu, 09 Nov 2023 22:56:09 GMT

GET
BLOB 200
OK bcdd68c0-10b1-4187-8a2c-364bbaa2ca48
https://us.norton.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://us.norton.com/bcdd68c0-10b1-4187-8a2c-364bbaa2ca48
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08b4a2b1c1d126faa01aaf03e54b3099c166bbea70aab7d01fb4ca52148dc35b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 17224
Content-Type: application/javascript

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
145 B 108ms
108ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Thu, 09 Nov 2023 22:56:09 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H3 200 /
www.google.com/pagead/1p-user-list/1043330685/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1043330685/?random=1699570569267&cv=11&fst=1699567200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3Bu2%3Dblog%3Bu3%3Dnorton-email-scams%3Bu4%3Dmissing&fmt=3&is_vtc=1&cid=CAQSKQDICaaN54E1Nfw1L7BuP4P2LLg3RH8npzYcEzkxUNniuidp7kpEgjh7&random=3748091231&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1043330685/ 42 B
64 B 24ms
22ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1043330685/?random=1699570569267&cv=11&fst=1699567200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v878412864&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3Bu2%3Dblog%3Bu3%3Dnorton-email-scams%3Bu4%3Dmissing&fmt=3&is_vtc=1&cid=CAQSKQDICaaN54E1Nfw1L7BuP4P2LLg3RH8npzYcEzkxUNniuidp7kpEgjh7&random=3748091231&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1069927954/ 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069927954/?random=1699570569282&cv=11&fst=1699567200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9166610413&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3Bu2%3Dblog%3Bu3%3Dnorton-email-scams%3Bu4%3Dmissing&fmt=3&is_vtc=1&cid=CAQSKQDICaaNTbBw1w_eqMkGXwmWjG2OXm7om11flYN3nHQMCP8h6AkM9Ofz&random=3138384203&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1069927954/ 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069927954/?random=1699570569282&cv=11&fst=1699567200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9166610413&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dconversion%3Bu1%3Dhttps%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%3Bu2%3Dblog%3Bu3%3Dnorton-email-scams%3Bu4%3Dmissing&fmt=3&is_vtc=1&cid=CAQSKQDICaaNTbBw1w_eqMkGXwmWjG2OXm7om11flYN3nHQMCP8h6AkM9Ofz&random=3138384203&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 egain-chat.js Show response
support-digital.norton.com/system/templates/chat/ 4 KB
2 KB 771ms
361ms Script
application/x-javascript 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/egain-chat.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

bb6f12c7d2e7c565090a55d90424b281cbf41437a920641dd2d2ffe961215128

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 09 Mar 2023 13:40:25 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: af105373-2ada-42e1-a529-de4c0d1ed5f0
etag: "1859f8c96b08fac285a06dffa6f17223"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638a-2c6ade683a81b6f96ae93a7d
content-type: application/x-javascript
cache-control: max-age=7200,private
x-amz-apigw-id: OJx9nEatPHcFt2g=
content-length: 1369

GET
H2 200 allow_cobrowse.js Show response
support-digital.norton.com/system/cb/admin/js/ 24 KB
25 KB 749ms
352ms Script
application/javascript 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/cb/admin/js/allow_cobrowse.js

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Resource Hash

c0192be544261e01a5122cd654b834b0572f391d2aa23d8ba897134beef16038

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: cache
date: Thu, 09 Nov 2023 22:56:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: compress,gzip
last-modified: Thu, 02 Mar 2023 22:27:50 GMT
content-security-policy: frame-ancestors 'self' *
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 24532
x-ua-compatible: IE=EmulateIE9

GET
H2 200 Offers.egain Show response
support-digital.norton.com/system/ 174 B
1 KB 768ms
403ms Script
text/javascript 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/Offers.egain?command=GetRulesJS&egofferpageurl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&egofferpagetitle=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&egofferpatternchecksum=

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

bf7156c9e6cd66141b8013787c2c57bb4ffa22419e954839484d731e048d30b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-amzn-remapped-content-length: 174
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: d58759ea-08cf-404c-b53f-37d66ac15c8d
x-amzn-remapped-connection: keep-alive
x-amz-apigw-id: OJx9nGjyvHcFW8g=
content-length: 174
x-ua-compatible: IE=EmulateIE9
pragma: no-cache
server: Server
content-type: text/javascript; charset=UTF-8
cache-control: no-cache
x-amzn-remapped-date: Thu, 09 Nov 2023 22:56:10 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 EG94020756 Show response
analytics.analytics-egain.com/iframe/ Frame 4A1E 5 KB
5 KB 129ms
31ms Document
text/html 34.254.6.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.analytics-egain.com/iframe/EG94020756
Requested by: Host: enable-eg-ot.egainonetag.com
URL: https://enable-eg-ot.egainonetag.com/onetag/EG94020756
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.6.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-6-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7dc0108355117ef1d4f6b974756d2d9f83e6b16bad59f340525e05fdaca97229

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=86400
content-type: text/html;charset=utf-8
date: Thu, 09 Nov 2023 22:56:09 GMT
expires: Fri, 10 Nov 2023 22:56:09 GMT
server

GET
H3 200 /
www.google.com/pagead/1p-user-list/1069927954/ 42 B
64 B 24ms
23ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1069927954/?random=1699570569237&cv=11&fst=1699567200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9166610413&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNVQQZzG0C39oaYwQyzY1fK1GLMa9l0DaLTvXeDj9wuzY08XcY&random=2116159857&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1069927954/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1069927954/?random=1699570569237&cv=11&fst=1699567200000&bg=ffffff&guid=ON&async=1&gtm=45be3b81v9166610413&u_w=1600&u_h=1200&url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&frm=0&tiba=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNVQQZzG0C39oaYwQyzY1fK1GLMa9l0DaLTvXeDj9wuzY08XcY&random=2116159857&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ingress.gif
aq-swa-api.knotch.it/ 43 B
198 B 424ms
229ms Image
image/gif 3.225.111.63
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aq-swa-api.knotch.it/ingress.gif?browser_url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&root_browser_url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&canonical_url=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&referrer_url=&account_id=68c7d46d-4f53-496f-99ba-ec17ab2c1f6c&cs_render_id=096b6735-376b-4690-9e2a-eb7a19119b81&cs_visitor_id=36bfe463-b3ce-48ea-b9a1-cd9c70c6ec26&time_stamp=1699570569518&session_time_stamp=1699570569336&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36&ktag_version=v2.2.0&platform=Win32&language=en-US&color_depth=24&screen_resolution=1600x1200&time_zone=Europe%2FBerlin&privacy_mode=false&content_height=8979&content_width=1600&type=page_view&load_data=%257B%2522load_time%2522%253A137.8%252C%2522time_to_page_view%2522%253A168.7%257D&set_cookie=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.111.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-111-63.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:10 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2 200 / Show response
ct.pinterest.com/user/ 303 B
431 B 39ms
34ms XHR
application/json 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2613158642812&pd=%7B%22np%22%3A%22ensighten%22%7D&cb=1699570569524&dep=2%2CPAGE_LOAD
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: gzip
x-cdn: fastly
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
x-pinterest-rid: 3081807741204100
content-length: 172
pin-unauth: dWlkPU5ERTNaakUxWmpndE9EWXhNaTAwTXpKakxUZzFORGd0TlRBM1pqbGhOemsxTVRneQ
pragma: no-cache
referrer-policy: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://us.norton.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: 5d3c2f1679281f2c8de82ecae570034b947dbf31
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 inbox-v2_48b3046e5658d067d380731acb25edd9.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 8ms
8ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox-v2_48b3046e5658d067d380731acb25edd9.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d37545bbfbab30b44e51e630172af7d5d8a717afe66642b3e8eba0f6e1666872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 12 Oct 2023 13:32:28 GMT
content-encoding: br
age: 2453021
x-guploader-uploadid: ADPycdt0-ERlw-fWz2wCv0jJb4Ktjp0ueAUNKJBxy_MeeitWziUapV4JPSary5SVEphKK5bB8kgMczUjNCgoAlbNh9SZYw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4862
last-modified: Tue, 10 Oct 2023 16:03:33 GMT
server: UploadServer
etag: "e08d76c0eee63d930afa55862092fe13"
x-goog-generation: 1694525539645421
x-goog-hash: crc32c=om6Z6Q==, md5=4I12wO7mPZMK+lWGIJL+Ew==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 4862
accept-ranges: bytes
content-type: text/javascript

GET
H3 200 onsite-v2_5631bf90701659009118a89f964ae570.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 16 KB
5 KB 9ms
8ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_5631bf90701659009118a89f964ae570.br.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 15:24:02 GMT
content-encoding: br
age: 1927927
x-guploader-uploadid: ADPycdszkgkDghxhZtk3uwG25XBg-QJ0HkXxWC9LOjhvOvCNvINmS5rmCmqmpVcZPBVWJqU-EfyW4DWdPXgXJn42OuAq
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4962
last-modified: Tue, 17 Oct 2023 15:39:23 GMT
server: UploadServer
etag: "801d41813e7b11c4986b4ca00307283b"
x-goog-generation: 1695050633424590
x-goog-hash: crc32c=+KL22A==, md5=gB1BgT57EcSYa0ygAwcoOw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 4962
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 16ms
16ms Script
application/javascript 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: d49863c
date: Thu, 09 Nov 2023 22:56:09 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073127516758C986DC33DFD9A5
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014180c1b37eddca8e54ac1a7d395ce7715048e8a1793aff10a86a694e1a7e85b2afc7d9db99d51beb50669848a3f2a9b3fb457d3904dec909b090691496411534f6c38000ced9b7e2fe367b4c632bc879b55a5d88147333a8016508a61ae8fb49
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=12
content-length: 35971

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
650 B 140ms
139ms Ping
text/plain 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d498695
date: Thu, 09 Nov 2023 22:56:09 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
server-timing: inner; dur=37, cdn-cache; desc=MISS, edge; dur=5, origin; dur=126
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023110922560909D0DC1A125041FAEE32
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 126,104.126.37.38
x-tt-trace-host: 01c2db648dbd6911270b9690979c13c7562aaf27636d102132961ff97f9f211d0481d9854d8fd908928e8bfa0e4d8d32241e54216c6cd382295fa903d96fafecdfc5afba16e7b2df0de1deab496fb0035395f20817741df68edd2c4ef94d972c48
access-control-allow-headers: Authorization,*
expires: Thu, 09 Nov 2023 22:56:09 GMT

GET
H2 404 pangle_pixel
analytics.pangle-ads.com/api/v2/ 18 B
18 B 154ms
97ms Image
text/plain 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel?analytics_message=eyJldmVudCI6IlBhZ2V2aWV3IiwibWVzc2FnZV9pZCI6Im1lc3NhZ2VJZC0xNjk5NTcwNTY5NjM1LTE1NDk0NjAxMzE2ODMtQzRKU0FSSlIyUTNPRzBKQUVURjAiLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6InBpeGVsLmpzIiwidmVyc2lvbiI6IjIuMS4zMyJ9fSwidGltZXN0YW1wIjoiMjAyMy0xMS0wOVQyMjo1NjowOS42MzZaIn0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: 4f0614ea.e7a3c54
date: Thu, 09 Nov 2023 22:56:09 GMT
x-bytefaas-request-id: 20231109225609ECC07161460B2FF733A0
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-54-206-24.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time: 89,23.54.206.24
server-timing: cdn-cache; desc=MISS, edge; dur=85, origin; dur=5, inner; dur=2
content-length: 18
pragma: no-cache
server: nginx
x-tt-logid: 20231109225609ECC07161460B2FF733A0
x-cache-remote: TCP_MISS from a23-55-171-79.deploy.akamaitechnologies.com (AkamaiGHost/11.3.0.1-51934483) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain
access-control-allow-origin: *
x-bytefaas-execution-duration: 0.24
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 0104894b5c975f0cc62637b4caed5bb8ac572e87e523d44a4f974608681d2b438ceacf6920f07838345735008158d7053cedf635829b2688142a9505281d3e7132daf2692534771cc797b61621175836daed104145c6e79fc2964ae4ac4e86a383968e935cf221d455c450d05b0da114b7
x-origin-response-time: 5,23.55.171.79
access-control-allow-headers: *
expires: Thu, 09 Nov 2023 22:56:09 GMT

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 14 B
338 B 435ms
120ms XHR
application/json 34.96.126.215
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.126.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 215.126.96.34.bc.googleusercontent.com
Software: /
Resource Hash: b4fc8d22d940bdf3aa7fe9648494c3feac6a995bcec60831b8dd1c4c95719bd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Nov 2023 22:56:10 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 14 B
338 B 584ms
117ms XHR
application/json 34.117.20.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.20.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 67.20.117.34.bc.googleusercontent.com
Software: /
Resource Hash: e15506e299da3d4a8ca095007fae20286400cb4993c333f0bff4360cc1fe2cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Nov 2023 22:56:10 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 14 B
338 B 253ms
119ms XHR
application/json 34.149.32.178
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.32.178 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 178.32.149.34.bc.googleusercontent.com
Software: /
Resource Hash: c5140309c75a29de8247f72c32cf9332ccf6b31702aaf935ee2029fb9b01a280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Nov 2023 22:56:09 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
15ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1869195216&t=pageview&_s=1&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&ul=en-us&de=UTF-8&dt=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAAEIJAAAAACAMI~&jid=1432560451&gjid=773085433&cid=1070155513.1699570568&tid=UA-1304930-1&_gid=1273539162.1699570569&_r=1&_slc=1&did=dNjIxNT&z=1917067214

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
ct.pinterest.com/v3/ 35 B
375 B 34ms
33ms Image
image/gif 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2613158642812&pd=%7B%22np%22%3A%22ensighten%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2274d80534%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1699570569670
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
pinterest-version: 5d3c2f1679281f2c8de82ecae570034b947dbf31
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600
content-length: 35
x-pinterest-rid: 2902449530043670
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 p
tr.snapchat.com/ 0
90 B 20ms
19ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://us.norton.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ct.html Show response
ct.pinterest.com/ Frame F2C1 565 B
516 B 39ms
38ms Document
text/html 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.64.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443";ma=600
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 09 Nov 2023 22:56:09 GMT
pinterest-version: 5d3c2f1679281f2c8de82ecae570034b947dbf31
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1417092573233986

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
16 B 94ms
94ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Thu, 09 Nov 2023 22:56:09 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
16 B 94ms
94ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Thu, 09 Nov 2023 22:56:09 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1304930-1&cid=1070155513.1699570568&jid=1432560451&gjid=773085433&_gid=1273539162.1699570569&_u=aDDAAEIIAAAAACAMI~&z=1442473564

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Nov 2023 22:56:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://us.norton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 jquery-3.5.1.min.js Show response
assets.bounceexchange.com/assets/bounce/ 87 KB
31 KB 9ms
8ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:00:53 GMT
content-encoding: br
age: 374116
x-guploader-uploadid: ABPtcPpfgbpPl3Pkk8RUMzyr9MM27HkaF2UE8ZSCOK_OD-ouCRbS026D9y_jSFSr2ko4DdLQ6a5UxmTp_oj7hhZTltKT3vNT11z7
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31563
last-modified: Thu, 02 Nov 2023 21:35:05 GMT
server: UploadServer
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
x-goog-generation: 1698960905634216
x-goog-hash: crc32c=W9o9Ng==, md5=3F5/GMjTasHT1HU6h8mNCg==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 89476
accept-ranges: none
content-type: text/javascript; charset=UTF-8

GET
H3 200 local_storage_frame17.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame D6BA 2 KB
969 B 8ms
8ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 119074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 938
content-type: text/html; charset=UTF-8
date: Wed, 08 Nov 2023 13:51:35 GMT
etag: W/"fc893948c3efc689b5b19d8a77958e23"
last-modified: Thu, 02 Nov 2023 21:35:04 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1698960904048494
x-goog-hash: crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2408
x-guploader-uploadid: ABPtcPp07fAPJV5shW97LyqUfEMdla3XjXNMDKVyketsK4ftwHtAojLErv0YnZcamGmUe3i-9HYU2DtVkFEDHLUg0prAZA

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 20ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1304930-1&cid=1070155513.1699570568&jid=1432560451&_u=aDDAAEIIAAAAACAMI~&z=1404914000

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1304930-1&cid=1070155513.1699570568&jid=1432560451&_u=aDDAAEIIAAAAACAMI~&z=1404914000

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 p
tr.snapchat.com/ 0
15 B 19ms
19ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://us.norton.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 visitor.php Show response
app.leadsrx.com/ 103 B
534 B 201ms
200ms XHR
text/html 35.164.125.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.leadsrx.com/visitor.php?acctTag=csiyrk42502&tz=-60&ref=&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&t=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&lc=null&anon=0&vin=null

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

35.164.125.172 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-164-125-172.us-west-2.compute.amazonaws.com

Software

nginx/1.20.1 / PHP/5.6.40

Resource Hash

7b59a90252b4d619e3219a77aac01e6224bdb6a81e18c7e5d455a3ee40560c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 09 Nov 2023 22:56:09 GMT
x-content-type-options: nosniff
server: nginx/1.20.1
x-powered-by: PHP/5.6.40
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
787 B 172ms
172ms Ping
text/plain 104.126.37.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a460f3b.d4987f5
date: Thu, 09 Nov 2023 22:56:10 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 152,104.126.37.38
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=68, inner; dur=65
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023110922560972BA338DFC8BF41AEC70
x-cache-remote: TCP_MISS from a23-48-200-73.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 68,23.48.200.73
x-tt-trace-host: 01c2db648dbd6911270b9690979c13c7566d8645e60098ffae01a3a10257673ec4eb87d6a427feb775881845f178e0c0b0032599e69ddc469fa5d2220e6b8b42c0ec6111f8f134881fb1ba70fc0637cdc2fa023141ccb990d9dee3e080443240ff200bfc56c364c72033abe49aa44e4e15
access-control-allow-headers: Authorization,*
expires: Thu, 09 Nov 2023 22:56:10 GMT

POST
H/1.1 204
No Content / Show response
684dd325.akstat.io/ 0
354 B 92ms
76ms XHR
image/gif 2a02:26f0:3100:795::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd325.akstat.io/

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:3100:795::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Thu, 09 Nov 2023 22:56:09 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://us.norton.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Thu, 09 Nov 2023 22:56:09 GMT

GET
H2 200 getCBHostName.jsp Show response
support-digital.norton.com/system/cb/admin/ 195 B
778 B 186ms
185ms Script
application/javascript 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/cb/admin/getCBHostName.jsp

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Resource Hash

843d4c26ab79b8ea04917549dc85d3126cd2e1c972377182e009b8ebf25a3e07

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
content-type: application/javascript;charset=UTF-8
cache-control: no-cache
content-length: 195
x-ua-compatible: IE=EmulateIE9

GET
H2 200 egain-docked-chat.js Show response
support-digital.norton.com/system/templates/chat/ Frame 64B9 124 KB
22 KB 208ms
207ms Script
application/x-javascript 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/egain-docked-chat.js

Requested by

Host: support-digital.norton.com
URL: https://support-digital.norton.com/system/templates/chat/egain-chat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

5737ca9a11ba413e912b3db5f0a9f546ad5c9ed423e129e77a1063a00e0c9ac4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 09 Mar 2023 13:40:25 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: ce637500-30d4-4091-9158-fd9911cd9906
etag: "a748b57f762c0af32e91d044baccd43b"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638a-58a02d440c3e35424929615d
content-type: application/x-javascript
cache-control: max-age=7200,private
x-amz-apigw-id: OJx9rGjUPHcFkVA=
content-length: 22180

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 10ms
9ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=1&c=21&i=575ofv&p=aemprod&s=12941&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiNTc1b2Z2IiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8EJodHRwczovL2MuZ28tbXB1bHNlLm5ldC9hcGkvY29uZmlnLmpzb24_a2V5PU1EREpSLTNSVlc4LVMzTTQ2LUhMNFFTLVJMVlE0JmQ9dXMubm9zAPBMLmNvbSZ0PTU2NjUyMzUmdj0xLjc2Ni43MCZzbD0wJnNpPWI3MGE2YjE4LWQ5N2YtNGFmZi04ZmJkLTIwZmU4YWZkZGQ5Ni1zM3ZwMWomcGx1Z2lucz1BSyxDb5IA8SRPdmVycmlkZSxDb250aW51aXR5LFBhZ2VQYXJhbXMsUlQsUGFpbnRUaW1pbmcsTmF2aWfvAAMRAINSZXNvdXJjZQ8A9QlNZW1vcnksRXJyb3JzLEFrYW1haSxFdmVBAPAHTE9HTiZhY2FvPSZhay5haT0xODEyMusB8AJ0eXBlIjoieGhyIiwic3RhcqcBwDY5OTU3MDU2Nzk0NZUBSmQiOjEUAAJ_AOIiOiJYSFJfTUFOQUdFUkEAMHR1cxICYWxsb3dlZLkBQGFzb264AdRdLCJkYXRhUGF0dGVyEgCybGlzdCI6W10sImlmAM83Nzc5ODcwNjMwfSzqAf_w8QNzeW1hbnRlYy50dC5vbXRyZGPbAzRtMi8aAGEvbWJveC_hAwAKAMA9c3ltX2dsb2JhbF8QABAmBQAwU2Vz4gTxEj04OGFjYzljYTY0ZDg0MDU0YWFlMDkwMzBmOGQ4YTgyZC0AMlBDPQgA8hRhZ2U9MTA0NGNiMDViYTFjNGU5MDkwZDAzNjYxZTRmZjA5NTIA8RVSaWQ9Y2EzMzY0ZDU4ODczNGY0YmI4NTM2MTkyODQ4MzQ0OWJTABJWagVhPTEuOC4zEgBxQ291bnQ9MQwAUlRpbWU9aANxNDE2Nzg2NBcAaUhvc3Q9dZgEANQAQVVSTD36BJklM0ElMkYlMkYkAPIOJTJGYmxvZyUyRmVtZXJnaW5nLXRocmVhdHMlMkbjBMEtZW1haWwtc2NhbXNqAIJSZWZlcnJlcgAB9BNYRG9tYWluPWVuYWJsZWQmYnJvd3NlckhlaWdodD0xMjAwEwCGV2lkdGg9MTYSAADLAPgBT2Zmc2V0PTYwJnNjcmVlbjkAAhIABzgA8Atjb2xvckRlcHRoPTI0JmRldmljZVBpeGVsUvcEIz0xRAAgT3KFBgATAPAHbj1sYW5kc2NhcGUmd2ViR0xSZW5kZb0A8DpJbnRlbCUyMElyaXMlMjBPcGVuR0wlMjBFbmdpbmUmUHJvbW9jb2RlPWRlZmF1bHR3ZWImcHJvZmlsZS5UQ0c9OSZ2ZW5kb3JfGwVQPW5vbmUfAFFncmFtXxIA4HVua25vd24mc2l0ZV9jwAFScnk9dXMQADBzZWOWBhI9YgEBRQbTY29udGVudF90aXRsZRkACXsBAUkAUGxhbmd1cgKyZW4mdHJhZmZpY19lBbA9ZGlyZWN0JkV4afYGs2dDdXN0b21lcj1lEQAjX2MSAAEKAjMwTm-LADR1Yl-PAAALAgDGAAHlAB9wAgEBQGN1cnKmALJzdWJjaGFubmVsPUcAD78ADphvcmlnaW5hbF87AARRAR92SwEABIUADlMBBDYAARIBDVsBANAAAAQAA2MBDNgCSSYlMjBBAAT9AAeMAQkgAAhzAQQZAD8lMjB-AQMEIQAPhgEYBDMAMSUyMNEAF3O9AAmRAQ98AQEEPQABOgAPhAEOBC4AD4wBAgAuBPEZTUNTRElEPTE3ODdEMTQxQUFGQzhGNTEtNjgzNjFGNzBDNEFCODVEOQgE8R5NQ0dWSUQ9NjQwMjU0OTMwNzg0NDU3ODQxNTA1OTU2NTQzMjE3MzQyODM4MTYyAPEqQUFNQj02RzF5blljTFB1aVF4WVpyc3pfcGtxZkxHOXlNWEJwYjJ6WDVkdkpkWVFKelBYSW1kajB5PgCgTUNHTEg9NiIsImEDD44ICC44OI4IABQAAikDD44IQa84NDExNjU2MTkzjggHBIoGD6QG________jzBlbnO3CzZlbi4OCQZDDRJhwBHwJS9zZXJ2ZXJDb21wb25lbnQucGhwP25hbWVzcGFjZT1Cb290c3RyYXBwZXImc3RhdGljSnMCEh49SgAAYQsjLyYmEvIeZWRPbj1GcmklMjBOb3YlMjAwMyUyMDE2OjAzOjU2JTIwR01UJTIwMjAyMyZDZxJQRD0yMSYRES9JROYMOPASJTNGX0NPVU5UUlklM0R1cyUyNl9MQU5HVUFHRSUzRGVuEQDQVFJBRkZJQ19TT1VSQxcAAoALABsA9AFQR01fSUQlM0RtaXNzaW5nFAAwVFlQKQADGgwAFgA6SVBGJwAsSVA4ACpTTiIAqlNVQkNIQU5ORUwYAIpPUklHX1NVQhYAalBJRkNBTRQAWklfU0tVEwA6REVYEQAsSU7BADtJUFYjACtQQxEAHFURABtQpAA6RU5QMwA6U0tUEQAqSVQAAUNub3df3ApUdW50cnmQAQUYAASeCwSYAQUZAAkNCzIlM0TRAghSDTUlMjYuAAd1CzAlM0R3CwkeAAJMDAVGAACxDQMgAAMHDAJbCiFfY6YUEF8NAzUlM0QSAgBnADVwcm_KDADGAAIfDgNGAA7bCwkXAQBAAA-0CwAJJAAAWhU0dWN0fAAP7wACB2cNAcwA8AVuZSUyNmlzTW9iaWxlJTNEZmFscxMA2nZpZXdDYW1wYWlnbnNmAG9hdGglM0Q3EBwwJTI2xQEwQ29kZgACmwAAORUAkg4FPxAOegQG6gtic2NyaXB0OhQLexQuMzDtC0I5NCwikgEgIjpsFpJlcnRCZWZvcmVCAAJ8FD9sb2F5FB9QNzAwNDXyFC84MesLCA9HBf____-lHzZHBQwgbXXLCUNvbk9i_wkfTE0FOR85OBEHD00FEwFKCvAaOGYxZGQ0OTY3MjJiM2E2YzcwNmZmNDYwMTMxYWJjYmIuanM_Y29uZGl9FZdJZDA9NjQ5MTZSEg9oBggsOTEhAU84MDMxaAZFvzY5OTIxODE0NDAy4RoIDxsBdR8zGwEMDzwCQAchAR8yPAIy_RFlYzg0NjgxMGEwNTlkMTk1NDc5ZTE0Yjk3MTNkNGY5MjwCVzQyMzEzHB0PPAIcLzUwPAJFvzcwMTU5NjEyMTI3pAguAVcDDxsBSg88AgAJGwEPPAJAByEBHzU8AjP-EDk0ZmI5ZDdkNzA5NjM3NzIyNGVhMDIwZjc4YzM0MmY8Ak83MzkxPAIUHjJdAy84NTwCRb82OTgwNzQ4NTQ4NRsBkA88AgAJGwEPPAJAByEBHzY8AjL-EWMwMDUxZjI4YTFjNzE3MGEyZGYxZDA1YWU4MGFlYjNlPAJ3OTU1Nzk1JskGfzE9NDkzNzhSAic_MTAzUgJFzzcwMDcxNDg3NDM0NzEBpQ5oAgoxAQ9oAkAHNwEfODcBMv4QNmUyNDY0ODRkNDVjNDc0YThjODdjOGI3ZWY5MzAzOKQEUTE3OTAy1CUDbxsP4QYJDqUECiIBP2luc4UPN782OTgyNjcwOTk0OaUEMw8cAUsPPgJgByIBD6YEM_8RZDY1ODE3ZTI1Y2NhYTkyOGNlODcxOTc3ZDE5YTZmMGSmBABfNDA3NjfDERIfOSIBAQjDEQ9gA0C_Njk3NzI0MDAyNTZEAggFtB1hZGVtZGV4VSQAVij_ATUuaHRtbD9kX25zaWQ9MCNiIwgGAgFTaWZyYW2DEgvFEh04xRI4ODEw5QcAThdgbmRDaGlstBIAVhcBQCcPxBIiUDY5ODEx-wAvNDWSBQgP-wBWHTfgCAr7AA_9AUIEAgEvNjRdBQfxAWNvbm5lY3QuZmFjZWJvb2v-AZBlbl9VUy9mYmU3KUZzLmpz4AEPIAUGPTgwNZIgRzgxMjZzBw_lAEKfNzY5NjQ5NDgxQw4IkHNwaWRlci5hdbMZoGxpYXJldml2YWziFv8UL2kvOGQwOGIxY2YxMmI2ZGVkZDQ2YzY4MGI3ZDFlY2E5MTEAARUtODTlAS8zN-ACSI8wNTY4NTA1MtsDCQ_5AFMNGSsaOPkAD_kBQhQ4AAEP_QUID94CAnNzaWduYWxzEC3wES8yMDEwNzg3NjE5MTY0NzE2P3Y9Mi45LjEzOCZyPXN08SciJmT_JwlWKA8UAxEBAAMiZW7OKwJILE84Mzk4FANOIDk4AgAvNDIbDwjxBXd3dy5nb29nbGV0YWdtYW5hZ2VyEQP_CGd0YWcvanM_aWQ9Ry0yTThNSFlFWThY7wASAGILC-8APzQwOe8AS783MDA4OTkwNTA4OAMECHNyZWdpb24x8wCiLWFuYWx5dGljc_MAgC9jb2xsZWN0_AErJnT6APMMJmd0bT00NWplM2I4MXY5MTMyMzA2NTU2Jl9woyoAigKzMDg0JmdjZD0xMWwCAPAAJmRtYV9jcHM9c3lwaGFtDwCQPTEmY2lkPTEwng9SNTUxMy7kKgBBAHAmdWw9ZW4tPikRckEqEXhYKoB1YWE9JnVhYgUAMGZ2bAcAgG1iPTAmdWFtDAARcAUAEHYGAGB3PTAmX3MgKgBjAASkLkA4JnNjViuPc2VnPTAmZGxDHjhCJmR0PZUwMSUyMEErAN8nAEMrAn4pYEFuc3dlcnkq0XRvJTIwWW91ciUyMEa_MPABbnRseSUyMEFza2VkJTIwUdEwMGlvbi0AoShGQVFzKSUyMC0lHwCCMJAmZW49cGFnZV-1G3AmX2Z2PTEmlwgABwAQc_MAgF9lZT0xJnRmXAEnNjWsAnFlbmRCZWFjODEM0y89ODQ0ERY4ODQ0sAKvU0VOREJFQUNPTtovAVtibG9ja9ovYSJXaGl0ZcsvD-UvCQonAATwL8A4MTAxODg4ODd9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:10 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 09 Nov 2023 22:56:09 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 14ms
13ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=2&c=21&i=575ofv&p=aemprod&s=21552&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiNTc1b2Z2IiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8SNodHRwczovL2JpdGUuYXVzdHJhbGlhcmV2aXZhbC5jb20vY3Q_aWQ9MzQ4NzAmdXJsPTIA0SUzQSUyRiUyRnVzLm5nAAAsAPIOJTJGYmxvZyUyRmVtZXJnaW5nLXRocmVhdHMlMkYnAPILLWVtYWlsLXNjYW1zJnNmPTAmdHBpPSZjaD2uAIImdXZpZD0mdBsAQXNmbWkNAPaIdT0mY2I9MTY5OTU3MDU2ODI4OCZobD0yJm9wPTAmYWc9MTExNTA0Mjc2NyZyYW5kPTg0NTE5Nzc3ODI4NzEwMjcxNzIxMjg2NzEwODA3NjAyMjMxMDc5NDU3MjY1NTEyNDkwNzIxMjUxMTU3MjU0Njk4NTcxNzE4MDIyNTI4MjUyOTI5NSZmcz0xNjAweDEyMDAmZnN0PQ4A-BFucD13aW4zMiZudj1nb29nbGUlMjBpbmMuJnJlZj0mczoAIG5jtADxQnQ9JmRpPVcxc2laV1lpTERNNE5EaGRMRnN4TWl3aWUxd2lZM1I0WENJNlhDSjNaV0puYkZ3aUxGd2lkbHdpT2x3aWFXNTBaV3dnYVc1akxsdxwAHGMcAPAlWEpwY3lCdmNHVnVaMndnWlc1bmFXNWxYQ0lzWENKemJIWmNJanBjSW5kbFltZHNJR2RzYygAplhNZ01TNHdJQ2g8APMQWE1nWjJ4emJDQmxjeUF4TGpBZ1kyaHliMjFwZFcwcFQAWW5kbVZ5uAASQywAQEtHOXeAAANAAB95QAAIF3VAAOByYVhSY0lpeGNJbUpsYuAAIGpVvACQM1oyeGNJam94FAEjWjMcANJsd2lkMlZpYTJsMElI1AADmAAwelpX7ADgb3pOams0TlRFNE56RXc8AENjMlZqcAD5MmNJbjBpWFN4Yk16Y3NJbHN6TXpFMk1qSTBNRFE1TEdaMWJtTjBhVzl1S0c1bGQxWmhiSFZsS1NCN1hHNGdJQ0FnBAD5GEdGa1pFTnZiblJsYm5SWGFXNWtiM2RRY205NGVTaDBhR2x6S1Z4dTQAEUNEAPApdkx5QlNaWE5sZENCd2NtOXdaWEowZVN3Z2RHaGxJR2h2YjJzZ2FYTWdiMjVzZVNCdVpXVmtaV1EQAC9qWlQAAuBCUFltcGxZM1F1WkdWbQQCMFVIStwB_xB5ZEhrb2FXWnlZVzFsTENBbmMzSmpaRzlqSnl3Z2UxoAAC_w5nSUdOdmJtWnBaM1Z5WVdKc1pUb2dabUZzYzJVcwwBAvACQ0FnZDNKcGRHRmliR1U2SUc8AU9ObExGYAAEEEggAGRWbE9pQmaQAA9YAAI_SDBwGAACtEY5cFpuSmhiV1V1QADxA0lEMGdibVYzVm1Gc2RXVmNiaWwBBrgB_ApIMWRJbDBzV3lKallpSXNJakFzTUN3d0xECAATTRgAE1kIABNFCAAMKAAHEAAoVEkkAB54VAAHLAAGdAAPKAAAD2wAEAtAAChOecQABEAAAJAAEEpwBHN0TVN3aUxTDADyfGl3aU55eGxZMWhIV0RFNWJtNXlkbFpQTWtwa2JFNW9lRUpMVVd0TWRsTkdaRUZSUWtOc2FERTBWbFZXUmtGc1JqY3JRMEZKY1ZoU1FrWkRSVEUyUmxscmIxWlZjRUZYYUVGVFNVUXlhMW8xVG5SVkt6WTVZaTh4S3pVNE4yTjZWMUpLUVZCc1IydzWMAaAwekxDSmJYQ0pwSAPxA2NtNWhiQzF3WkdZdGRtbGxkMmwEABAE8hx0YUdwbVltMWtaMk5tYW1KaWNHRmxiMnB2Wm05b2IyVm1aMmxsYUdwaGFWSAUQYUAFsFhKdVlXd3RibUZqWAAwYkhWIAUyY0lsCARkTFRRc0lpDAAXVQwAF1kMABdjDAAXZwwAUWtzSWlzUASDTFRFd0xDSXTUABB4dAEA5AUiZEbMBQOkBBB0iATzBFcxd2laR1Z6WTNKcGNIUnBiMjUABZQ5bk9uUnBkR3jABfACdlp6cGtaWE5qY21sd2RHbHYgBQDUBPMCZEhkcGRIUmxjanAwYVhSc1r0AAcYAA04ACRYWOgApUV5TENKdWRXeHOwABd5JAIJFAEoRTHYAGNOaXdpTUNMAmRUY3NJalEAARA0yAEFUAMVVmwAGTUYAAS8AlBTd3lOQwQA8AR4Y0lpMWNJaXd4TmpBd0xERXlNkAOCVFl3TUN3eE0UABIyFAARSRQACSgABFAAFENIAAQIAAhQABNC-ANHMHlNQ-gAJ2pFzAEQSRQBAIgCAJwGAHACRnVYQ0o4AFN5d2lLefgA8gRqUXNJbHRjSW5ObGJtUkNaV0ZqxAEAiAN0RXNNU3d4WHADGGpUAuBJMkxDSjdYQ0owYW1oegwCYU1UQXdNRAQAAHQAHzEYAARRcWFITnMwACB6YwwBAjQAFEhkASNJM2QBMDVMarQEADgHIFJudAJlYm5Wc2JGKAAApAG0bGJpMVZVeXhsYmnQAADIAgQkACBNd0wAQFhDSjJAABVNPAC0TXhMQ0ptWVd4elrcACd6SUABJ016KAIoek5oASB6VWwH9gV4TmprNU5UY3dOVFk0TWpNMkxDMCgBInpZVAFSalF2TTHAA0dOQzh6hAEgek6kAuRURTBOQzAyTmkweE9EQXADgHpPQ3dpYVN37AQABAAB1AUkTkQMBUBFd015bAIBIADkd0xDd3NPRFUxTERnMU4EASN6a4AAoEl3TURNd01UQTMAARBOWAJwa2RsWTJ0dhAAxFhDSk9aWFJ6WTJGd3QDkFRXOTZhV3hzWYQDcUc1MWJHd3N4AbRDeDBjblZsTERnczwHAhgANHd6TCAHY0hSeWRXVTAAM3d3TBAAVWRISjFaRAMQUVwEI3pNgAIA2AAGtATzA1F5TENJeE56STBNamszTmpVetQDUzBNeXdpXAJAd01ERdQAAjgCAHQCUFRFeE1EBAATQQgAEkUcACNERdADUVEwTENJSAFETUN3MVQAYE5Td2lOahgAJ1kzeAYwMU5qcAYAAAM1WTBPlAMAEAAM-AY_WTROIAAKADAAApgCME5EWaQHBJAAAOQCMEZkWNQI8AtVdlFtVnliR2x1TEdWdUxWVlRMR3hoZEc0cygKU1oyOXllpAIwTkRnRAAUc7QEKE5E7AIQVVgBBEQCEDG0BQQoByhOVNwCEFXcAkN4TURBjAAjVTDIAxBvlAMA0AUyWHpGxAXAak15T1RrNU1UTTJPEAJvRndpWHpOHAACIFhT9AoQUqALAHgEI2ZNMABgTWpFeE5UzAFQUTVObHd0AAAcCw4oACBUUegKVDFPVFE0NAM0WHpCbADDM05UazJOell3TkRoFAAA7AqEY3lNalV3TmooAKRVNE1qYzFOVFF5RADETWpJeU5qTXhNamd3FABATmpNdzgAQk9EazUIA6ZJM01qSTJPVGcwTAAgUXjcA2VOelExTVR0ALQ0T1RZeE1EVXhNehQAoGd4T1RVNU5qRTTgAwDQBoNjMXdpT2pGOWgCEDFoAhNNnAOjTlRZc0lteGhibXgDtVMxd2NtbHRZWEo1MADw_4t5d2lWMFV3V2xZeGVFOWpWbWhZV0ZaV1kxTjRZMFpYYkZwVlUxVjRUbGhHTUVoSFYwcFpVMmhzV1ZOVmJGWlJSMUZhUlZaNFVGZEdWVnBYUlRCYVFsWm9XRlpzWkVGV1JscE5VMmRqV2tWUlRVOUJkMmROUTFFMFNVRlNRVlpIVVZaWlZqRmFXRkZHVWxkVVJXOUlRWGRuUWtGM2IwcEZRbFpaVkZKc05GTXdkRmxSUW1SaldFSnJVbFZWTVU1VFZXOUVSbWhhUzFOV1FtUllSWE5ZVjBWNFMxUlZkRmxXVmtKWlV6RjRVRlZGT1ZsV1VtUmhWbXhSVjFWQ1dVSllVV3RDVjNkb1lWaDNaMHhYZHpsa1dFWXhaRVJST1dGRWQwVktWM2MxWkVOR2VHRlhRVUZKUTBKa1ZGTm5UVWxCZHpoUVExRkZVRVZDVmxsVVVteE9SakY0UWxOV1dreFVWVzlhUlZaR1RsUlZiRXRCZUZsWFUydHNVVmhXZUV4R01XaE5VMnN4VEZkR1ZsRlhSWFJqVkRGQ1VGUAERaIAB9BtSbXhCVjBGV01FcEJWbk5KVjJ3NFNVTXhjMUJZVm5oa1dGRXdVRmRuUFSMBidVNFQGMTFPUzgJY21ZWFZzZIQIEE7ECzBqRTDUDTBMVFmkBgBgBzIzWjMwB1NYQ0l3T1AGQGNHTm2wA_QEWENKaVozSmhPSFZ1YjNKdFhDSngCEDKcDxVP6AMRWfgDA2QCEDLUBjBXekGoBwBQAyViWKAFGFkkCRAyJAmgWjJWdmJHOWpZWOAJoDRzYzNSdmNtRm4sCIBZMlZ6Y3l4bpAN9DpjR0ZrTEdOb1pXTjBMRzFwWkdrc1pHbHpjR3hoZVdOaGNIUjFjbVVzZFhOaUxHeHZZMkZzWm05dWRITXNjR2xqZEhWeVpXbHVjDADwAlN4d2RXSnNhV05yWlhsamNtOA5ANTBhV7wNmmRsZEN4dmRIQhgA8AF5eGphSFZoWm05eWJXWmhZrADwBml4bGJtTnllWEIwWldSdFpXUnBZUygAoE5oZG1Wa1lYUmi4AEBkV0ZtSArwDWRtVnljMmx2Ym14cGMzUXNZMmgxWVhkdmR6WTAoAEBaRzkzHAAwYm1zHADwAHdjbVZtWlhKelkyOXNiMwgA8AFobGJXVXNjM2x1WTNob2NpbACZVmhiVzlrWld3NAAA1ADxDmRXTmxaSFJ5WVc1emNHRnlaVzVqZVN4elpYSnBZMABRRnRaWEqkAFBjSEpsWqAAcDNKbFpIVmrQACNiM5gB8SJISnBkbUYwWlhOMFlYUmxkRzlyWlc1cGMzTjFZVzVqWlN4cFpHVnVkR2wwZVdOeVpX7A8RcAgJITJW3AANBAEhaXgUASBjMjAAIVZ1AAFASEJ5THACYEc5aFpDeJwBsmliMkZ5WkcxaGND7AAA9AHwBWRHWnZjbTBzWjNseWIzTmpiM0JsQADxAWRXRnRiMkpwYkdVc2QybHVQAcNXRnVZV2RsYldWdWREAHBMRzFoWjI1yADwAXRaWFJsY2l4aFkyTmxiR1bIEfAEbGRHVnlMSEJ5YVhaaGRHVnpkR_wAYFJ2YTJWdVgBMlpXMWgMA4ABwFlYSmphQ3g0Y25Od8wCkFlXeDBjbUZqYYQAEHkcAWB4bFpHVjDAAgA4EQOsACB3YlgAAFACoFhabGNuTnBiMjTEAfIIM2FXUjBhQ3hqYkdsd1ltOWhjbVJ5WlcEAwHwDWQzQnZjblIoAIJ3WVhsdFpXNWgBABAOAiAAcW9aV2xuYUhoAiB5ZAgA8AdYVjBiM0JzWVhrc1kzSnZjM052Y21s7A1QcGMyOXPcAWFaQ3hvYVc0ADAxWVesEGQ1bGMzTXOoAWBkMkZyWldkAwCkAqJ4cGNHSnZZWEpr2BAQVcAA8ARrWlhacFkyVnRaVzF2Y25rc2JXZANkOXdhRzl1GAsgTmoYDfACSTFNekl6TVRJNE9EZzZNalnIB1JiSW1Sa3wQJ0VzQAkEaAkCCAAVUzgJDyAQJSV4TPwKAFAJAFAAZkVzTWl3NJgQBBwLBCAAAQgABHAAFjUoAAEYAFJ3TERJMwgFwUppYm1Ob0lpdzVPRkwR8AloWW01amFDSXNPVGxkWFElM0QlM0QmZGW6FfU8cHJlPTAmc2RkPSU3QiU3RCZjcmk9UXV1VVFPUHhXcSZwdG89OTA4JnZlcj01NyZnYWM9LSZtZWk9JmFwPSZmZT0xJmR1aWQ9MS4xHBb9BS5xWjFMVnB6TTZxMHZ2SzFtJnN1IwD9AmVqaGNwdlNFcUloQW55dSZ0IwDwBGYyMmR6d0VBQXlsYWIwa24mZmJ9AHBndG09VzEwwwDwAWl0PTcxJTJDNzAyJTJDNTQiADBsPS2mAAMHAIBzZD0tJnJ0aTkAIGJnBgCgc3BhPTEmdXJpZAQW8ApiPSIsInR5cGUiOiJzY3JpcHQiLCJzdGFy8BcF0QAwMjkz3hc2ZCI6ARegNjg0LCJzb3VyYzwAsmFwcGVuZENoaWxkQQCQdHVzIjoibG9hEABgcmVhc29u_hfUXSwiZGF0YVBhdHRlchIAs2xpc3QiOltdLCJpYwC_Mjg4MjM1MDQ5fSwwGP______________________________uD8zMzAwGAwxbXV0ATCvT2JzZXJ2ZXJDTDcYOC84NjcYB0J3d3cuHy-gdGFnbWFuYWdlcjowgC9ndGFnL2pzazDfQVctMTA0MzMzMDY4NSAZET02NzXwAD83MjAgGUS_NzAwNjgzNzA0NjYgGQgP6QBDHjgJGgrpAA_ZAUAG8AAvNzfZATgwJmw9ixqvTGF5ZXImY3g9Y-oBEx436gEnNTfqAc9pbnNlcnRCZWZvcmXUAi6_NzAwMjY1NDk3MTHUAjkP-wAjD_wBAQn7AA_8AUMDAQEvMjL8AQeBYmF0LmJpbmfJAyBhY1o08K4vMD90aT0xODcwMTA1NzcmVmVyPTImbWlkPWE3MTcyNGVkLWUxYjgtNDdjMC1hNmE2LWEwNTEyZGU5YTExOSZzaWQ9MmJiOWM0ZjA3ZjUzMTFlZWJmYzU1YmUwMDdmYzBmYTYmdmlkPTJiYjllZGYwN2Y1MzExZWU5ZTkwMzNmYjYyODQ2Mjg3JnZpZHM9MSZtc2Nsa2lkPU4mcGk9MTIwMDEwMTUyNSZsZz1lbi1VUyZzdz0xNjAwJnNoPTHeM4NzYz0yNCZ0bJc0MSUyMLk0MSUyMLs0AQA18QkwQW5zd2VycyUyMHRvJTIwWW91ciUyMEZvNfABbnRseSUyMEFza2VkJTIwUYE1MGlvbi0A4ShGQVFzKSUyMC0lMjBOPjUvJnBYNTn2FnI9Jmx0PTQzMiZldnQ9cGFnZUxvYWQmc3Y9MSZybj01OTIzNTZwAzJpbWcrAwp3Hj43NjltAwAUAAV3HvIHSFRNTEltYWdlX1NFVEFUVFJJQlVURUwAAoIeb2FsbG93ZYUeH883MDA3MDQ5NzczOTV5AqgXMHkC_BFlYz1DSEVRJmVsPUludmFsaWRfVXNlcnMmZXY9MCZlYRYAP249WRYCOw_jAgMAIgJgY3VzdG9tGwJvMzMwMTI3GwIPHzeJBgAAFAAPGwJTnzYwNzI1MTUxMxsCFAChBCZqc9YAD2shBw9LCAIvNzZhBkVANjk5NJo4PzE3M1wHCAC_AAVgBQANAA_MABQPMgYBCcwADzIGQAbSAB80uQMI-UBjb25uZWN0LmZhY2Vib29rLm5ldC9zaWduYWxzL2NvbmZpZy8yMDUzOTA1Njk0ODM3OTgwP3Y9Mi45LjEzOCZyPXN0YWJsZSZkb21haW49hToP5wETHjTbBC84MecBR584NzQwOTA3ODWzAggPFQFuDzACAQkVAQ8wAkIEGwEfNmIICABOC7BjbGFyaXR5Lm1zLywMRXVldC9gCA_0AREuODAmDC84MNsDEVtibG9ja8UGYSJXaGl0ZTslD1UlCQonAAFgJc83MDEyMjE4MTQ2NzTABBQjcC9WCQXxAB8uAwQTLjc26AIK9AAPOiY5zzcwMDM1MTc1MTQ5MdoATgBuBiNlbrEmAhU-CtoAD60CQAXhAD81MDDhAAcC4A7yAWFkcy5nLmRvdWJsZWNsaWPkBACMCfMCYWQvdmlld3Rocm91Z2hjb25EQBYv9g4gLz_FPidvbfI-ojczMiZjdj0xMSZ5PhM5Cj8AGABBYmc9ZgEAICZnxyiwT04mYXN5bmM9MSauKPMLNDViZTNiODF2ODc4NDEyODY0JmdjZD0xMWwCAPAAJmRtYV9jcHM9c3lwaGFtDwAApCgiX3cTCzJ1X2gUCw_-PzwwaG492AMFLwFwZXJ2aWNlc0YMQCZmcm0bQD9pYmGBC1UQYToBpjIwODY0ODE2MjlQKvAAOSZ1YW1iPTAmdWF3PTAmtQ6QPWV2ZW50JTNEthASLrAGgCZyZm10PTMmBgAfNJAEET03NDiEBig4MMwOD5wDOb82OTg2NDA4NjI1OWoICAWMAQ-7Av__Dh41_wsKuwIPfQVABcICLzYwKggIAB8LBSwLAzYHD4wQ_7IP7wcCFzixCw9yAgtRZXJyb3IKRw8LLxkHhhAP6xUID3MC_8cPPAsBD3MCCRhB-hIPcgIsHzRiCgkPNwkFEy9fCg9UChYvNDlUCgM_NDkmVAqj_wxsYWJlbD0yM0t6Q0pqLWpZTVlFUDNzdl9FRCZvCntQZ3RtX2W_NA94CiIG4QEPdwofLjUydwofMU00RQAyDX84NDcxODM57Q4ID9AC__8tD4wKAAnQAg8aCAsPJDciB9cCD-YUCA8ZCI4PnxjZEDgLEwWfGA8UAgsPvAcmD5kYHQ-hDIEPFQLHD9AJAA8VAgoP0AkzwDYwNzI1MTUxNH1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:10 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 09 Nov 2023 22:56:09 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 14ms
13ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=3&c=21&i=575ofv&p=aemprod&s=15728&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiNTc1b2Z2IiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8xhodHRwczovL2Nkbi5xdWFudHVtbWV0cmljLmNvbS9xc2NyaXB0cy8bACEtblMA0i5qcyIsInR5cGUiOiIjAHAiLCJzdGFyqADANjk5NTcwNTY4MDMwlgBFZCI6MRQAoDkzMiwic291cmM8AMJpbnNlcnRCZWZvcmVCAKF0dXMiOiJsb2FkuABAYXNvbrcA1F0sImRhdGFQYXR0ZXISALJsaXN0IjpbXSwiaWQAzzc1NDI0MTIzOTR9LOkAWx8x6QAMMW11dHIBr09ic2VydmVyQ0zvADkfNe8AB5NsaWZlbG9jay66AQDWAQa8AVNpZnJhbXoBCrwBPjk2NdMALzc4vAFHnzkzMDQyODA5M80ACIFiYXQuYmluZ5wCIGFjwwLxui8wP3RpPTU0NDE2MTEmVmVyPTImbWlkPTA5ZDE2MzU5LWI0NTQtNGE1MC1hNWI4LWI2MDFkNjA5MjQ1YyZzaWQ9MmJiOWM0ZjA3ZjUzMTFlZWJmYzU1YmUwMDdmYzBmYTYmdmlkPTJiYjllZGYwN2Y1MzExZWU5ZTkwMzNmYjYyODQ2Mjg3JnZpZHM9MCZtc2Nsa2lkPU4mcGk9MTIwMDEwMTUyNSZsZz1lbi1VUyZzdz0xNjAwJnNoPTEyMDAmc2M9MjQmdGw9TlkD8R4lMjBlbWFpbCUyMHNjYW1zJTNBJTIwQW5zd2VycyUyMHRvJTIwWW91ciUyMEbWA0BudGx5IwCAc2tlZCUyMFHoAzBpb24tANIoRkFRcyklMjAtJTIwDAQxJnA98QMBWABnRiUyRnVzGQLyDiUyRmJsb2clMkZlbWVyZ2luZy10aHJlYXRzJTJGQAIRLZ8AES2dAPcYJnI9Jmx0PTE2MzQmZXZ0PXBhZ2VMb2FkJnN2PTEmcm49NDU1OTk3bgIibWf2AglrAj05MDUnBAIUAAUnBPIHSFRNTEltYWdlX1NFVEFUVFJJQlVURUwAAjEEb2FsbG93ZTQEH883MDExMjM4NzY5MDNFAwcJeAIADQAPAAUTPDk0NEQDPzkwNQAFSFA5NDE3MncCHzbMAD8vNznMAAwP4wRCBNIALzQx0gAHcHNuYXAubGnCBgDeBP8NbGkubG1zLWFuYWx5dGljcy9pbnNpZ2h0Lm1pbrkGFD45NTbtACc3M_0EoGFwcGVuZENoaWx0AjJzdGGHAg-4BiSfODk2OTUzMzY0hAIID-YAQB84eAMACeYAD9MBQgTtAC82N9MBB_8DdGFnLndrbmQuYWkvMjAwNC9pugEWHzi6AQAfN7oBRp85NzYwODMwMjLNAEIPoQECCM0AD6EBQgTUAC80OaEBBwIOBvYDLm93NWEubmV0L3h1ci80NDA17QUyeGhyoQUL7QUfOKEBAAAUAAXtBbJYSFJfTUFOQUdFUkEAAlsDD-IFJb82OTc5NTY1NjEzMhYFCA_QAL3xBWQuaW1wYWN0cmFkaXVzLWV2ZW50Ngn_FUEyNDc0NTItMTZlYS00NmExLWJmM2UtMGQ5ZTQ1MThmZjljMWwDFQ_fBgEJywEP3ws8rzg1NzExOTg5NziZAgcP-QBSDwwHAQn5AA-YA0IC_wA_OTAxJgYIsXRyLm91dGJyYWlu7wH_bHVuaWZpZWRQaXhlbD9vcHRPdXQ9ZmFsc2UmYnVzdD0wNjQxNjA3NTg2NDg4NDM4MSZyZWZlcnJlcj0mbWFya2V0ZXJJZD0wMDFmOTYxYmQ5YjA1MWEyODE4YjQwNTgzNTNmZGE5MmJmJm5hbWU9UEFHRV9WSUVXJmRsPWkKOKJnPTAmb2JBcGlWbg-UPTEuMSZvYnRwEABHMi4wLnwEgXNlbmRCZWFj_Q4Mlw5OOTA5NyQGABQABYMEr1NFTkRCRUFDT06KBDm_NzAxMjQ3NzYwNDMuBgh6YW1wbGlmeccBMGNwL-8AD5kDFg6_CDcxMDAFBw-ZAzpQNzAwNTA9DS81MpoCCA_YADEPeAMACtgAD3gDQAbeAB81QAYI8QF3ZWJzZGsuYXBwc2ZseWVyfQPGP3N0PWJhbm5lcnMmGQcPMBEHLjk0mQIoMTDwBw-4ATyvMTEyNDIyMjM5MFEFBw_aADMPugECCNoAD7oBQgPgAD80MjLgAAcANwyQcGRzdC5mbS9wXBAPJwwYD7ABAR8x4A1GrzcwMDcxMzkyOTkODQkP0AApD6YBAQnQAA-mAUIE1gAfNz4ECPMDd3d3Lmdvb2dsZXRhZ21hbmFnZAP3BWd0YWcvanM_aWQ9REMtODEzNjQ4cxAPbQMJHTMGBj8xNTUlBUW_Njk5ODMzMDkyOTG-CAgP5wBAD9QBAQnnAA_UAUAG7QAfNYoVCAA2D6BpYy5hZHMtdHdp2RUBNgU_dXd06AYWDaQUTzkxNjbDAUefNzk1NTc5ODkypBQID9YALw-yAQEJ1gAPsgFCBNwAHzX2DQgGnwIgYWTIFkFpY2VztAEA-xNjYWQvY29uEBn3BS8xMDQzMzMwNjg1Lz9yYW5kb209BRiwNDkmY3Y9MTEmZnNBFAQxGIE5NDkmYmc9ZgEA8yAmZ3VpZD1PTiZhc3luYz0xJmd0bT00NWJlM2I4MXY4Nzg0MTI4NjQmZ2NkPTExbAIA8AAmZG1hX2Nwcz1zeXBoYW0PAGI9MSZ1X3d4FTJ1X2h5FS91cqIKOu9sYWJlbD1zYWxlJmhuPSgBBcImZnJtPTAmdGliYT2RFQ_xFU6gZ3RtX2VlPTEmYU4BIDIw6gtVMTYyOS6OAfAAOSZ1YW1iPTAmdWF3PTAmZxkRPTAONiUzRNEBMSUzQoIPgl9jdXN0b21fWQXwAnMlM0R0cnVlJTNCZWNvbW1fCQIACwwyJTNEUw8IMRYFJgCCdHJhZmZpY19xC_ACJTNEZGlyZWN0JnJmbXQ9MyYGAB80MQkSAE0VImVu_RkCdRo4OTE2VwgPqBM5ASwWbzE1OTMwM1AICA_8AQUQLxsBDyQD__9jD08GAggkAw9PBkAGKwMPTwYNwnBheXBhbG9iamVjdEwGUG11c2UvBQAPBggTPjkxNpoYARQAAl4EAGIfD60XA1tibG9jazQaYSJXaGl0ZVkeD3MeCQonAAN-Hp84OTA0MDQzMDP0CAgAHgQP8wAwHTdwHiA5MRQAD_MAZg8bDwkyd3cu8wABKwgGwAvyAi9wcHRtLmpzP3Q9eG8maWQ9MgYAJgAP_QUTD8ELAAkFAQ8uDzq_Njk5MDkxNzA0NjH-BQwP7QBCD8YDAQntAA_GA0AG8wAfM7QMDGNyZWRkaXT7CgCFG1BhZHMvcHUUD8UDEyA4OZMMDMoHD28gR783MDAxNzk4NzkyNXUODA_aAC8PxRkAGTHaAA-6AUAG4AAPLBcJAMoeD08h_9QoMTm9Hg9xAgtAZXJyb7sbL3JlfSUZAfIHD0khGw_BI_-5D48IAA9yAgoYQdodD3ECLg9wCQjxFXVzLWNlbnRyYWwxLWFkYXB0aXZlLWdyb3d0aC5jbG91ZGZ1bkgmEXPHHgAJFgItHSBzLZUpVi1zaW5rjQhSZmV0Y2i7AArWHi4xOdYeARQABZEJX0ZFVENITho5ANgefzgxMDc5MzaQCAgzc2MtlgcAph8hc2PZDw8KIxkeNNkALzIxByhJjzUyNTA0NjQ2YxMJD9UALQ9NCQAK1QAPIgULD-YjJBM52wAfOS0LDA_oFg3PQVctMTA2OTkyNzk1JxETHjQQHD8yODkoFUW_NzAxMDc1NDc1ODHFAQgACg0P6gA_D9oBAQnqAA_aAUAG8AAfNCcLDA_wAAcHlS0KyxgwJmw9khOmTGF5ZXImY3g9Y44EAoMTD48EAD44OTV5KBkykQUPGw06AG4Kbzk1NTkyOL0rCQ_xAQsPAQE8DwgCAQkBAQ8IAkIiMDEHAR82UB0IMHRyLssnMmNoYZEjYGNtL2k_cLIs8A84YmVmNDliLTRiNmYtNDc0ZS05NThiLTVhMGJlN2FkJmBlJnVfc2O2LPEVYzA2ZDQ2NTAtMDkwMi00MzU4LTlkZjUtZjMwNWJkYWUxOGY5LQD2GWxpZD02ZGNmNDllZS00ZmY4LTRmZDgtOGRhNi1jMzQzOGQ1ZDA3ZTNXAg8ULgYAoi0NMxs3MzA0SAQBqStfRlJBTUWqKz5wNjk3NTE4Nq4rD1YECAnTDCNwL2MKAx8uD4wOEz45MDTPCCgzMFcaD1YWO58wNjAyNTIwNDMYBggP2AAyD2gtAArYAA8VA0MD3wAfNLcBCHJzLnBpbmlt2S9_Y3QvY29yZa4BEz44OTX_Ex8zNSFJnzAyNzkwMjY1OCkbCA_QACkPMBAACtAAD6YBQwLWAC82MbsECHBhLnF1b3JhoRMhL3FKCh9zpQEWDkcKNzMxMToED5EGPX85MTQzNzI3LCcJD88AKA-kAQEJzwAPpAFDA9UAD2YHCQA6LSBzaUQmgC5maS9zaWZpISH2FWFlOGYxYTkwLTdhMGMtMDEzOS00MDgzLTA2YWJjMTRjMGJjNgIGD1kICB42My4ZMyIiDxsFOb82OTg4NzcxOTM1M5YCCA_yAEwP6wECCOQjD-sBQAb5AB81-QAIAEcID_gwET9vbGTyDRdOOTA3MuUHHzE_EhcPHQ0kUDc4MzcwnCwPzQ4I4WNvbmZpZ3Mua25vdGNohwT3F3YxLzY4YzdkNDZkLTRmNTMtNDk2Zi05OWJhLWVjMTdhYjJjMWY2NQsBNTUvc3Q2CwAuOTPzNgIUAAXFD39SRVFVRVNUxw87nzk3NjU5ODU3OMcQCA_6ADEPvRAGD_gADw-9EEAP9gARADIMAuwBEC3WJgBYGBBrzgRwbGF0ZXN0LwwAA9kCYD9hY2NvdWI7Hz0PAhsP6wQID1gIAQmHIw_rBDx_OTc1NTkxN-sECQ8RAWsPCgUBCREBDwoFQ8A5NzU1OTE3NTF9XX0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:10 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 09 Nov 2023 22:56:09 GMT

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame C451 90 B
772 B 358ms
114ms XHR
application/json 34.30.96.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&t=1699570569783&v=1699570570496&z=1&S=0&N=0&P=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.30.96.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.96.30.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

1bd57c49ba91755c0f329b31c71e60a11b9c72ae0d5c0b035b548a05efa11dce

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Nov 2023 22:56:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex

GET
H2 200 checkSession.html Show response
support-digital.norton.com/system/cb/cs/ Frame 272A 2 KB
2 KB 180ms
180ms Document
text/html 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/cb/cs/checkSession.html?wsname=https://us.norton.com

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Resource Hash

44c6f774243c238ccb1bcebcfb9824dea5fad8aab88d33feff8ddb8bce133b36

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-encoding: compress,gzip
accept-ranges: bytes
cache-control: max-age=86400
content-length: 1606
content-security-policy: frame-ancestors 'self' *
content-type: text/html
date: Thu, 09 Nov 2023 22:56:10 GMT
last-modified: Thu, 02 Mar 2023 22:28:20 GMT
pragma: cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-ua-compatible: IE=EmulateIE9

GET
H2 200 iframe-style.css
support-digital.norton.com/system/templates/chat/nll/css/ 6 KB
2 KB 228ms
228ms Stylesheet
text/css 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/css/iframe-style.css

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

ae3fc72ba0700c4ec7a25c06e10fe8a7c015cdac58e5a1765b78a650031f8791

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:09:36 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 7fed6094-87ab-4364-b54a-c49221397228
etag: "7360571abb598adc0de570d517389551"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638a-6c482a162c3128f27961ee40
content-type: text/css
cache-control: max-age=7200,private
x-amz-apigw-id: OJx9tEfbvHcF12A=
content-length: 1244

GET
H2 200 index.html Show response
support-digital.norton.com/system/templates/chat/nll/ Frame 134F 64 KB
11 KB 218ms
217ms Document
text/html 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true

Requested by

Host: support-digital.norton.com
URL: https://support-digital.norton.com/system/templates/chat/egain-docked-chat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

713768777efe66182455be5e7bed444b80c8a67e9151943bcb800c7d19f6009d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=7200,private
content-encoding: gzip
content-length: 11258
content-security-policy: frame-ancestors 'self' *
content-type: text/html
date: Thu, 09 Nov 2023 22:56:10 GMT
etag: "58ced9723cd1dda918513c15cf4abc0a"
last-modified: Thu, 20 Apr 2023 12:03:40 GMT
server: Server
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-apigw-id: OJx9tF7ZvHcF4EA=
x-amzn-requestid: 0b4f9450-6da8-4b27-8bb2-00511e8bf876
x-amzn-trace-id: Root=1-654d638a-10dcbcce10f1c97030b175d4
x-content-type-options: nosniff
x-frame-options: *

GET
H2 200 c Show response
ids.cdnwidget.com/ 61 B
230 B 155ms
122ms XHR
application/json 2600:1901:0:56e0::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=048131109&GCS2=OTc4NWQxNzYtMzNmZi00NjdiLWI0ZDctNTgyNDg4N2NkMDk3LmxvY2Fs&pe=false&wsid=2004&varID=&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Atrue%2C%22pixEN%22%3Atrue%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A2004%2C%22loadID%22%3A%22m7t4ZcX9AXQByZ4%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A111%2C%22IDStageStart%22%3A111%2C%22netComplete%22%3A335%2C%22obsReqview%22%3A391%2C%22obsReqdata%22%3A550%2C%22obsReqpage%22%3A698%2C%22IDStagePrefire%22%3A698%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A1%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%2C%22deviceid%22%3A%22449419384571103460%22%2C%22visitid%22%3A%221699570569770897%22%7D
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:56e0:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:10 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61

GET
H2 200 eGainLiveChatInteg.js Show response
support-digital.norton.com/system/templates/chat/ Frame 134F 4 KB
2 KB 198ms
196ms Script
application/x-javascript 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/eGainLiveChatInteg.js

Requested by

Host: support-digital.norton.com
URL: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

19c15cc50396c826c9b0faa7087e76f783b310a9c77a4e3a52d4d2f4de35b7ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 09 Mar 2023 13:40:25 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 055eb005-3a6f-4949-8ad4-521386d18a93
etag: "f3c4847eff73147613af24d70c724caf"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638a-7ea7e874534604ff58c830c1
content-type: application/x-javascript
cache-control: max-age=7200,private
x-amz-apigw-id: OJx9vGyUPHcF5RA=
content-length: 1450

GET
H2 200 quantum-norton.js Show response
cdn.quantummetric.com/qscripts/ Frame 134F 344 KB
93 KB 30ms
30ms Script
text/javascript 2606:4700:10::6816:34fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/qscripts/quantum-norton.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10ee5dceec424da60cca73a53be7dff3c07fb7c020dcccab6e7a743dc390453c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	no-sniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: no-sniff
cf-cache-status: HIT
content-encoding: br
age: 2
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"169342180800116986872540001691740804464"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
x-robots-tag: noindex
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-ray: 8239a5c39bddbbaf-FRA

GET
H2 200 template.json Show response
support-digital.norton.com/system/templates/chat/nll/ Frame 134F 33 KB
3 KB 278ms
277ms XHR
application/json 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/template.json?cache=1699570570811

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

33d65952c608940b28ba190eee0de5af24e53d776f0a7c020db74a339cca2000

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:03:50 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: b31a89a3-c921-45fa-a2b0-c8514ceda2ee
etag: "78001f19df66869c167d1fd7b693759c"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638a-083956d21fac399a3ef737bc
content-type: application/json
cache-control: max-age=7200,private
x-amz-apigw-id: OJx9wEoHPHcFnKw=
content-length: 2493

GET iframe-style.css
support-digital.norton.com/system/templates/chat/nll/css/ Frame C451 0
0

GET
H2 200 / Show response
norton-app.quantummetric.com/ Frame C451 28 B
730 B 114ms
114ms XHR
application/json 34.30.96.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?s=fa42e0e564860015b1f822d05e20450d&H=dfce241cfbe4b3f62bd028b4&Q=3

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.30.96.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.96.30.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
100 B 174ms
122ms Image
image/png 34.102.193.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=forbidden%253A%2520disallowed%2520country%252C%2520country%2520code%2520is%2520DE&cookieID=&deviceID=&BXWID=2004&warpspeed=2%5EHIykD&loadID=m7t4ZcX9AXQByZ4&version=1.5.9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.193.102.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/png

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 3 KB
2 KB 103ms
49ms Script
text/javascript 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=2504&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYBOYgVgHYAGSqgDmIBZNgAvEKAWkKswHcApgCMcqYAID6qACZQATFSrMATgJwgANnDQYCPKgA98C3qpgDlq5VGwBDDRtQIA5hLjKNUABbBgABxwAUgBmAEFAuQAxCMi4HAA6BBBlUAR4pBAAWxihDRBnGIFMi2cnZ05gL1VbYCCopJSMTiLbVA1OHCRbTJxMADdUUWAJDJAAa1QBKECKACEIuQ0-BZDwuTkffzqyMIiyKL2ouMTk1PSsw8jc-MuikrKKqoEa7frTppa2jq6elbkAYQWyhWu3WKwoABFsCBxpNpnMFtIZCC1nJGIwmPhiME6IxKPh8FRgoweH9AesBtIUURSLQyCQKNQGBQIuS5H0UTN5uskZ0QIhht1+QhgCiqKyFup3EhJMAAJ5+AQomD2HBKgGI2xynASUASAQGPyoZQ1dAIZWq9VspwZTJlCR+ZQgaQSHBwIQSDQCFyVC0aNUS9ZiIo6pwjWwpMWBuRdSNgsIq-1WxECLQGSS8jICqMa9YwY04Yax4bB7Lx0KJgO5uT55SF8MpKTiTISfMGP1VtkCPoWT35ZwCF1ODvJ9aO51wFASVS24oIaSmjA5tm2GD5xw1WUK9VyVaV0dyVfr1Cb3XbiQDhAWewj6MZIQm+f2vwR4BX4Hl-fRo9tE-ifU9iKt7Vj+G7-i+Jo9BIYC2Oan6Wt+a6-qewAmkgEwuMBbJ5M4A5DggUjSN6aD5oOWELKBf6SBB3Q6vej5Iph8FJohx6njRUH0bBjGuHAfgLuI5HrMWDpaCajjypyQbNmSCy1pIlGnhgMpCTGr6ugIorMZ2CwiQAjpJ5bitWIl9PYcA7qsxlsnxzgmkRLogGuva2GZbS2LklkJghIFCNxGBzsML4DqpCCuRIREDDKUjIK+t6QtG0jOJEBbAAAMiAthUuWqEWTMUJmXWADaXTznK062OhEgDKInkALqwJa-QRjgJVeAI6H8iWzY4A1+7NcVSDtZ12iuuIfh9U1hWtZmwqCpkc0Nbw01tTUEhCCABgOqoaoipNSYDa1ao4KIGASAtC4aNtajEftaqHUVZ2qAMAh8BIyREcoY0CBNjUHStZmOC6WZ+Bgd0CA9SBIBICBwJkQi9sRFiDuDD1qkg7hiOVGREfqIrI9IqMrejGAuo6RSoHDIyOOhKN-fdxP8so0XyoqRMtUVC7arqID6oaxqLgg7PFTaWTPk6Lpuh6Xo+l4wutaWoYEcWS0PTheExfLJXQ7Y2hOW0XqE-TEMrSrxsPURaYZoMWZ7VAy0cyT85jdxEbAzTYx0-1xMdaTEWpnA6bU6gtNG97HO1vWImllrkdFuppatqgBha92vbq4Omvmyt47SJOwwzlkc4CWaqsrYp-6swIWsV1uioXt614aFrXFPi4Dqvu+Wsmm0EhZY5BHk7twA10hYGSGndvh8Vtcd5BOowUL2cc35ojQ46IfVzYxPAK7yhk8om8NRbAdBxvMrHznqh2lT59bw9q8h24HgNZsASrAA9B-xwNGctqIERfMV5pBo13vON2z9m7eF8O-MIX8f7vDSP-ecAggGDhPlbSBr8YFBDgd-BIv8MDnEyAA1BTh0FXwplTdwUC364NCPAghiDiGkLQSAlaqAhBbWCnXLe08FZcI7gOT0WouqXw5pwraYZCwgHQg1fAD0DSDDQO3DGMjijKFHmxSuaEMLOBbhgdQXpXRMwvlAJEM5gBq37JnMMMhiKoFImHKaHNAYyAilkVoS9comw5rPDidEQAPm4mULRyFwIRloiMIJDF7R8QEnwlxg11J+DEvYLGDVSwPXkn3MeVF3rIESf9DmIk1Qj2XskxsBk5RlxKepQGFlanFVzttI+FTWotLCsUFuXgagXXsH3FAqAeyp0yK0K6MjVDOOKcVDaiAZRSMyEPU6S9+FFXHHZbohFRnjLGskTOfQ5At3UnkLKXskmtTiPaQcwiHwgD4GqTR7Siq2XspnJy5gvquXGR5L0Wtc75xht0AQRznkeX8ggQKQiikMw5kkMywcHFGwevC2wEgvBiBkOI4qqK3CPKxdvPx0ggmSEyEgO0yLTYwgmKS50Ayh63SgD4lF4VIqbximbNZYU+j+yitRX63tAGcxtnNPuC0BRlyFVzHUeoDRGhNDoVZU0hWiztO3FpUtPTemcJUImKqeoxQbOU5aUrT7Wz5BK+2-QhVxyNU2IoScU7ZyFQCqchdMjF0FpK1BRVZ5Vz1T6v155LxNwDTAEqMSQnqs7hYMNvq8mnknuUwVgaE0RPntBWCca-W6NCc6n1Gd8KEQcU47NabqKRM4pGtu+j83hv8ZWwJwSa1uH4puONOTZ7KRhSbIVryzmOWcl8tyGhfk9utYGvy84ArEWhajUYNKea81HcoAc5shB+CtZpTdRUABEIlkgjGGmMLqu6AA0+7NzOGSHKc9u6vBZAEHe11wA71qgjENXddVMB+FqDYW0qSTyFNbKO5w29elQCAA
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 7a75280363363fc7d627006a615ea2d38a73e5083ae6b66563c9cf8229cd656c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:11 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 09 Nov 2023 22:56:10 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 26
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame C451 0
644 B 227ms
226ms XHR
application/json 34.30.96.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&t=1699570569783&v=1699570570875&H=dfce241cfbe4b3f62bd028b4&s=fa42e0e564860015b1f822d05e20450d&z=1&Q=1&Y=1&X=8dee3e748a364948ce89a5254377bbad

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.30.96.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.96.30.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame C451 0
644 B 140ms
139ms XHR
application/json 34.30.96.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&t=1699570569783&v=1699570570999&H=dfce241cfbe4b3f62bd028b4&s=fa42e0e564860015b1f822d05e20450d&U=d8a7dd369a797d2593b3b5a72885001d&z=1&Q=2&S=0&N=0

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.30.96.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.96.30.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET
H2 200 visit
events.bouncex.net/track.gif/ 42 B
106 B 33ms
25ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLpJSQBOFkZVZnUmSWo5NgBlFAAzFCQQJ3pXd1UAMlAIGCQEeuR+pBxu8ChoCj4eNFN0BFgkUhw0yEhTYWo24xp6Ol26eEZMAiRIAkxGeOyD2htSAjRbhBykNBmAWkgMhBRITb2tBOZwuHxeKDIHzA8RQWTAY160H6YAIpFgkBAF10OEkpWYCImyNR6MxmAAnjidPiehN4vBzllgE0QCh7ggwDhKC5tNQYXwyQB9VCJAU0tk0ajyHbUaiNUiICUhCXxNIJJLogVQF6bSVyaWylDy3KS6ihGUqtUEDVgSAIUyKvUSuUKmVKmW8cDXWDYAWwq3YB361iu03KtJ-AU2Ai6AWmZFYSCBp2Gl0ms3URBgCAXAVZAi8Q2x+MB12OmXO41u6g5-qgBACAWnXjIAU2u1J8spyuhmVM8K8AVe0wXDsGo2Knu8+ICzCwLI2FsJ5AIXijisT9OIOnNSCC67NgVL-qr0v69chzcJC4DuMvEBzwfhRIrtddjcSlGLeIIAW70yVssx1TKsCzJMBfwIQ9dFMEBUAxEdT2TccLwlHhriyGYi3zVtYBsAVLEwNBvlfZC01Q204U1TBByaRNEJlYMyJlB40AwAceBI4DJ3iacUHRAh6jISwT11M83xQ81aM47t02bNFdB-D1oX9OjRIlRiqy3a9W0gFA+CaAd4ifKIRKlJCuMva4+AFOTYAUx8QGfUzAPPJjZVgm0aLOTUKOk99yw8yAvKCrUsgFQTdD8iTqAQYAWxYtiqKity43zWB4iC-p0JyfT4MwUcNMnBpBPCP4fz-ACxNIqtirIFlbV-Ml-wFDBMGQQ1kqra4bFQaZCNjWi2qQTrJ1QMhfV4Acc1vRASzUztqqK+oSvqn9YoTEb01q0qGrmVBKIAKz0zaJRsFAIGnONHMqic3JtPSCyQG9mm-Ud-OoWz7Ku176JNFL+gwh9vpukM3LOi6BUWUhR1WdZhDLWgnCOYFzkudDvWbQS2tMyd7v0p7IaWGG1g2Mz9kOMBjlOVGrmyDGBh4F9os+n8oeJuGycRimqZBNG6b4Bnsfe29AbCtnfth0mEaRymUYuWmsnprGmbckAbBjOYMEa-8TplNWNfmfCUDJK1VLJv6q31qidIIRJR0kd6EF0cAMX6ukbWyZBdeobbVt-YUIhmb2rJRSxWytJAfvmj7YISM3JwSldrZAZtsBAQSVfN1yqz7FObOyCF8t+yAkFgGSJV9sqBv28Dut6j1CO9yvdqaWFa4IHqHsw2BTALW1g9o2M0VQcJd1HUL3sE-pfWWuqq4uKOs-EtyYW8xAzZc5eusHgBHMffsK9NV6Cvsy4K4XMme67vdSgdMFhEGgPL81w0gPMC1IX0MpAOLvfBcaPbHm9lGb034YwgCyDNbMRdo7Z0nKlNA+1NTOSqhZCU-9P6AKTsAC2m9FpH0Hg8FAzYUHmWftQeAmEVxax6oIRAw1fpwPTD3RBxCk4CUGEgX0TIyCsksDfS+6Ugr3xyLg1B5DWQPQuDlIKmtH5MIlCcJkDkEwpzetFJRKABRpCgGo3671NGQ3oXo6O71iEdx-FkeIGFSGgy6gQAggdLH5kLDNDaxdS7kPvsAGysVrpUWPt7bxvjQDfljPaRhW8XAABECQwGuI4kACBOTcglB6Wx1B1DqAKOoQocgAAc5QXD5GYHIdQpR3qgBQbiAoBR6AuGYPU5gtS6n5OqJOYASZUkxJAmgWggUAgEGIYGEuZ9Jz1GABvYwNS6kNKaTVAggZgzplIBE6OksARlkBLcZG1N5boVuPcR4zxXjvEIl8H4fwAR0DlpgMEWQISkChDCOEZidRSmWRKYAphOmngdpODJON0wMNMdFeIkzAwzKafM3GJipQfH+emNA8QQVSj2FWLISyqykAhX81QtToUNKrGkeI4F4C3MhVyWJ8B2qtRgLQoQyAcDpEyDkToNLUB0ugHFJA0CcSFGKKUcojBKhyHZfQ+Y2BoAWD+PUU4WQcAqH4EIKQ+IOWSpgM2UJCAKo4GbGACI5xTCdHdgyZA0BwzKUwDy20vAcD4gwAQaAXpsBIDJPuZJ0SACinRHXOpUm6j1cgcDeoAKq+oQE6l1JcyQiOSXEJADzyQRqdf0d4FwcAKAAJopqRAgdNmA42ZpQEyZoKBc3xCgBSHwyBUS8DAGdFUubhz3VIB6nABRJByA8BWi4rsEztq9eG9+yT8QCFsL0BAKccBUnUHE6dUK5kNJafQNpnQtXXWnVknJeTCn1JKWU0onQ5F1gEAuzoiAd5l0wN+ad+IjJJOwBiHI91IE4nxbMxpxTmAyhNeEBMKAYI8r5bpNAYqN3fj1ReiOkHx02E6BqnAHKgA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:11 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 pageview
events.bouncex.net/track.gif/ 42 B
106 B 39ms
32ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NyhAdAHYD2qubLTAxmwFt6AI3Rsw9CAIiowMFmAC0ubKgghcJWu07dFUkDHSLCvEAMIAyUJFgJEvRlwFQQqGCFERCmYgHYAIWoqMxYAEwBPAH1UEF4AayjYQhgvYLJKKioAMxB0Qgh0qgBhYN5sCAS2ZFwomFwpLSoM4Nz8wqzqUqzyyvjq2sIG4HSKVryCou6qMJhTapZa8wXcUcyqAAYpsuwNKOE2AA8o4DUCxbXx9u2sgsIU7iiBNjC8k7OIC86xrLbJzpKwUeajs8CiHDCMiiQwgI2+6z+HWagKyrnQMDCUX4yGA3EuvwmSK6ZV4URYyAEwihnwaajC+JyhJuVAKjncuGi-EhURpMgg9PhV3+yOmrO4mNOUhgFKx6IS-IZiOZhGqqF4ECiHOARJ+jOuAOmrwihE1bB5h2AMFiuBgeMFBP1IuC8n4AnkYHeL2hyGEUXQnzAKkVTINzoaFjqLCxblW9s2zLEYEgmPkwcdxJ6pJANTY2SM-oFzV1StDPRjaeFGZmEHQyEOGtm82QXyL6y2pZZlXF0NwIHCbkxvDl8QVcZLTtuXfCUUhtfrspg8sLLQdlZROStQ2jnDq4YrRPXedQW7MO-qUiiecO++Z0ChieTkZvHdOL2QvFqald0n7NrtreCdsJyoEBsjzdENA1LUdQRENgNA8CPAaTUIm1KJIBYGQ8mfYD+GEWJwndE4Y0w1AcKrWIjCiEAwkxR5JXOWMANXA9pgQowkI1O8WxXPU1zYsCOMg4jYgjAArPtyPXYQQBSUlTkXGCimAoY+1eVAJXcdUGWZWc6w1BTtLjZlJTdGVDKUgFgJkuSojQdAGTwAgSB+OhaEYVgOC4HhXWbSE80w5d11U-sNLsjBHPwIgVzchhmB0by+EEPyIAC0dgL0+d7Mi5yYvoDyEu4JKBBStKgumUzpQEcKHLjJzotc-L4q8orfPCVL5HSqtUmOGwoNQyy+NY51hF68ANXQEAIgGHSOx6yMezYBIGQARlvQ45htBQsScQQZCkgTEOE3BYgSd0DrKbgVX9aFVSM5iZitSomKrB9+QWjEaRgPMuuLOCqzRDEZ0EQwWAZE7kGGrJ2Ig5DQFEk08II2YFAu6HBNhgy3HMRG2HwtSiJxV4GjRkIYxOWtYnRDkGXPIQOyPDUYc48EWHu3jxyrU9BggF6-vTdduaiABHGm4yArnybRSGGQl9dX00xTSYVslzEGznBd2XBnledBqI-GAoHV-71wMKihg4X7YIF6YDmbdVjhgAQGIeMGxxNirUHEUS6mXfn+OCM29YtukkmRB6NemIWxBoq2hShqhGCI-lIH2L34AKMj3Zt4IcTAWJITosCoRAVwjE8f1la9sJ31qFg1fDjmPeCTw1O4H9aj60n2FcBcvr99ZmR7kAomweoMVm4Dh7szOJ+MjsaLxjUBF4N0B+Urm2DYeI4CeF43gYmlwdQGWO3rqAZ2gRTI257vS8v2B1ROOEI-+vwABFrHG0EHC3nfvBgAALwgJgFaGwqB+C-rYOASBQjcEXHkHAUUXKZFigVFqPlBAiETJIaQsh3TKFUOoTQ9BCosH0AIQwxhTA4ygVfew-Bt67y4GaSasgQGIjoT-Rh-8ULakwKQYA+QuEwN-kwjUKRgGYCoAANlIBsSwrpgAOGdpgBRSjEC4F4NkNRijBDKMYMAXRGiwDACMQonWICFHwAgMIFIDQMTSI2BsAALJYZI48wigJkQATh8QAVj8BsQJGw-EBIABykEsJCR+EBHEuJcT4lxK0fGkHCS4wJK0wGkBcTIhRfVQSOJWpYAowtIZsziV44pQ44CLBtNIVSqiVq+ICUEzJ4C3E1JpCAS0Rtjy2hYJgXsYAokxMUpgMIJS7ogJscISw41FiYEYDIIAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:11 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 6
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 item
events.bouncex.net/track.gif/ 42 B
104 B 33ms
26ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/item?wklz=JYFwpgtgXMAmC8A7A9gJxMxBaSBDYANlgM4DGuExApAMwCCWuixA7mKsVhlgJ7ICuqLADNUYAI78wiEAR6NiAazCwsksMRDBMnABTDc44gEoAZKEhRSyAA494AOTQZEVAEwAGPIXceyFanpfOmY2Dl8MXwBNAVRfADExdRk5YKUVXwBFKU1tZl9deLpMk3NwaHJwAHM0exR0TDLLYAhcKrBBAngACxAQG0C6d3jhgCN+eU1cLVIAOnqXWesIYYXMYYHh3GFhccRYAg1hlrajt3iCZBqsNewCAlmbRCqm6E6evs2g8+H+YnnnJglsgVudRpcqsNIOwqsBnlxumJptRzrccK1CCRyJRXjBmBhSIp4CBUFJTBBkLAwPAPKY2KNiBY4PBPB4ACymABuwEZWgQAEYAGwATmFAFYAOweSUeUXigAcNFMVO5pDAzLZbOFbP5wpo8rZkv5-I8NDZgtpNlO3LALGZ-NMxAkUkQauZblMpAIwGkfRaGhAFBs8CFoplRo8bmFnu9vtwNmAnPYjMwxLaSpVwDV8Fgjti2fpplOMngf3YQA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:11 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 view%20item
events.bouncex.net/track.gif/ 42 B
104 B 32ms
25ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/view%20item?wklz=JYFwpgtgXMAmC8A7A9gJxMxBaSBDYANlgM4DGuExApAMwCCWuixA7mKsVhlgJ7ICuqLADNUYAI78wiEAR6NiAazCwsksMRDBMnABTDc44gEoAZBGSww8AAym2AI2KgwceACYbNgCymAbsDOWggAjABsAJwRAKwA7DZxNlExABw0plYBpK4I3t4R3iERNCnecSEhNjTeYXYADrgA5mABYCxuIabEElKI2W7ppATA0iBaEBogFHXw4VGJ5VV2QyMyuHXAfuzOmPBTjemZwNnwsF0CqCeOpk2j8PzdqEA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:11 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 cmp
events.bouncex.net/track.gif/ 42 B
174 B 31ms
24ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/cmp?wklz=MYewdgzgpmAuBcsCWBbKBlWBDFAHAvAIwBsAnKQKwDsADBWVQMxUBkokMCAFlhAMLhocfGBABSAEw1geFihAATKPhosA7lABGEJLChIF+KTQAsLAG5IdyQyXLU6tcpQAcjFksvB9hkydImhKSMLibUhIQ0jCbEqrhYAOZQllBqBkQs0ACOAK4w3ulmwAA2SJzIaBDYeERklLThdBRspZxYuEjmUABOOuD42Anunkje+AqZIDndYxqaLImc+DnQ3UA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:11 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 core.json Show response
support-digital.norton.com/system/templates/chat/core/common/ Frame 134F 117 B
552 B 225ms
224ms XHR
application/json 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/core.json?cache=1699570570811

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

86af172e9ce86f4d071b306ef41262ff9dd22e6eb04699107d20f185efbf74e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 09 Mar 2023 13:40:11 GMT
server: Server
x-amzn-requestid: 8d669c28-aa80-498c-b0b5-b2629a7758eb
etag: "8ec85de8b981388fe0201d28f0dd57c1"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638b-7d5670213a34714b6f1382c8
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=5184000
x-amz-apigw-id: OJx9yF0zvHcFZvQ=
content-length: 117

GET
BLOB 200
OK 3250d7a0-04a2-4397-b069-1da8b29d0804
https://support-digital.norton.com/ Frame 134F 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://support-digital.norton.com/3250d7a0-04a2-4397-b069-1da8b29d0804
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08b4a2b1c1d126faa01aaf03e54b3099c166bbea70aab7d01fb4ca52148dc35b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 17224
Content-Type: application/javascript

POST
H2 200 / Show response
norton-app.quantummetric.com/ Frame C451 0
644 B 115ms
114ms XHR
application/json 34.30.96.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?T=B&u=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&t=1699570569783&v=1699570571145&H=dfce241cfbe4b3f62bd028b4&s=fa42e0e564860015b1f822d05e20450d&z=1&S=8295&N=99&P=1

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.30.96.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.96.30.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET
H2 200 template.json Show response
support-digital.norton.com/system/templates/chat/core/aria/root/21.0.0/ Frame 134F 40 KB
6 KB 198ms
197ms XHR
application/json 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/aria/root/21.0.0/template.json?cache=1699570570811

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

35841586916c42ab55342f74b9781124f437369bf38be24488ed5aeff7693256

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: e13e91db-aa93-47e8-8243-203c2c9e7dec
x-amz-apigw-id: OJx91F-TPHcFj2Q=
content-length: 5476
last-modified: Thu, 09 Mar 2023 13:40:04 GMT
server: Server
etag: "950f57208211246e43c952f2f5a1e248"
x-amzn-trace-id: Root=1-654d638b-79b738fa6edb47c330fc2444
x-frame-options: *
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 / Show response
norton-app.quantummetric.com/ Frame C451 0
644 B 115ms
114ms XHR
application/json 34.30.96.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://norton-app.quantummetric.com/?QUANTUM_WARNING=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&CORS_LINK=https%3A%2F%2Fsupport-digital.norton.com%2Fsystem%2Ftemplates%2Fchat%2Fnll%2Fcss%2Fiframe-style.css&hit=dfce241cfbe4b3f62bd028b4&s=fa42e0e564860015b1f822d05e20450d

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.30.96.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.96.30.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000; includeSubDomains;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains;
content-security-policy: default-src 'self' *.quantummetric.com; connect-src * ws:; frame-src * data: blob:; font-src * data: blob:; img-src * data:; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: *.quantummetric.com https://app.getbeamer.com https://backend.getbeamer.com https://realtime.getbeamer.com https://static.getbeamer.com https://ajax.googleapis.com https://static.zdassets.com https://*.appcues.com https://*.appcues.net https://*.qualtrics.com; style-src 'self' 'unsafe-inline' *.quantummetric.com https://fonts.googleapis.com https://app.getbeamer.com https://*.appcues.com https://*.appcues.net;
server: nginx
content-type: application/json
access-control-allow-origin: https://us.norton.com
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET
H2 200 external-libs.min.css
support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/css/ Frame 134F 202 KB
31 KB 229ms
225ms Stylesheet
text/css 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/css/external-libs.min.css?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

8454a8ebba1b19a39156e9548761de9d366cd4ee1d1031305d2fe4a6e78474cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: d24c8f58-9e04-44c5-9c33-ac29c40402f0
x-amz-apigw-id: OJx93FElvHcFvng=
content-length: 31445
last-modified: Thu, 09 Mar 2023 13:40:12 GMT
server: Server
etag: "7221481b7871e0468efec92e57e15b2c"
x-amzn-trace-id: Root=1-654d638b-21b1d03f32b81c9b688bfdd6
x-frame-options: *
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 kb_ckeditor.css
support-digital.norton.com/system/web/apps/resources/css/ Frame 134F 17 KB
3 KB 395ms
391ms Stylesheet
text/css 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://support-digital.norton.com/system/web/apps/resources/css/kb_ckeditor.css?cache=21.10.1-0-202303030620
Requested by: Host: support-digital.norton.com
URL: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-237-206-228.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: d3f62c0e83358ea15bdac14acdfcd658d3004a155edbb30dd37729732767a536

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
content-encoding: gzip
server: Server
x-amzn-requestid: e3ff7828-768b-410a-bc93-fee1abf3d4df
x-amzn-trace-id: Root=1-654d638b-64b48b5a6206e78c5899a5d8
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: OJx93EYDPHcFXnQ=
content-length: 3000

GET
H2 200 application.css
support-digital.norton.com/system/templates/chat/core/aria/css/21.0.0/ Frame 134F 190 KB
19 KB 219ms
215ms Stylesheet
text/css 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/aria/css/21.0.0/application.css?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

d6ac85ccebb4f4f5577ee62f197b01c80e01c813454ef5c998df0d4f378a89a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 63c536a8-838a-4961-8815-1f3b34524cd3
x-amz-apigw-id: OJx93GOlPHcFroQ=
content-length: 18667
last-modified: Thu, 09 Mar 2023 13:39:44 GMT
server: Server
etag: "3ead93c30b205ebf08a4d4fc4b8f7997"
x-amzn-trace-id: Root=1-654d638b-5d3c71d4669a45c7522d3ff4
x-frame-options: *
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 custom-application.css
support-digital.norton.com/system/templates/chat/nll/css/21.0.0/ Frame 134F 271 KB
28 KB 395ms
392ms Stylesheet
text/css 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/css/21.0.0/custom-application.css?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

6f18ee6b80b3cf696d7fe22e4f7ef414301f6c3d4396f7c3d13d23eea7166e2b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:09:41 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: b09bcf65-4d70-49be-888d-dcb9ba4fc6da
etag: "4ce3b209df79f58b2cbabc315e5e0490"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638b-31015dbb3774189f50257fb7
content-type: text/css
cache-control: max-age=7200,private
x-amz-apigw-id: OJx93GEcvHcF06Q=
content-length: 27721

GET
H2 200 external-libs.min.js Show response
support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/ Frame 134F 519 KB
164 KB 408ms
405ms Script
application/x-javascript 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/external-libs.min.js?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

7065fd91818e713fc7e0b6ede5b478108d14b23ac56999774018fb8bc22091ee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 362c71c4-fc8d-49b2-bf98-7b2b4a75e2e9
x-amz-apigw-id: OJx94GUHvHcF5_w=
content-length: 167665
last-modified: Thu, 09 Mar 2023 13:40:12 GMT
server: Server
etag: "13ea55e3b01e4381a7e2e8d32b08c241"
x-amzn-trace-id: Root=1-654d638b-21f39cff2ecd930008e4d7bc
x-frame-options: *
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 egain-bundle.min.js Show response
support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/ Frame 134F 735 KB
163 KB 585ms
583ms Script
application/x-javascript 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/egain-bundle.min.js?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

67ea25b667e682329257a5d41f9c64373b8715f2d6891fbb846cfbd008da44b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 062ba692-a5ba-40d5-90e7-3c1900172986
x-amz-apigw-id: OJx94Hn1vHcFrYQ=
content-length: 166367
last-modified: Thu, 09 Mar 2023 13:40:12 GMT
server: Server
etag: "c2dae2d24bf2138b2c36c6fc1241093b"
x-amzn-trace-id: Root=1-654d638b-6bcbb77a24db76da195eb51f
x-frame-options: *
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 angular-locale_en-us.js Show response
support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/i18n/ Frame 134F 3 KB
1 KB 394ms
392ms Script
application/x-javascript 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/i18n/angular-locale_en-us.js?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

36f3de8125c18db4731b41f5403f2a7b9ac09fd6ed2ae40d4045f03a8cdd7a86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 9315d944-17be-4701-bf05-49e8987dbf77
x-amz-apigw-id: OJx94EU4PHcFzXA=
content-length: 973
last-modified: Thu, 09 Mar 2023 13:40:15 GMT
server: Server
etag: "fb917d46d4b430c3dd93382c7cea5101"
x-amzn-trace-id: Root=1-654d638b-77b25a0162fb901568abe72d
x-frame-options: *
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 custom-application.min.js Show response
support-digital.norton.com/system/templates/chat/nll/custom/libs/21.0.0/ Frame 134F 115 KB
23 KB 584ms
582ms Script
application/javascript 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/libs/21.0.0/custom-application.min.js?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

3db55960e8bf49c8012b7f7e17ab9660b284b26d59e01718833568336e837791

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:05:31 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 6a1fc005-11fd-41a2-807a-fe2805a3f274
etag: "d8b3ab3cf2d6768699fc528eb885fc1e"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638b-36ee649017d19f26546c0f88
content-type: application/javascript
cache-control: max-age=7200,private
x-amz-apigw-id: OJx94HPBvHcF_fg=
content-length: 22889

GET
H2 200 application-bootstrap.js Show response
support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/ Frame 134F 37 B
477 B 395ms
394ms Script
application/x-javascript 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/application-bootstrap.js?cache=21.10.1-0-202303030620

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

9b3c31d3c84a5c046be4503abe96bb606bc21dfd10db305ddd88331dbcd96939

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 09 Mar 2023 13:40:11 GMT
server: Server
x-amzn-requestid: 81290147-ce33-4187-8d39-3b1ee63fb020
etag: "20016a8332d9674a7e6c2e941b9fd924"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638b-71cd5fb2276f8d1316d880a2
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=5184000
x-amz-apigw-id: OJx94FnCPHcFQHw=
content-length: 37

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
39 B 96ms
96ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Thu, 09 Nov 2023 22:56:11 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 reloadCampaigns.js Show response
api.bounceexchange.com/bounce/ 3 KB
1 KB 53ms
52ms Script
text/javascript 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=2661&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYBOYgVgHYAGS-CigJk2AC8QoBaQqzAdwFMARjlTB+AfVQATKAypUALJgBO-HCAA2cNBgLcqAD3xyeqmP2WrlUbAEMNG1AgDm4uMo1QAFsGAAHHABSAGYAQUCGADEIyLgcADoEEGVQBHikEABbGMENEGcY-kyLZydnDmAvVVtgIKiklIwOIttUDQ4cJFtMnEwAN1QRYHEMkABrVH4oQIoAIQiGDT8FkPCGBh9-OrIwiLIovai4xOTU9KzDyNz8y6KSsoqq-hrt+tOmlraOrp6VhgBhBbKFa7dZ-QHrQbiZwgcQ4NQiDAg0IwezwiIQhhQ5x+OEI9AIZGojToigAEWwIHGk2mcwWUmkyIWCgUxAU+GIwQAHApaPgqMEFNxwQsBlJkURSJQaNRSOQucEMaKmXT1gzOiBEMNupqEMAmesqCL1up3EgJMAAJ5+fhEtG2gH02yWnDiUDifgGPyoZQ1AkGhjE9Fgx2Q5BZMriPzKEBSOFwQTiDT8FyVANBh0MJWQsQ9SQIEa2FIBo0hzFdYtgsIZ7MMKT8LQGCTqjJakvGwM+nDDCvDURFO0kh2YmBdntFvu58Sjgzp+0d-h9CxJ-LOfhxpyD4OY6OxuAocSqDKZYoIKR+pFVtZyDu2GCjxw1C3WzOrBY1ssLO8P1BPt0v6EUwsew5yHDsMkEX0z0jPwJwQCxQODLNQwYb82l-MQPSXPVENfFC0MfTDYN9PMwFsQkr3fedP3WAiMItX0kAmFxcI7PJnDXDcC2kFM0FHddWJo1D73Qv9iO6V0IKghkWMo9YP2QzE6LEosJJGEBIPImTXDgPxzzEQTFIWXsoy0X1HCtAN+2yITR1UcRlMwjBzUM2sTPhfUrw-csJ3EABHSyr1LHyUnEPp7DgV8wmChZdOcX16zjEB72XWxwraWxcii68FNrTKtIwU9hlgtdXJQhA0vEesBnNfNey3W1yVrKRnEiMcABkQFscUr2AZRItrGA+k8rMwklchqGlPKQGRGL1iWANNgCPZQX2aIGDW44GjOY9LmuAoNqiO5lFKFxHmqWpLm2j5MladpOgk286lG0I5oYPo-D6CVmoDHqjPWYE5OQ-6GCQYaJRICaZTekQ-tWBRa2cJBAZe-Zaxsl63o0cGr3G6UppQrwkFdOJrool78BmClwuUHAAG0ujPS1D1sJiwsGVAsoAXVge1+iLemkC8fgmM1ScihwHmM352mGeF0XtDhMQ-ClvmafpltdW1TItZ5nh1blmpxEEEADCjVR4T1VWhxl+n4RwRECx188NHNtReOt+FbbpjBD0XSZeHEZJ62UJX+BV3mbYN8LHDjVs-AwT3+G9pAkHEBA4EyQRl14ix1yT734SQdxRGZjJ6w9PU86kAuDaLjA42jIpUEzkZHCY-PI69uvNWUWqrRtWuBbp88XTdWFPW9X0dAQIfZacY8YJjOMcATJMU2cSo5-p6zXScQsUj1732M4-Nt4ZtPbG0ZK2mTGuu+Tg3e3P+tG2bQZWytqB9eH+uzyVrSRY47tzGJ3aWdcRYNyqg2OATY26oA7vfcBw87LdgPuLTI59UHjlCtZacqADDn0XMuE+64z4P29ruKQ+5hhHiyKefSBIj4G0cs+QeFCWEiUImwiQa54LmXPlJLSME4IWHPr6NoDkpBJQLE3S2wBz6sKwh7Dhw8lHiVIuRc+ghbAiDTtGBB-AeaF2AIA5QjdlCGOMQbV+sCJAGPNNY4eTdMgt0yObKxNgDY6L0W4DwPMlpBDCAAemCVtd4aRjyIHrKOeCUgTFmLjO4DQATfDLRCWEhIZNziZGifwWJ65va2Lgck1JWxVihPCY0SJWQ8kFPiQbFxbi-EpO8GkoJoRKlZIiTkupThCkG05mbEqPDz5DKjLYNcSZnRiycfPQQZt97dhAExHm+BvaekGGgFwIw4igGKMoRRXD6JukYsxZwgiMDqGTHCXujioAMiPMAY+q4yH7x4nqVA-EkFq2HjHaQVUsitFnlAPqkVvbqNUnmIR0EXBHJ-CpEikkNLSUjLpfSRjVGyxMn4My9hS482st7OyEglHOUxcg7FvkPKCN8gFS0zDh4mRjpFRlssqEePuZS+mHKKrFEEV4Gozt7AORQKgJcRDbqSOWaoH5Udh4m0QOaRZmQ5GO3PrueK3RJByu7sPT4rsZVkL6AwWloU8jdTAb82WcRIzrimZBEAvB4SHKxfTOKCUyHJXMKHNKd1MrJg1cvGh6duj8FNW6um+UzyFV4hMtc58kjhXgbxaQcz6ZJtsOILwog01eOHpmtwLq80QqkBpCQmQkCuPvinKkEwK2xhFXIlRYLH4FsqtVQxdUJyJo7f7WqfgI7S1GPW8esINBFjXBQwQfhv6YH4P4KAdMABEJlkgjHlmMMWy6AA0q6nwwmUJaXdy6vBZH4CeqhNCT3wiLELZdXNMB+FqDYY8uLfzIAkDACdzgvGCrnZ9aQBAVAaAHlMHxCDOX8B3d2RJUGd3FPsZY80O6mmtwcdBiDadkkwdMWeIBLSEMwJKR4VDqhXGtxwxkBA1yJCmj7tB-5cYy1SoQDunFeKLKWh3YWpAjhU1SB4yAZNOa0CCcLXECw0gd3dXLeISt1b2N1smPJxtrtm16hA3yqYNNfxZSAA
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 9b951379c1c0b595afc95762dfff7a3c70b5266551f81a932b6d2d5c9a498b16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:11 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Thu, 09 Nov 2023 22:56:11 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 27
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H2 200 reloadcampaigns
events.bouncex.net/track.gif/ 42 B
104 B 24ms
24ms Image
image/gif 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHhLDACeAfWBQ4AaxEU0ONAxC8erAMwBBZQDMoYHEr68AwsrgALEFIiESItCRCIcytZr469BlTxN9zlyWtbUhBkFw1tXX0XH2UYOThrLFskJJJwtx4ABhjffjMoWzoIAA8RZFB9ZIzIz1zlfRx5CCwRRAgYXXLKkGrDCPcor2NlFrEQWRAAdxEIYBgQYBEQsP7Mj2jDWL4qMDQYEUTCZBaawbqtvLg4ESxCRDpFkV6HUBgzng3h7Z59IhoSKJEgtnslFiB3mtaptvHk-i0DhVHGh7oc9lIIR8vvU+DhrMA4CARIDkMMBp8hjieJ0hDhiRBniVkGhxCQ0KcoecYSM+GgsIlEHyMN0OstCHQRIwsBgSGYsZTLsp7I46XzDtR0pzslTIBgMBC7Fh5RdYaYblAbBAtGgwIxISpydjFX4NcbuT8FmBCCUifEcEc+g7Mjlnb9LAjliQoIJqAc4OjJJitU7Tbjw4IRJ7vUT42gMfbXNDvnlrcBSOrgLZlYg3cXtCzywhK3YHIgRNaSrWqRMnrr9Qc+V3QxUOoQ4LZQALEL1OmyOUHlCHUzwoFprXtCkSSWT1grl6v17QHMShKSRPqsItdEPl4k6OJBELyhrL8AbzyeOIbSJYAcxkiqk1BcuTrPgDxtI8iR7QNCxAqlwI3Y9UHEJwRAAK2jd8fjoKB5BuCo8x3GJl1IaNOnmbpCI+Kksx9SjCWo4dQEFVECIYrUqRwvCREIYAwA+MwSBIZBnAGAAxXgxOIAA6LA5jILBpIFQhBBAa1LwLH5SJjCjeP4rVBOE0S3AkngpJwWT5JaJTyBUhZ1KTZdaKJPSBKEkTYNM8zLMrazlNUhzNLyJEWLbVyDPc4zJMkmS5N8xT-PsvlHI-BQylQfUT1JLC8jS59MrAKAhCCRjlzytVSAgKQPgARm7Eo5DZaVDmIMhpzfZM9w-BDIOJcQpCFHLTBaPFGGWfF2OA6kWUsICPz7A01X2F40GtFLHS6n5dn2TNyHQI0tRIYBCFAlc1wgzdnxQuk7wfeJpSGsDzsQolkKQG6IHvMin2OWciLg0Mm1sZAvXEPZAQ+asqVLIkesulpJtgikTQ-IHlhAOaNpRn40YARwhrUl1RjUZF0E6PiJn4R0RGhEax91guAUUsCQf7kYZ0wChIdpOjAH9xzQCg2ZTD9HHQPnKreR6eGKFTCTKNAUEqZoDqmkWqaZjAULsAt6dOsXv0lg0KG8NXNquEnIFgdbd2xvJiCfCFMvvCApn0Dqzbt5Rji162-zXJ4oCoG16EYaXqbHWwWenU2kfVvJ6DIlpp2SfLhfN5Q5KoNE0BW3XMipLOoBEMx7H2UqPyLnj3fLjjQ1gT6iUQOBBXz4jUYgCBJFztoOi6ACXg+I7ydDFmKEzCZCMNIHpbHifZEJcpVk97l2AAEQAMlAK34CQVBMFwPBo5AZgqBoUOQC38BoF3lB0GwfBt2YLi83ogwjG08iaaonxnLf4wQoojbGxd+L8bjhQ-lGHSBwIF-wgYA1EEDEi4AgGNPEvF2JGG2gcGAe1Bw+DRiDXiuh7BCGMFXXMedyEQGzqXNkkIjBV2IIsWuRgG6PDaC3VhiQu49x5v3HoyQN48xPlkDeUwQB0HkA4fYzBshZAACwb1kNI2RNUABsABOTRABWdgWQ9FZG0bogAHKoDeCwF4gFkQohRmiFE1U0aoExCi9E1RqlkVQCj1FiIypPaYaiN76Fxidfk1iYDMB0RvShyQ2TTlIigZgGjtGGLcewdgUSYlRmZELMs7IsDMCjBgcxljCLMBgEEiaJ8JF0A3lAC8JBmDMOAEAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:11 GMT
via: 1.1 google
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 en-US.json Show response
support-digital.norton.com/system/templates/chat/core/aria/l10n/21.0.0/ Frame 134F 19 KB
6 KB 204ms
202ms XHR
application/json 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/aria/l10n/21.0.0/en-US.json?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

12d47240f7cbd02b0e6d9cf584d5fad93e4837ae38068ee5766648e8fbe868d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 687ef714-19b3-43dd-ae57-154d98567931
x-amz-apigw-id: OJx9_GOovHcF5xQ=
content-length: 5368
last-modified: Thu, 09 Mar 2023 13:39:46 GMT
server: Server
etag: "f24038147862f1fb9392a64d3cfb7ad1"
x-amzn-trace-id: Root=1-654d638c-10b2901c229d4e1c4c93758f
x-frame-options: *
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 en-US.json Show response
support-digital.norton.com/system/templates/chat/nll/custom/l10n/21.0.0/ Frame 134F 288 B
703 B 200ms
198ms XHR
application/json 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/l10n/21.0.0/en-US.json?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

bbefe320737fe495cd077de514d582b53864460f0c782ad24d1904d1627fa9c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 20 Apr 2023 12:06:17 GMT
server: Server
x-amzn-requestid: 1f237599-d03c-4ec8-a984-5612e63d752d
etag: "101d52f83210d1512e17c5a69bc13da1"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638c-4a4b57d13da48ec247db572b
content-type: application/json
cache-control: max-age=7200,private
x-amz-apigw-id: OJx9_E32PHcFwYA=
content-length: 288

GET
H2 200 page-config.json Show response
support-digital.norton.com/system/templates/chat/core/aria/config/21.0.0/ Frame 134F 18 KB
1 KB 226ms
224ms XHR
application/json 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/aria/config/21.0.0/page-config.json?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

49c3e031c81d8350edfad2541050049a252b9d0171ea2737407950252bf36245

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 6dcc2de7-9ebe-4aee-9a9b-2f7ca6b8ca6a
x-amz-apigw-id: OJx9_FvcvHcF-pw=
content-length: 738
last-modified: Thu, 09 Mar 2023 13:39:43 GMT
server: Server
etag: "09a9fd20e1d2c8925e426257d8e1a280"
x-amzn-trace-id: Root=1-654d638c-032cc5c616846fe27c05a8e3
x-frame-options: *
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 custom-page-config.json Show response
support-digital.norton.com/system/templates/chat/nll/custom/config/21.0.0/ Frame 134F 4 KB
856 B 201ms
200ms XHR
application/json 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/config/21.0.0/custom-page-config.json?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

0f5835f8248e73e4d1e8cff3b30d277517ac78d3181c3624b867e732d7e21bfb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:08:43 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: ee74428d-3b63-4fce-9551-8713527bd0c5
etag: "713d887956825951ee789f0756b83b74"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638c-725226800f28606f1048d2e3
content-type: application/json
cache-control: max-age=7200,private
x-amz-apigw-id: OJx9_FD3vHcFjAg=
content-length: 423

GET
H2 200 component-config.json Show response
support-digital.norton.com/system/templates/chat/core/aria/config/21.0.0/ Frame 134F 22 KB
2 KB 224ms
223ms XHR
application/json 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/aria/config/21.0.0/component-config.json?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

29cbaaef845ba215a542fa66bcb378db6e47f9b432de280d0f31050f02e455eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 9a02156c-6811-4906-aa96-896e3f8cddc6
x-amz-apigw-id: OJx9_HHXvHcF-Xw=
content-length: 1847
last-modified: Thu, 09 Mar 2023 13:39:43 GMT
server: Server
etag: "6a0749f7fa6fc7267dbe5fc5fc1e005d"
x-amzn-trace-id: Root=1-654d638c-375d7d7a0b70a88b779a89c0
x-frame-options: *
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=5184000

GET
H2 200 custom-component-config.json Show response
support-digital.norton.com/system/templates/chat/nll/custom/config/21.0.0/ Frame 134F 10 KB
2 KB 234ms
234ms XHR
application/json 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/config/21.0.0/custom-component-config.json?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

26188be6d542dc6273d9a079d7e12e9d8c1c1eb8e3008b3f9ea8117f18614dfc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:08:38 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: fb56014a-5c04-48f9-8e55-6dc8818517ba
etag: "4b7b82a73cc8747ee9e7477bacb05b38"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638c-27696d4a1ca5181d335d7bbf
content-type: application/json
cache-control: max-age=7200,private
x-amz-apigw-id: OJx9_GKcvHcFg1g=
content-length: 1231

GET
H2 200 layout.html Show response
support-digital.norton.com/system/templates/chat/nll/custom/layouts/common-layout/21.0.0/ Frame 134F 2 KB
1 KB 360ms
360ms XHR
text/html 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/layouts/common-layout/21.0.0/layout.html?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

314b30d1c560018c036674ed197d2813e555344b9a770e0c95078c96753ba234

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:05:36 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: 7187d635-98e9-479e-8410-f38a1d9bea47
etag: "d653d500850fc0380c3ce11c92f438c3"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638c-5728ca5d3aafa2360c81baf0
content-type: text/html
cache-control: max-age=7200,private
x-amz-apigw-id: OJx-AH7RPHcFjew=
content-length: 661

GET
H2 200 launch-chat.html Show response
support-digital.norton.com/system/templates/chat/core/common/pages/launch-chat/21.0.0/ Frame 134F 158 B
588 B 234ms
234ms XHR
text/html 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/pages/launch-chat/21.0.0/launch-chat.html?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

99f75695c2c988d08dee5156241f1068e31d6905c89b5556ab93769f39b1dd96

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 09 Mar 2023 13:40:24 GMT
server: Server
x-amzn-requestid: 57bb27ba-fea1-406a-98fd-60b268ccfe87
etag: "5f646c8652e6aae89d92118e2c76eaf1"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638c-22a0db9e0e3e8afa4288a5e2
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=5184000
x-amz-apigw-id: OJx-CH4cPHcFXwg=
content-length: 158

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 13ms
11ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=4&c=21&i=575ofv&p=aemprod&s=15406&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiNTc1b2Z2IiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8RZodHRwczovL3MueWltZy5jb20vd2kvY29uZmlnLzExNTQ4LmpzRQDwAnR5cGUiOiJ4aHIiLCJzdGFylADANjk5NTcwNTY5MzcxggBKZCI6MRQAUHNvdXJjOQCyWEhSX01BTkFHRVJBADB0dXP_AGFsbG93ZWSmAEBhc29upQDUXSwiZGF0YVBhdHRlchIAsGxpc3QiOltdLCJpZgDvNzAxMTEyOTEyMjcyfSzXAOqTeXRjLmpzIiwiowFic2NyaXB0ZQEJpgFPODk1NqYBADUyLCKmAcJpbnNlcnRCZWZvcmVCAAKnAT9sb2GkASGfMDMyNjI3NTcxpAEWD80AGC84MM0ADDFtdXToAq9PYnNlcnZlckNM0wA4LzM2dwIH0XRhZy5oYXZhc2VkZ2VVA39qcy9ldnRuqQEWHzZPAwAnODipAaBhcHBlbmRDaGlsmAE_c3RhqAErnzk2MTIwODI0M9UASQ-xAQEJ1QAPsQFDA9wAHzaEAgjzImdvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvdmlld3Rocm91Z2hjb274BfYFLzEwNDMzMzA2ODUvP3JhbmRvbT0BBdsxNDUmY3Y9MTEmZnN0GABBYmc9ZgEA8yAmZ3VpZD1PTiZhc3luYz0xJmd0bT00NWJlM2I4MXY4Nzg0MTI4NjQmZ2NkPTExbAIA8AAmZG1hX2Nwcz1zeXBoYW0PAPADPTEmdV93PTE2MDAmdV9oPTEyCQAxcmw95AXRJTNBJTJGJTJGdXMubhkGAJgC8g4lMkZibG9nJTJGZW1lcmdpbmctdGhyZWF0cyUyRicA9QUtZW1haWwtc2NhbXMmaG49d3d3Li8BcGVydmljZXNLAMImZnJtPTAmdGliYT16BjElMjA8ADElMjA-AAGDAPEJMEFuc3dlcnMlMjB0byUyMFlvdXIlMjBGpAbwAW50bHklMjBBc2tlZCUyMFG2BjBpb24tANIoRkFRcyklMjAtJTIwYAAgJmE6AbYyMDg2NDgxNjI5LnoB4CZ1YW1iPTAmdWF3PTAmTQagPWV2ZW50JTNEZ50DAuEGgCZyZm10PTMmBgAfNEAFEE45MTU0cwQvOTCXA0TPNjk4ODYzOTgyNzM3lwMHBYwBD7sC__8PHzW7AgwPfQVAB8ICHzjCAgcGUgSRLWFuYWx5dGljUgQWLw4AD98IEk05MDM45AA3NDA5nwMP5ABAvzcwMDg2NTg2NzU4pgMI8wRhc3NldHMuYm91bmNlZXhjaGFuGggCGgCzL3NtYXJ0LXRhZy9bBv8fZWQvcnVudGltZV84YjMwYjQ4OTAyMDNmZDQxNDRjNTRiOWZmZDc2NWY1ZS5icgEKEz45MDcBChA0bAgFAQoPWAg5zzY5ODQ0MTEzNDQ2Nf8BBwIBAQ8bAXAeNz0CCRsBDz0CQAciAQ9PCgnxCS5jby9pL2Fkc2N0P2JjaT0zJmVjaT0yJtQG8xhfaWQ9N2E1ZGI5ZjMtYTA1Ny00OWI4LTlkNDItYTI3OWM3ZmEwMzkuAFBzPSU1QgMAIDIy2QgA1gjgJTIyJTJDJTdCJTdEJTUDAHEmaW50ZWdyPQvQPWFkdmVydGlzZXImcGwAMFR3aZgNcCZwX3VzZXISAEAwJnBsCACwNTJiMjY0MWItY2GGAPAOZDA5LWEyY2EtN2YwZTc2ZjgzNmEwJnR3X2RvY3WnDl9faHJlZp8IOaJ0d19pZnJhbWVfEQsAkAjyAXdfb3JkZXJfcXVhbnRpdHkUALBzYWxlX2Ftb3VudBEAIHhuwABgbnV6aXAmRg0gPWq-CwFIDRMmkAMQPc8PJjI5JwgyaW1nTwwJZA0-OTE2aQUoNDZkDQ9jAzyfODI5Mjg4NTYwYwMHH3RBAv-cD6QFAQhBAg-JBEMESAIfMUgCBwaRBxJ0BQQA-QsPmgT_mQ9ZAmKfOTU1NDU0Mjc2XBAIB1kCUmlrdG9rWAKhMThuL3BpeGVsL-kG9hhzLmpzP3Nka2lkPUM0SlNBUkpSMlEzT0cwSkFFVEYwJmxpYj10dHGiBQ8JEwkP7QcBFzcqCg8JEzq_Njk5NDQ4NjcwODNeAxMPBQFTD5ARACg0NgUBD2kEQgQLAS81NGkEBw-xBg_yFWUzNTVmZjkwLWNkZjgtNGFmNC05MTUzLTViMTM2NTI2MTc3YiAJD_II_wpfbzVmdW3yCC8PWAQAJzkxTQMPSAJAzzcwMDM5NDE1MDc2OUgCBzdidXnuEvYQL3JlZGlyZWN0b3Ivc2VvP2NhbGxiYWNrPWNhcnRGbj8SPzAxNkYEED85MDH5AA0P6wk5vzcwMDYxNjU5NjE3SgUID_IATQ84BQAP6wFQBPkADzMECAdDBg-cCBUPRAT_jw_1CkwBRBxvOTQwNDk3lwcI8QZiaXRlLmF1c3RyYWxpYXJldml2YWyhCB9tGR0QLzQ5MgMBCGUHH1gZHT6PMDEzODcyNDKQEggP1QDCoHRyLnNuYXBjaGFACPA6bS9jbS9pP3BpZD0wOGJlZjQ5Yi00YjZmLTQ3NGUtOTU4Yi01YTBiZTdhMDIyN2UmdV9zY3NpZD1jMDZkNDY1MC0wOTAyLTQzNUwR8QBmNS1mMzA1YmRhZTE4ZjktAPAAbGlkPTZkY2Y0OWVlLTRmhwj2BmZkOC04ZGE2LWMzNDM4ZDVkMDdlM0sGAp0QDzYQAS4zMFoYLzUwWhhHnzc1MTg2MTIzOJkTCA9PAaoOmgcKTwEPkwhAJTY5VgEPegMI0ndhdmUub3V0YnJhaW5HBPIBdFdhdmVzQnVuZGxlci9oYQgA9hMwMDFmOTYxYmQ5YjA1MWEyODE4YjQwNTgzNTNmZGE5MmJmWQIP6gwGIDkxRQIgZW4zIQWZIS81MJ0JT382NTk4NzAxnQkJD7oaQz8yNjd1HQIAGAAPdR3_ZwYyH48lM0J1MSUzRJUeNwBSAEEyJTNEyR5-M0J1MyUzRLseACYAvzQlM0RtaXNzaW5n-x0eLjI3XBoKSAMP7As8jzc1OTI2Mzg41xUID0ED__-dLTg5YBsKQQMPkwdAMzcwMEgDHzniCwgPSAMojzY5OTI3OTU0_iMAPzI4MokGAz84MiaJBhSvOTE2NjYxMDQxM_8j_zcPigawADMnDdIJFzNvEw-KBjmANjk4NzE1ODnMCQ9oEwcPQgP__58PiwYBCEIDD4sGQAdJAw8eDggPSQNEHzMUDQQvMzeLBv9pD4oqKS4yNv0uKDUxwwIPBQY5ACkVfzMwNTQ2ODkwEggPvAL__xgPCgwBCbwCD38FQAXDAi85MkUaCA3zFAIJNQAXNQ9EFhEAoSD_BHY9My40LjE3LTIzMTEwOTIyMDKoExE-MzAzHw0AYBwFmikPkiA8MDg3OB4NHzKiEwkPDwFpD8EVAAkPAQ8kAkAAowcCFQEPVDYJQGN0LnAgKTJyZXNnGAAHKfAILz90aWQ9MjYxMzE1ODY0MjgxMiZwZD1VKUAyMm5wYykAgTGgMmVuc2lnaHRlbhIAVzdEJmNiGDKANTI0JmRlcD2PKZZQQUdFX0xPQUQ9Ah94ezcDLjUycSgBFAAFOgIPYho8AOgWbzU1MDI1NAQ1CQ8nAf8VEHNNAgR7OYBjdC9saWIvbRoYjzc0ZDgwNTM02i0ULjMwaBwKBgIPMQNAAIUhfzA3MTMzNzC_LAgP4S0i8BNjanNfbWluX2U1NjAyNWJmNzg4ZTAxNTk5NTQ1YTY4YzNjexEvMWUfARQB5S4MNQ8fMwcZTPAANjk5OTk2NzgzMTM5fV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:12 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 09 Nov 2023 22:56:11 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 14ms
13ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=5&c=21&i=575ofv&p=aemprod&s=15619&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiNTc1b2Z2IiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8xJodHRwczovL2Fzc2V0cy5ib3VuY2VleGNoYW5nZS5jb20aALMvc21hcnQtdGFnL_MA-E5lZC9tYWluLXYyXzIwNjVjOTUxNTIwYmFmMDc0NmIyYjZhNzE3YmRiMWExLmJyLmpzIiwidHlwZSI6InNjcmlwdCIsInN0YXJ0IjoxNjk5NTcwNTY5NDYwLCJlbmQUAKA1NjUsInNvdXJjPACyYXBwZW5kQ2hpbGRBAJB0dXMiOiJsb2EQAGByZWFzb27pANRdLCJkYXRhUGF0dGVyEgD_Dmxpc3QiOltdLCJpZCI6MTcwMTQ3Njc3ODMyMX0sGwGOEDHkAQC4ABQ2LwEKGwExbXV01wGvT2JzZXJ2ZXJDTCIBOR8yIgEI8gRuYWx5dGljcy5wYW5nbGUtYWRzPAJicGkvdjIvFgBnX3BpeGVsBgJxZW5kQmVhY6MCHHMKAj02MzfvAAEUAAUKAvgDU0VOREJFQUNPTl9NQU5BR0VS7wBqYmxvY2tlFAJhIldoaXRlBQIPHwIJCicAAyoCnzA4ODY2NDA3OAgBEml0aWt0b2sEAQ_9ABsfOP0AABc4BwMP_QALW2FsbG93_QAP8gAJBBEDUDY5NzQy5gA_NDQ57wERB-cAUWkxOG4v4gEgL3OHAhFjHgT_AC5NVGRqWXpOaVpEVTJNUQYEFh82_wAMyGluc2VydEJlZm9yZfYBDwcEJJ8wMzYzMTEzNTbdAR0P9gA7D_ICAQj1AQ_hA0IF_AAfM_IBBwBKBfYALmNkbmJhc2tldC5uZXQvyAMyeGhygwEKywU-NjQ0xQEAFAAFwQM_WEhSugMBD70CJ685NDE3NTMxNDcwywDSIHBhowcPlgGPbzcxMzQ3N2QHCg_LALhPdmlldywDjs83MDA1NDM2MzY0NjcsAwcPywC4cXd3dy5nb2-dCAWuCADfCvAWai9jb2xsZWN0P3Y9MSZfdj1qMTAxJmE9MTg2OTE5NTIxNiZ0PZ8CAA0BkSZfcz0xJmRsPTcL0SUzQSUyRiUyRnVzLm5sCwDxB_IOJTJGYmxvZyUyRmVtZXJnaW5nLXRocmVhdHMlMkYnAPITLWVtYWlsLXNjYW1zJnVsPWVuLXVzJmRlPVVURi04JmR0PbsLMSUyMCoAMSUyMCwAAXEA8QkwQW5zd2VycyUyMHRvJTIwWW91ciUyMEblC_ABbnRseSUyMEFza2VkJTIwUfcLMGlvbi0A0ihGQVFzKSUyMC0lMjBgAPcLJnNkPTI0LWJpdCZzcj0xNjAweDEyMDAmdnANAPACamU9MCZfdT1hRERBQUVJSkEBAPAHQ0FNSX4mamlkPTE0MzI1NjA0NTEmZxAAsDc3MzA4NTQzMyZjHgClMDcwMTU1NTEzLuUL8AY4JnRpZD1VQS0xMzA0OTMwLTEmX2csAJYyNzM1MzkxNjIsAEA5Jl9ylwEwc2xjeQH_CGlkPWROakl4TlQmej0xOTE3MDY3MjE0jAYPHzWMBgAAFAAPjAZInzAwNTAxNDQ5NWADBw-VAv__nd9wbHVnaW5zL3VhL2VjygsUPjM5MgUKGDXQDw_KCz5_MTI0MDM2N84KCA93AwYP4gAhPzQwOeIADA-2C0QC6AAfOesKCPEIODEzNjQ4Ny5mbHMuZG91YmxlY2xpY2u_C-NhY3Rpdml0eWk7c3JjPSoAEDugEfcpPWxwO2NhdD11bml2ZTA7b3JkPTE7bnVtPTQ3NzE1MDgyMzAyNzM7YXVpZGRjPTIwODY0ODE2Mjm1BfglO3UxMD11bmtub3duO3UxMT1taXNzaW5nO3UxND1kaXJlY3Q7dTE2PXVuZGVmaW5lZDt1Mw0AFzkNAPMFZ3RtPTQ1ZmUzYjgxO2djZD0xMWwCAPAAO2RtYV9jcHM9c3lwaGFtDwCwPTE7dWFhPTt1YWIFADBmdmwHAIBtYj0wO3VhbQwAEXAFABB2BgD_Anc9MDtlcHZlcj0yO35vcmVm1wc4Fj-UBlNpZnJhbaYOCiMNEDGDBhpl7hI3Njcy5w8MPAISQWoND_QSKL82OTc4MjQ1ODg2NTsCRgAACRJwOwLPMzY5OTg3ODk2NTY3NAIZDygCBA8OAsseNUoEDw4CTM83MDAzNDExNzcwODioCAewdHIuc25hcGNoYXTiCiYvcN0CH3PFEwsfN8kRAAAUAAV4CQ_IEkWfODk5MDA0NzQ1yBII8QZiaXRlLmF1c3RyYWxpYXJldml2YWzhABFtlBQADgU_Ijoi4BAFHzivAQAAFAAF3AAP4BA8vzcwMTAxMzg3MjYxVAoID9UAwgCyB0FvanJxuwahcC8_cmV0dXJuPWMM9gU0NDA1JnRwc3luYz1ubyZhdXRoPaACMmltZzMFCnoFLjQ5aBgQNqwIBb0BD2gYPI8zMTA2MDQ5Mm4PCA_lAEAOMhgK5QAMXwYPMhgzBOwAD1IECEVzcC5hhw9ReWFob294A_EMc3AucGw_YT0xMDAwMCZkPVRodSUyQyUyMDA5tQ6AdiUyMDIwMjMHAJEyJTNBNTYlM0EcAK9HTVQmbj0tMSZiPA9Vry55cD0xMTU0OCY4CDlDJmVuYwcQ8Bh5dj0xLjE1LjEmdGFnbWdyPWd0bSUyQ2Fkb2JlJTJDZW5zaWdodGXhGwOqBA_tAgUfN04YAAntAg8IAkKvMDY2NDk4MzMwOVoGBw-uBCwfOdkAARc5QAkPgwVGHzLdAggP1QAtD1EMAB851QBTD6oBCADVGT1zLmdJDAZAE4B0PWRjJmFpcLARUHI9MyZ2CQADUBMN8hEPHRIHAEUSD1USBw8qEgkFpBIQSaMSEkGkEr96PTE0NDI0NzM1NigSDx83zQ0AARQABRcGD1ECP381MjM1MzY4iBUJD3wB_2qxdHIub3V0YnJhaW6jBnBjYWNoZWRDSQ_2IUlkP21hcmtldGVySWQ9MDAxZjk2MWJkOWIwNTFhMjgxOGI0MDU4MzUzZmRhOTJiZpYIDwEhBxAw6gMLEw4oNzEFHA-ZCDm_Njk4MjE4OTM0ODP7AwgPAwFcLjEwnAkKAwEPrwZABgoBHzQXDwgPJiMiUGluYm94JyP_ETQ4YjMwNDZlNTY1OGQwNjdkMzgwNzMxYWNiMjVlZGQ5JyMXPTU2MysONzcyM_kGDyYCOUA3MDE21AkvNzD9IAoPQiQhDxwBQg7sFwocAQ8_AkAHIwEPeRQIDz8CImBvbnNpdGVAAnA1NjMxYmY5Uxn_BjY1OTAwOTExOGE4OWY5NjRhZTU3MEACGQ8kAQEfNEACRo8wOTkxMzM4MP8MCQ8dAXgO2Q8oNzIdAQ9BAkIFJAEPWgoIBjQND3ojCu9pZGVudGlmeV9iYjE2M6sXFC81OHcFAC8zMBQCRL82OTc3MTk5MzIxMfAAZBA23AAMagcAFAAF7AkP5wFABvcAHzb3AAkPSwUNAqcp8QAvbG9jYWxfc3RvcmFnZV9nFvcAMTcubWluLmh0bWwjMjAw8woPhxYHLjczRw0BFAAFCgHyCEhUTUxJRlJBTUVfU0VUQVRUUklCVVRFWhECjRYPtiMlvzcwMDc4OTI2MTky1hIIsmN0LnBpbnRlcmVzgxQhY3TkAAZTCQ_fAAcfNtkCARg1ZhcPLQc5zzY5ODQ5NjEzOTc4NPgOBw_QACsP_QcACdAAD7kCQgXXAA_DEggPxAUOD7kCUB822gFFD6oCEw8DAV0eNGEdGTcDAQ8NAkAHCgEPNwwIDwoBFcFqcXVlcnktMy41LjG9BA8rLhMuNzNcGCg3NigRD9cDPH82MjYxMjM1GisKD7kFFA_zACUP7QECCPMAD-0BQDM2OTj6AB81oQUIDyMaJh84fQYAKDgz1AAPIxpMHzb8LwqhcHAubGVhZHNyeP4P8Bh2aXNpdG9yLnBocD9hY2N0VGFnPWNzaXlyazQyNTAyJnR6PS02MCZMHi8mdU8eOB8mEyZW8QNsYz1udWxsJmFub249MCZ2aW4QAAZpBw8PGwQuODS3FAEUAAVFCA87Ezy_Njk5Mjk0OTg2MziSBgkPwQH_xg8lBhI-ODk21QwoODXVDA-AJD2fMDM5NTc4NzU2_QkHH2GUAgQP0wAUD88KAArTAA8FBkAzNzAw2QAfN9kACQXTGwefDhNhBDQAADNGL2FjdEoEDzwgCy44Nb4cARQABVEEDxkGRo8yNTUwNzA1N1gECLA2ODRkZDMyNS5ha54XPy5pbxIxDy44NnYRARQABdIADyMFPp84MTQzNTkzNTDVFAgPywC40GV2ZW50LmhhdmFzZWQdMZFvbS90cmFjay0aAPM8P2VtZXRhPWV5SndJam9pYUhSMGNITTZMeTkxY3k1dWIzSjBiMjR1WTI5dEwySnNiMmN2WlcxbGNtZHBibWN0ZEdoeVpXRjBjeTl1LAD_BnRaVzFoYVd3dGMyTmhiWE1pTENKdlwADfARSWl3aVlXOGlPbHRkTENKd1lYSnRjeUk2ZTMwc0luQnlAAAAkAPL_M2FXNW1JanBtWVd4elpTd2liR05yYVdRaU9pSTVZakUzWWpJek15MHlNR1E0TFdZNVpEQXRNR1JoWWkwNE1EQTJObVE0T1RnMFpUUmZNVFk1T1RVM01EVTJPU0lzSW5OdmRYSmpaU0k2SWtoaGRtRnpSV1JuWlM1RmRtVnVkRlJoWnlJc0ltSjBJam94TmprNU5UY3dOVFk1TXpnMUxDSmllaUk2TFRZd0xDSndiR2NpT2xzaVEyaHliMjFsSUZCRVJpQlFiSFZuYVc0aUxDSkRhSEp2YldVZ1VFUkdJRlpwWlhkbGNpSXNJazVoZEdsMlpTQkRiR2xsYm5RaVhTd2ljR3gwSWpvaVYybHVNeklpTENKamF5STZkSEoxWlN3aWRISWlPbVpoYkhObExDSm9Jam94TWpBd0xDSjNJam94TgwA8AxqWkNJNk1qUjkmdHJrR3VpZD0wZDI0ZDM2Mi2WFPEMLTRjZjAtOGU3ZS1iZTg3NjJmMDUxMGEmZXZ0LQDwETVjZjI3YmE1LTllYTgtNDAxNC05OWVhLWVjNzc1ZDJhOgAQJiE1EC3HO0B1Y3RfYTgTPfMoAhoAim9yZGVyX2lkFgCKc3VidG90YWwWAKZjb3VudHJ5PVVTKgUP2R8ELDM4Aw0AqAUXMbMTDAsGCUAoQGVycm-7NQ81OxvwADY5ODQ2MTAwNjQ1OX1dfQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:12 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 09 Nov 2023 22:56:11 GMT

GET
H2 204 r.rnc
ensighten.norton.com/privacy/v1/b/ 0
106 B 13ms
13ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.norton.com/privacy/v1/b/r.rnc?n=6&c=21&i=575ofv&p=aemprod&s=427&d=8G57InZlcnNpb24iOiIxLjAuMCIsImdhdGV3YXkiOiIyLjMuNjExIiwiY2xpZW50SWQiOjIxLCJwdWJsaXNoUGF0aCI6ImFlbXByb2QiLCJpbnN0YW5jZUlkIjoiNTc1b2Z2IiwicGFja2V0IjoxLCJtb2RlIjoiZW5mb3JjZVgA8ixvb2tpZXMiOnt9LCJlbnZpcm9ubWVudCI6IlVTIE5vcnRvbiIsInJlcXVlc3RzIjpbeyJkZXN0aW5hdLYA8QpodHRwczovL3N1cHBvcnQtZGlnaXRhbC5uPAD2Ri5jb20vc3lzdGVtL2NiL2FkbWluL2pzL2FsbG93X2NvYnJvd3NlLmpzIiwidHlwZSI6InNjcmlwdCIsInN0YXJ0IjoxNjk5NTcwNTY5NTA4LCJlbmQUAMA3MDM0OSwic291cmM8AMJpbnNlcnRCZWZvcmVCAKF0dXMiOiJsb2FkxwBAYXNvbsYA1F0sImRhdGFQYXR0ZXISAPAPbGlzdCI6W10sImlkIjoxNzAwNzIyNTkxNjMyfV19
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:12 GMT
cache-control: no-cache, no-store
server: nginx
expires: Thu, 09 Nov 2023 22:56:11 GMT

GET
H2 200 fragment.html Show response
support-digital.norton.com/system/templates/chat/core/common/fragments/component-container/21.0.0/ Frame 134F 362 B
793 B 202ms
202ms XHR
text/html 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/fragments/component-container/21.0.0/fragment.html?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

4625474c8f7d0cea451698832acebce373fefcacd340497ac48ff20189aac208

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 09 Mar 2023 13:40:11 GMT
server: Server
x-amzn-requestid: bd7f4556-99a0-42f2-a859-eae0afddd9d4
etag: "addb7e13fe96f4913520a8f9ead0f919"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638d-50dc627a2461a96c0e39e4bf
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=5184000
x-amz-apigw-id: OJx-FHZTPHcFuYQ=
content-length: 362

GET
H2 200 layout.html Show response
support-digital.norton.com/system/templates/chat/core/common/layouts/page-layout/21.0.0/ Frame 134F 568 B
998 B 206ms
205ms XHR
text/html 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/layouts/page-layout/21.0.0/layout.html?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

f2ef90edfb28a83fdeaba8d622ba26a43a80489387d344574add1bee27ab07d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 09 Mar 2023 13:40:11 GMT
server: Server
x-amzn-requestid: ab1cbc2c-1040-415f-b3fb-fe7bac461088
etag: "cf296310df0d196503d2a6426ffb26ca"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638d-39c657c24289bf9d6a1c0d73
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=5184000
x-amz-apigw-id: OJx-FFtePHcFtSA=
content-length: 568

GET
H3 200 blank Show response
cdn.quantummetric.com/helpers/ Frame AC63 209 B
320 B 21ms
21ms Document
text/html 2606:4700:10::6816:34fc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.quantummetric.com/helpers/blank

Requested by

Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:34fc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07e2a6fb0d22cdbde787ec2941eb285c222861ddc3cbc8903315b6e5942be8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://us.norton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2390
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
cf-ray: 8239a5d13ab75d4e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 09 Nov 2023 22:56:13 GMT
last-modified: Thu, 09 Nov 2023 22:16:23 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 launch-chat-button.html Show response
support-digital.norton.com/system/templates/chat/nll/custom/components/launch-chat-button/21.0.0/ Frame 134F 832 B
1 KB 201ms
201ms XHR
text/html 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/components/launch-chat-button/21.0.0/launch-chat-button.html?cache=21.10.1-0-202303030620

Requested by

Host: cdn.quantummetric.com
URL: https://cdn.quantummetric.com/qscripts/quantum-norton.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

a11b7266dbfddbd0ade73ee5b56d90fcaacad3d2258d6fa11da30768ebf59bae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Accept: application/json, text/plain, */*
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' *
last-modified: Thu, 20 Apr 2023 12:09:14 GMT
server: Server
x-amzn-requestid: 62d672c5-16dc-4ca8-96a8-1bbcda43445e
etag: "7636f457ff98d8386c28e9d8674734ae"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638d-603021e269572b5e395fdb6f
content-type: text/html
cache-control: max-age=7200,private
x-amz-apigw-id: OJx-HGFPPHcFXMA=
content-length: 832

GET
H2 200 Icon_Chat_Default.svg
support-digital.norton.com/system/templates/chat/nll/custom/media/21.0.0/ Frame 134F 4 KB
2 KB 229ms
228ms Image
image/svg+xml 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support-digital.norton.com/system/templates/chat/nll/custom/media/21.0.0/Icon_Chat_Default.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

cfd3b0bdf3f833762d44bab0f549be28519ff5303dc420c3eae73cca2ee73229

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://support-digital.norton.com/system/templates/chat/nll/index.html?entryPointId=1011&locale=en-US&postChatAttributes=true&templateName=nll&ver=v11&&aId=EG94020756&sId=B682e8bbd2-199d-4a99-a0f0-fd649c3d5874&uId=C5c7308527-c306-44cb-a0bd-b031052085ff&wsname=https://us.norton.com&EGAIN_AV_CHAT_STATE_DATA=null&parentLost=false&referer=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&useCustomButton=false&storage=true&docked=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
last-modified: Thu, 20 Apr 2023 12:05:12 GMT
server: Server
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: d622bbe4-f1ca-4021-a0cb-213dd7d39b0e
etag: "48d3b96afe0c738a0f80e82d3b438f1e"
x-frame-options: *
x-amzn-trace-id: Root=1-654d638d-1d7b14a359defb4a59558c73
content-type: image/svg+xml
cache-control: max-age=7200,private
x-amz-apigw-id: OJx-JEDgPHcFkvw=
content-length: 1555

GET
H2 200 source-sans-pro-regular.woff2
support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/fonts/source-sans-pro/ Frame 134F 16 KB
16 KB 222ms
222ms Font
binary/octet-stream 44.237.206.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://support-digital.norton.com/system/templates/chat/core/common/libs/21.0.0/fonts/source-sans-pro/source-sans-pro-regular.woff2

Requested by

Host: support-digital.norton.com
URL: https://support-digital.norton.com/system/templates/chat/core/aria/css/21.0.0/application.css?cache=21.10.1-0-202303030620

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.206.228 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-237-206-228.us-west-2.compute.amazonaws.com

Software

Server /

Resource Hash

a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' *
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	*

Request headers

Referer: https://support-digital.norton.com/system/templates/chat/core/aria/css/21.0.0/application.css?cache=21.10.1-0-202303030620
Origin: https://support-digital.norton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 09 Nov 2023 22:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: frame-ancestors 'self' *
x-amzn-requestid: e2cdd0b2-c1bc-426d-bbcd-953365cbb534
x-amz-apigw-id: OJx-JGycPHcFtJg=
content-length: 16135
last-modified: Thu, 09 Mar 2023 13:40:15 GMT
server: Server
etag: "fcf76173ecfcd20d04855e3903f31213"
x-amzn-trace-id: Root=1-654d638d-4665ca6c5d2f7c355a4578d3
x-frame-options: *
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=5184000

POST
H2 200 mon Show response
bite.australiarevival.com/ 0
39 B 94ms
94ms XHR
application/json 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bite.australiarevival.com/mon
Requested by: Host: ensighten.norton.com
URL: https://ensighten.norton.com/symantec/aemprod/Bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://us.norton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://us.norton.com
date: Thu, 09 Nov 2023 22:56:13 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 204 collect
region1.google-analytics.com/g/ 0
53 B 22ms
21ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2M8MHYEY8X&gtm=45je3b81v9132306556&_p=1699570568084&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1070155513.1699570568&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1699570568&sct=1&seg=0&dl=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&dt=Norton%20email%20scams%3A%20Answers%20to%20Your%20Frequently%20Asked%20Questions%20(FAQs)%20-%20Norton&en=conversion&_ee=1&ep.u1=https%3A%2F%2Fus.norton.com%2Fblog%2Femerging-threats%2Fnorton-email-scams&ep.u2=blog&ep.u3=norton-email-scams&ep.u4=missing&tfd=6885
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://us.norton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Nov 2023 22:56:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lifelock.norton.com
URL: https://lifelock.norton.com/

Domain: support-digital.norton.com
URL: https://support-digital.norton.com/system/templates/chat/nll/css/iframe-style.css

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

92 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 16:07:36	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
support-digital.norton.com/system	1969-12-31 23:59:59	Name: JSESSIONID Value: node01v7bs9muv0z0y4h02f582bvhf10858158.node0
.norton.com/	1970-01-20 16:06:14	Name: AKA_A2 Value: A
.norton.com/	1970-01-21 00:51:46	Name: es Value: 4e56533d317c5054523d6e6f6e657c4643443d4e6f762d30392d323032332030323a35363a30377c4c43443d4e6f762d30392d323032332030323a35363a3037
.norton.com/	1970-01-21 00:51:46	Name: tp Value: 5452533d646972656374
.norton.com/	1970-01-20 17:32:34	Name: ttControl Value: 5443473d39
.norton.com/	1970-01-20 16:06:14	Name: promocode Value: defaultweb
.norton.com/	1969-12-31 23:59:59	Name: at_check Value: true
.demdex.net/	1970-01-20 20:25:22	Name: demdex Value: 63820116808020953260580728026514357913
.norton.com/	1969-12-31 23:59:59	Name: AMCVS_67C716D751E567F70A490D4C%40AdobeOrg Value: 1
us.norton.com/	1970-01-20 18:15:46	Name: 53038 Value:
.norton.com/	1970-01-20 21:51:46	Name: s_nr Value: 1699570568068-New
.norton.com/	1970-01-20 21:51:46	Name: event69 Value: event69
.norton.com/	1970-01-21 00:51:46	Name: channelStack Value: s_eVar72~norton.com
.norton.com/	1970-01-20 16:06:12	Name: s_tbm Value: true
.norton.com/	1970-01-20 16:06:12	Name: s_gpv Value: norton.com%3Aus%3Ablog%3Aemerging-threats%3Anorton-email-scams
.norton.com/	1970-01-20 16:06:12	Name: s_gpv_custom Value: norton.com%3Ablog%3Aemerging-threats%3Anorton-email-scams
.norton.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.everesttech.net/	1970-01-21 00:51:46	Name: everest_g_v2 Value: g_surferid~ZU1jiAAAAJ-v9AO-
.symantec.tt.omtrdc.net/	1970-01-20 16:06:12	Name: symantec!mboxSession Value: 88acc9ca64d84054aae09030f8d8a82d
.symantec.tt.omtrdc.net/	1970-01-21 01:42:10	Name: symantec!mboxPC Value: 88acc9ca64d84054aae09030f8d8a82d.37_0
.norton.com/	1970-01-21 01:42:10	Name: mbox Value: session#88acc9ca64d84054aae09030f8d8a82d#1699572429\|PC#88acc9ca64d84054aae09030f8d8a82d.37_0#1762815369
.dpm.demdex.net/	1970-01-20 20:25:22	Name: dpm Value: 63820116808020953260580728026514357913
.norton.com/	1970-01-21 01:42:10	Name: AMCV_67C716D751E567F70A490D4C%40AdobeOrg Value: 179643557%7CMCIDTS%7C19671%7CMCMID%7C64025493078445784150595654321734283816%7CMCAAMLH-1700175367%7C6%7CMCAAMB-1700175367%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1699577767s%7CNONE%7CMCSYNCSOP%7C411-19678%7CvVersion%7C5.5.0
.norton.com/	1970-01-21 01:42:10	Name: uuid Value: 4ca9f662-11f6-4c50-993e-eff06f6e913e
.norton.com/	1970-01-20 18:17:34	Name: _cq_duid Value: 1.1699570568.qZ1LVpzM6q0vvK1m
.norton.com/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1699570568.qejhcpvSEqIhAnyu
.norton.com/	1970-01-20 18:15:46	Name: _fbp Value: fb.1.1699570568394.1912226005
bite.australiarevival.com/	1970-01-21 00:10:00	Name: cg_uuid Value: 5afbd961398e594b64dccee966af4fdb
.norton.com/	1970-01-20 18:15:46	Name: _gcl_au Value: 1.1.2086481629.1699570569
.doubleclick.net/	1970-01-21 01:27:46	Name: IDE Value: AHWqTUluyF8k-rFu8WL0DaG-KPv4xbT-MOKknyzh2V7PNOrfSec4w1URCkEWubU0
.bing.com/	1970-01-21 01:27:46	Name: MUID Value: 0C4254CD219760D93C794709203B6189
.norton.com/	1970-01-21 00:51:46	Name: SYMANTEC_ENSIGHTEN_PRIVACY_BANNER_LOADED Value: 1
.norton.com/	1970-01-20 16:16:15	Name: RT Value: "z=1&dm=norton.com&si=8bec0523-b61a-41de-a6bd-15242e9d2626&ss=lorsfmqe&sl=1&tt=19e&bcn=%2F%2F684dd325.akstat.io%2F&ld=19i"
.norton.com/	1970-01-20 16:07:36	Name: _uetsid Value: 2bb9c4f07f5311eebfc55be007fc0fa6
.norton.com/	1970-01-21 01:27:46	Name: _uetvid Value: 2bb9edf07f5311ee9e9033fb62846287
.norton.com/	1969-12-31 23:59:59	Name: IR_gbd Value: norton.com
.norton.com/	1969-12-31 23:59:59	Name: IR_4405 Value: 1699570569081%7C0%7C1699570569081%7C%7C
.simpli.fi/	1970-01-21 00:53:12	Name: suid Value: AA031C33489740BC9C293CFF97216FA8
us.norton.com/	1970-01-21 00:51:46	Name: __pdst Value: e277dd7fe8264e92a639679fd79bd0cc
.ispot.tv/	1970-01-21 01:42:10	Name: pt Value: v2:0f93081a1257bc0586bf988adc661af60b12bda5a31818c56ba6ddbc8fe26f2f\|c1b8a1885099a33644df8691cf6e0e28499fc14406db24c32ffea0da18244388
.norton.com/	1970-01-20 18:15:46	Name: _rdt_uuid Value: 1699570569176.23190a42-8e64-4e15-a1e3-e967dbded4f2
.pinterest.com/	1970-01-21 00:51:46	Name: ar_debug Value: 1
.ct.pinterest.com/	1970-01-21 00:51:46	Name: _pinterest_ct_ua Value: "TWc9PSZJOHJZK3FtU2wwdS9GTG1RVnJoeVJqTkJVTkUxZHJrc2p5UFV2VEZQZFgxOXhrc3p0MTN0by9BZGJnSFNUbnRpZFJtNFh2RUZiQ3piNloxTEJxYXdPQlRVUG0vU3VYT080Y09lMURuRHBzWT0md0NURDlnT3VsaGl3akkwYUhtdUdVVG1qdmtJPQ=="
.tiktok.com/	1970-01-21 01:27:46	Name: _ttp Value: 2XxV9tGQSbWlbAWG2YeZ4d6pBmf
.norton.com/	1970-01-21 01:35:57	Name: _scid Value: 394e2890-a7e5-4bcb-890b-f68955cb0b5c
.norton.com/	1970-01-21 01:35:57	Name: _scid_r Value: 394e2890-a7e5-4bcb-890b-f68955cb0b5c
.norton.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_5_sn_CA98A2C256FCF722179842931140DC2A_perc_100000_ol_0_mul_1_app-3A8eab1c7fef283cee_0
buy.norton.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 7D0E8D7A25D5C042EE6177F1948A1FC7
.buy.norton.com/	1969-12-31 23:59:59	Name: X-CSRF-TOKEN Value: /cphCBjqTeeeXnvIZS_xxwfNvwZbUe3qgaOJbCCuALE_
buy.norton.com/	1969-12-31 23:59:59	Name: ESID Value: 02c2c74f54-6981-42Bvsnqp9XKg_xF-vGlSCeabAeKgsdVOZevg9P6j6LTx08ctjsxXKiPDmGlC_S-CCEW-c
.norton.com/	1970-01-21 01:42:10	Name: _ga_2M8MHYEY8X Value: GS1.1.1699570568.1.0.1699570569.0.0.0
us.norton.com/	1970-01-21 00:51:46	Name: kn_cs_visitor_id Value: 36bfe463-b3ce-48ea-b9a1-cd9c70c6ec26
us.norton.com/	1970-01-21 01:42:10	Name: __helocckid Value: 9b17b233-20d8-f9d0-0dab-80066d8984e4_1699570569
.t.co/	1970-01-21 01:42:10	Name: muc_ads Value: 1c83ca13-3a41-4c65-8654-25b91b2ffc0c
.norton.com/	1970-01-21 01:42:10	Name: _ga Value: GA1.2.1070155513.1699570568
norton.ow5a.net/	1970-01-20 16:16:15	Name: AWSALBCORS Value: +9Mgyu1P+w7CVB7a2tfZqNR9Up7f8WCn6NNbdlPKbpvUu3KBbb+F2RE6WQsNwYTSElBwiQaOnDqqITL1PGfdR+0r5Ik5ayJnhGyxN9qtWxIbCfKJymgqmiOBPWpB
.ow5a.net/	1970-01-21 01:42:10	Name: brwsr Value: 0c4c3cd7-7f53-11ee-bef6-3566fc501e28
.ow5a.net/	1970-01-20 16:07:36	Name: irtps Value: 1
.norton.com/	1970-01-20 16:07:36	Name: _gid Value: GA1.2.1273539162.1699570569
.twitter.com/	1970-01-21 01:42:10	Name: personalization_id Value: "v1_pDx1YgWMhN37fSKmMlX2aQ=="
.trkn.us/	1970-01-21 00:51:46	Name: barometric[cuid] Value: cuid_f4492202-1cc7-4de0-bc8b-82c441223152
.norton.com/	1970-01-21 01:42:10	Name: IR_PI Value: 0c4c3cd7-7f53-11ee-bef6-3566fc501e28%7C1699656969081
.ojrq.net/	1970-01-21 01:42:10	Name: brwsr Value: 2c33812e-7f53-11ee-8aa7-1764e4d26214
.yahoo.com/	1970-01-21 00:52:08	Name: A3 Value: d=AQABBIljTWUCEKWiELh0zoAl6FaHkoxN-KQFEgEBAQG1TmVXZeAPyiMA_eMAAA&S=AQAAAg2rOZHJwsQ_mQmikJd_RCg
.norton.com/	1970-01-21 01:27:46	Name: _tt_enable_cookie Value: 1
.linkedin.com/	1970-01-20 18:15:46	Name: li_sugr Value: 69b70193-655c-43d6-945a-daf8c247a24f
.linkedin.com/	1970-01-21 00:51:46	Name: bcookie Value: "v=2&a549ee87-5883-4a45-8b18-c26d7998a641"
.linkedin.com/	1970-01-20 16:07:36	Name: lidc Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3172:u=1:x=1:i=1699570569:t=1699656969:v=2:sig=AQEb--p82DZe-I360MZ-NTP7yJ7yNNPV"
.norton.com/	1970-01-21 01:27:46	Name: _ttp Value: uy2raD7mdu_P8esGTnoNb_ALqso
.norton.com/	1970-01-20 16:06:10	Name: _gat Value: 1
.us.norton.com/	1970-01-21 00:51:46	Name: _pin_unauth Value: dWlkPU5ERTNaakUxWmpndE9EWXhNaTAwTXpKakxUZzFORGd0TlRBM1pqbGhOemsxTVRneQ
us.norton.com/	1970-01-20 16:06:10	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1699570569711%7D
us.norton.com/	1970-01-21 00:51:46	Name: EG-U-ID Value: C5c7308527-c306-44cb-a0bd-b031052085ff
us.norton.com/	1969-12-31 23:59:59	Name: EG-S-ID Value: B682e8bbd2-199d-4a99-a0f0-fd649c3d5874
.linkedin.com/	1970-01-20 16:49:22	Name: UserMatchHistory Value: AQJnrCqKmwUgmAAAAYu2TNH0MVHefVCtLZrHPKCZWuhafxKOoKNstM_Ta1TpP_WCp9J-l7EBwd-v4A
.linkedin.com/	1970-01-20 16:49:22	Name: AnalyticsSyncHistory Value: AQIeP7S2Uag47gAAAYu2TNH0XS-ZsyCe8BKFyBJ66ayEKd7pNjGBJ1vJ1RSq4TdTMkEAVR42Tr2RcUMl9hr96g
gwmtracking.com/	1970-01-21 01:42:10	Name: kwsu Value: 654d63899b88040bf8275cd8
.www.linkedin.com/	1970-01-21 00:51:46	Name: bscookie Value: "v=1&202311092256093ba061d6-ae30-4ef4-8b25-5c3c0f7218d9AQFzE7RJVFCO8CdI-JkYWifcw9AIHy8f"
.linkedin.com/	1970-01-20 20:25:22	Name: li_gc Value: MTswOzE2OTk1NzA1Njk7MjswMjFaos669t3CGnqqKWzw7t2u7R+L+9CusxED0oxA1X4qmA==
.leadsrx.com/	1970-01-21 00:51:46	Name: _lab Value: 3377700489870651
.leadsrx.com/	1970-01-21 00:51:46	Name: _lab_lastTouch Value: direct
.norton.com/	1970-01-21 00:51:46	Name: _lab Value: 3377700489870651
.knotch.it/	1970-01-21 00:51:46	Name: optout Value: 1
support-digital.norton.com/	1970-01-20 16:16:15	Name: AWSALBTG Value: z5OY/9lk+R+YohRVSUi1W9iol27sba6QRxS1QCMws/9HSav892SyRI1D1Tuk7yxStJaaOeSfSsouDyOeb7yRHctjLyYgK/kLeaiXcIOX0Y4jmXR/tt5zdqB3IU9R5QWVUytYjHu6oOaF+jivHfQewi/G27QAQOWzPvRApj2N8fzOt5Q63qk=
support-digital.norton.com/	1970-01-20 16:16:15	Name: AWSALBTGCORS Value: z5OY/9lk+R+YohRVSUi1W9iol27sba6QRxS1QCMws/9HSav892SyRI1D1Tuk7yxStJaaOeSfSsouDyOeb7yRHctjLyYgK/kLeaiXcIOX0Y4jmXR/tt5zdqB3IU9R5QWVUytYjHu6oOaF+jivHfQewi/G27QAQOWzPvRApj2N8fzOt5Q63qk=
support-digital.norton.com/	1970-01-20 16:16:15	Name: AWSALB Value: BOpx+Mh3yI1SHQb3b0zzRHNVpG4aLft/4Giimfp53MHQ0bsPBQcL110fpvOCTcboQRLoeVdt65+iOwlzOf3PMnn7dnQstPK/sZF9nQre+s4NTZ/qksE6r+IqpK5l
support-digital.norton.com/	1970-01-20 16:16:15	Name: AWSALBCORS Value: BOpx+Mh3yI1SHQb3b0zzRHNVpG4aLft/4Giimfp53MHQ0bsPBQcL110fpvOCTcboQRLoeVdt65+iOwlzOf3PMnn7dnQstPK/sZF9nQre+s4NTZ/qksE6r+IqpK5l
.norton.com/	1970-01-20 16:06:12	Name: QuantumMetricSessionID Value: fa42e0e564860015b1f822d05e20450d
.norton.com/	1970-01-21 00:51:46	Name: QuantumMetricUserID Value: d8a7dd369a797d2593b3b5a72885001d
.bounceexchange.com/	1970-01-20 16:06:12	Name: bounceClientVisit2004c Value: %7B%22vid%22%3A1699570570999583%2C%22did%22%3A%22449419384571103460%22%7D
.norton.com/	1970-01-20 16:06:12	Name: bounceClientVisit2004v Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgK4oB0AdgPYBOCVFZAxlQLZEBGYVA5kQKat+NHgEsKPALQI4NfgEME6AtToNJg+aLCSUTeaxQgANCBowQJkKJQB9HlVsp+KFKIYwAZvLDPTN+wgnFzcPaG9ffgBfIA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
worker	verbose	URL: blob:https://us.norton.com/687a50bb-ad9b-46fa-8e61-af54401848a6(Line 1) Message: Error
network	error	URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel?analytics_message=eyJldmVudCI6IlBhZ2V2aWV3IiwibWVzc2FnZV9pZCI6Im1lc3NhZ2VJZC0xNjk5NTcwNTY5NjM1LTE1NDk0NjAxMzE2ODMtQzRKU0FSSlIyUTNPRzBKQUVURjAiLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6InBpeGVsLmpzIiwidmVyc2lvbiI6IjIuMS4zMyJ9fSwidGltZXN0YW1wIjoiMjAyMy0xMS0wOVQyMjo1NjowOS42MzZaIn0 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: about:blank Message: Access to CSS stylesheet at 'https://support-digital.norton.com/system/templates/chat/nll/css/iframe-style.css' from origin 'https://us.norton.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://support-digital.norton.com/system/templates/chat/nll/css/iframe-style.css Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

684dd325.akstat.io
8136487.fls.doubleclick.net
a.quora.com
ad.doubleclick.net
adservice.google.com
alb.reddit.com
amplify.outbrain.com
analytics.analytics-egain.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
api.bounceexchange.com
app.leadsrx.com
aq-swa-api.knotch.it
assets.adobedtm.com
assets.bounceexchange.com
bat.bing.com
bite.australiarevival.com
buy.norton.com
c.go-mpulse.net
cdn.pdst.fm
cdn.quantummetric.com
cm.everesttech.net
configs.knotch.com
connect.facebook.net
ct.pinterest.com
d.impactradius-event.com
data.cdnbasket.net
dpm.demdex.net
e.cdnwidget.com
enable-eg-ot.egainonetag.com
ensighten.norton.com
event.havasedge.com
events.bouncex.net
googleads.g.doubleclick.net
gwmtracking.com
ids.cdnwidget.com
lifelock.norton.com
norton-app.quantummetric.com
norton.ow5a.net
oms.norton.com
page.cdnbasket.net
pt.ispot.tv
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
region1.google-analytics.com
s.go-mpulse.net
s.pinimg.com
s.yimg.com
sc-static.net
snap.licdn.com
sp.analytics.yahoo.com
spider.australiarevival.com
static.ads-twitter.com
stats.g.doubleclick.net
support-digital.norton.com
symantec.demdex.net
symantec.tt.omtrdc.net
t.co
t.paypal.com
tag.havasedge.com
tag.simpli.fi
tag.wknd.ai
tr.outbrain.com
tr.snapchat.com
trkn.us
tvspix.com
us-central1-adaptive-growth.cloudfunctions.net
us.norton.com
view.cdnbasket.net
wave.outbrain.com
websdk.appsflyer.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.knotch-cdn.com
www.linkedin.com
www.nortonlifelock.com
www.ojrq.net
www.paypal.com
www.redditstatic.com
lifelock.norton.com
support-digital.norton.com
104.126.37.42
104.244.42.3
104.244.42.5
13.107.42.14
142.250.181.230
142.250.186.166
142.250.186.98
143.204.207.250
146.75.120.157
151.101.129.35
151.101.194.132
151.101.64.84
151.101.65.140
151.101.65.21
162.159.152.17
18.66.122.10
193.108.153.24
2.18.97.54
2001:4860:4802:32::36
2001:4860:4802:36::36
212.82.100.181
216.200.122.11
23.196.247.136
2600:1901:0:56e0::
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:206f:4800:1:996f:a9c0:93a1
2600:9000:223f:9e00:12:1bcc:1d00:93a1
2606:4700:10::6816:34fc
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:813::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c00::9c
2a02:26f0:3100:782::11a6
2a02:26f0:3100:795::11a6
2a02:26f0:3500:58c::1015
2a02:26f0:3500:591::1e80
2a02:26f0:3500:88d::1931
2a02:26f0:3500:88e::1015
2a02:26f0:3500:981::11a6
2a02:26f0:780::210:a441
2a02:26f0:780::210:a45b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42::396
3.124.173.63
3.225.111.63
34.102.193.48
34.111.8.32
34.117.20.67
34.120.253.250
34.149.32.178
34.216.210.54
34.253.81.236
34.254.6.250
34.30.96.65
34.95.127.121
34.96.126.215
34.98.72.95
35.164.125.172
35.186.249.72
35.190.43.134
35.204.89.238
35.244.142.80
44.237.206.228
52.210.47.152
52.222.236.26
52.34.72.148
52.45.37.98
54.156.17.57
54.194.80.81
63.140.62.108
66.235.152.152
70.42.32.159
011461c1c6f5df3ae6c896f8337fd8313df8e1cc3138edd02f35616758d0e875
013bf59b8f0226c32593d1ecdc756b9cda5d1cc729e2d27f640b1731d69d525f
01a35bb43d6af1d38f1240aa5e4935892e9feb2888813b1f41bea599be833f53
021c5fc6030190f968031644cc8a81738766d504ef2c6f351a642d1eabe90ed3
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
024d76e626c9bfa1da2e801dac27cf2dcbe4413dd5ae9335db82970cfd077bff
047326738d40c8e278c7e117df1ae29260ccb40ea994b650075a3c669f85046d
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
07e2a6fb0d22cdbde787ec2941eb285c222861ddc3cbc8903315b6e5942be8cb
08b4a2b1c1d126faa01aaf03e54b3099c166bbea70aab7d01fb4ca52148dc35b
0afb5adee300f91b2ac3acb6feab6c55078727db7612d20fa5f5542640637d4f
0dc90421cbf6414c9f1ef5e93af3dbe48a4e51899452330f0ae0b2815e38be94
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0f5835f8248e73e4d1e8cff3b30d277517ac78d3181c3624b867e732d7e21bfb
10ee5dceec424da60cca73a53be7dff3c07fb7c020dcccab6e7a743dc390453c
12d47240f7cbd02b0e6d9cf584d5fad93e4837ae38068ee5766648e8fbe868d7
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
143c3c521650191adbeac3fd532b7174d90f4f14902899a517926eddaf7793f4
1493d3c7a39e8fc469215c2e23344bdb88118e5497d5dc7d1059ed60642ec511
17e1d88908f1e95e04559f930009dc55eb04010b75424d84322a5e78187d6fff
19c15cc50396c826c9b0faa7087e76f783b310a9c77a4e3a52d4d2f4de35b7ab
1ba91a2ff8b0b797311821a583f05268d916dd2b76a6a6e8b7cede9e1d969180
1bd57c49ba91755c0f329b31c71e60a11b9c72ae0d5c0b035b548a05efa11dce
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
22c66cd15f32e15c9373fc199c95f3dd381435590e5592f1b93ad971491b7172
22f8b5742f36975c1f0d054e483b4ef14eaab3c472c81558115f431dfee721a1
23cbdb9898337abd7b695077d28d5ce16d5c77228c3da33e6c40b9b4ff9d49ef
26188be6d542dc6273d9a079d7e12e9d8c1c1eb8e3008b3f9ea8117f18614dfc
26821fcabd9f233365066ecaf07ef42395c30f78a4bdcca9ea952b9898d22cf7
26d00575fc18e1968f3a3afffb311b755805ce75bfd149d17bab5dab79933f7f
29cbaaef845ba215a542fa66bcb378db6e47f9b432de280d0f31050f02e455eb
314b30d1c560018c036674ed197d2813e555344b9a770e0c95078c96753ba234
32f9f9cf1979bfb6df6ff106f5d66cd87b9beb9afc6587471ae7e39502b7dac3
33d65952c608940b28ba190eee0de5af24e53d776f0a7c020db74a339cca2000
35841586916c42ab55342f74b9781124f437369bf38be24488ed5aeff7693256
36f3de8125c18db4731b41f5403f2a7b9ac09fd6ed2ae40d4045f03a8cdd7a86
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37d36a2bd7502379676527d1514f1e169528ffc1f04e1b66887ffab34236c735
3af99c9e152eb6a388574c6cbd1df620882f99b486c542360b84eeea25923d04
3cfad2c28fe50f641c4a891d158cd951206ebfc4438cf7d5827e2b3d7a68435e
3db55960e8bf49c8012b7f7e17ab9660b284b26d59e01718833568336e837791
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
43f80764e0d9752a9552f8183c96c294ef1676e4e81e116103c5c2583558b819
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c6f774243c238ccb1bcebcfb9824dea5fad8aab88d33feff8ddb8bce133b36
4625474c8f7d0cea451698832acebce373fefcacd340497ac48ff20189aac208
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
488db805a326a9218cf40ddfdfeffb16f2344ff7061ce17d3dac68ef009d99c9
49c3e031c81d8350edfad2541050049a252b9d0171ea2737407950252bf36245
4a71648e7c4cc225c37e58d5a19476502ed1363b3e20110690c47a11254b6438
4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e
4f994ebe7d11961a6561a9c910fcaa828ed4e88c70f02958894f4ebd4945ff69
5296e1972bf6b473bf0f6b806ec251345e39bc0d6211853048fdcb671a9c3e69
52a9c1e985fb4de9c75c6cc17a88f0bbe1d6fd298c3582c2b73890580852ac40
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5737ca9a11ba413e912b3db5f0a9f546ad5c9ed423e129e77a1063a00e0c9ac4
5a75a26f4dd38fe6f26a171533626d35e2df62b7c94a74c147c49589bac9b427
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5be295ea3ed71d1afc9a505521c41e8fcf294e5265fa679e92e0bc3775c98e41
5d5a5ac3763b1ce810f389f3edf136d3903e1e595385bbe350463648ffedc57b
5e303e88b8398f416f84591973b2dc5df6d02746f782fc367368e3f6fbfae6ad
5ebe136517c22c2aef18ccc3b46eb3620d437e7844f1f42650c1b57e25f4aa86
60cc60a6fcbd230def379432395199b585791ed521e2e5f595369a2193e617fb
614853693f85474a396222a98dbed5da275299ea1af3db27670e565be53ca309
6382bce54e2b1f583841046c9ab00b9de06412061f1512bc0896288edc4725af
66c4aac8d7531a43e502e364d2ff267a560cd3565dc76154fbbe8718f63dee87
67ea25b667e682329257a5d41f9c64373b8715f2d6891fbb846cfbd008da44b7
68f203e55e482507ae7cbb5b047aae6add3797b76f0ab6ffe4a65b6f8deb6875
6b5116bd2cb4809c6634b99a9b1ea0a0aeda596a94817682a0e4811e35eccc58
6c05346d91edf55c95883dc5901e8575bedf83a793a114b2f080403b582657aa
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6da11fa7f0ad8c94c90620537fc56a0635b41d6aeb6b984b3e1fcacce4ec5460
6e34f0e5c02869c7af0877fc891d549baf7038110147953de90ab21b217e7493
6f18ee6b80b3cf696d7fe22e4f7ef414301f6c3d4396f7c3d13d23eea7166e2b
6f4c7a851816abcb573f1b9c33d7a08d2b5b87761db0c81dc6f633fe50ac4637
6fe26570fa6f95a827697ee1d70234115679a607cb6f65a38a8ba0ac784f757f
703cbf55721fa95e15c143a375f1116b2b97c329117af56eb5e5c2ce9546e1cc
7065fd91818e713fc7e0b6ede5b478108d14b23ac56999774018fb8bc22091ee
713768777efe66182455be5e7bed444b80c8a67e9151943bcb800c7d19f6009d
73b85df6290b6add489d085d46527c813406b86d246a352697fdf53f7752be60
799c2b76f617ebe6cf5c90e376212faa5fd523abb39325cf4fbd848c3c9c930b
7a7444e0eae3e3e8e8c2b27081db9e13f2f87ac648df018714d0fc87a487f8be
7a75280363363fc7d627006a615ea2d38a73e5083ae6b66563c9cf8229cd656c
7adb2fbfe7954dc15cd52b3fd050b57f65d2cd79987544247664929134329f25
7b59a90252b4d619e3219a77aac01e6224bdb6a81e18c7e5d455a3ee40560c1a
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7dc0108355117ef1d4f6b974756d2d9f83e6b16bad59f340525e05fdaca97229
7e549f1fcfab734025757f85babfcf8a8f2eef7e88aae11c61d5b4900f2fa166
7f60b70cd0914dab4dbb9f4e2f97e3e8b2784c500ec236e68adb2956bff893ba
843d4c26ab79b8ea04917549dc85d3126cd2e1c972377182e009b8ebf25a3e07
8454a8ebba1b19a39156e9548761de9d366cd4ee1d1031305d2fe4a6e78474cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84fdc47a610d3f34cbc9c7e4d7dc5d1087ce455961d823c0fe990dfa2ea240f0
86af172e9ce86f4d071b306ef41262ff9dd22e6eb04699107d20f185efbf74e7
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd
8b912949753e4876dcc1242255b958c1cf74cfc84859fae7e44c698b02ce2f43
90fffaaefc4b81b319bef8c9a9c5f8c2c56e85a1ab3d82339b2158b69c682ccc
9384281638d8ffb1eb59fbd8d8f9dd956dfc1a3a90fdd7e36f776578ceb6c143
963adb4be5eee8f53bd330e7a6b03749ffb2de194b69705b25c0be94b86aa1b7
96fda31febd88d147ae655146776c335eb2e72257ee130e4b44f429eacfa1115
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094
99f75695c2c988d08dee5156241f1068e31d6905c89b5556ab93769f39b1dd96
9a8046ae76f3c2fa5def7d0153cdb57e8d97c88ccb913dcb4209e3a9f001a36f
9b3c31d3c84a5c046be4503abe96bb606bc21dfd10db305ddd88331dbcd96939
9b951379c1c0b595afc95762dfff7a3c70b5266551f81a932b6d2d5c9a498b16
9be9d584d9718fb12864ee91ea739e931ec9a2cbd66594b6654888b6f5c469b8
9cae17c82ee21eebeb7713ea50198ae11522924f892e3ea70d0e38ae84a70f1a
9f8441024e84c58109845fa52d52c98b3a2a6cde7529d923779fc815053795d4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a11b7266dbfddbd0ade73ee5b56d90fcaacad3d2258d6fa11da30768ebf59bae
a1a7069365ef1fa15bd89c341e44edb807bec4e6006c3f6cc2eede1df5868531
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa7dd416279275bb61bc907e2afe2dfcab65654fc5213be8d74969a22450ed39
ab972f6a39ea0cc174d842ee8e05040126ae6ff7a9cb1ba71832891f65b777c9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ada825f777baefed28ce1b8618d0d6ac616f02fff5ac3869350022bb738d7b64
ae3fc72ba0700c4ec7a25c06e10fe8a7c015cdac58e5a1765b78a650031f8791
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0d59e6793fe0753b08ca807791faf4b84909d00eb0ea9eee991bfd961065402
b1ab7f60896733bcc2a64777ff4f43ffcdc9c12605260980557798b67ba292ee
b1c0aab682f27831a816a840a77b12e1ebaf47fd1b8a97ccc037b3bbe787d262
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b305b33d6add58c9c895b0c20f97d3085b4c11b8d6856d76e762699f29627a6e
b4fc8d22d940bdf3aa7fe9648494c3feac6a995bcec60831b8dd1c4c95719bd4
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b6e6c14be0d01479c414a63caa9875e7df8e2d8124037b91bb9fe6b7cf0bf77b
bb6f12c7d2e7c565090a55d90424b281cbf41437a920641dd2d2ffe961215128
bbefe320737fe495cd077de514d582b53864460f0c782ad24d1904d1627fa9c4
bc8f490b0781f5646e96ecd80e0d5b3a7f93ddefd39ec1af514d0187a3101999
bce657f4cccebf522c57d100dd000580e9d540711cab1b9c014a0e8854251f4c
be16daeb16bbf4342b02187a456212365092fc705c23c3274ab81d110195cfcd
bf7156c9e6cd66141b8013787c2c57bb4ffa22419e954839484d731e048d30b0
bf7b49d31e8844ad66f4cf5741d9421ed071aef8fc5653d3941b8e9e1f8a93ad
bf8b41f6693852a18d2449439f0400cfaf19b755e21f01eda21a6ff985d3526c
c0192be544261e01a5122cd654b834b0572f391d2aa23d8ba897134beef16038
c2a101f313f27c267a744088e44664a87d2ec7dc2a3464bf1319a95094dc76db
c2e494aaae9b6e8ecc6f031c8da5fc8f4abcb004cb94acb3777d0d34a9340c66
c4d358d143dced2dd0f6d45dd9e8af45c87f9272b91e871b33e69688bf14bfd6
c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7
c5140309c75a29de8247f72c32cf9332ccf6b31702aaf935ee2029fb9b01a280
c6d603c605c9e07062ffeba7c47a81e19c4f8c05604c6474371f4ad8b654c758
c81ab91c780c257b541589f6059ed82a861f77363676b31aedf18a7773ce42d9
c840c08e01c82ce10be20ec24a7ddf4b22062b8ede756c5a6e0bcadb9274a85e
c95d6177ef8ebe2052970f47d67a067bbb52084c03643dab48ddd94b66a979c1
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfd3b0bdf3f833762d44bab0f549be28519ff5303dc420c3eae73cca2ee73229
d37545bbfbab30b44e51e630172af7d5d8a717afe66642b3e8eba0f6e1666872
d3f62c0e83358ea15bdac14acdfcd658d3004a155edbb30dd37729732767a536
d6a8bd71e378685139a7b4e7e3b3bd82adc87ea2546e0720704e0e57ffb5c61e
d6ac85ccebb4f4f5577ee62f197b01c80e01c813454ef5c998df0d4f378a89a1
d92510e1217668642bc5364d01f23adc6a2462587993f16a0eb3e58678902165
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dec909b955dfbc24ffa00d217ba622b5c51759f47f955e1421f01fcfca43cdb1
df1c84b7b7dc39655db2bd72f4f17cefd065d4140ba2bf771f6d35a18f9b1ec8
e15506e299da3d4a8ca095007fae20286400cb4993c333f0bff4360cc1fe2cca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ffc0b66d8feace6bbb5bf4db49d7d2f5d9a0516965b93dff62c180317740ca
e581dd5a912f0d3c081b82b3a8b25c95c6838077449ad63f43519f3cab54bd16
e7ae2f2fb74d8c9c026ca37f76177b96113a4ba89f0c8c34d7ba6c9d07692bb3
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e85cfa2b997618fa9592dbd38e35e59b0d80e157ab4f13faa193c86b201d9ae5
e85d000352371d01ec68c35b294c87b928cc6f62ec99cd75a22bb420b00bffa0
e963d10033c76c9c8c3f1083d576ba24f505b511fe009c8c538d414a3047fa55
e9ea9d0e7b3699572dfd050e1fd109b538ef585670cfd0064f47ee5aebf85b91
ea2566e46783fedce851cc101cd35ba6042d847f61a9ebc49c5afb480aa4f534
ebdf93991a2ed22745d06711d88be171680e237cc52491457833f82fc4639937
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ece926ff412528eddc574ba2722df91995fc1e8a29e452766f00b1c1edb8afec
eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef21d6af9c6fa5e9c79ab7093ed00273b5ca8361cb9d30cd4e9e9c9f910b693a
ef3db2e76486ea25d99b18b3103496b619058f1bd77f51b017829264dfb42c46
ef45c21f7e054481c81992c1a46293a28c9bb8b3722bc566479326187f473c8c
f2ef90edfb28a83fdeaba8d622ba26a43a80489387d344574add1bee27ab07d6
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f5068854282a0146198b3c1733ba8491b4ca4c2497a2229d0681179fc9512a8f
f65842920103eb32e8925e3d7c4b65999ed9c6cc60ce0912658de5235e1a5950
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f81bb666cdf7001d0a30371d83d4533dd593f85ea01bbb959c812c8b6974e6ae
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fc98884df9e5a3ee3c10dde2122e1040769319dd430320f1e8631c848a1d8cd0
fdb3f80ad6876da45ed4e07db6bdb29b314f2a272ff97bfa9889e4b6e4740f52
ff0f4e4f7dcaac0334ec00e1a654bce5aee589c1208d30872ce5061568975b02
ff5738e7904810d00e0c2a81fb10db7dab8e4c69e8df3582dcd0764ee15a5715

us.norton.com Open in urlscan Pro 2a02:26f0:3500:58c::1015 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

264 Requests

95 %HTTPS

37 %IPv6

60 Domains

85 Subdomains

77 IPs

7 Countries

2667 kBTransfer

8884 kBSize

92 Cookies

96 Outgoing links

Redirected requests

264 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

us.norton.com Open in urlscan Pro
2a02:26f0:3500:58c::1015 Public Scan

Screenshot
Live screenshot

Full Image

264
Requests

95 %
HTTPS

37 %
IPv6

60
Domains

85
Subdomains

77
IPs

7
Countries

2667 kB
Transfer

8884 kB
Size

92
Cookies

264 HTTP transactions
0 data transactions